'awokd' via qubes-users:
> On Tue, April 3, 2018 11:42 pm, Giulio wrote:
>> 3) Not using tor in order to download files prevent only man in the
>> middles attack coming from the tor network, your provider, your
>> neighbors, your dns server etc may still tricks you the same way.
>
> To jsnow's
Hi Giulio,
Giulio:
> 1) Most website with a login do have https.
Yea especially now compared with a few years ago. Some still don't
unfortunately!
> 2) Which type of files are you talking about? If we are not talking about
> executables (i hope not) then Qubes do have disposable vms which
On Tue, April 3, 2018 11:42 pm, Giulio wrote:
> Just a note, it all depends on your threat model. Be careful that most of
> the solutions you explained have each very different implications: 1) Most
> website with a login do have https. If they are hidden services they do
> not need it as traffic
Just a note, it all depends on your threat model. Be careful that most of the
solutions you explained have each very different implications:
1) Most website with a login do have https. If they are hidden services they do
not need it as traffic does not go through an exit node. If none of the
Hi everyone,
I've been thinking about ways i can increase security when using tor in
a whonix vm, and i had a few questions about the security risks of
browsing/downloading files over http.
I've looked up some info about it and i know it presents a security
risk, but i don't really know what i'm