this post was submitted on 27 Aug 2023

151 points (100.0% liked)

Privacy Guides

16796 readers

1 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.

You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...

Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!

This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.

Moderation Rules:

We prefer posting about open-source software whenever possible.
This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
No soliciting engagement: Don't ask for upvotes, follows, etc.
Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
Be civil, no violence, hate speech. Assume people here are posting in good faith.
Don't repost topics which have already been covered here.
News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
No misinformation: Extraordinary claims must be matched with evidence.
Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago

MODERATORS

jonah@lemmy.jonaharagon.net

151

How you can be deanonymized through Tor (monero.town)

submitted 1 year ago by ShadowRebel@monero.town to c/privacyguides@lemmy.one

16 comments fedilink hide all child comments

Please be aware when you're on Tor that you're not invincible. There are many ways things can go wrong, this article highlights a few key ones and gives you some solutions:
https://simplifiedprivacy.com/how-you-can-be-deanonymized-through-tor/

all 21 comments

sorted by: hot top controversial new old

[–] db2@lemmy.one 80 points 1 year ago (4 children)

Brendan went on in 2015 to become the founder and CEO of Brave Browser, which is promoted as a privacy browser by hiding and confusing your JavaScript fingerprints.

Altering links to add affiliate tags, selling data.. privacy my ass.

[–] Skimmer@lemmy.zip 18 points 1 year ago* (last edited 1 year ago) (2 children)

selling data

When has Brave ever sold data? I've seen other people claim this here on Lemmy too and I don't understand where it's coming from, I know Brave has had controversies but they've never sold user data, I'd love to see at least a shred of evidence for this claim, it's just FUD.

[–] nixfreak@sopuli.xyz 4 points 1 year ago

Just don’t use brave search engine, stick with ddg

[–] Franzia@lemmy.blahaj.zone 17 points 1 year ago (1 children)

Adding to this - Brave's business plan is to replace google as an ad service, but for an already targeted audience.

Brave's CEO has also made personal choices on Brave Search, I forget what the issue was.

Selling data though I don't know, I want a source.

[–] db2@lemmy.one 5 points 1 year ago

https://stackdiary.com/brave-selling-copyrighted-data-for-ai-training/

[–] t0m5k1@lemmy.world 11 points 1 year ago

He was only mentioned because of JavaScript and evading it. Really helps when someone tries to draw all the focus on one tiny part of an article.

[–] Tibert@compuverse.uk 7 points 1 year ago (1 children)

I think this is either very not well understood or I am missing an old brace news.

They did not alter any link.

They however were proposing an auto complete, when the user was typing a crypto currency website name, with their affiliate link. https://brave.com/referral-codes-in-suggested-sites/.

They did not modify any link the user imput without autocomplete or through a search engine. (also it's fixed).

Maybe I'm mistaken you are talking of something else.

[–] ultimate_question@lemmy.world 5 points 1 year ago

Even their "correct" functionality is sketchy AF, the average user would still have no idea what that URL tag meant and thus would not be making the informed choice the article implies they would be making

[+] ReversedCookie@feddit.de 51 points 1 year ago* (last edited 1 year ago) (1 children)

[deleted]

[–] 4am@lemm.ee 37 points 1 year ago* (last edited 1 year ago) (1 children)

This article is an ad for the VPN service setup done by the company who wrote it. They mention it several times in the article.

That’s why they are pushing VPN and self-hosted entrance guards; they want to sell you one.

[–] jet@hackertalks.com 17 points 1 year ago* (last edited 1 year ago)

This is privacy guides after-all, we should give a link to the namesake's take on the same topic. https://www.privacyguides.org/en/advanced/tor-overview/#additional-resources

and a shout out to this lovely tor graphic https://www.eff.org/pages/tor-and-https

(It's about https, which is the standared now, but the graphic is amazing)

[–] tal@kbin.social 16 points 1 year ago

JavaScript can be used to identify a user through Tor in a number of different ways. This is why Tor Browser comes pre-bundled with the “NoScript” plugin. This plugin can either reduce or disable JavaScript’s ability. When the plugin is set on the “Safest” setting, JavaScript is completely disabled. This level of security is required to completely stay anonymous and secure on Tor.

There was a point in time when I used NoScript, but years back, I stopped, as it had simply become impractical to browse the web with the degree of breakage that switching off Javascript by default produced.

I'm not saying that the article is wrong about it being necessary, but I think that from a functionality standpoint, that bar may be a high one. Maybe if you are just browsing a specific site or so, but I think that for general use of the Web, it's going to be a problem.

[–] Fizz@lemmy.nz 13 points 1 year ago (1 children)

de-anonymatized a laptop by having the webpage play a high frequence sound that is then picked up by the spyware in your phone is really smart. To truely be private online you need to be paranoid.

[–] NumbersCanBeFun@kbin.social 17 points 1 year ago

I’m extremely paranoid about my online activity for no other reason than I find it super creepy and weird that every website wants to know everything about me.

Can you like fuck off and not rape my computer for all it’s personal data every time I click a link? That would be great.

[–] privacyfalcon9899@lemmy.one 10 points 1 year ago

You can be anonymised in many ways. But, keep in mind that most of of them are sophisticated attacks which require a lot of effort. No organisation on earth has unlimited resources.

Why does a three letter agency spend this effort for you? Are you a very important target? If yes they can do it. If no, then your threat level is not that high. You don’t need ANONYMITY, you need privacy.