Nonprofit Behind Tor Browser Asks for Corporate Sponsors to Help It Stay Afloat

After a round of layoffs in April, the Tor Project looks to corporate sponsors for financial help, but these benefactors will have no say in the group's decisions, it says.

After going through a round of layoffs, the nonprofit behind the privacy-enhancing Tor browser is looking to corporate sponsorships for an infusion of cash.

The Tor Project’s new membership program, announced today, allows the private sector to financially support the nonprofit’s work. In exchange, corporate sponsors can tout their association with the Tor Project, which is known for fighting for digital privacy and helping users bypass online censorship.

The first five sponsors are antivirus vendor Avast, search engine DuckDuckGo, secure OS provider Insurgo, Mullvad VPN, and cybersecurity company Team Cymru.

Back in April, the Tor Project cut 13 staffers, citing the economic impact from COVID-19, which left the organization with 22 employees.

https://www.pcmag.com/news/nonprofit-behind-tor-browser-asks-for-corporate-sponsors-to-help-it-stay

#Tor #Project

You are not anonymous on Tor - Last February, my Tor onion service came under a huge Tor-based distributed denial-of-service (DDoS) attack

I spent days analyzing the attack, developing mitigation options, and defending my server. (The Tor service that I run for the Internet Archive was down for a few hours, but I managed to keep it up and running through most of the attack.)

While trying to find creative ways to keep the service up, I consulted a group of friends who are very active in the network incident response field. Some of these are the people who warn the world about new network attacks. Others are very experienced at tracking down denial-of-service attacks and their associated command-and-control (C&C) servers. I asked them if they could help me find the source of the attack. "Sure," they replied. They just needed my IP address.

I read off the address: "152 dot" and they repeated back "152 dot". "19 dot" "19 dot" and then they told me the rest of the network address. (I was stunned.) Tor is supposed to be anonymous. You're not supposed to know the IP address of a hidden service. But they knew. They had been watching the Tor-based DDoS. They had a list of the hidden service addresses that were being targeted by the attack. They just didn't know that this specific address was mine.

As it turns out, this is an open secret among the internet service community: You are not anonymous on Tor !!

💡 Threat Modeling

There are plenty of documents that cover how Tor triple-encrypts packets, selects a route using a guard, relay, and exit, and randomizes paths to mix up the network traffic. However, few documents cover the threat model. Who can see your traffic?

👀 👉🏼 https://www.hackerfactor.com/blog/index.php?/archives/896-Tor-0day-Finding-IP-Addresses.html

#tor #onion #service #zeroday #DDoS #attacks #anonymous #poc #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

You are not anonymous on Tor

👀 👉🏼 https://t.me/BlackBox_Archiv/1252

#tor #onion #service #zeroday #DDoS #attacks #anonymous #poc #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

How to use Whonix | TOR Tutorial Part 2

Whonix is the safest way to be online and surf the web. Learn how to be anonymous and private with Tor Tutorial Part 2.

📹 Watch it via:
YouTube || Invidious || BitChute

• Part 1 of TOR series: HERE

• Download Whonix: HERE

📡 @howtobeprivateonline
#TOR #Guide #Privacy #OS

The Tor Project - Nigeria may shut down the internet as #EndSARS protests continue

If our website is blocked, you can still download Tor Browser. Email gettor@torproject.org stating your operating system. GetTor will send links to download Tor Browser from our supported providers.

If your ISP or government is trying to block access to the Tor network, you can use a Tor bridge to circumvent censorship. If you already have Tor Browser installed on your computer, select 'Tor is censored in my country,' then click 'Request a bridge...

https://nitter.net/torproject/status/1316455841294217216?s=19

#nigeria #censorship #tor #download
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

How to use Tor on your phone

In this anonymity tutorial, you'll learn how to use Tor on your phone - both Tor Browser and Orbot on Android, and Onion Browser on iOS.

📹 Watch it via:
YouTube || Invidious

🌐 Get TOR for:
• Android via: Website || F-Droid || Play Store
• iOS via: Apple Store

📡 @howtobeprivateonline
#TOR #Privacy #Guide #Browser #VPN

Nipe - An engine to make Tor Network your default gateway

Summary

The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It is used by a wide variety of people, companies and organizations, both for lawful activities and for other illicit purposes. Tor has been largely used by intelligence agencies, hacking groups, criminal activities and even ordinary users who care about their privacy in the digital world.

