I'm sorry, I was articulating in the wrong way. I meant "usecases" like "(other) things to do on the internet". So "use Tor Browser for some usecases and use other browsers like Vanadium for other use cases" would he what I meant.
Tradeoffs on running Tor Browser and Orbot?
- Edited
Clap2Grom673 It really depends, and you should know what you do/what you want to do with your browsing habits if you wanted me to really help you.
But basically to say the obvious, accessing .onion websites you should only ever use Tor browser, since it was actually made for that. Some sites are very hard to browse/access considering how the tor network works, or even totally unusable if you're using the Tor Browser, some sites where the security is increased if you're trying to login later on the same account you might get locked out in the same session , in 10min time frame just because of its very dynamic IP rotation, and you might even sometimes get a banished IP that makes you unable to access a site unless you request a new "route" for that specific site, making you change IP
- Edited
matchboxbananasynergy If you're using Orbot (or the Tor network in general) as a glorified VPN just to hide your IP, then using it for apps or other browsers is fine.
Using Orbot (but not Tor Browser) has any advantage or disadvantage compared with other VPNs like Mullvad or Proton?
Thanks
cdflasdkesalkjfkdfkjsdajfd
Orbot on android = tord on PC. (Can be configured as client or server/relay.) To connect to the Tor network or to run a relay, bridge or onion service.
- Edited
Firefox should run every tab as an isolated process. But sandboxing is not as needed as you may think.
It is needed to prevent malicious code exploiting the rendering engines from accesing even more. But in some cased those exploits could also circumvent the Sandbox.
I had a Discussion about this recently and to my surprise was told Mozilla rewrote many core components of Firefox in memory safe Rust. This automatically gets rid of many security problems, while Chromium afaik uses unsafe languages.
To this "another attack surface", yes maybe but you already have Chromium, which due to its usage is a way bigger one. Firefox circumventing hardening is bad though.
Also, Vanadium executes all Javascript. The torbrowser and firefox in general can use Noscript, which increases Privacy and Security insanely.
You need to change defaults and block every new Javascript, then whitelist every single origin you trust. The web is unusable without Noscript.
To Orbot etc, you can use it, but a paid good VPN may be better. After all Tor is way more anonymous than any VPN, but makes you a target more. With regular apps and Orbot you would constantly use Exit Nodes (I run one, do the same!)
The tor network is only good if connecting is private (public wifi, vpn) and you stay inside.
Also checkout i2p, there is a purplei2p fdroid repo that has a Conversations fork for i2p!!
missing-root Vanadium executes all Javascript. The torbrowser and firefox in general can use Noscript, which increases Privacy and Security insanely.
You can change site settings in Vanadium or other chromium browsers to disable javascript then enable it on a site by site basis. Lots of sites dont work well without it.
Vanadium does however disable JavaScript jit by default. Attacks against javascript jit are by far the most common browser exploits.
Tor browser disables jit in its high security levels but its active when set to standard security level as with standard firefox.
[deleted]
- Edited
missing-root The tor network is only good if connecting is private (public wifi, vpn) and you stay inside.
Why do you say this and what do you mean by stay inside? Seems like this is only a concern if you live somewhere where Tor is illegal or will cause excess attention from law enforcement (which some argue that any use of Tor will give you "extra" attention, but I digress). In that context then yes I guess one could say it's "only good with" because using Tor in itself would get you arrested, but that's not the case everywhere. If you're not concerned of your isp knowing that you're connecting to Tor then I don't really see it being a problem, unless you really need to conceal your IP address because there is a high liklihood of being targeted.
Bit off topic, but does anyone know if there's an Orbot equivalent for desktop (Linux)? By that I mean a simple to use GUI app that tunnels either the whole system or just specific apps through Tor.
missing-root Mozilla rewrote many core components of Firefox in memory safe Rust.
TorProject does the same with Tor Browser and c-tor.
C-tor development could still take years. In addition to security, the main feature is: Rust is multicore aware.
Then we relay operators no longer have to run dozens or hundreds of Tor-instances on a modern multicore CPU-server.
DeletedUser28 Orbot equivalent for desktop (Linux) is apt install tor
.
No GUI just edit /etc/tor/torrc
HowTO man torrc
- Edited
Damn edit fails
Tor runs by default in client mode & opens a socks proxy on port 9050.
Configure $software to use tor: socks4 or socks5 proxy localhost:9050
or 127.0.0.1:9050
TorBrowser has tor built in and binds default to 127.0.0.1:9150
Carlos-Anso thanks, didnt know about JIT in Firefox and try to find the setting to completely disable it.
Didnt know you could re-enable Javascript per site, but its still worse than Noscript which is per origin and also more granular.
And I have to say Chromiums settings suck. I tried following that tutorial to add Startpage, didnt work.
boldsuck there is the flatpak "Carburetor" which takes care of the proxy and also isolates it with Bubblewrap.
Most Distros use networkmanager, so you need to set the proxy there.
So it is totally possible, split tunneling probably not (mullvad bypasses that by spawning excluded apps with mullvad-exclude
). It simply needs a GUI in addition to Carburetor
boldsuck arti is already working, isnt it? At least for the local proxy.
[deleted] no idea what I meant with "stay inside".
I like tor but it puts a lot of focus on you. I prefer to use it behind a VPN. Alternatively randomized Mac address and public wifi.
For sure no cell data, home wifi maybe.
[deleted]
Fair enough. Why not go full spook and run a yagi and snipe wifi a mile away? xD
missing-root
Yes, but there are no binaries, you have to compile it.
I haven't tested it yet. I use Tor more on the server side for my relays and Monero nodes.
"missing-root"#p61472 Most Distros use networkmanager, so you need to set the proxy there.
Then the whole system uses the Tor network. Then I would directly use Tails, Whonix or Qubes. Or install it on the router network-wide.
I use different routes e.g:
$Browser via privoxy -> my ISP proxy -> www
$Browser, Console -> VPN -> Datacenter
I only use Tor for some hidden services (irc, bisq.network, haveno.exchange, Monero nodes) or to test my services/servers.