Partnering with Mozilla
Mozilla announced that the Tor Project and the Center for Democracy & Technology will be part of their new privacy initiative called Polaris, a collaboration to bring even more privacy features into Mozilla’s products. We are honored to be working alongside Mozilla as well as the Center for Democracy & Technology to give Firefox users more options to protect their privacy.
Why Mozilla?
Mozilla is an industry leader in developing features to support the user’s desire for increased privacy online and shares the Tor Project's mission of helping people protect their security online. At the core of Mozilla's values is the belief that individuals’ privacy cannot be treated as optional. We share this belief. Millions of people around the world rely on the protection of the Tor software and network to safeguard their anonymity. We appreciate companies like Mozilla that see the importance of safeguarding privacy. The Tor volunteer network has grown to the point that large companies can usefully contribute without hurting network diversity. The Tor network will get even better with Mozilla's help, and we hope that their participation will encourage even more organizations to join us.
The initial projects with Mozilla will focus on two areas:
Engineering support:
The Tor Browser is built on the Firefox platform and we are excited to have the resources of Mozilla’s engineers to help us merge the many Firefox privacy fixes into the Mozilla codebase. The increased attention from Mozilla will give us time to focus on finding and fixing new issues rather than maintaining our fork.
Network Support:
Tor's network size constrains the number of users that can use Tor concurrently. In the short term, Mozilla will help address this by hosting high-capacity Tor middle relays to make Tor’s network more responsive and allow Tor to serve more users.
We believe that the Tor Browser is one of the best ways to protect privacy on the web and this partnership is a huge step in advancing people’s right to freedom of expression online.
There was speculation in the
There was speculation in the past that Mozilla might be looking into integrating Tor support into Firefox, effectively replacing the existing private browsing mode, but the description of Polaris on the Mozilla wiki [1] falls short of this - has this idea been dropped (if indeed it was ever being discussed)?
[1] https://wiki.mozilla.org/Polaris
I don't think so. At least
I don't think so. At least we are still trying to get all or the most relevant patches into Firefox mainline to get the privacy of all Firefox users enhanced, too. It will take some time, though.
"At least we are still
"At least we are still trying to get all or the most relevant patches into Firefox mainline to get the privacy of all Firefox users enhanced, too"
Thank you so much, G-d bless you :)
This would be in incredible
This would be in incredible amount of additional load on the Tor network, so I don't think it's feasible in the near future.
Actually, if you look at the
Actually, if you look at the set of people who use private browsing mode, and then consider a subset of those that click the "make it private for real" button, that's a totally manageable 6-figure user number -- especially if organizations like Mozilla step up and help build capacity.
Check out
https://lists.torproject.org/pipermail/tor-dev/2014-September/007538.ht…
and the discussion around it for many more details.
i am so happy for everyone
i am so happy for everyone :D well done !!
Any love for the ricochet IM , onionshare and tails ?
Well, I guess this's the
Well, I guess this's the best news I heard this year! I'm no fan of Mozilla but...
But that ain't why I called.
I've been having issues, this year, with TBB's ability to open. Betimes I needed to log off the system to clear the failed .exe an' try for a second time to get connected.
TBB 4.0.0 too was a bust.
With TBB 4.0.1 I found it necessary to avoid designating an alternative folder for downloading data for this TBB version to operate without crashing the browser - which then requires re-installation.
But the .exe sequence is now seamless. It don't even require that I clear the task bar of wip links. It jus' leaps into action! I retried TBB 3.6.6. Same ol' story of draggin' its heels.
So, good job! Well done!
An' well done with y'alls Mozilla negotiations. We be proud of y'all!
Enjoy the holiday season. Y'all deserve it!
Your issue with 4.0.1 should
Your issue with 4.0.1 should be fixed in the next release. See https://bugs.torproject.org/13558 for the details.
I've read that there
I've read that there currently is too much middle relay capacity compared to the available exit nodes. While I do appreciate Mozilla's efforts, what is this going to achieve?
well - google.nsa have entry
well - google.nsa have entry node, mosilla middle and you win - you can tell them to select exit node!!! Some press on devs to tell you it's one node what you need and you have the nsa team at you toilet to get you some paper.
