• 0 Posts
  • 17 Comments
Joined 25 days ago
Cake day: December 1st, 2025
  • Skankhunt420@sh.itjust.workstoAsk Lemmy@lemmy.worldHow anonymous is tails linux?
    1·
    16 days ago

    There’s only been like 3 times mainly that have been found out about publicly at least

    OnionDuke Malware (2014)

    Operation Onymous (2014)

    Tor Exit Node Malware Campaign (2020)

    So it can happen but doesn’t happen often and the people who pull it off usually have virtually unlimited funding to do it. For the common person its still safer than rawdogging the internet

  • Skankhunt420@sh.itjust.workstoAsk Lemmy@lemmy.worldHow anonymous is tails linux?
    1·
    16 days ago

    That excerpt still says it was deployed to all the businesses listed above it, though. So yes it was being used however those businesses used it.

    And yes closed source components are inescapable (and also a potential threat) unless you use something that is GNU certified and I don’t even think a lot of them can even run the current version of Tails but I havent researched it in awhile. Maybe could run Tor browser though but if my memory serves correctly even stuff that is GNU certified has some proprietary hardware in it.

    But no, the irrationality here would be saying “because something is open source you should trust it automatically and ask no questions about it” which of course isn’t what you said but you implied that because something is open source its automatically to be trusted. And that’s not true.

    I never said not to use TOR or implied that, I said (and you can look back at my comments and see) that just because something is open source doesn’t automatically mean it is safe and trustworthy. And I don’t think its irrational to say that.

    This was all in response to someone pointing out that depending on what the person is using TOR for they should do more research about it and educate themselves on security of using it which is true.

    Never just see open source and assume complete safety or trustworthiness. Which is something people who have never used TOR do all the time and why you see the points I made being brought up around the conversation constantly.

    Open source doesn’t guarantee complete safety, you should still take other steps in addition to using open source to better enhance your privacy and security. TOR is great and I think OP and others interested should use it, but you should never blindly trust something just because it is open source and used a lot. Vulnerabilities can happen all the time, if they didn’t Tails wouldn’t ever need updated at all.

    Alternatives (that I wouldn’t really recommend) do exist and since you mentioned how none were mentioned the two that come to mind first is i2p and Whonix although Whonix uses Tor routing but is an alternative to Tails I guess. Still wouldn’t recommend them over Tails though.

  • Skankhunt420@sh.itjust.workstoAsk Lemmy@lemmy.worldHow anonymous is tails linux?
    1·
    16 days ago

    The algorithm has been included in the code libraries and software of major vendors and industry bodies, including Microsoft, Cisco Systems, RSA, Juniper, RIM for Blackberry, OpenSSL, McAfee, Samsung, Symantec, and Thales, according to Nist documentation, external.

    Whether the software of these organisations was secure depended on how the algorithm had been used, Cambridge University cryptographic expert Richard Clayton told the BBC.

    I wouldn’t say it didn’t affect anyone. And the thing about stuff like this is that this is just what has been found there likely exist many other things like this that won’t be found for a long time if it all.

    OP should still use open source, to be clear I never said they shouldn’t.

    But your comment implied that because it is open source it automatically means that it is safe and trustworthy and that isn’t true.

    Obviously your security is much better on widely used open source software and programs than on proprietary stuff that isn’t widely audited but it doesn’t guarantee your safety and that’s all I was pointing out.

    Also to add to this, since the discussion is about TOR I think this line of conversation is even more warranted and not just some “ritualistic” thing like your edit on that original comment says. TOR is 80% funded directly by the State department.

    Now, yes many talented software people are out there but the governments of the world have some of the best and it would be in all of their best interests not to disclose a vulnerability in something they could use against someone. You’re either the USAs ally or someone that is against it, either of those options would make you not disclosing a vulnerability in your best interests.

    So to automatically assume that software from a government that historically is against human and privacy rights is safe simply because it is open source is disingenuous.

    That said, I still recommend TOR and I like it a lot. But I do not recommend trusting something simply because it is open source. Since this user wanted an in depth conversation on the topic I don’t feel like its “ritualistic purity” to disclose all that I said above.

    It isn’t bad to be suspicious. If no one was, then open source wouldn’t even matter because no one would be wary enough to check.