[ home / rules / faq ] [ overboard / sfw / alt ] [ leftypol / siberia / hobby / tech / edu / games / anime / music / draw / AKM ] [ meta / roulette ] [ cytube / wiki / git ] [ GET / ref / marx / booru / zine ]

/tech/ - Technology

"Technology reveals the active relation of man to nature" - Karl Marx
Password (For file deletion.)

Join our Matrix Chat <=> IRC: #leftypol on Rizon

File: 1660476771459.png (352.1 KB, 1446x920, tor_logo.png)


General thread about Tor.

Is there any problem with going to https://leftypol.org/ and then clicking on the .onion site? I can't store http://76i2c3hn55fcj5nut3tqlboqqbbh23zvphv7lefk3vftpx6wketlanyd.onion/ in my browser because it's in a disposable VM.




Desktop file like such:

Get a little scripty like such:

URL=$(grep 'URL' "$1" | awk 'BEGIN{ FS = "="} {print $2}' -)
VM=$(grep 'VM' "$1" | awk 'BEGIN{ FS = "="} {print $2}' -)
onion=$(grep "\.onion" "$1" )
case $onion in
        "") qvm-run-vm $VM firefox-esr $URL;;
        *)  qvm-run-vm $VM torbrowser $URL;;

(there's also qvm-open-in-dvm)

and put in a desktop file under /usr/share/applications/ and set it to exec your script for application/x-mswinurl mimetype (you might need to fuck with mimeinfo or mimeapps documents? idk :p dont remember, probably not, maybe u know better than I). Then keep a bookmark file and open them at your leisure… its not perfect tho - these days i use the desktop file system and just open in vim, then copy paste lmao



What happens when Qubes updates? Does this get overwritten and you have to do it again?


is it true that the tor network is run by glowies?


oh sorry i didnt clarify, but this goes in an appvm or smth, not dom0. The idea is to use a file manager as a bookmark opener.
Though when i was searching for this stuff i noticed my desktop file for the bookmark opener script was gone so it possibly does get rmoved, maybe after update, maybe if you just never use it like me

semi-tru. They used to be the bulk of funding, they rely on it and helped develop it, but the nodes are ran by volunteers, which for the most part seem like not-glowies. There are mechanisms for removing sussy nodes btw, and the tor people are pretty good. Lots of criminals rely on tor to keep them safe, and they are also huge contributors to the devs/foundation, and some more self-aware ones run nodes.

Also as a protocol for anonymizing IP and encrypting packets - it just works, it hasnt been broken, yet.


Id like to talk about how trustable is TOR actually?

> The code is open

Not everybody can read it, many checkers are not trustable and the CIA even admitted that it kills by using Metadata.

The Authority nodes are centralized, in universitys and maintained by ex government people from the CIA for example.
I also once read a study by a university on who funds the TOR project, tldr, over 80-90% the US government, mainly the department of defence.

So a system developed by the US government, the developers being mainly from them, it being mainly funded by them, the CIA killing based on metadata, it is fair to ask the question if we can even trust TOR.

So, since US agents use tor to communicate with their government they need us people to actively use TOR so they are more hidden, and of course they, if they could see everything on tor, would not arrest everyone who does illegal shit because they dont care about stuff thats not a threat to their money and deepstate. And there have been some moments where big bugs have been arrested by authorities by the FBI where we are still asking ourselves, AFAIK, how they knew of this bug/way of finding people over TOR. So how much else do they know in case they actually need to make someone vanish? The people behind TOR are definetly not trustable, but they hold the most power.

so what do you guys think about this?


metadata kills and it is what you said yourself so do not place your trust on services to hide your identity.


It's the best we have. Directory nodes cannot see what data is passed through the network. They're just lists of nodes in the network that clients use to build circuits.

What we really need is more nodes outside of fourteen eyes countries. This is difficult because the biggest nodes are on cheap VPSes because they're cheap. And the cheapest VPSes are in fourteen eyes countries.


Theoretically there are weakness, but it's a very low risk, especially if (You) specifically are not actively targeted (i.e. OP isn't Osama bin Laden). It's kinda similar to how any encryption can theoretically be broken, it just depends on how feasible it is in practice and that is how you need to weigh multiple options. Tor is not perfect, but it's still better than not using Tor at all. Also, no tool is going to prevent you from sabotaging yourself. Tor won't call you a retard if you try emailing your real name and address to the police for instance, that's on you. OPSEC is more than just downloading a program.

