EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.07.13

Using Windows With TOR is Like Wearing Makeup to Dodge CCTV

Posted in Free/Libre Software, Windows at 11:18 am by Dr. Roy Schestowitz

CCTV

Summary: The TOR project asks users to abandon Microsoft Windows, which helped the NSA (based on identified IP blocks) crack anonymity

THE thing about proprietary software is, it infects any system it is surrounding, making everything penetrable if the underlying layer has a back door, which Windows has. Activists who challenge authority must never rely on proprietary software, suggests experience [1, 2],

<
More GNU/Linux distributors should start promoting their products based on privacy as a selling point, not just software freedom, especially now that a lot of people are concerned about mass surveillance. Sadly, however, even some of these distributors are now compromising their users' privacy inside Azure, whose host is in bed with the NSA.

“Several mainstream articles are publishing the Tor Project’s recommendation to drop Windows,” told us iophk, noting also the poor headline at the Telegraph. He gave this better example from IDG:

The TOR Project is advising that people stop using Windows after the discovery of a startling vulnerability in Firefox that undermined the main advantages of the privacy-centered network.

The zero-day vulnerability allowed as-yet-unknown interlopers to use a malicious piece of JavaScript to collect crucial identifying information on computers visiting some websites using The Onion Router (TOR) network.

There is more here. “In the pre-Mono days,” iophk says, “I would have expected Canonical and Ubuntu to be all over that. Shuttleworth could make an invitation like he did to the Suse developers. However, with their Community “Manager” defending MS, that may not happen. Speaking of the “manager”, his and the others' responses to your old post here has elicited denial of the problem as well as a bit of an attack. I think the topic is very worth revisiting at least once a month.”

Here is another post about this subject. It is reproduced as follows from JoinDiaspora:

The exploit of Tor by JavaScript

Who were affected?

  • Window Users
  • People who enabled JavaScript
  • Used the Tor Browser Bundle

~Windows~

Most of the users were windows users, I’m not claiming that Linux or
Gnu|linux users are superior but to be more accurate, some windows
users don’t have the mentality of security or common sense when it comes to
protecting them self and their devises. Gnu|linux users or Unix users are more
aware of their surrounding and what goes within their Systems, now that said
Windows users need to understand that to be safe and secure you need to take
away all of those applications that would cause a back door to your system.

These are the following said applications:

Javascript - There are multiple ways of disabling this, but
my favorite way is to add an add-on called, “NoScript”. This disables script’s
to be activated and or used within your browser, you have nothing to worry about, you are able to
fully activate or deactivate JavaScript if needed.

Flash - Yes Flash, there are ways of doing this, either
deleting the flash application or never going to YouTube ( I doubt you’ll be doing this). There are multiple add-ons for your browser that will disable the usability of flash and allowing Html5 to
take over.

Cookies - Cookies are a great way of entering your system and
gather some useful information about said system and maybe you. There are
add-ons for disabling these little critters. there are multiple said add-ons like
Self-Destructing Cookies or going into your system and deleting them yourself.

~JavaScript~

JavaScript is not safe cause it has bugs. This holds true
for the various implementations of JavaScript, as well as the browsers that
JavaScript runs in. Some bugs can, when discovered, be exploited to bypass
the said sandbox, or to perform other malicious actions on your machine, like
what the FBI did to a specific Tor network. So JavaScript is not safe in most occasions, anybody
running JavaScript can be the target for something malicious.

~Using Tor Bundle~

Tor bundle uses an old version of Firefox and is easily
exploited, add-ons are not implemented within the browser. Even if you
were using Tor you would of gotten targeted. Using a different applications
for the same cause will allow users to be much safer than having a bundle and
thinking that no one can actually hack|crack into said system. This is false when
using anything, just keep in mind that you could always be Hacked|cracked by
someone or a specific organization.

Forgot to mention one thing, passwords. People please, don’t
create a password that is easily created like, your name, age, birth
place, or someone or something.
The best way of creating a good
passphrase is to use Uppercase letters as well as other symbols for instance
if your name is jonny michaels use Joney_M1ch_els.
keep in mind that this example is just a bare minimum for a truly secure Password.

If you have any questions on what to use or just have anything
to ask me just ask.

Like alway, happy hacking

And if you don’t use free software, the hacking (or cracking) is all on you.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. Needs Sunlight said,

    August 7, 2013 at 12:19 pm

    Gravatar

    Then there are the end-point compromises. Running Windows, you know you have a system full of back doors. In addition to the official ones, M$ is said to release vulnerabilities to the US government before patching them. Given how long M$ can take to get around to releasing a working patch, this can be quite a lead time.

