Bring more Tor into your life November 11, 2015 on Drew DeVault's blog

Tor is a project that improves your privacy online by encrypting and bouncing your connection through several nodes before leaving for the outside world. It makes it much more difficult for someone spying on you to know who you’re talking to online and what you’re saying to them. Many people use it with the Tor Browser (a fork of Firefox) and only use it with HTTP.

What some people do not know is that Tor works at the TCP level, and can be used for any kind of traffic. There is a glaring issue with using Tor for your daily browsing - it’s significantly slower. That being said, there are several things you run on your computer where speed is not quite as important. I am personally using Tor for several things (this list is incomplete):

Anything that supports downloading through a SOCKS proxy can be used through Tor. You can also use programs like torify to transparently wrap syscalls in Tor for any program (this is how I got my email to use Tor).

Of course, Tor can’t help you if you compromise yourself. You should not use bittorrent over Tor, and you should check your other applications. You should also be using SSL/TLS/etc on top of Tor, so that exit nodes can’t be evil with your traffic.

Orbot

I also use Tor on my phone. I run all of my phone’s traffic through Tor, since I don’t use the internet on my phone much. I have whitelisted apps that need to stream video or audio, though, for the sake of speed. You can do this, too - set up a black or whitelist of apps on your phone whose networking will be done through Tor. The app for this is here.

Why bother?

The easy answer is “secure everything”. If you don’t have a good reason to remain insecure, you should default to secure. That argument doesn’t work on everyone, though, so here are some others.

Have a comment on one of my posts? Start a discussion in my public inbox by sending an email to ~sircmpwn/public-inbox@lists.sr.ht [mailing list etiquette]

Articles from blogs I read Generated by openring

Command PATH security in Go

Today’s Go security release fixes an issue involving PATH lookups in untrusted directories that can lead to remote execution during the go get command. We expect people to have questions about what exactly this means and whether they might h…

via The Go Programming Language Blog January 19, 2021

Status update, January 2021

Hi all! This month again, my main focus has been wlroots. I’ve focused on the internal renderer refactoring (the so-called “renderer v6"). A lot of the work has now been completed, and all backends now use the new interfaces under-the-hood. With the help …

via emersion January 18, 2021

What's cooking on Sourcehut? January 2021

Another year begins, and hopefully with better prospects for us all. SourceHut has emerged from 2020 relatively unscathed, thankfully, and I hope the same is true of most of our users. A body which, by the way, today numbers 19,647 strong, up 623 from Decemb…

via Blogs on Sourcehut January 15, 2021