Nipe is an engine, developed in Perl, that aims on making the Tor network your default network gateway. Nipe can route the traffic from your machine to the Internet through Tor network, so you can surf the Internet having a more formidable stance on privacy and anonymity in cyberspace.

👀 👉🏼 Download and install:
https://github.com/htrgouvea/nipe#download-and-install

#nipe #tor #routing #privacy #anonymity #tool
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

No, the Darknet is not the stronghold of all evil!

The anonymization service Tor can be used for good and bad, a study examines what outweighs. However, this goes a long way wrong.

To obtain information about the usage patterns of the Tor network, scientists Eric Jardine (Virginia Tech/USA), Andrew Lindner (Skidmore College/USA) and Gareth Owenson (University of Portsmouth/UK) operated about 1 percent of the Tor entry nodes for about seven months between December 31, 2018, and August 18, 2019, and studied the connections that were made there.

👀 👉🏼 https://www.pnas.org/content/early/2020/11/24/2011893117

#tor #darknet #study #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

thenewoil@freeradical.zone - New releases (with security fixes): #Tor 0.3.5.14, 0.4.4.8, and 0.4.5.7

https://blog.torproject.org/node/2009​

A mysterious threat actor is running hundreds of malicious Tor relays

Security researcher claims to have identified threat actor running thousands of malicious servers.
Researchers claims the attacker may be trying to deanonymize and identify Tor users.
Evidence suggests the attacker, tracked as KAX17, is sophisticated and well-resourced.
The Tor Project has removed hundreds of KAX17 servers in October and November 2021.
Since at least 2017, a mysterious threat actor has run thousands of malicious servers in entry, middle, and exit positions of the Tor network in what a security researcher has described as an attempt to deanonymize Tor users.

Tracked as KAX17, the threat actor ran at its peak more than 900 malicious servers part of the Tor network, which typically tends to hover around a daily total of up to 9,000-10,000.

https://therecord.media/a-mysterious-threat-actor-is-running-hundreds-of-malicious-tor-relays/

#tor

We are experiencing a network-wide DDoS attempt impacting the performance of the Tor network, which includes both onion services and non-onion services traffic. We are currently investigating potential mitigations.

https://status.torproject.org/
#Tor #DDoS

#Iran: Circumventing #Censorship with #Tor

https://forum.torproject.net/t/iran-circumventing-censorship-with-tor/4590

Ahmia (https://ahmia.fi) is a clearnet search engine for Tor's hidden services. By providing a search engine for what many call the "deep web" or "dark net", Ahmia makes onion services accessible to a wide range of people, not just Tor network early adopters.

TorBot is an OSINT tool with the main objective is to collect open data from dark web and with the help of data mining algorithms, collect information and produce an interactive tree graph.

#Tor #DarkWeb #OSINT #tools

https://github.com/DedSecInside/TorBot

Quiet

Encrypted p2p team chat with no servers, just Tor.

https://tryquiet.org/index.html

https://github.com/TryQuiet/quiet

Currently in developpement stage so be cautious of your data

Quiet is an alternative to team chat apps like Slack, Discord, and Element that does not require trusting a central server or running one's own. In Quiet, all data syncs directly between a team's devices over Tor with no server required.

No email or phone number required, Unlike #Slack, #Discord, #WhatsApp, #Telegram, and #Signal, no email or phone number is required to create or join a #community.

End-to-end encryption, All data is #encrypted end-to-end between member devices, using Tor.

Channels, Organize chats in Slack-like channels, so conversations don't get messy.

Images, Send and receive images, with copy/paste, drag & drop, and image previews.

Files, Send and receive files of unlimited size!

Notifications, Invite links, Keyboard controls, Desktop apps

Android, Quiet works on Android, and F-Droid support is on the way.

#E2E #Chat #Quiet #Tor

Recent #Tor Exit Node Operator Raids and Legal Harassment in Germany
Article, Comments