I'll be as clear as i can
I'll be as clear as i can with this:
If you are using tor, and you genuinely want to stay anonymous because of life and death circumstances, then you had better know the technology in and out, do your research, practice, practice, practice, and you should have much less worry than tor getting the resources it needs from the most solid browser ever distributed
Exit nodes are more
Exit nodes are more valuable, but more middle nodes is not harmful. The reason for this is that stable middle nodes are also guards, and we *do* need more honest, trustworthy guards. Having more guards effectively put up by mozilla reduces the strain on exit nodes because they have to act as guards themselves less and are able to put more resources into pure exit traffic (exit nodes are also middle and guard nodes most of the time, even if their primary traffic goes to their exit functionality). Furthermore, it means an attacker who is trying to mount a traffic correlation attack by putting up rouge guards and exits will need to invest even more resources, because even if getting someone to use a rogue exit is easy due to the relative lack of exits, Mozilla will provide high-bandwidth competition that reduce the chance that a client will chose the attacker's guard.
tl;dr
More exits means faster and safer Tor, but more guards is always a good thing too!
<3
<3
Mozilla's a political
Mozilla's a political organization that also makes a browser. While I commend some of their activities commitment to privacy etc), they are also a left-wing organization.
And I'm saddened by this decision by Tor Project. Saddened because Mozilla Firefox is a 3rd-rate browser that's not as secure as alternatives. It lacks numerous security protections and it lacks a good sandbox. It's also vastly easier to exploit (as can be witnessed by looking at CVE reports from the past year).
Tor Project needs a better, more secure, web browser. Mozilla Firefox is simply not it.
Mozilla is working on the
Mozilla is working on the sandboxing/isolating content processes and should have something ready soon (you can test it already on the nightly channel). Additionally, we plan to start producing specially hardened Tor Browser builds soon, too. Thus, stay tuned. All the other browsers we have are worse if it comes to our needs and there is lack of resources to get that fixed.
gk, If we go by history and
gk,
If we go by history and look at growing pains that Chrome, Safari, IE went through, it will take Firefox team at least 3-4 years before their sandbox is as good as alternatives. There's just no way that their bolt-on sandbox will be any good right away. Maybe by 2017 they'll have something comparable to alternatives.
LMAO they are left, WTF does
LMAO they are left, WTF does that have to do with anything? are you saying the right doesnt give a fuck about privacy
Could you please elaborate
Could you please elaborate on the "alternatives"? Do you mean Icecat/Iceweasel (which would still be forks of Firefox) or completely different browsers?
I am always eager and happy to learn more
Almost sure you're using
Almost sure you're using similar logic:
Left-wing => planned economy fans => stalinists => totalitarian pigs killing mah freedoms => gulag oppression danger => NO NO NO
Ha-ha corporations
Ha-ha corporations =>corrupted govs "=> totalitarian pigs killing mah freedoms => gulag oppression danger => NO NO NO"
Seem the same end...
3rd-rate.... ever heard of
3rd-rate....
ever heard of noscript, adblock, ghostery?
I agree with the second
I agree with the second poster. At this point I wouldn't be surprised to find out that Cloudflare is being run by the NSA for the express purpose of turning people away from Tor and identifying Tor users. The amount of people using Tor will certainly not expand when every new TBB user loads up the browser for the first time and finds out that almost every site they use demands that they fill out a CAPTCHA (some of them in foreign languages and some of them not loading at all due to the connection to the CAPTCHA image being redirected to Google's own "too many connections" CAPTCHA page/domain which will not load inline like reCAPTCHA -- a CAPTCHA to load a CAPTCHA and it doesn't even work!) while suggesting that their computer might be infected with malware. Furthermore, whenever you do enter in one of these CAPTCHAs to view a website, you get a Cloudflare "verification" ID cookie. If your Tor circuit changes, so does your IP, and you have to fill in a new CAPTCHA to browse the site again. But you still have the verification cookie from the old circuit unless you've deleted it, so they can correlate the two circuits together. This is dangerous for inexperienced users who won't practice manual cookie/circuit management.
Am I the only one who finds Cloudflare ridiculous and scary? A few fluff pieces in the news about how it makes your website OMG FASTER and all of a sudden having Cloudflare on your site is common wisdom, like you'd be an idiot not to, and we have a centralized entity controlling who is allowed to access a large portion of the web, with no discernible competition even. It's a psyops wet dream. It spread like a virus.
If Mozilla/Tor Project want to do something really useful, they can negotiate with Cloudflare about what would need to be done to end this insanity, if it isn't simply a government asset like I speculate. Either that or start up a campaign to inform website administrators that they are blocking a very necessary anonymity tool for vulnerable users when they use Cloudflare. Or maybe your average web admin could just stop being such a gullible sheep that does whatever Wired tells them to...
NSA bribed RSA in the past
NSA bribed RSA in the past to weaken security. Maybe they are up to their old tricks and bribed Cloudflare the same way, and/or have a couple plants inside the company making bad decisions for them.
