Follow

Switched my hidden service to a single-onion service - the load time is ~halved without compromising reader anonymity. Very cool to have this as an option with Tor!

(read: it's my personal blog, so therefore *my* privacy was never a concern to begin with - YMMV)

And yes, I was supposed to be relaxing, but then I had a bunch of timeouts with my hidden service, so I had to go fix it and discovered this along the way

@tweedge hasn’t TOR been pwned by the glowies? I mean memeing aside my understanding is that they (US Fed agents) control and usually turn out to be majority stakeholders at every key traffic intersection, and had TOR & bitcoin both cracked in the early 2010s.

@spaphy Would need to define "cracked" - Tor is less than 100% anonymous, but not 100% deanonymized. Many inexperienced folks treat Tor as "100% anonymous" which is problematic. github.com/Attacks-on-Tor/Atta

Bitcoin suffers a similar fate. With both, secondary practices for maintaining your anonymity (ex. avoiding anything to do with your 'usual' internet identity, using burner or live systems, etc.) still go a long way. How far to go depends on your risk tolerance.

@tweedge Modest and probably accurate without digging into it response - The larger implied question from my banter is what do you find yourself doing with the TOR service?
I haven't found much reason in the last decade to connect to it, and the more I learn about NetSec the less I want to even connect to it.

@spaphy Mostly, encouraging folks to consider Tor if it'd be relevant to them (ex. censorship avoidance). Doing a small bit to help legitimize Tor as a utility beyond its current reputation as mostly drugs/porn/weapons. The more "permissible" traffic and sites exist on Tor, the better anonymity and deniability of all Tor users. Lots of news sites have launched Tor services within the past two years, FWIW! :)
github.com/alecmuffett/real-wo

Sign in to participate in the conversation
Mastodon

Taking the "Twitter" out of "InfoSec Twitter."