IMO more interesting question is the (geo)political nature of the Tor Project rather than the tool. On one hand Tor would be useful for RAF if it was still operating today. But at the same time Tor Project is clearly promoting its tool as a way to get access to Western propaganda in non-Western-aligned countries. For same reason even BBC and Facebook have their own .onion address. The people behind the project are idealistic libs who admittedly also oppose surveillance by Western govs, but effectively they are also helping with regime change efforts. I'm very suspicious of this Internet ideology where the whole world needs to be connected into a single network and all barriers need to be removed or bypassed. Just take a honest look of what Facebook is actually trying to achieve and why US gov is supporting it. The goal in the current situation is one-sided hegemony, not internationalism.


>What we really need is more nodes outside of fourteen eyes countries
There are though
I remember many nodes while using it being in like African countries and whatnot


That does not better much, there are very many gov malicious nodes and they can just create more if they need to. stuff like these are just flaws in TORs system in general. We need something better, actually we have. It just needs as much attention as tor and if it does we need to focus that this will not be overtaken by the people that are against us.

And the betters shit is I2p. It is already possible to go to clearnet with it with gates n shit, but thats what im talking about. If it gets as much attention we can fix all the bugs and make it eaiser and better. Or perhaps in the future well get something even better than I2p.


>Tor Project is clearly promoting its tool as a way to get access to Western propaganda in non-Western-aligned countries. For same reason even BBC and Facebook have their own .onion address
What other use of .onion services are they supposed to promote, in your opinion? Drug markets and child porn?


It's probably moderately secure, but don't believe by any means that it is foolproof. On paper, that the protocol seems mature or secure and that the source code is open seem to indicate that it is trustable. But in practice, the major involvement of glowies in the prominent maintainer organization and the interests of the U.S.'s deepstate are problems. For example, the maintenance devs easily can deliver information about security vulnerabilities to those glowies before proper fixes, if at all, are implemented into the codebase; for all people know, large stashes of zero-days could be in the feds' arsenal. The standard installation bundle uses the Firefox browser, slightly modified, as a front end, which introduces another plane of potential attack which is far more difficult to audit; modern web browsers are almost like a small OS in complexity.
And obviously the police run nodes, dark web hiddensite honeypots probably, and taps on exit node traffic, but that shit shouldn't be as much of a problem if good practices are followed.
Although the biggest but mundane obstacle is likely ironically not the security flaws but the wide proliferation of captcha and anti-DDoS, which even this website uses to prevent raiders and crapfloods, mostly justifiably.
Really the lesson is that Communists, of all people, should not be naive and place all their trust into utopian-inclined technologies and that a good, well-disciplined party is far better an asset than overreliance on individualistic security technology measures. Stalin could count on his Bolshevik comrades to try to save him if he had gotten captured by the police, but could the crime-boss of the darkweb S.R. marketplace say the same?


You're right, .onion services are absolutely 100% the way and only way to use Tor network, so they must absolutely and desperately be promoted by Tor Project, and the only good ones are westoid corps and propaganda machines, while everything else is 100% drug and pedo degeneracy, .onion drop points for whistleblowers don't exist at all, and in any case that would be a really bad showcase of .onion service design compared to a mere .onion mirror of MSM or megacorp social media site. Retard.


>The people behind the project are idealistic libs who admittedly also oppose surveillance by Western govs, but effectively they are also helping with regime change efforts.
Lol dumb cunt, that would be your nightmare wouldn't it, not being able to restrict information and contact with people around the world. Go fuck yourself and this FUD thread.
- Posted from my Tor browser


Where do people who post on leftypol discuss tech issues related to tor? IRC? I need something like 4chan cheat sheets on daily use.




Tor has a problem with decentralization, there are about 2.5 million users on Tor but only about 9000 relays and bridges.

I2P on the other hand has about 60000 - 74000 routers, most of them routing traffic.

It's way easier to compromise the Tor network than I2P, despite I2P having a significant smaller user base… or am I missing something?


Mostly trustable. As long as you keep your protection on Safest, you should be fine. I wouldn't be surprised if the gov. contributes to Tor because agents use it.


Does clearnet torrenting at the same time as torbrowser browsing reduce security in any way? Just legal torrents.

Anyone who asks about threat models gets cursed to die horribly.


It shouldn't, I can't think of any way it would.


Imagine throwing a fit about the fact BBC and Facebook thought someone out there might find their .onion services useful, and that the Tor Project had the audacity to not make their entire marketing campaign specifically target *you*



10000000000000% honeypot



A good idea for a hidden service is an e-book library, or general warez stuff that you have and want to be able to share anonymously


Theoretically it can actually, not wrt security but anonymity.

Imagine your Internet connection is spotty (and maybe not by chance). An observer could notice that the pattern of your torrenting connections matches the pattern of some endpoint Tor connections, so it's possible to correlate the two. However that would require detailed monitoring of a huge chunk of the global network.

You might think the US would spend resources on such extensive monitoring only if its existence was fundamentally threatened, but these days even a hobby weather balloon is an equal threat to the US gov as Al Qaeda going nuclear. So all of our threat models need to be completely revised.


File: 1682056038442.jpeg (58.85 KB, 900x675, nghhh.jpeg)

what chat clients can I use over tails safely and reliably?
I am using element over tor browser and it sucks pee and poo and cum and encryption breaks every session
I can use a persistent storage
>don't use tails it's not a normal OS n000b
my shit is broke atm. I need to use tails for now
matrix? irc? xmp?
idk wtf I am doing but I am happy to learn
wat do?


find a client with socks5 proxying and configure it with torsocks (
hexchat for irc, gajim for xmpp, element for matrix ig


ok I'll check em out thanks


be aware gajim has a decent amount of security vulnerabilities, not as much as other XMPP client implementations, that you should keep up to date on


gotcha. do you know what the deal is with pidgin?


Is there anything similar to tor that doesn't have open connections to glowies like tor does?






>4chan - garbage.
>Reddit - garbage.
>Any altchan (except for here, not including Tor IBs)
>Element (formerky riot.im) - not actually encrypted or safe, given how they can still see what you're doing, provided that your homeserver is matrix.org. i'd watch out. You can self-host, but that requires maintenance and technical know-how (+ a registrar that won't kick you) assuming you run a server of your own. But if you want to find one? Self-hosted Element instances are hard to come by, namely because no single list of all the differebt websites that have their own Ekement chat client. So you're just gonna have to know what you're looking for. So is it centralized? Pretty much, yes.
>Viber - requires a GSM number. You cannot use VoIP. So as a result I never used it.
>Discord - garbage.
>Telegram - AGAIN centralized. You do know they can see everything you do on there, right (aside from maybe two way chats or invite-only servers, which even then that app glows)
>Yahoo Answers - rest in piss. Also, fuck Yahoo.
>YouTube - censors people with their stupid fucking algorithm that they only implemented until after Charlottesville. It was first about "extremist content" on the site, but now its been taken to a new level to include literally EVERYBODY. Thanks a lot, N*zis.
>Google - See above. Also, GARBAGE!
>the Daily Stormer/The Purity Spiral/other "white nationalist" blogs and forums.
>Encyclopedia Dramatica - moderated by a literal sperg/lolcow (Umkemesik) who got trolled by some pedo who he later banned (Likeicare & Addie were the only two on that entire forum who actually knew what was going on). Actually, this website has had serious owner issues ever since Girlvinyl left, starting with Zaiger.
>Kiwi Farms - fuck Josh.
>Forums - are dead.
>anything mental health-related (like Sanctioned Suicide) - doesn't help anybody as opposed to having IRL friends (to which I have none). Generally not a good place to go due to trolls. Man, people these days. When I was depressed, what I found that helped was writing journals and the like.
>Dropbox and other file sharing sites - just learn how to seed magnet links you fucking retard.
>incel websites and other 'manosphere' forums - garbage. Also, cringe.
>columbine fanboy terrorist shit - don't get the feds knocking on your door. Avoid edgy websites and making edgy searches on Google. That's all I can tell you.

And I think that should be it (although there's probably more). Anybody got any more good ones?


beware: green thread


This is a matter of Tor vs. ICANN. The only exception are apps.


Centralization/decentralization is irrelevant if what's being sent is encrypted by yourself.


Btw did you write all that while jerking yourself off in front of a mirror?


Also, fuck Bitchute, Coinbase and BitStamp (along with any other KYC BTC exchange). Use localmonero.co.