What Else is New


  1. Links 22/7/2014: Linux 3.16 RC 6, New UberStudent

    Links for the day



  2. Links 20/7/2014: Jolla in India, Mega Censored in Italy

    Links for the day



  3. Longtime Mono Booster Joins Microsoft-linked Xamarin

    Jo Shields almost joins Microsoft, settling instead for its proxy, Xamarin



  4. Linux Foundation Welcomes Patent Aggressor Red Bend Software

    The Linux Foundation's AllSeen Alliance welcomes as a member a company that uses software patents to sue Free/Open Source software



  5. Matt Levy From Patent Progress (and CCIA) Does Not Really Want Patent Progress

    Matthew ('Matt') Levy moved into a foe of patent progress last year, but he still runs a site calls Patent Progress, in which he diverts all attention to patent trolls (as large corporations such as Microsoft like to do)



  6. Attacking FOSS by Ignoring/Overlooking Issues With Proprietary Software

    The biasing strategy which continues to be used to demonise Free/Open Source software (FOSS) along with some new examples



  7. Links 19/7/2014: CRUX 3.1 is Out, CyanogenMod Competes With Google Now

    Links for the day



  8. Microsoft's Massive Layoffs Go Far Beyond Nokia; Nokia's Android Phones Axed by Microsoft's Elop

    Microsoft's rapid demise and permanent exit from Nokia's last remaining Linux platform (after Microsoft had killed two more)



  9. Patents on Software Already Being Invalidated in Courts Owing to SCOTUS Ruling on 'Abstract' Patents

    The Federal Circuit Appeals Court has just "invalidated a software patent for being overly abstract," says a patents expert



  10. OpenSUSE 'Community' is Crumbling, AttachMSFT Killed SUSE's Potential (Except as Microsoft Tax)

    Not much too see in the land of SUSE and Attachmate, or formerly the company known as Novell



  11. Links 18/7/2014: Slackware Turns 21, Spotify Switches to Ubuntu

    Links for the day



  12. Links 16/7/2014: Manjaro 0.8.10 Third Update, SIA Migrates to Red Hat

    Links for the day



  13. Microsoft's Latest Round of Massive/Bulk/Large-scale Layoffs

    Microsoft boosters are preparing 'damage control' pieces ahead of massive layoffs at Microsoft



  14. Secrecy Allows British Government to be Manipulated by Microsoft for Spyware Behind Closed Doors

    Dependence on malicious software from NSA ally Microsoft is highly dependent, at least in Britain, on government secrecy and vain refusal to comply with Freedom of Information (FOI) requests



  15. Software Patent Applications Already Being Rejected in the US Owing to SCOTUS Ruling, Some Patent Lawyers Are Fuming

    Good news on the software patents front as the USPTO starts rejecting software patent applications, based on patent lawyers' words



  16. Links 15/7/2014: New Plasma, Google Announces Project Zero

    Links for the day



  17. Interest in Free Software Coverage and 9 Months With Tux Machines

    Thoughts about the level of interest in Free/Open Source software (FOSS) and growth of at least some sites that focus on GNU/Linux



  18. White House Backs Away From Appointing Patents Zealot to Top USPTO Position

    Philip Johnson is no longer poised to become the Director of the USPTO, which is basically an establishment that provides protectionism to primarily US-based corporations



  19. Professor James Bessen Presents the Case Against Software Patents After Important SCOTUS Ruling

    The debate about software patents in the Unites States continues, with academia on one side and greedy patent lawyers on the other



  20. Software Patents Demising in the US as Microsoft Patent Attacks on Android/Linux Suffer a Huge Setback

    M-Cam's assessment of Microsoft's bundle of extortion (using software patents) shows toothlessness, irrespective of the SCOTUS decision to effectively annul "abstract" software patents



  21. Links 13/7/2014: KDE Activity Surge

    Links for the day



  22. Pro-Microsoft Spin in Microsoft-Funded News Networks

    The rogue media (misinformation) campaign of Microsoft benefits from networks which have been paid by Microsoft over the years



  23. Cronyism at Play: European Hostility Towards Free/Libre Software Despite Espionage and Moles

    Europe continues to be held hostage with back doors, lock-in, and massive payments to foreign powers, despite evidence that these powers are destructive and hostile



  24. Wirelessly-Controlled Contraceptives and Other Villainous Bill Gates Initiatives

    Remote controls for people's reproductive systems are now in the making and Bill Gates is a prominent investor in the technology



  25. Links 12/7/2014: CrossOver, New Wine

    Links for the day



  26. Links 10/7/2014: LXLE 14.04 in Headlines, Plasma 5

    Links for the day



  27. OpenDocument Format (ODF) Still Alive and Kicking

    Caligra, WebODF and various influential nations' departure from Microsoft Office will help famous projects such as OpenOffice.org and LibreOffice make ODF the only international standard for editable documents exchange



  28. The Effect of Corporate Media Bias: FOSS Demonisation and Microsoft Openwashing

    A set of very recent examples where the corporate press produces FOSS-hostile articles (or pro-Microsoft articles) by citing biased sources of convenience



  29. The NSA's Top (and First) PRISM Partner, Microsoft, Lies to Governments and Businesses as Office Gets Banned in China

    Developments in China reveal that security and privacy threats posed by reliance on Microsoft are so great that a ban becomes inevitable and continues to expand (Microsoft put on more and more block lists and blacklists)



  30. Microsoft's Propaganda Machine Tries to Shift Security Debate Amid Serious Catastrophes

    Observations and analysis of some recent deception in corporate news sites (like Condé Nasty), trying to pretend that Microsoft is secure, that Microsoft is pursuing security, and that FOSS and Android security or privacy are inherently poor


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts