EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.07.13

Using Windows With TOR is Like Wearing Makeup to Dodge CCTV

Posted in Free/Libre Software, Windows at 11:18 am by Dr. Roy Schestowitz

CCTV

Summary: The TOR project asks users to abandon Microsoft Windows, which helped the NSA (based on identified IP blocks) crack anonymity

THE thing about proprietary software is, it infects any system it is surrounding, making everything penetrable if the underlying layer has a back door, which Windows has. Activists who challenge authority must never rely on proprietary software, suggests experience [1, 2],

<
More GNU/Linux distributors should start promoting their products based on privacy as a selling point, not just software freedom, especially now that a lot of people are concerned about mass surveillance. Sadly, however, even some of these distributors are now compromising their users' privacy inside Azure, whose host is in bed with the NSA.

“Several mainstream articles are publishing the Tor Project’s recommendation to drop Windows,” told us iophk, noting also the poor headline at the Telegraph. He gave this better example from IDG:

The TOR Project is advising that people stop using Windows after the discovery of a startling vulnerability in Firefox that undermined the main advantages of the privacy-centered network.

The zero-day vulnerability allowed as-yet-unknown interlopers to use a malicious piece of JavaScript to collect crucial identifying information on computers visiting some websites using The Onion Router (TOR) network.

There is more here. “In the pre-Mono days,” iophk says, “I would have expected Canonical and Ubuntu to be all over that. Shuttleworth could make an invitation like he did to the Suse developers. However, with their Community “Manager” defending MS, that may not happen. Speaking of the “manager”, his and the others' responses to your old post here has elicited denial of the problem as well as a bit of an attack. I think the topic is very worth revisiting at least once a month.”

Here is another post about this subject. It is reproduced as follows from JoinDiaspora:

The exploit of Tor by JavaScript

Who were affected?

  • Window Users
  • People who enabled JavaScript
  • Used the Tor Browser Bundle

~Windows~

Most of the users were windows users, I’m not claiming that Linux or
Gnu|linux users are superior but to be more accurate, some windows
users don’t have the mentality of security or common sense when it comes to
protecting them self and their devises. Gnu|linux users or Unix users are more
aware of their surrounding and what goes within their Systems, now that said
Windows users need to understand that to be safe and secure you need to take
away all of those applications that would cause a back door to your system.

These are the following said applications:

Javascript - There are multiple ways of disabling this, but
my favorite way is to add an add-on called, “NoScript”. This disables script’s
to be activated and or used within your browser, you have nothing to worry about, you are able to
fully activate or deactivate JavaScript if needed.

Flash - Yes Flash, there are ways of doing this, either
deleting the flash application or never going to YouTube ( I doubt you’ll be doing this). There are multiple add-ons for your browser that will disable the usability of flash and allowing Html5 to
take over.

Cookies - Cookies are a great way of entering your system and
gather some useful information about said system and maybe you. There are
add-ons for disabling these little critters. there are multiple said add-ons like
Self-Destructing Cookies or going into your system and deleting them yourself.

~JavaScript~

JavaScript is not safe cause it has bugs. This holds true
for the various implementations of JavaScript, as well as the browsers that
JavaScript runs in. Some bugs can, when discovered, be exploited to bypass
the said sandbox, or to perform other malicious actions on your machine, like
what the FBI did to a specific Tor network. So JavaScript is not safe in most occasions, anybody
running JavaScript can be the target for something malicious.

~Using Tor Bundle~

Tor bundle uses an old version of Firefox and is easily
exploited, add-ons are not implemented within the browser. Even if you
were using Tor you would of gotten targeted. Using a different applications
for the same cause will allow users to be much safer than having a bundle and
thinking that no one can actually hack|crack into said system. This is false when
using anything, just keep in mind that you could always be Hacked|cracked by
someone or a specific organization.

Forgot to mention one thing, passwords. People please, don’t
create a password that is easily created like, your name, age, birth
place, or someone or something.
The best way of creating a good
passphrase is to use Uppercase letters as well as other symbols for instance
if your name is jonny michaels use Joney_M1ch_els.
keep in mind that this example is just a bare minimum for a truly secure Password.

If you have any questions on what to use or just have anything
to ask me just ask.

Like alway, happy hacking

And if you don’t use free software, the hacking (or cracking) is all on you.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. Needs Sunlight said,

    August 7, 2013 at 12:19 pm

    Gravatar

    Then there are the end-point compromises. Running Windows, you know you have a system full of back doors. In addition to the official ones, M$ is said to release vulnerabilities to the US government before patching them. Given how long M$ can take to get around to releasing a working patch, this can be quite a lead time.

