Tor Browser LESS secure?

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.

road_dad_will

Member
Jan 12, 2022
6
1
I ran Steve's ShieldsUP! on my work laptop running Windows 7 Pro (6.1) using Chrome and connected to my Pixel's hotspot. To my surprise, the results came back as positive as one could hope for:

File Transfer:
Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet
behavior requires port connection attempts to be answered with a success or refusal
response. Therefore, only an attempt to connect to a nonexistent computer results in no
response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's
very cool!) which represents advanced computer and port stealthing capabilities. A machine
configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Most Common Ports:
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited
or otherwise — was received from your system as a result of our security probing tests.
Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the
standpoint of the passing probes of any hacker, this machine does not exist on the
Internet. Some questionable personal security systems expose their users by attempting to
"counter-probe the prober", thus revealing themselves. But your system wisely remained
silent in every way. Very nice.

However, when I ran the program from the Tor Browser I had less than desirable outcomes:

File Transfer:
Preliminary Internet connection refused!
This is extremely favorable for your system's overall Windows File and Printer Sharing
security. Most Windows systems, with the Network Neighborhood installed, hold the NetBIOS
port 139 wide open to solicit connections from all passing traffic. Either this system has
closed this usually-open port, or some equipment or software such as a "firewall" is
preventing external connection and has firmly closed the dangerous port 139 to all
passersby. (Congratulations!)

Most Common Ports:
Solicited TCP Packets: RECEIVED (FAILED) — As detailed in the port report below, one or
more of your system's ports actively responded to our deliberate attempts to establish a
connection. It is generally possible to increase your system's security by hiding it from
the probes of potentially hostile hackers. Please see the details presented by the
specific port links below, as well as the various resources on this site, and in our
extremely helpful and active user community.

Unsolicited Packets: PASSED — No Internet packets of any sort were received from your
system as a side-effect of our attempts to elicit some response from any of the ports
listed above. Some questionable personal security systems expose their users by attempting
to "counter-probe the prober", thus revealing themselves. But your system remained wisely
silent. (Except for the fact that not all of its ports are completely stealthed as shown
below.)

Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests,
making it visible on the Internet. Most personal firewalls can be configured to block,
drop, and ignore such ping requests in order to better hide systems from hackers. This is
highly recommended since "Ping" is among the oldest and most common methods used to locate
systems prior to further exploitation.


Is it feasible that using Tor would actually make me more vulnerable? I am trying to establish the most anonymous method of researching sensitive material.
 

EdwinG

Well-known member
Sep 24, 2020
56
16
Is it feasible that using Tor would actually make me more vulnerable? I am trying to establish the most anonymous method of researching sensitive material.

While it is not impossible, it is highly unlikely. Normally, an application like the Tor Browser should not enable File Sharing services on your computer. It is more likely that the Tor endpoint has those ports exposed.
 

road_dad_will

Member
Jan 12, 2022
6
1
While it is not impossible, it is highly unlikely. Normally, an application like the Tor Browser should not enable File Sharing services on your computer. It is more likely that the Tor endpoint has those ports exposed.
That makes sense. Thank you.
 

PHolder

Well-known member
Sep 16, 2020
827
2
365
Ontario, Canada
I made a joke about porn because most people don't do anything online that needs the limited protections that Tor provides. Technically Tor sounds like it's anonymous, but it's not really, if it really matters. The fact that the malware as a service sellers all thought they were anonymous using Tor hidden services and digital coinage (Bitcoin or whatever) proved that out. As I don't consider murders or terrorists as sane people, I can't think of much a sane person would do online that would need the extra efforts of Tor to hide... maybe if you're worried about your ISP selling info that you're researching a disease... MAYBE. (In that case, just get a VPN, it's more reliable than trusting random strangers to host your Tor exit nodes where many of those are government controlled.)

In any case, if you want Tor protections, I recommend running a virtual machine and hosting a copy of Tails.

Edit: I guess if you're doing dark web security research... then you need to join the dark web. If that was the case though, why wouldn't OP just say that? (And they probably also wouldn't be asking the question they did.)
 
  • Like
Reactions: road_dad_will

road_dad_will

Member
Jan 12, 2022
6
1
Thanks PHolder. I will explore those suggestions...

As I don't consider murders or terrorists as sane people, I can't think of much a sane person would do online that would need the extra efforts of Tor to hide...

...and will submit for your consideration Messrs. Snowden, Assange, Rich, and any other number of whistleblowers, activists, and all-around narrative disruptors who may wish to have maintained their anonymity. As far as I know they were none of them murderers; however, I recognize the terms "terrorist" and "sane" are highly subjective these days.
 
  • Like
Reactions: DrBob

Aldo

Member
Sep 18, 2020
13
5
Similarly, ShieldsUp lists non-stealth ports on my VPN exit node. When I ran the test with*out* the VPN, the list showed no non-stealth ports on my cable modem / WiFi router. Yes, having those in two separate boxes would be better...
 

ldmia

Member
Oct 1, 2021
8
2
I ran the program from the Tor Browser
If ever there were a government-funded software project that is likely to contain spyware, it is the TOR Browser. And when it exfiltrates your data, sending it to an NSA server, you will never know because it's sent over TOR.

Fun fact, you do not need to use it at all: You can tell regular Firefox to communicate through the socks5 proxy on localhost, and run the TOR daemon from a separate account (in order to sandbox it).
 
  • Like
Reactions: road_dad_will