So how crippled does regular web browsing become using Tor safest mode?
I'm tempted to give it a whirl for a week.
Root my phone, flash something secure, leave VPN always on, and limit web browsing to Tor to get a feel for how bad or good it is.
The self inflicted contortions developers go through to justify the need to spy drive me crazy. Modern devices and bandwidth are more than sufficient to handle a vast majority of applications, but everything has to be cloud based rent-seeking-as-a-service.
> So how crippled does regular web browsing become using Tor safest mode?
In my experience, not really much. There's occasionally a few articles i can't read because they require JS just to display their blogpost but outside of HN planet, it's not that common (most people use Wordpress themes or other decent HTML/CSS templates).
The real problem is Cloudflare and other gatekeepers who claim to protect from bots and attacks, but are more likely to block honest people. If you know people using Cloudflare, please insist that they don't. If you really need DDOS protection because you're repeatedly been a victim, please use a decent network-level mitigation (as provided by professional hosts like OVH/Hetzner) not some shitty invasive DPI solution that will have 99% false positives.
An interesting aspect of Safest mode i enjoy is the web is "read-only" again with it. Well you can still POST stuff via forms, but it's an explicit opt-in operation. TBB's Safest mode is closer to reading a newspaper than the modern web could ever be.
As a nice bonus, the Safest mode is really resource-efficient. I can have hundreds (thousands?) of tabs open for days without leaking memory, and CPU is only used to draw stuff (no tab mining coins on my behalf). I don't know a single browser with JS enabled who can keep many tabs open without rendering my machine utterly useless due to overusing CPU/RAM. Hell, i don't know a single browser with JS who can prevent a single tab from using all of my resources. TBB's Safest mode is really the only modern way i know to browse the web on low-resource hardware (lighter webbrowsers exist, but they usually don't implement modern CSS3 features).
EDIT: I should mention that the only useful service i can't use with Safest mode is Gitlab. Because Gitlab still does client-side rendering for some reason?!
I think the biggest problem of surfing the web via Tor end nodes will be the Cloudflare captcha. As much as I like Cloudflare, their captcha makes the open web pretty much unusable through Tor. At least last time I tried.
We need to boycott Cloudflare and others like them. They are pretending to protect websites, but in fact they create a walled garden where they decide who gets in.
People who use privacy tooling are left out, people from poorer countries are left out (due to bad IP range reputation), and legit bots scraping websites are left out.
If you need DDOS protection, use network-level mitigations from your host and basic rate limiting. If you need to protect your admin area from bruteforce and known vulns, restrict it to localhost queries and use SSH tunneling with public-key auth. If you need geo-replication, think again, you probably don't: make your pages lighter (why JS? why custom fonts?) and reduce the number of queries at all costs (the biggest slowing factor on high-latency links).
You don't need Cloudflare, even for a popular international website. Designing your website properly will make it more user-friendly and faster to load. From anywhere in the world, it should be fully rendered before any similar Cloudflare-powered page could load the JS spyware blocking access to the content.
I can't tell if you're trying to say unrooted phones with stock carrier roms are somehow understood to be secure, or if rooting is mutually incompatible with security, or something else. Want to expound?
Rooting your phone means you obtain root access to the device, bypassing carrier restrictions. It does not mean you run it as root user day to day. That would indeed be insecure.
Rooting is not incompatible with security. Trusting carrier distributed software on a locked down device is far less secure than using a custom install of something like Calyx or GrapheneOS.
In my view, trusting Google, Apple, Verizon, t-mobile, or at&t is incompatible with security.
The idea that people having administrative access to their own devices is inherently insecure is vicious anti-consumer nonsense.
What's your threat model? Is it more secure that you as a user can execute root code? Or that your phone manufacturer can without asking for your permission?
Modern smartphones are basically spyware distros. I would argue it's far more secure to run a decent distro (Lineage/Replicant) with root, than it is to run any SamWeiMi crapware without root. Oh yes, the manufacturer's crapware has system privileges whether you ask for it or not, and so does Google Play Services, Google's universal backdoor for Android.
On paper, no root is better. In practice, even on a crap distro, rooting it will enable you to remove most crapware to reduce attack surface.
Also related: if you're concerned about security, you should probably only use applications from F-Droid.org repos. Google Play Store (and others) are just full of spyware! See also the Exodus Privacy project tracking trackers via static analysis of APKs.
Even with a custom ROM that includes no google anything whatsoever, you still should not have root... that's what I mean. Just like how you should always use Secure Boot (but LineageOS requires you leave it off).
My take is: Privacy is when people know who you are but not what you are doing. Anonymity is when people know what you are doing but not who you are (some people will argue this is pseudonymity but I disagree with them in a practical context). Basically Batman is "anonymous" and Bruce Wayne is "private".
There is also a difference between truly anonymous (where no connecting identity is established between different events) and what I'll call a form of pseudonymity (where an identity is constructed, with or without a known connection to one or more real identities, and that identity builds its own reputation). I do not consider Batman "anonymous" unless he does something without revealing that it was Batman who did it. Batman is pseudonymous, simply because "he" is a known identity, whoever may ever be behind it at any given time.
I don't know why the OP's comment is "dead" but here it is:
"
This project is a Void musl build with hardening configurations aimed at mitigating classes of exploitation that plague standard GNU/Linux systems.
We will soon include a kernel with PaX, grsecurity patchsets (plus additional patchsets), and gutted modules. Please read the feature list for more details on hardening measures. We have a publicly searchable matrix chat as well. Feel free to stop in and leave any critiques.
"
Old but relevant https://defuse.ca/truecrypt-plausible-deniability-useless-by... .Be careful with plausible deniability depending on your threat model as it's only efficient against a soft "lawful" adversary. It's probably a terrible idea against an adversary willing to resort to "enhanced interrogation techniques" (not mentioning the usual 5$ xkcd).
This article is about the problem of using TrueCrypt, which allows you to create a single hidden layer;
In case TrueCrypt usage is detected, the requirement to give out the hidden layer password would be quite reasonable, because then you can be sure that the container is decrypted in its entirety.
In the case of FractalCrypt, only part of the container can be decrypted, even knowing all the passwords; hence, denying the existence of truly secret data can be quite convincing, for example, by first giving out unclassified, and after a long interrogation giving out semisecret ones.
In addition, the article states that
> In other scenarios the feature can be useful. If the attacker has limited resources (i.e. can only torture you for 30 minutes), or if you are "innocent until proven guilty" under the law, then it can be advantageous to use a hidden volume. Just don't recommend TrueCrypt to your friends in North Korea, or at least make sure they use a hidden volume.
In most situations, such as a police raid or criminal robbery, you will not be tortured to death.
However, it is really better not to use FractalCrypt in North Korea.
