In order to work it requires that the hidden service serves http, serves http over plain ipv4, and is running on a computer that is also a relay. Lets skip over the fact that you said "identify a client" and the reddit link is about hidden services. Last time I checked tor has a tcp fetish and ntp is squarely in the udp camp. Timezones and NTP? NTP does not use time zones so I am not sure what that has to do with anything.Įxit nodes forging ntp responses? That is going to be pretty tough. Never use the same client machine for long and use the virtual machines snapshot feature to blow away your data every x hours/days (and never use the suspend feature of virtual machine software, it saves your memory (with passwords, keys, etc.) onto disk).Īt first glance the first two paragraphs are hand wavy enough that it is pretty clear that you exaggerated when you said "simply ntp synch requests" and things get a lot worse after paying any attention to the details in your post. Especially something being pitched as an 'on/off' switch for instant privacy.Įdit: A good setup is the following: install virtualbox, install a light-weight linux distro as a tor router, setup a private and isolated network behind it and then install your 'client' operating system on that private and isolated network in a second virtual machine. It is the only way to use Tor safely.Īny device that makes it easier to use Tor with your existing computer is bad for privacy. Nobody can think of all the different things a machine can send that need to be blocked or reset, which is why you just use a fresh new machine. Even simply things like ntp time sync request can give you away, let alone features like Windows Update (which will definitely give you away since they send a machine ID), browser fingerprinting, evercookies, etc. You simply shouldn't be using the same machine you use with your real identity with an identity that needs to be anonymous. It is good that they have the warning about cookies, but there are a hell of a lot of other ways you can be identified. Tor being pitched as a one-stop privacy solution like this is going to backfire bad at some point in the future.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |