TOR is not really that anonymous

Discussion in 'privacy technology' started by redcell, Mar 5, 2011.

Thread Status:
Not open for further replies.
  1. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126
    I'm using TOR Vidalia bundle. Here's a simple challenge to anyone:

    1. Launch Vidalia. Connected. Activate firefox TOR button. Check IP anonymous OK.

    2. Go to tinychat.com, get into any channel (remember the URL) and get banned. Stop TOR.

    3. Close your browser, clear your cookies whatever (eg. using ccleaner, delete users> profilename> appdata> roaming> macromedia & adobe> flash player)

    4. Start TOR, get new identity. Check IP different IP OK.

    5. Go tinychat.com, get into the same channel URL. Still banned.



    This does not happen when I'm using VPN (with several server options) alone or running TOR on top of VPN.
     
    Last edited: Mar 5, 2011
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Tinychat.com obviously doesn't allow TOR clients so I'm not sure what you're trying to achieve here. By trying to get there via TOR you are banning the TOR exit node, not yourself. Eventually you will run out of unbanned nodes.
     
  3. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126

    It's not about start or exit nodes. I presume Tinychat traces SOCKS which TOR has it exposed.

    By default, TOR is using SOCKS 5 which causes the webcam channel not to load up at all. When I change TOR setting to SOCKS 4, webcam channel can load up but banned (if previously banned).

    This is a serious concern especially to newbies out there who thought TOR is totally anonymous which is not, based on my own testings.


    .
     
  4. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Tor only protects at OSI Layer 7 (application layer). Leaks and fingerprinting is very easy at this level. Try loading Tor through JanusVM, which VPNs your Tor connection.
     
  5. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    I think you need to run some more test.

    What might be happening is, as Steve said, you're leaking your real IP somehow. When I connect to tinychat.com and enter a channel, my firewall tells me that my browser is trying to bypass Tor and connect directly.

    This is common with multimedia. My guess is that half (or more) of the people that use Tor don't understand that certain plug-ins will attempt to bypass Tor.

    As for why you're getting banned, I'm not sure. But there's nothing wrong with Tor. I've been using it for 5 years with no problems.

    But I'm not sure I understand the logic that because you've experienced a problem that you think you've suddenly found a major whole in Tor when hundreds of thousands of people have been using it for years. That's not the logical conclusion.
     
  6. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126

    Not sure what went wrong. Tried to connect VPN for JanusVM but error 800.

    janusvm4.jpg

    I'm using Windows 7 x64


    .
     
  7. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358

    FYI, JanusVM is but one way to use Tor properly. I use a firewall personally, but this is probably one of the more complex techniques (although it's not too bad).

    There are other ways besides JanusVM and the firewall technique. I'm not up on all the techniques (because I've always used a firewall), but here's another thread that discusses this issue.

    https://www.wilderssecurity.com/showthread.php?t=294005
     
  8. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    JanusVM isn't just a firewall. It is a VPN, which is the distinguishing factor of why it is better than Tor alone or Tor + Firewall, specifically on Windows machines, because Tor sidechannels/leaks typically only work on non-VPNed connections.
     
  9. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    I agree. I never made a comment about JanusVM being just a firewall. I'm not too familiar with it in fact. So, I can't comment on it other than to say that I've seen positive reviews of it.

    But, by the same token, I was saying that a firewall is adequate to protect Tor. I've never had a leak with a firewall that's been configured properly.
     
  10. katio

    katio Guest

  11. OrionMan

    OrionMan Registered Member

    Joined:
    Mar 6, 2011
    Posts:
    9
    Yeah just use TOR over VPN in the meantime
     
  12. jesusjesus

    jesusjesus Registered Member

    Joined:
    Jul 21, 2009
    Posts:
    61


    so that's a video/audio/text flash client running on YOUR computer. It likely tries to connect to the server via RTMP on port 1935, fall back is 443, and then final fallback, port 80.

    Maybe if you were to block ports 1935 & 443. But as someone else said, this seems futile, as i'm sure 100's & maybe 1000's of people before you have been banned from this site before & tried entering via public proxies & got banned again. If you're one these 'trolls' (as the kids say) then public accessed proxies are not for you as a fellow trolls would likely have already exhausted the IP's, and a good admin would have them banned anyway.
     
Loading...
Thread Status:
Not open for further replies.