EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.07.13

Using Windows With TOR is Like Wearing Makeup to Dodge CCTV

Posted in Free/Libre Software, Windows at 11:18 am by Dr. Roy Schestowitz

CCTV

Summary: The TOR project asks users to abandon Microsoft Windows, which helped the NSA (based on identified IP blocks) crack anonymity

THE thing about proprietary software is, it infects any system it is surrounding, making everything penetrable if the underlying layer has a back door, which Windows has. Activists who challenge authority must never rely on proprietary software, suggests experience [1, 2],

<
More GNU/Linux distributors should start promoting their products based on privacy as a selling point, not just software freedom, especially now that a lot of people are concerned about mass surveillance. Sadly, however, even some of these distributors are now compromising their users' privacy inside Azure, whose host is in bed with the NSA.

“Several mainstream articles are publishing the Tor Project’s recommendation to drop Windows,” told us iophk, noting also the poor headline at the Telegraph. He gave this better example from IDG:

The TOR Project is advising that people stop using Windows after the discovery of a startling vulnerability in Firefox that undermined the main advantages of the privacy-centered network.

The zero-day vulnerability allowed as-yet-unknown interlopers to use a malicious piece of JavaScript to collect crucial identifying information on computers visiting some websites using The Onion Router (TOR) network.

There is more here. “In the pre-Mono days,” iophk says, “I would have expected Canonical and Ubuntu to be all over that. Shuttleworth could make an invitation like he did to the Suse developers. However, with their Community “Manager” defending MS, that may not happen. Speaking of the “manager”, his and the others' responses to your old post here has elicited denial of the problem as well as a bit of an attack. I think the topic is very worth revisiting at least once a month.”

Here is another post about this subject. It is reproduced as follows from JoinDiaspora:

The exploit of Tor by JavaScript

Who were affected?

  • Window Users
  • People who enabled JavaScript
  • Used the Tor Browser Bundle

~Windows~

Most of the users were windows users, I’m not claiming that Linux or
Gnu|linux users are superior but to be more accurate, some windows
users don’t have the mentality of security or common sense when it comes to
protecting them self and their devises. Gnu|linux users or Unix users are more
aware of their surrounding and what goes within their Systems, now that said
Windows users need to understand that to be safe and secure you need to take
away all of those applications that would cause a back door to your system.

These are the following said applications:

Javascript - There are multiple ways of disabling this, but
my favorite way is to add an add-on called, “NoScript”. This disables script’s
to be activated and or used within your browser, you have nothing to worry about, you are able to
fully activate or deactivate JavaScript if needed.

Flash - Yes Flash, there are ways of doing this, either
deleting the flash application or never going to YouTube ( I doubt you’ll be doing this). There are multiple add-ons for your browser that will disable the usability of flash and allowing Html5 to
take over.

Cookies - Cookies are a great way of entering your system and
gather some useful information about said system and maybe you. There are
add-ons for disabling these little critters. there are multiple said add-ons like
Self-Destructing Cookies or going into your system and deleting them yourself.

~JavaScript~

JavaScript is not safe cause it has bugs. This holds true
for the various implementations of JavaScript, as well as the browsers that
JavaScript runs in. Some bugs can, when discovered, be exploited to bypass
the said sandbox, or to perform other malicious actions on your machine, like
what the FBI did to a specific Tor network. So JavaScript is not safe in most occasions, anybody
running JavaScript can be the target for something malicious.

~Using Tor Bundle~

Tor bundle uses an old version of Firefox and is easily
exploited, add-ons are not implemented within the browser. Even if you
were using Tor you would of gotten targeted. Using a different applications
for the same cause will allow users to be much safer than having a bundle and
thinking that no one can actually hack|crack into said system. This is false when
using anything, just keep in mind that you could always be Hacked|cracked by
someone or a specific organization.

Forgot to mention one thing, passwords. People please, don’t
create a password that is easily created like, your name, age, birth
place, or someone or something.
The best way of creating a good
passphrase is to use Uppercase letters as well as other symbols for instance
if your name is jonny michaels use Joney_M1ch_els.
keep in mind that this example is just a bare minimum for a truly secure Password.

If you have any questions on what to use or just have anything
to ask me just ask.

Like alway, happy hacking

And if you don’t use free software, the hacking (or cracking) is all on you.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. Needs Sunlight said,

    August 7, 2013 at 12:19 pm

    Gravatar

    Then there are the end-point compromises. Running Windows, you know you have a system full of back doors. In addition to the official ones, M$ is said to release vulnerabilities to the US government before patching them. Given how long M$ can take to get around to releasing a working patch, this can be quite a lead time.

