dbee
Joined: 29 Dec 2004
Location: korea
|
 Posted: Sun Sep 24, 2006 8:15 am Post subject: |
 |
|
I think tor is great and I use it all the time. But calling it truly anonymous is misleading to say the most.
Even if you kill all client side scripting, java, javascript, flash, that could easily identify you across 'anonymous' connections. They also have cache analysis and even a css visited sites store to go on.
But way worse than anything like that. Is the fact that although tor anonymizes your TCP traffic. Your UDP is still kept off the socks proxy. So your browser is requesting the DNS info on the one hand, and then .1 of a second later - your loading up the webpage 'anonymously'. So all anyone has to do is put the BIND logs with the apache logs and ... hey presto ... anonyimity = 0%.
However you're still anonymous to your ISP ( for the most part ). And indeed for anyone too lazy or unbothered enough to not bother trawling through their logs.
Like I said already, I use it all the time. But if I was a civil rights activist in Myanmar, I'd like to be told clearly as to how vulnerable my 'anonymity' actually is ... whenever I'm connecting to servers inside of my hostile zone.... or indeed, if my data is not encryted using an application layer to application layer >128bit key encryption protocol like ssl ... |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
