Half of all Tor sites compromised, Freedom Hosting founder arrested.

[oda.krell]

Tor was not compromised. Only the servers hosting half of the hidden service and users browser if JS was not disabled.

For those only skimming this thread, this is the correct answer. (doesn't mean it isn't pretty bad, but an important distinction to be made nonetheless)

[01BTC10]

In any case, wouldn't it be possible to build it right into the browser? I mean, everything in the browser, all plug-ins, etc... would either not work, or would have to go through tor. Thatd be much more convenient than having to completely re-boot into an entirely different OS just to use tor.

You don't need to reboot anything. It's working with 2 virtual machine on top of your actual OS.

[2weiX]

In any case, wouldn't it be possible to build it right into the browser? I mean, everything in the browser, all plug-ins, etc... would either not work, or would have to go through tor. Thatd be much more convenient than having to completely re-boot into an entirely different OS just to use tor.

You don't need to reboot anything. It's working with 2 virtual machine on top of your actual OS.

Or something like this: http://learn.adafruit.com/onion-pi/overview

[01BTC10]

In any case, wouldn't it be possible to build it right into the browser? I mean, everything in the browser, all plug-ins, etc... would either not work, or would have to go through tor. Thatd be much more convenient than having to completely re-boot into an entirely different OS just to use tor.

You don't need to reboot anything. It's working with 2 virtual machine on top of your actual OS.

Or something like this: http://learn.adafruit.com/onion-pi/overview

Very nice I might try to build one.

[Kazu]

Kids, the way to use Tor is to have your firewall to intercept ALL your outgoing connections and route em via Tor proxy. Flash or no flash.

How does one go about doing this?

[FreedomCoin]

1. Disable JS
2. Enable NS
3. Use VPN for backup connection, NOT directly from your ISP.

4. be smart

[notme]

Wow, thats super legit. Somebody should build a chrome-os type thing off of that for clients. Its made for that type of thing. Problem is youd likely get very bad load times, am I right? Still, I'm sure some people would have a use for it.

Wow, with Whonix & Bitcoin, its possible to practically use the entirity of the internet, payments & all, without any privacy concerns whatsoever. Its good to the point of being disconcerting.

No.  Technology can not alleviate all privacy concerns.  You still need to engage your brain.  Even sentence structure and word choice habits can be used to pinpoint your identity.

In any case, wouldn't it be possible to build it right into the browser? I mean, everything in the browser, all plug-ins, etc... would either not work, or would have to go through tor. Thatd be much more convenient than having to completely re-boot into an entirely different OS just to use tor.

Again, no.  If you do it all in the browser, you expose yourself to browser exploits.  Browsers have pretty much the largest attack surface of any major piece of software.  Even with an OS based solution, you are vulnerable to kernel exploits.  However, kernels receive much better auditing and have a much smaller attack surface.

[bernard75]

http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/

[AntiOps]

Tor was not compromised. Only the servers hosting half of the hidden service and users browser if JS was not disabled.

For those only skimming this thread, this is the correct answer. (doesn't mean it isn't pretty bad, but an important distinction to be made nonetheless)

Thanks

[Zeek_W]

Well isn't that something! I just assumed most exit nodes were honeypots and never bothered snooping around .onion sites.

[bernard75]

This is an interesting point.
Why would the NSA infiltrate the network if they developed it and control enough exit nodes to keep extensive logs anyway?