What a exciting news!!!
What a exciting news!!!
<3
<3
I feel safer using a fork of
I feel safer using a fork of Firefox maintained by the Tor developers. It was my understanding Tor forked Firefox because it reduced the workload on Tor developers.
That said, if some of the privacy fixes from Tor developers make it upstream into mainline Firefox. That would be great and reduce their workload even more.
Work smarter not harder. ;)
"I feel safer using a fork
"I feel safer using a fork of Firefox maintained by the Tor developers."
Same here. I don't trust Mozilla, the only difference between them and google is they advertise caring about privacy, while google doesn't. No other differences exist in matters of Modes Operandi
Absolutely right.
Absolutely right.
And when that privacy is
And when that privacy is inconvenient to them (like, say, their CEO has different political views than them) they have no problem throwing him under the bus. The TorBrowser fork is safer.
Unfortunately, I have no
Unfortunately, I have no reason to think that the Tor Project would have handled a Brendan Eich-type situation any better than Mozilla did.
execs are public face of
execs are public face of corporation, aka "leadership".
insurmountable conflict when 'leader' of pro-freedom org opposes freedom.
so organization must fire 'leader' fire for malfeasance.
When you load firefox, first
When you load firefox, first thing you do is go to IXQUICK.COM and set it up as your home page
ixquick uses google results without maintaining a database on your searches
chech it out
tell your friends
Ixquick doesn't search
Ixquick doesn't search Google; Startpage does.
Er... tried to change UA
Er... tried to change UA string?
No, don't. Set about:blank
No, don't. Set about:blank as your homepage. Remember, ixquick / startpage or DuckDuckGo or whatever - another for-profit company. And it is quite a trend to do "We protect you" services. Do use them, as they don't add you hassle like as Google does with it's "automated requests" thing, but do not trust them anything else, what is not related to your search queries.
Why CDT instead of EFF as a
Why CDT instead of EFF as a partner? CDT is more demonstrably beholden to major tech companies like Google via New America and other avenues (e.g. their laughably weak policy positions on various pieces of legislation), and EFF--at least historically--has a reputation for having a deeper bench of technical expertise. I totally understand the rationale for partnering with Mozilla, but CDT is much less clear.
So Andrew, how did The Tor Project end up partnering with CDT instead of EFF/EPIC/PK/etc., and what value do you expect CDT to contribute to the project?
Did EFF offer to partner?
Did EFF offer to partner?
I would hope mozilla run Tor
I would hope mozilla run Tor Relay and exit nodes on every FF installation on the desktop in background.
**give the option to do so
**give the option to do so ;-)
--Mozilla has always been
--Mozilla has always been for privacy, on the other hand, Google does not care about privacy...good alliance with Mozilla.
--Cloudflare does not function well...it needs to change or be replaced.
So has mozilla given reasons
So has mozilla given reasons why it wouldn't want to host exit nodes?
I need help with regards to
I need help with regards to the Vidalia Bridge Bundle.
How do I delete the Vidalia Bridge Bundle off my computer?
My computer won't let me delete it.
I downloaded it as an experiment, my ISP does not block me connections to the Public Tor Network.
Any help would be appreciated.
that bundle is for you to
that bundle is for you to provide a bridge to someone else, and deleting it is click delete
When IE try to rules
When IE try to rules internet, Mozilla browser Save us.
Today we have a worst problem with privacy...
Tor project is the new revolution
Good idea and Good luck
No so great news considering
No so great news considering this:
http://www.infowars.com/almost-everyone-involved-in-developing-tor-was-…
https://www.torproject.org/ab
https://www.torproject.org/about/overview.html.en
Please read. It is funded, and is used by the government, but only because it works in obscuring identity.
and Mozilla is 'funded' by
and Mozilla is 'funded' by Google
this has ben posted many
this has ben posted many times what the point?Other than the government wants it up to hide what they do?
how much we must wait to
how much we must wait to test tor bundled in firefox??
Hmmm... No, no, no, I don't
Hmmm... No, no, no, I don't like the perspective of Tor
being swallowed by Mozilla, if that's what is happening
in any sense (of course you're not going to admit if it's the case).
Their money may be good to take, but what is the counterpart ?
Firefox has been turned into a 3rd rate dinobrowser, with especially dubious choices in the domain of security and privacy. I hope you can veto dangerous options and will stay fully free to build a more secure Tor browser. Better yet, I do hope this move doesn't mean you're going to stop providing easy access to standalone "Tor only" builds for popular platforms. I don't buy the "get anonymity by merging in the TBB-users crowd" motto.