In sometime in 2014~2016 Tor Browser was compromised by NSA and FBI/CIA and was considered insecure for anonymous surfing (be that clearnet or deep/dark web). How is the situation with it nowadays, after all the updates and patches/fixes? Is it still compromised, or is it safe/secure to use now?
Also, which is currently best available onion-only (directly shows content/metadata from onion sites) or non-clearnet search engine that's officially/generally approved by majority of Jow Forums? Torch, Candle, Disconnect, or maybe something else?
>Asking about end-to-end encrypted search engines >NSA U w0t, m8?
Owen Richardson
Tor was always compromised. But it doesn't even need to be. The American government has access to encryption breaking tech and can read everything in plain text. Some people are so naive that if they see a https icon on their website or if a program brags open source then they instantly think they're safe.
>uwotm8 >LE ePIc win, Pwnd >ama redD.It >r/mildlyaUtiStic kys twat child, too underage a d le redd.it army to understand grown up talk.
Gabriel Miller
>uses windows >enables javascript >"oh no how did the fbi find me!!!"
Liam Davis
>American government has access to encryption breaking tech and can read everything in plain text That was four years ago, when Tor browser was immature as fuck and ridden with holes. They (supposedly) fixed a lot of shit since then.
1. I'm on ReactOS. 2. There's no FBI in my country.
Cameron Martin
>In sometime in 2014~2016 Tor Browser was compromised by NSA and FBI/CIA Completely false with zero evidence to back it up. Tor itself was never compromised. It was web servers and web browsers being hacked and very bad opsec. Why does Jow Forums believe this shit? Tor had had some issues, but with small things like short onion addresses lookups being able to be to be ignored by misbehaving nodes, thus, making a particular address appear to be down. That's about as bad as the Tor protocol itself got in terms of problems. They have full addresses now like i2p does. Remember that Tor is NOT and never was a web browser. Those things are built on top of Tor. Also, one of the key members of the Tor project a year ago at defcon said he personally knows the people who own about 2/3 of the nodes and they're not cops and they make an effort to kick off bad nodes. It's his word, so take that how you will.
Isaiah Rogers
>i think everything is compromised >so I won't protect anything Just stop using https. Also, take a class on encryption before you pretend to know what your talking about.
>they're not cops and they make an effort to kick off bad nodes
Why would I trust that military contractor that runs a shit load of tor relays?
Luke Wilson
>Why would I trust that military contractor that runs a shit load of tor relays? >Reading this poorly >"It's his word, so take that how you will."
Zachary Thomas
this, pedos were busted because of javascript exploits and other shenanigans not because their IP could be traced back through Tor.
Charles Mitchell
come now everyone knows it's raytheon and friends that runs them.
Levi Cox
Name one criminal that used TOR that has been caught because of broken encryption.
Bentley White
>false with zero evidence Not according to hidden wiki.
Jack Harris
Link it. If I'm wrong I want to know.
David Mitchell
>not because their IP could be traced back through Tor ...except that's EXACTLY what happened, you dumb fuck. According to hidden wiki, that's exactly why FBI kept on running Child Play and Lolita City in background for several weeks after they've already caught their creators - as honeypots. Because they were able to easily trace back to actual end user IPs. Shitton of pedobears were exposed and caught during that time, because fucks were dumb enough to think everything operated as normal. Ironically enough, FBI later got a lot of smack for doing this operation, as purely by technical means them keeping on running compromised pedo sites in background for several weeks after their creators were apprehended meant FBI itself essentially was delivering pedo content and thus didn't differ from pedos themselves at the time. Lot of lulz were ensued, due to this. And they're still doing it like that even nowadays, because it proved to be a surefire method/tactic.
Nolan Russell
Nice try, FBI.
Austin Martinez
stop doing bad things
Dylan Perry
Link?
Josiah Murphy
Dude, I simply just want to know which of the end-to-end encrypted search engines that are usually used in onion networking is currently the most popular/largely used one by anons. I mean, which one is considered the best in overall by Jow Forums for one? There are a lot of them, I just wish to know the general stance of Jow Forums's on which particular one is considered overall "worthwhile" product of that kind.
