Reply to: A general discussion on Tor

Thanks guys - that's put my mind at rest a bit

Ah, I see.

As far as viewing profiles goes, the short answer is that it depends on the security settings chosen by a user for their profile as to whether it can be viewed by anyone, or just their friends. Probably the easiest way to gain viewing rights to a locked down profile would be to look at someone's current friendlist, grab a profile photo from the friend, set up a new Facebook account in the friend's name, and upload their photo, then send a friend invite to your target. If they say they already have you added, just say "Yeah, I locked my account so set this one up to use while I get the old one unlocked".
Of course, as technically this may be identity theft, I wouldn't actually recommend it... just saying you could do it.

Not quite Lisa. Someone viewing Facebook via TOR would still be subject to the same restrictions as a regular user. So if you had your privacy settings locked down tighter than my agent's wallet they would see naff all.

So it is possible for people to view what's on your facebook account without being recognised as a 'friend' - can you tell I don't have a Facebook account

What do you mean by "access"? Do you mean log in as them? If so, then no - the TOR service itself doesn't bypass log in systems for normal websites.
What you will find, however, are lots of people selling services to gather those log in details for you.

A question for the experts on the panel - can you use one of these dark web type things to access people's facebook accounts without them being aware?? Sorry if that's a stupid question

Once configured the server can store the configuration offline, you basically use a normal computer with a web server running on a non web interface and port rather than external interface, then create mapping between that and the TOR software. The address is basically a public key, the server retains a private key which you would keep whether the server is on or offline. Of course if you binned the private key then you need a new address. I'm just paraphrasing the docs online and what I've read previous, no first hand knowledge of actually making it work though.

Apparently a lot of funding for TOR comes from the US DOD and probably other TLA organisations, no guessing why. It is particularly popular with dissidents, activists, journalists and any one else with an interest in dealing with them. The price paid for this service of course are the less tasteful services. The likes of Anonymous did take an interest in it the last few years, in particular cleaning up a lot of things they took objection to, which led to a bit of a mini war between them all. Not sure what the place is like now.

iPredator.se

Costs EUR6 a month, pay as you go.

Faq, Who's your VPN provider and what sort of costs are we talking about.

PM if you'd prefer. Ta.

I take that to mean that if you took a site down/up or restarted Tor, you would get a different address completely? Therefore no bookmarks would work and you would have to inform your userbase of the new address?

For most people though just being able to get to all the banned torrents sites is enough, simply using a non uk proxy usually does the trick

I don't like the sound of either TOR or the Dark Web.

If you are using a VPN then the type of traffic that you are using becomes harder to see because the packets are encrypted.

If anyone works out what you are doing, then they need to get the VPN provider to reveal which computer was given that address at that time. Many of the Swedish VPNs now don't keep any client records, so they cannot provide any information, even if they wanted to. Swedish law only allows for the data to be revealed if you are facing a criminal trial, and imprisonment of over a certain period (I think it's 2 years), so they can't legally be forced to reveal any information to the UK, even if they had the information to be able to release.

TOR is no longer anonymous, though, if it goes through one network.

As for 'dark web', they can be loosely described as websites you can't find on the WWW. In the case of TOR (there are others) the addresses end in .onion and are known as 'hidden services'. You have all sorts there, plenty of questionable things such as narcotics, extreme or child porn, malware for purchase, hackers and even alleged assassins for hire. However there are plenty of other sites and services reflecting the range of things you find on the ordinary WWW. There are a number of sites that are indexed and the addresses are freely shared, but I'm sure there are plenty that are only known to closed audiences.

The address of a site will actually be in the format http://idnxcnkne4qt76tg.onion the first part being generated automatically using a hash when a hidden service is started. The hashed address actually contains the routing path to the site, there is no registry such as DNS. The resulting idea being that a user can not figure out where the service is located, and the service provider has no idea who\where the user is.


From: https://blog.torproject.org/blog/hid...reedom-hosting

Ta