Hi, I can use FF inside Tor, or not. For internet banking is using Tor a good idea, or not really necessary? Thanks
No, because you'd be connecting to your banking site over an exit node. Though, you'd probably be protected by your banks HTTPS, some configs aren't strong as they could be. Test it: https://www.ssllabs.com/ssltest/ It's pretty pointless though. Why use Tor for something (your bank in this case) that obviously knows your real name? What would be the benefit of hiding your IP from your bank? If it's just a matter of you not wanting your ISP or any man in the middle from even knowing you're logging onto your banking site I think a reputable VPN would be safer. But no, don't log into your bank over Tor. You're just risking more harm than good.
I agree. And it would be inconvenient. In my case, I would have to follow the full authentication procedure in every login (answering the login questions, etc.), just as I have to do every time the browsers are updated.
Tor is primarily used to hide your identity and to an extent, your location. There's no benefit in using it with organizations that already know both of these. The exception would be if your in another location, a foreign country for instance, and you don't want anyone there to know that you're contacting that organization.
My understanding is that most banks would view access from Tor as a hacking attempt, and as has been pointed out, they already know where you live. One of the indicators they would use, for example, is that you would normally log in from an ISP IP address which corresponds geographically to where you are, at least by country. Using Tor would fail this. Your job, in collaboration with your bank, is to ensure that any sessions you have with your bank are done from an uncompromised client, over trusted communications, to a verified host. I am not at all happy with bank's primitive response to the threats, for example, mine recommends Trusteer, and doesn't do proper 2FA or publish its certificates properly. But then, my responsibility is, I think, discharged by running a clean Linux distribution which I only use to access the bank, and which doesn't save anything from browsing sessions, and to check the https certificate.