"Decentralization" is a reactionary shibboleth
There's nothing wrong with ICANN


You can make a pony and put furniture in they house and eat broom.
<any site / frontend that's just a document with forms but you need javascript for the page itself to load. Even most social media would do fine with a hydration method like how Astro does it. Fuck infinite scrolling.
You can make a static site without having to set up a server first, good enough for a lot of use-cases, and a good learning tool. Self-hostable too so you can provide a similar service to friends.
<Any site that overrides right clicking with it's own shit: fbi.gov, misskey, a lot of academic software, ect…
Glows even if it meant well due to naive implementation.
Glows because it's literally made and shilled by feds. Also makes people reactionary against decentralization as a concept by being the stupidest implementation of a decentralized system imaginable. See: >>19459
I think YouTube or a YouTube competitor like BiliBili (I've never used BiliBili but I assume it doesn't) should just have a 'recently uploaded' page, seeing people just use the site like one would imgur gives me hope for a post-search engine internet.
<search engines
You never needed it, and if you do it's only because other people are using it, so you have to use it to keep up with them. Drinking coffee forces your coworkers to drink coffee. Critical support for AI spam articles.
I haven't got into it but I like the concept, gonna try it this summer.
People need to learn to do modpacks in a way that doesn't rely of some centralzed shit to work. Like just host your mods on github and make a bash script that wgets the releases.


ISPs cannot accurately monitor all of their internet traffic, but they can filter IPs and DNS requests. If TOR immediatly puts you on a list, using it is a gamble on if any of the sites you visit are monitored. I think traffic correlation is a meme for anyone other than high-profile darknet dealers and can be mitigated with the right tools.


this is true if you have no friends and spent all your time looking at loli hentai


wow amerikkkans truly must make everything center around this huh?


clarify please
>center around friends
no, amerikkkans can be remarkably asocial
>center around hentai
true for a lot of porn-addicted reactionaries (as if there's any other kind)


Massive American projection at play here.


you can't read.




This is Substack but better because it lets you do fucked up CSS shit like old school Tumblr except it's even better than Tumblr because you won't get death threats for not shipping Doctor Who with some other BBC IP


>because you won't get death threats for not shipping Doctor Who with some other BBC IP
Lmao. Kinda miss tumblr though.


SS is pretty nice desu


>only use tor with nyx log window open
>browse innocuous onion sites
>nyx sleeps
>browse my /leftypol/ onion
>nyx log always wakes after 20 mins and goes wild
>pattern noticing


Explain the implications for a brainlet like me pls. Is leftypol a honeypot?


Stop derailing the thread with this stupid shit
TOR is still the best anonymizer out there
I2P isn't a magic pill either


>An observer could notice that the pattern of your torrenting connections matches the pattern of some endpoint Tor connections, so it's possible to correlate the two.
I could be wrong but aren't there a lot of people torrenting different things at the same time ? Seems to me it would be hard to correlate the two, especially if the user hides his location.


do you use Qubes?



change your app shortcuts in Qubes Manager to allow your disposable vms to Open File Manager.

Start your disposable by opening file manager.

use the text bar in file mangaer to navigate to home/user/.tb/tor-browser

now you can double click on "start tor browser desktop" to open tor

from tor you can save bookmarks

since you have file manager open you can send the bookmark files from your disposable to Vault or another permanent qube.

you can also import bookmarks to your disposable from Vault and then to your tor browser when you make a new disposable.


Of course, you're not a real leftist if you don't.


Use the matrix


Fuck I didn't mean to bump. Nannies please merge into for thread


>1400 x 900 window size
oh fucking based thank you Father Stallman


could be the flare of the cloud


>be me, using tor n' stuff
>one day my tor traffic gets super fucking slow
>no matter how many nodes i try it's just SUPER fucking slow, can't load anything without waiting minutes
>decide to try using a bridge
>normal speeds are back
a-am i getting spooked?? are the feds fucking with me? say it ain't so bros


anyone can tell youre using tor by looking at your isp logs


sure, but is there a reason (a spook reason) to throttle it?
it's not like i'm being blocked from connecting to tor, i can, it's just slow as shit without a bridge


There's been cases of ISPs banning Tor but if that happened you wouldn't be able to use it at all. Maybe the relays you connected to at first are slow.


>There's been cases of ISPs banning Tor but if that happened you wouldn't be able to use it at all
yeah i don't think that's it
>Maybe the relays you connected to at first are slow
no, i tried like 30+ circuits and every single one was slow as shit
my speeds only went back to normal after i enabled a bridge


A fed wouldn't throttle your connection because then it means less evidence of whatever they're trying to get too.


File: 1700053845986.gif (45.37 KB, 300x64, clearweb_experience.gif)

Cloudflare® symlink to purgatory.


it could be a network-wide ddos, it happens sometimes, check the tor project's stats on the network

it could be that ur ISP just thinks ur a less important customer if you're connecting to Tor so they deprioritize ur traffic


Have you tried using bridges?

It might be your entry guard being slow. It shouldn't be, but your Tor client will keep using them if they are because they only change every few months.


File: 1700907238665.jpeg (76.17 KB, 748x561, gbecebwrpg.jpeg)

The sticker pack is cool.


Good way of telling TSA to detain your laptop.


five eyes glowies OUT!

StrictNodes 1
GeoIPExcludeUnknown 1
#ExcludeNodes {au}, {ca}, {gb}, {nz}, {us}
ExcludeExitNodes {au}, {ca}, {gb}, {nz}, {us}
NodeFamily {au}, {ca}, {gb}, {nz}, {us}
#UseNTorHandshake 1
PathsNeededToBuildCircuits 0.95


The full list is {AU}, {CA}, {US}, {NZ}, {GB}, {DK}, {FR}, {NL}, {NO}, {BE}, {DE}, {IT}, {ES}, {SE}
Onions are hopelessly slow with this enabled though.


Top countries for Tor relays are:
United States
United Kingdom

The problem is that relays are hosted where it's cheap, but those tend to be 14 eyes countries. Need more relays in Cuba and Nicaragua to make sure the glowies can't control the network.


They said "Five Eyes."


Thx for the info, anon. How does one configure this in the Tor Browser?


That's the problem with Tor, it is by and for the US government. it's good enough for some cases, if you live in an enemy state of the US (or the broader west) if you can safely and anonymously access it, it becomes very useful. or if you're trying to hide from other local personal danger. other than that, I'm not sure I'd trust it for anything else.


there is also the issue of it being mainly only hosted in free and democratic western countries, it's a shame because this makes the network less useful. hosting Tor anywhere else in the world is almost certainly asking for a death sentence.


Fwee and democwatic


yea yea yea, but compared to the rest of the world western countries are "free" and "democratic".
good luck trying to defend LGBTQ rights in a shithole in the middle of no where.


Good post. Yes Tor is technologically sound on paper but there are many variables that should be considered if using it for something actually illegal, or for whistle-blowing in the 5 eyes. Tors purpose as far as I can tell is to enable dissidents in enemy nations to the 5 eyes. USA built it to destabilize other nations politically. Government is in very close contact with the devs and there has been instances of known vulnerabilities being kept quiet for the CIAs benefit. I would suspect the CIA/NSA has the means and political leverage in the project to de-anonymize a target they were heavily interested in, it just seems to be the logical conclusion when you start looking at all the variables. Chances are you of little interest, even less so living outside of presumably NATO(you would have your own gov to contend with though)

BUT if you were someone of a high value living in the west, I would not rely on Tor to keep you safe.


If you criticize something then suggest an alternative. It would be much, much useful than listing Tor's flaws. I know about I2P but it's limited to its own hidden network, it's not for clearnet use.


>my capitalism is better than your capitalism


There may not even be an alternative for the specific use case you have. Just tread carefully, I think the thread can be summed up with that


>Just tread carefully
Well, this is obvious. Noone should trust anything blindly. That's why people don't trust systemd and Linux for example despite them being OPEN SOURCE!! IT'S OPEN SOURCE, GUYS, THAT MEANS IT'S PERFECT!!


Honestly for 99% of people you can trust Tor. If you're some big dicked alpha running some crazy drug service or doing highly illegal shit that people both care about and have a paid incentive to stop, I would not at all trust Tor to keep you safe and would completely remodel your anonymity setup and would look towards i2p or some more advanced setup between you and Tor


Wonder why the online drug cartel hasn't yet switched to something else like i2p, they seem to trust Tor way too much to run a multi million dollar highly illegal business. or are all those markets just psyops by glowies?


Some of them do, but they get dropped left and right and arrested all the time. Hard to say truly how they're getting fucked as well since we can only really go by what law enforcement says. Either way those types of people have to be looking over their shoulders forever once they get involved with shit like this. Also Im pretty sure there are i2p drug distributors but thats besides the point

Unique IPs: 17

[Return][Go to top] [Catalog] | [Home][Post a Reply]
Delete Post [ ]
[ home / rules / faq ] [ overboard / sfw / alt ] [ leftypol / siberia / hobby / tech / edu / games / anime / music / draw / AKM ] [ meta / roulette ] [ cytube / wiki / git ] [ GET / ref / marx / booru / zine ]