By default when you're setting up Tor browser, it uses DuckDuckGo, but that's a clearnet-based search engine, and thus doesn't work well in onion networking. Same with Ahmia (it's literally NSA's spyware). IXquick was fine for some time, until it turned into StartPage and thus went to shit. Torch is ridden with shitty ads. I haven't tried others so far, but there's a shitton of them left out there, I can't rip myself apart. I'd like to know so that I could determine just one.
Nolan Collins
Zelda?
Josiah James
I'm not. I'm a freelance investigative journalist, not a criminal.
Jeremiah Perry
Search engines do nothing against admins that craft settings to specifically not get included in search engines. Why do you think cyber criminal forums are always invite only?
Robert Morris
Ahmia creator, you forgot to enter tripcode and log in.
Nathan Young
>Tor was always compromised. tor has never been compromised. >The American government has access to encryption breaking tech and can read everything in plain text. false.
James Evans
the government used a 0-day firefox exploit to achieve that, retard.
Luke Wright
privacy search engines are a meme. they're all using results from the main botnets you're trying to escape. waste of time. searx is the best if i had to pick, though.
Carson Collins
>they make an effort to kick off bad nodes Define "bad" nodes. As in - criminal/pedo, or what? By latest info I could gather, at this current time being at least 62% of entire deep/dark web is purely pedo and criminal services. And in 2014 (when the "operation pacifier" began) it was, like, ~57%. What is "bad" nodes, in this regard? Sure, maybe you can say that "good" nodes are shit like WikiLeaks and New York Times (yes, really), but what the hell is a "bad" node then in the case when more than a half of the entire dark net is pedo and criminal shit, and when deep web to begin with was created with law-bypassing activities in mind from the beginning? Sure, nowadays you can't entirely say that onion or i2p networks are criminal by default in their entirety, but they were made for that initially and thus bear the mark, a stamp of being such.
Cameron Miller
And Tor Browser still uses latest Fire Fox as a base, even if it's heavily modified ESR build. Your argument is invalid.
>Privacy search engines are a meme Either explain in detail, or stop shitposting. At this current time you presented no feasible argumentation.
>Searx is the best, if I'd had to pick Quality argumentation on "why", please.
Ryder Wilson
There's no convincing tinfoil hat fags.
Noah Garcia
>What are Bad nodes? Nodes that tag traffic in an attempt to deanonymize is a common example.
Juan Reed
This.
Jordan Butler
I see. kEwL haxXz0r phisher kiddies and etc., huh. I thought what was implied is that the aforementioned "owners of 2/3 nodes" are trying to cleanse dark net off of pedo and criminal shit, trying to "legalize" deep web for general normie usage.
Jackson Lee
In the world of encryption, we have a saying:
"The enemy knows the system."
Always assume that your electronic data is in clear text.
Lincoln Sullivan
>at this current time being at least 62% of entire deep/dark web is purely pedo and criminal services. 100% objectively false measured by companies trying to sell products and ideas that don't work. Most of the traffic on Tor believe it or not is actually Facebook. I cannot remember the exact number but something like
Charles Peterson
>"The enemy knows the system." >Always assume that your electronic data is in clear text. The first doesn't imply the other
Christopher Gomez
Tor browser still uses firefox and FBI still runs compromised pedo sources as honeypots. Your arguments are invalid. Sure, you can say that newer firefox version (and thus the one used in latest TBB) doesn't have previously abused exploits anymore, but there mere fact alone Tor browser project didn't move from firefox after what happened two years ago, means FBI could always try finding and exploiting new holes in this browser's security in the future. Basically, the potential compromise is already happening at the very notion "it's a firefox and not something better", rather than thinking it's Tor itself. It's one thing if Tor browser used a much more secure web browser as the default solution, but it uses firefox.
Christian Wood
Nodes in the Tor network is the network itself NOT the clients or servers with the content. Big difference.
>are trying to cleanse dark net off of pedo and criminal shit, trying to "legalize" deep web for general normie usage Literally impossible. Unless you're using the shortened/hashed onion address it is literally impossible to know where traffic is going at any point in the system.
Jack Harris
>at this current time being at least 62% of entire deep/dark web is purely pedo and criminal services. You got this from an advertisement didn't you? How would they know the exact number of sites on the internet user?
Lucas Price
>trying to "legalize" deep web for general normie usage >Implying that the Tor isn't for normie usage Greater than 90% if normie traffic actually is normie traffic. Source the Tor project's in studies. Do not read those "studies". Complete propaganda.
Charles Harris
*Greater than 90% of Tor traffic actually is normie traffic.
Dark pigmented civilian who glows in the dark here. There's nothing to worry about and our agencies will make sure it stays that way.
Connor Cox
>Sure, nowadays you can't entirely say that onion or i2p networks are criminal by default in their entirety, but they were made for that initially Holly shit you are retarded. Did you know Tor was created for and by the military? You have literally no idea what your talking about.
Except that the very operation pacifier has proven that you CAN trace back to real IP all the way from the exit node.
Kayden Cook
This is false. Tor hasn't been broken. Only anons with bad opsec and bugs in server and browser software.
Aaron Bailey
>it is literally impossible to know where traffic is going at any point in the system See .
>You got this from an advertisement didn't you? Not at all. That number came from an article written by FBI agent who infiltrated several pedo networks during operation pacifier and was was revising the entire system from the inside.
>normie traffic actually is normie traffic It's called clearnet, normies.
Onion and i2p were made BEFORE Tor client existed even in the plans, you dumbo. Tor was a byproduct.
Jeremiah Sullivan
>Tor hasn't been broken. Only anons with bad opsec and bugs in server and browser software. ...FBI was honeypotting and tracking back to real IPs of pedobears from EXIT nodes (that means - through the ENTIRE line) for months.
Cops aren't the same thing as feds. If he was specifically asked about feds, then he's feeding you misdirection so that he doesn't get a boot up his ass.
Tyler Rogers
>>it is literally impossible to know where traffic is going at any point in the system >See . Prove it, the burden is on you. >>You got this from an advertisement didn't you? >Not at all. Doesn't matter. It's wrong. Tor project owns most nodes in the network and they did a study and this is 100% a lie. >It's called clearnet, normies. No it's not. You can setup servers on Tor not going through clearnet where the sever isn't anonymous but the client is. Stop pretending you understand Tor, you don't. >Onion and i2p were made BEFORE Tor client existed even in the plans, you dumbo. Tor was a byproduct From Wikipedia brainlet >Onion routing was developed in the mid-1990s at theU.S. Naval Research Laboratoryby employeesPaul Syverson, Michael G. Reed, andDavid Goldschlag[3][4]to protect U.S.intelligencecommunications online. You don't know shit about tor >FBI was honeypotting and tracking back to real IPs of pedobears from EXIT nodes (that means - through the ENTIRE line) for months. Tracking from an exit node does nothing. There's layers in-between. You do not understand Tor. Also, only clearnet has the concept of an exit node. Everyone knows that hidden services are safer. That doesn't mean Tor was broken. Actually you proved my point. >>implying military isn't criminal Heh. In the government's eyes the government does no wrong. (Sorta) >Cops aren't the same thing as feds. If he was specifically asked about feds, then he's feeding you misdirection so that he doesn't get a boot up his ass. My term. It's quicker and generic. Fuck off.
>Tracking from an exit node does nothing. Yeah, uh-huh. Except for just getting the real IP.
>There's layers in-between. Tracking through the ENTIRE line as in nodes, layers, etc., you dumb fuck.
Charles Williams
>like short onion addresses >they have full addresses now like i2p I've kind of missed on all of this back when it was a thing. How short they were and how long they are right now? Is it same as in like, for example, moving from 16 bit to 32 bit and then to 64 bit address space?
Ethan Collins
Does he still use it, or is it fucked now and he moved to something better?
Eli Gray
The only good journalist is a dead one
Good luck broski, make sure you find someone important to attach yourself to for protection
Adam Murphy
>>Tracking from an exit node does nothing. >Yeah, uh-huh. Except for just getting the real IP. Exit nodes are two layers away from the client making the request. >>There's layers in-between. >Tracking through the ENTIRE line as in nodes, layers, etc., you dumb fuck. Prove it. The short addresses were actually a hash of the public key. Now you can resolve using the public key itself. The advantage is now there's no need to look up the public key if where you're going to and a misbehaving node cannot lie about the existence of a address upon lookup.
Adam Martinez
>Define "bad" nodes. nodes that are ran to be malicious, such as trying to MITM users.
Anthony Williams
>Either explain in detail, or stop shitposting. At this current time you presented no feasible argumentation. duckduckgo and qwant use yahoo/bing results. startpage uses google. searx uses all of the above. at the end of the day, you're still supporting the botnet. >Quality argumentation on "why", please. fantastic granular control over which search engines you use. safesearch disabled by default, unlike the other engines listed.
Connor Hernandez
>there mere fact alone Tor browser project didn't move from firefox after what happened two years ago, means FBI could always try finding and exploiting new holes in this browser's security in the future this would apply to any browser tor uses. firefox is simply the best option available.
Leo Allen
>this would apply to any browser tor uses. firefox is simply the best option available. This, Tor project has said that chromium is difficult because of all of the direct tracking.
Brayden Gutierrez
0-day firefox exploits have revealed bare IPs. tor itself hasn't been compromised. correlation attacks are less possible than ever.
Brody Hernandez
This
Robert Hughes
>at the end of the day, you're still supporting the botnet How is it a botnet if a search engine was designed for onion/i2p and has end-to-end encryption? Especially since some search engines are openly clearnet (Ahmia), while such ones as Candle and Torch are hidden by default?
i'm not talking about hidden service search engines. i'm talking about clearnet "privacy oriented" search engines.
James Wood
are you using tails?
Connor Thompson
No.
Dominic Baker
>> to understand grown up talk. How cute.
Nolan Taylor
That one guy that’s serving prison time that started the Silk Road. Which is total bullshit, honestly. That’s like the owner of a Walmart getting arrested because bums deal crack in the back isles.
Robert Russell
>0-day firefox exploits have revealed bare IPs. tor itself hasn't been compromised But Tor browser uses firefox as a base.
Adam Nguyen
>firefox is simply the best option available How so?
Christian Jenkins
>Tor is the Tor browser
Can you stop being retarded please
Anthony Fisher
And OP asked about best (by Jow Forums's opinion) search engine aimed at hidden service search
Robert Robinson
Tor browser is he go-to for majority of people nowadays. Be that normies or not. You're clearly trying to avoid the point by acting like a shitty asshole.
Justin Adams
You can run Chromium through Tor network as well :^)
Is a live boot of TAILS through a librebooted burner laptop on public/shared/someone else’s WiFi still pretty much the safest way to go? What about using QubesOS? How do you even anonymously buy a TAILS USB or disc?
Chase Diaz
just use .onion.to in your normal browser, so much easier
Jack Cruz
>That one guy that’s serving prison time that started the Silk Road. He got caught for trying to hire a fake hitman and they needed an undercover to show that he can log in because they couldn't CRACK THE ENCRYPTION. Dingus
>tying yourself to your home network making it infinitely easier to identify you never gonna make it
Daniel Morgan
Chromium is better than Firefox. Also Mozilla forces telemetry even if you disable it via about:config. Mozilla is fucking horrible.
Gabriel White
sure the technology may be compromised, or "they" may have some people inside, control of few sites nodes or whatever but "they" won't burn they cover just to catch you buying some drugs, or fap to some pedo shit. No one would risk burning their whole operation to catch such a small fish.