What Else is New


  1. The EPO Is More Corrupt Under Battistelli Than Under Alison Brimelow: Part VIII

    After Brimelow, with all her flaws and her scandals, an even worse President is installed who then abolishes oversight and seemingly brings his old friends to the EPO, creating a sort of subculture that is impenetrable to outsiders



  2. Claiming That Microsoft 'Loves' Linux While Windows Update Bricks Devices With Linux

    The sheer absurdity of claims that Microsoft -- which not only attacks those who distribute Linux and GNU but also blackmails them, takes them to court, or bricks their products without any liability -- 'loves' Linux



  3. Protectionist Reign: Corporations in Complete Control of Everything With Domination Over Patent Law

    How multinational corporations, joined by the corporate press that they are funding, promote a corporations- but not people-friendly patent policy in north America



  4. Links 30/10/2014: GNOME 3.15.1, Red Hat Software Collections 1.2

    Links for the day



  5. Links 29/10/2014: Ubuntu Touch Tablet, Puppy Linux 6.0

    Links for the day



  6. Links 28/10/2014: SUSE Linux Enterprise 12, Canonical OpenStack Distro

    Links for the day



  7. Links 28/10/2014: PiFxOS, The Document Foundation in OSBA

    Links for the day



  8. Microsoft is Bricking Devices With Linux (Yet Again!), So a Microsoft Booster Spins/Paints Linux Devices as 'Fakes'

    Microsoft delivers rogue drivers through Windows Update and they brick Arduino microcontrollers



  9. How Bill Gates Continues to Pass Wealth From the Public to His Own Bank Account

    Having put a universal tax on many things (not just computers) and evaded tax using the classic 'charity' trick, Gates is now buying the media, the schools, politicians etc. and earns as much as 10 billion dollars per year while the public is taught that Gates is a giver, not a hoarder of the worst kind



  10. Links 27/10/2014: Lenovo Unbundling, Linux 3.18 RC2

    Links for the day



  11. IRC Proceedings: September 14th, 2014 – October 25th, 2014

    Many IRC logs



  12. Links 25/10/2014: KDE Mockups, Update on GNOME Outreach Program for Women

    Links for the day



  13. After Infecting Unity -- Successfully -- Microsoft's Partner Xamarin Wants to Infect Unreal Engine With .NET

    Xamarin continues to spread dependence on Microsoft to more gaming frameworks, not just platforms such as GNU/Linux, Android, and even permanent-state devices



  14. Taking Microsoft Windows Off the Grid for Damage to Businesses, the Internet, and Banking Systems

    Microsoft's insecure-by-design software is causing massive damages ([cref 27802 possibly trillions] of [cref 13992 dollars in damages to date]) and yet the corporate press does not ask the right questions, let alone suggest a ban on Microsoft software



  15. City of Berlin Does Not Abandon Free Software, It's Only Tax Authorities

    A Softpedia report that says the City of Berlin is moving to Microsoft Office is flawed and may be based on a poor translation



  16. Nadella a Liar in Chief at Microsoft, Pretending That His Anti-Competitive Practices Are Unfortunately Imposed on Microsoft

    The nastiness of Microsoft knows no bounds as even its assault on GNU/Linux and dirty tricks against Free software adoption are characterised as the fault of 'pirates'



  17. Reuters Writes About the Demise of Software Patents, But Focuses on 'Trolls' and Quotes Lawyers

    How the corporate media chooses to cover the invalidity of many software patents and the effect of that



  18. Links 24/10/2014: Microsoft Tax Axed in Italy, Google's Linux (ChromeOS/Android) Leader Promoted

    Links for the day



  19. Links 24/10/2014: GNU/Linux History, Fedora Delay

    Links for the day



  20. Links 23/10/2014: New *buntu, Benchmarks

    Links for the day



  21. Links 22/10/2014: Chromebooks Surge, NSA Android Endorsement

    Links for the day



  22. Links 21/10/2014: Debian Fork Debate, New GNU IceCat

    Links for the day



  23. Criminal Microsoft is Censoring the Web and Breaks Laws to Do So; the Web Should Censor (Remove) Microsoft

    Microsoft is still breaking the Internet using completely bogus takedown requests (an abuse of DMCA) and why Microsoft Windows, which contains weaponised back doors (shared with the NSA), should be banned from the Internet, not just from the Web



  24. Microsoft 'Loving' GNU/Linux and Other Corporate Media Fiction

    Microsoft has bullied or cleverly bribed enough technology-centric media sites to have them characterise Microsoft as a friend of Free/Open Source software (FOSS) that also "loves Linux"



  25. India May be Taking Bill Gates to Court for Misusing His So-called 'Charity' to Conduct Clinical Trials Without Consent on Behalf of Companies He Invests in

    Bill Gates may finally be pulled into the courtroom again, having been identified for large-scale abuses that he commits in the name of profit (not "charity")



  26. The Problems With Legal Workarounds, Patent Scope, and Expansion of Patent Trolls to the East

    Patent trolls are in the news again and it's rather important, albeit for various different reasons, more relevant than the ones covered here in the past



  27. Links 20/10/2014: Cloudera and Red Hat, Debian 7.7, and Vivid Vervet

    Links for the day



  28. Links 20/10/2014: 10 Years Since First Ubuntu Release

    Links for the day



  29. How Patent Lawyers Analyze Alice v. CLS Bank

    Breaking down a patent lawyer's analysis of a Supreme Court's decision that seemingly invalidated hundreds of thousands of software patents



  30. Is It Google's Turn to Head the USPTO Corporation?

    The industry-led USPTO continues to be coordinated by some of its biggest clients, despite issues associated with conflicting interests


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts