Why does Tor Browser Bundle have Scripting and Javascript enabled by default?

Discussion in 'privacy technology' started by DesuMaiden, Jan 9, 2014.

Thread Status:
Not open for further replies.
  1. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    Can you guys please give me an explanation behind this? Also, why did Tor Browser Bundle (TBB) remove the Vidalia Control Panel from the latest version of TBB?
     
  2. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Tor Browser Bundle caters to casual's now, because just like everything else in life casuals complain and thus things are changed to the liking of the masses of casuals who use the software / movies / music etc etc. In this case the default "off" in NoScript is because people complained about not being able to use YouTube in Tor Browser Bundle. Funny, sad, but true.
     
  3. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    I don't know if they cater to casuals, but it is a ridiculously dumb move for an organization that is supposedly striving to help the helpless. Allowing everything to run completely defeats the purpose of having TOR to begin with. I've recently looked at the new version and I think they are dumbing it down too much. Now you have to click a button to change identities when you connect to somewhere, and they've hidden that away in a menu. I much preferred when the options panel was separated from the browser. Now it doesn't even show you the IP address when you first connect on the TOR page, you have to manually go test it.
     
  4. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    I don't even think Tor was really designed for torrenting or streaming movies/other live content. Tor was designed for browsing static websites because it grants you STRONG anonymity.
     
  5. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    It was never, EVER meant for things like that, no. VPNs aren't really meant for that either, but idiots still use up the bandwidth doing it. TOR was meant for activities such as getting around strict government censorship, whistleblowing and other sensitive uses. It is not and can not be capable of letting you stream YouTube without Google nosing into your business. I am also not sure I would call TOR "strong" by itself either. There is the very real issue of not enough nodes in the first place, and many of them being suspicious or compromised. It doesn't have to be the NSA or some such agency either. Not long ago many nodes were used in a large botnet.

    If you're to use TOR, at the very least never let a single script or plugin run. I personally think you should chain VPNs, use a VM and then go through TOR.
     
  6. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    I agree. You should probably chain VPNs and use VMs. That is a smart idea.
     
  7. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    I used to use TOR by itself and felt somewhat safe. Now, I wouldn't fire it up and do anything sensitive or even worthwhile without chaining VPNs. Even then you have to hope and have a decent idea of how the provider operates, where they are at, etc. Paranoia isn't as bad of a thing to have as it used to be.
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Because they stupidly tried to prioritize usability. Disable scripting.
     
  9. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    Which makes one wonder who they are aiming at as customers. Perhaps the whole NSA backlash has made them see a marketing opportunity? I don't think enough people understand that these tools aren't magic walls. TOR, like many other related tools goes completely against what the current web is designed to be. If users don't figure that out beforehand, they will be faced with surprises.
     
Loading...
Thread Status:
Not open for further replies.