[tptacek]

Because it's based on and thus only ever asymptotically secure as Firefox, which is not the most secure browser architecture, and because of the economics of browser exploit development, and the fact that Tor Browser Bundle collapses a whole set of valuable targets down to a single release train, we can be sure that pretty much anyone who uses browser exploits as standard operating procedure has a stockpile of TBB exploits.

[hackuser]

I've seen this advice before, but people need a better option:

1) Chrome over Tor? I've read that they don't integrate well (but I know very little about it).

2) Chrome to a (secure) VPN? How does a typical end user find a secure VPN?

3) ?

[tedunangst]

Re-evaluate whether the kind of privacy offered by tor is your number one priority. A lot of journalists have notes and work product and contact info they need to protect, but they're not living deep undercover. The information stored on their computer is far more sensitive than the list of sites they visit.

[hackuser]

> Re-evaluate whether the kind of privacy offered by tor is your number one priority

A good point. Though in fairness, that's why I included Chrome over a VPN as an option.

> The information stored on their computer is far more sensitive than the list of sites they visit.

Not that it invalidates your points, but I wonder how true this one statement is. First, remember that in addition to metadata Tor hides content (which may be redundant in the case of HTTPS-secured websites, but that's not a bad thing). Also, a journalists' metadata could tell you a lot about the who, what, when, where, why and how they are researching, and expose sources.

What is more valuable, knowing who a journalist is talking to and when, or knowing what was said? IM very HO, I think the former.

[jhlgkhkhil]

So how would you suggest browsing privately then?

[tptacek]

I would start by learning the difference between Tor and Tor Browser.

[jhlgkhkhil]

OK this advice is dangerous. The reason Tor Browser exists is because configuring Tor for safe use is difficult...

[tptacek]

I'm confident that it's the opposite of dangerous advice.

[jhlgkhkhil]

Interesting please tell me more.

[mjg59]

Using Tor Browser as your primary browser is a bad idea because it's way behind on security features and you mark yourself out as an interesting target. Using Chrome over Tor is strictly better from a privacy viewpoint than using Chrome on its own. So it depends what you're optimising for. If privacy is your absolute priority, the Tor Browser reduces the number of cases of information leakage but still requires you to have the discipline to avoid any other methods of leaking your identity. If you understand all the issues around that then you probably also understand enough to ignore Tptacek and use it anyway. But if you don't, using the Tor Browser leaves you in a worse position than you'd otherwise be in - you're less secure and you're probably leaking PII anyway.

There are cases where using the Tor Browser makes sense, but it's a terrible blanket recommendation. If you're not actively trying to hide your identity, using it will make you less secure than you would otherwise be.