Tor, youtube and other n00b questions

Hello there. I'm glad I've stumbled across such an informative corner of the internet.

I am using torbrowser on my mac.
I don't trust google at all, so I'm using all their sites through tor, including youtube.
I have noscript running and I use download helper to download videos rather than watch them in the browser. first of all, is this safe? I got this method off of a report from someone who said they tested this method and found it to be safe, but if anyone knows otherwise please let me know.

what worries me is when I go onto the youtube page the loading circle appears briefly before the noscript icon appears. Does this mean that the flash player could be capturing my information, or unmasking me in some way? or am I just being stupidly paranoid? I'm not sure of the ins and outs of noscript.

Erm... also I'm still not 100% on the operation of the tor browser. Am I to assume that I should be using a proxy server site on the tor browser to maintain perfect anonymity or is that just me getting confused with some of the instructions?

Cool, thanks for the help guys!

 

Hi TheLastBeeFalls,

Last I checked, the exit nodes of Tor are where your browser encrypted request gets decrypted and delivered to the destination website - i.e. it is vulnerable at that point to anyone listening in on that websites web traffic with Wireshark to grabbing your account and password information, etc. and except for that unless you can somehow ascertain that a particular exit node is trustable and configure your Tor torrc file to use only that exit node then it is best never to trust Tor exit nodes until the Tor folks come up with a bullet proof scheme - which is unlikely anytime soon.

Since you browser requests are encrypted before the request travels over the Internet - you ISP generally does not know where you visit, but if you have a hardware router that contains the default DNS servers of the ISP, they can figure out where you are going - i.e. it is best to configure your hardware router to not use the ISP's DNS servers to exclude that possibility and use something like OpenDNS servers for primary and secondary DNS service requests from the browser.

It is best to visit the torproject.org website and read all of its documentation, etc. to learn more.

As an alternative, you may want to try out a TAILS ISO bootable from either CD or USB.

-- Tom

 

It depends on your configuration. If you are blocking flash with NoScript and/or your flash plugin is disabled within the browser itself, then yes--it should be safe. You can use Whoer.net or oiP.io to test yourself for flash/java leaks (note that you will need to temporarily allow javascript on those sites in order to get accurate results).

I wouldn't. Using a web-based proxy on top of Tor would be redundant--and wouldn't really offer any additional benefit anyway, as most proxy sites keep logs. Generally, those CGI/PHP proxies are intended for circumvention--not for anonymity.