What Else is New


  1. Links 29/9/2014: OpenDaylight Helium Release

    Links for the day



  2. European Patent Office Disorganisation: Problems With the Audit Mechanisms - Part IV

    A prelude to a long article about a thug called Topić, his controversial Battistelli-sponsored appointment, and the removal of auditory functions by Battistelli



  3. More Good News About Demise of Software Patents and Along With Them, Consequently, Patent Trolls

    A weekly roundup of news about patents in the United States and elsewhere, with special focus on software patents



  4. IRC Proceedings: June 22nd, 2014 – September 13th, 2014

    Many IRC logs



  5. Links 28/9/2014: Moto X, End of OpenSUSE 11.4

    Links for the day



  6. CBS Continues to Get Heavily Occupied by Microsoft Staff to Spread Microsoft Propaganda

    The CBS-owned ZDNet continues to hire people who have worked or are currently working for Microsoft and unsurprisingly enough they use their newly-acquired positions to praise Microsoft and bash Microsoft's competition, usually with no disclosure of their conflict of interest



  7. Links 27/9/2014: Linux (Almost) Everywhere, Features Of Linux 3.17

    Links for the day



  8. Microsoft Fakes 'Charity' and Uses Religious Groups to Acquire Lock-in in the Public Sector

    Microsoft's involvements with NGOs and with governments lead to more distrust, more surveillance, less freedom, and ultimately systemic corruption



  9. Bill Gates' Privatisation Crusade

    Mr. Gates, seeking to increase his huge profits and political power, reaches out to Catholic leaders and David Christian



  10. Tux Machines Under DDOS Attack

    Most of Tux Machines continues to work as usual, but some parts are temporarily restricted to keep the server running



  11. Links 26/9/2014: LibreOffice Celebrations, Betas of *buntu

    Links for the day



  12. Links 25/9/2014: KDE Roadmap, Bash Bug, GNOME 3.14 in Next Fedora

    Links for the day



  13. Links 24/9/2014: GNOME 3.14 Released, Bash Has a Bug

    Links for the day



  14. Links 21/9/2014: Fedora 21 Alpha

    Links for the day



  15. More of Bill Gates' Investments in GMO and Mass Indoctrination Under the Disguise of 'Donations'

    Microsoft's arrogant and famously corrupt co-founder is taken to task by those whom he is trying to bamboozle for monopoly, unlimited cross-generational power, and never-ending profit without risk



  16. Home Depot Confirmed a Victim of Microsoft's Bad Security, Microsoft Lays Off Security-Related Staff

    News reports circulate showing that Home Depot was knowingly careless with its Windows dependency while Microsoft lays off staff focused on security



  17. European Patent Office/Organisation - Suspicion of Improper Collusion Between EPO President and Chairman of the Administrative Council: Part III

    A preliminary look at Battistelli's reign and how regulatory powers got abolished, leaving the EPO reckless and largely unaccountable



  18. Links 21/9/2014: xorg-server 1.16.1, Linux Kernel 3.16.3

    Links for the day



  19. Links 20/9/2014: GNOME 3.13.92, Android L

    Links for the day



  20. Scanning Patent Troll Implodes; Is the Podcasting Patent Troll Next?

    MPHJ loses and Personal Audio LLC perhaps wins for the last time since software patents are quickly losing legitimacy in the United States



  21. If CAFC is Not Above the Law, Then it Should be Shut Down Now

    A long series of abuses in CAFC may as well suggest that this court has become broken beyond repair



  22. The Latest From Microsoft Patent Trolls and Patent Partners

    Microsoft-linked and Linux-hostile trolls continue their relentless attacks (albeit with little or no success) while patents as a weapon lose their teeth owing to a Supreme Court ruling



  23. Microsoft Proves That Its Massive Layoffs Are Not About Nokia

    Microsoft is laying off a lot of employees who have nothing at all to do with Nokia



  24. Links 19/9/2014: Another Red Hat Acquisition, Netflix Dumps Microsoft Silverlight and Brings DRM to WWW

    Links for the day



  25. Links 18/9/2014: Windows Copying GNU/Linux, Germany Moves to Security

    Links for the day



  26. Web Site 'Patent Progress' Now Officially 'Powered by CCIA' (FRAND Proponent, Microsoft Front)

    After talking a job at CCIA, "Patent Progress" and its chief author should be treated as dubious on real patent progress



  27. Articles About the Death of Software Patents in the United States

    Recent coverage of software patents and their demise in their country of origin, where even proponents of software patents are giving up



  28. The Death of Software Patents is Already Killing Some Major Patent Trolls

    VirnetX seems to be the latest victim of the demise of software patents in the United States



  29. More Microsoft Layoffs

    More Microsoft layoffs go ahead as the company is unable to compete



  30. ODF on the Rise

    Milestones for OpenDocument Format (ODF) and the launch of FixMyDocuments


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts