You are already using protonmail, so you are already a shill. Electronic devices leave signatures and vulnerable to collection & traffic analysis. I would suggest removing all electronics from your residence and relaxing for a while. Take a break as you say, all systems have flaws. Rely on PGP for security in your own private keys and do not trust anything or anyone else.
> On Feb 17, 2018, at 1:58 PM, Wanderingnet <wandering...@protonmail.com> wrote: > > I am putting Tor on the back seat after months and months of arduously trying > to improve Linux distros (several) for this purpose, and looking at the > various sec options on offer including Tor, in part for precisely the reasons > being described, albeit observed in the Tor Browser Bundle and in secure > distro conditions provided by TAILS. > > Tor Browser is indeed the recommended vehicle for Tor web, for all the > reasons cited. I have found its EFF fingerprint woefully degenerated from > that seen a couple of years ago, for no reason of which I am aware. Tor > Browser does not lack a fingerprint: it is uniform, the intention, like > TAILS, being that users become indistiguishable from each other. The EFF > profiling page used to produce radically improved results between TBB running > under Windows and the likes of TAILS, but I have been surprised at recent > results. I have seen this observed only once in forum posts when I searched > not so long ago. > > Feedback evidenc3, more worryingly still, suggests that Tor is doing worse > than the notorious DNS leak risk or cross-site fingerprint correlation, et > al, including where observed with TAILS. My view, like it or not, and I > suspect rarely observed, is that clearnet search engine behaviour using > 'privacy oriented' clearnet engines, and clearnet web randomizers, exhibit a > behaviour best likened to data analytics associated with commercial tracking, > keyword behavioural advertising, etc., in turn suggesting routine capture of > torified DNS resolution: since TAILS is regarded a secure Torified solution, > it can be considered to be least likely to leak DNS by other means, etc., and > provides a good litmus test for this fail. I encourage anyone to explore the > problem. > > Meanwhile, I have had to take a break from the Tor issue. I feel the TBB, > which contains everything needed to run Tor and includes all available > pluggable transport support in a constantly updated and readily available > form, would offer the best way to run Tor under Linux if linked to the Tor > service or daemon (ie. assuming Tor's init.d script and tor defaults can be > pointed at the data in TBB instead), allowing for iptables isolation > problematic or impossible with TBB itself, also a chroot-ideal isolated > package - rather than having to deal with the Debian package for vanilla Tor > or its single (practically depracated) Obfs3 transport package, or scrape > together further transports, etc., and install the Tor Launcher package and > then download Tor via its dedicated facility, making the browser impossible > to implement for live systems (ie. uninstalled). Again, I wonder why Tor has > been implemented in the way that it has and why no one else has suggested > this solution. > And that's just Tor. Then there is the work in cleaning up an OS to use > (Linux is now full of pockmarks and troubles, here, imo, and lacks a serious > solution - I actually hate using TAILS for its design and rigidity), and the > various other potential components of a secure system, assuming one is even > possible, allowing access to various sectors of the web (Clearnet, Tor or > I2P, which I lack any serious documentation for, Freenet, etc). Documentation > and disinformation has not helped, neither does having to leave trails of > forum memberships, emails signups, etc., somewhat counter to the intentions > of anonymity and privacy, surely. I am somewhat doubtful that Tor alone > really represents the threat the NSA is said to attribute to it, personally. > I have seen Tor claimed to have been 'broken' by the NSA, with typical > vagueness - though what I see resembles basic data analysis visible in online > feedback. I have had to work too long, observe and deal with too many > failings, where time is indeed money, and need a break, still more given an > apparently insurmountable glitch I do not see observed elsewhere. > > > > > > > Sent from ProtonMail, Swiss-based encrypted email. > > > > -------- Original Message -------- >> On February 8, 2018 8:54 PM, Seth David Schoen <sch...@eff.org> wrote: >> >> Dash Four writes: >> >>> Which part of "provided you know what you are doing" don't you understand? >>> >> >> You still can't mitigate the browser distinctiveness issue through >> expertise or caution, so you can't get the same level of cross-site or >> cross-session unlinkability that Tor Browser users can get. But >> indeed, not everyone needs cross-site or cross-session unlinkability >> for their uses of Tor. >> >> >> Seth Schoen sch...@eff.org >> Senior Staff Technologist https://www.eff.org/ >> Electronic Frontier Foundation https://www.eff.org/join >> 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107 >> >> tor-talk mailing list - tor-talk@lists.torproject.org >> To unsubscribe or change other settings go to >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
