Slightly unrelated post but: this thread once again reminds me of how happy I am to have left Windows for Linux. Just saying!!
For a year, gang operating rogue Tor node infected Windows executables http://arstechnica.com/security/201...or-node-added-malware-to-windows-executables/
What really baffles me is that anyone would trust a TOR-node enough to download windows-executables - But then, I don't get why anyone trusts TOR at all !
Enigm, What connection method do you trust? Of course you can't be "trust your life on it certain", but talk alternatives. I say you use TOR as part of the chain (a significant but not entirely used alone component). Of all the methods publicly known this is what Snowden relied upon. He warned of exit nodes and what precautions needed to be taken "post exit". Open to a better alternative and learning!!
I would reconsider that. A few weeks ago silk road 2 was entirely compromised, hundreds of hidden tor services were identified and taken down and people arrested. This shows for the second time, tor cannot be trusted to provide anonymity.
Do you know of anything better? I've never been entirely comfortable about Tor, either. It is experimental software, after all. And there's not been focused effort on developing and strengthening hidden services (now aka onion services). If anonymity is very important, it's probably best to combine VPNs, JonDonym and Tor.
I too can only understand what I know or have heard. For now chaining/combining VPN, TOR (including Whonix) are about the best that I am personally aware of and have significant time with. For me the first thing is goodbye Windows and hello Linux!! We will see if the OS played any part on the compromise. The obvious thing - but extremely inconvenient too - is to grab a laptop for "wandering around with" and always connect via some public wifi. At least if all falls apart it tracks back to a coffee shop. With a strong wireless dongle you can be blocks away on a public wifi. For most people this model is over the hill inconvenient, except for "extreme privacy needed" applications. If anyone comes across a good link on how silk road 2 was technically taken down please post it here at Wilder's. That would be a separate thread of course. I would love to study the process they employed. Most of the time it comes down to fundamental errors on the operator's part, which contributes to making it possible (not saying TOR is perfect). Remember the outdated TOR FF browser exploit, that was in fact updated, but many lazy users never did the update? Those are the ones that paid the price on the last take down. Even with the outdated browser still being used, they would have been fine IF they used a bridge VPN before joining the TOR circuit. This was studied at length.
One of things that is rarely mentioned (the tails guys talk about it in the documentation) is mac addressing and computer fingerprinting. My suspicion is our mac addresses are not just being used for internal networking. I cannot prove this except to say I have done some experimenting with a local wifi hotspot where all users log in with the same username and password. I noticed every time i log in my computer is assigned the same internal ip address ending in 141 every time. I said aha they are logging my mac address and using it to identify my computer. So I created a tails thumbdrive and logged in via tails using its mac address spoofing, my ip address was now different, ending in 66 I said ok so now the network thinks this is a different computer. Here's the kicker, the next time I went back to the hotspot and logged in using Windows I was surprised to find my internal ip address ended in 66 again. Somehow that wifi hotspot knew, my computer was the same one that logged in using tails and kept assigning the same ip address thereafter. I have to do some more testing to find out how they did that. My suspicion is our mac address and possibly hardware id's are logged when we go online and these may possibly be requestable from outside our local network therefore making anonymity impossible without very good spoofing software.
Based on limited experience, I'm pretty sure that WiFi APs can see through MAC-changing software. It's more reliable, I think, to use multiple USB WiFi adapters.
