You see that? That right there is one of you, and you know who you are, loading Herg’s recent anti-Google article using Tor, I’m guessing safely using the Tor Browser Bundle on Windows as it requires no expertise to warm up. And based on this subsequent hit – “GET /…/js/organictabs.jquery.js” – I’m guessing you’ve got Javascript running.

This strongly suggests you’re not just using Tor for super-secret stuff like dealing heroin, laundering money and sending Wikileaks submarine blueprints but you’re browsing random blogs as well without disabling Tor. You’re using Tor for casual purposes. You’re mixing and matching.

If you had an account on this site or Slashdot perhaps and logged in your password might be in the wind given that possibly the majority of Tor exit nodes are rogue and sniffing, and if you subsequently went into your Gmail, as an estimated 92% of Internet users use the same password on more than one service, a bot might try to log into that account using the same password which might be the same. We don’t use HTTPS (though we should) and neither do many other sites on which you likely have accounts, so as you prance around through Tor, you might slip up and reveal information to expose your real IP, grab your email password and install a phone-home keylogger.

Sir, buddy, as I’ve explained, that means you’re in over your head and not good enough at using Tor for Tor to help you and that you are exposing yourself to an elevated risk. You’re lumping your traffic in the place the NSA, voyeurs and hackers look first because it’s so damn easy for them and because it’s target-rich data. Also, that you’re using Tor alone waves a red flag at the feds, and a federal court has ruled that your traffic is fair game to the feds without a warrant and many nodes are running Tor software with weak encryption. Not to mention everything’s super slow on Tor.

You’re not doing yourself any favors, you’re not proving a political point to anyone, you’re pointlessly putting yourself in real danger and I encourage you to stop using Tor. If you have to use something, at least check out I2P. And while you’re at it, if privacy’s a big deal to you, use another operating system unless you don’t believe this. If I were the movement-starting type I would encourage all webmasters to block all Tor exit node traffic to help make using Tor useless, or maybe turn this server into a rogue honeypot exit node to drive the point home. Save me the trouble please, I ain’t got time for that.

Thanks for checking out our website by the way. We generally don’t use it to scold our visitors.

Doug Simmons


Comments are closed.