On Tue, Jan 3, 2012 at 20:42, Julian Yon <julian@yon.org.uk> wrote:

There's a good reason still to use the Tor Browser: it provides a "standard" environment which is the same as every* other Tor user's. Safety in numbers is never truer than with anonymity; compare with the Black Bloc tactic often used at demonstrations. If everyone looks the same it's much harder to identify individuals.

Tor is an infrastructure with a history of being developed and researched by experts in network security and anonymity. Due to its unique standing in the congregation of similar networks, Tor attracted a fair amount of academic scrutiny, which resulted in many refinements and extensions for resisting various types of attacks, and in documenting its known weaknesses. While I dislike the excessive stiffness of the project (RSA-1024? The 90's called, and they want their b military-grade encryptionb back) and inability to resist the status quo (what again is the reason for not making nodes relay traffic by default? beyond you publishing another conference paper on the oh-so-terrible dangers of that in order to pad your CV, that is), I trust the Tor project to produce something solid and to not grossly overestimate its security and anonymity guarantees. Tor Browser, on he other hand, is just some hack for mangling browser headers. Who develops it? Who scrutinized it? Were it the same people who recommended using the unstable and inadequate Polipo proxy (over-64 MiB files? Nah, never heard of those) instead of well-established Privoxy previously, due to some imaginary perceived limitations of the latter (reading manuals is boring, I guess)? Is there any evidence that Tor Browser prevents fingerprinting which is marginally more sophisticated than looking at some subset of browser headers regardless of their order? Or is the joke that is Panopticlick with its b bits of identifying informationb as state-of-the-art as it gets (mind you, I was able to fool it with Privoxy rules in LibertC), masquerading as TBB, although I know that the specific browser in use can still be fingerprinted differently)? Who cares b let's ship this junk in a bundle, and convince everyone of its utmost necessity. inb4: Yeah, well, that's just, like, your opinion, man. -- Maxim Kammerer LibertC) Linux (discussion / support: http://dee.su/liberte-contribute) _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE