Happy Valentine's day! In this article I will discuss one simple but powerful strategy for better protecting your privacy.

The Problem

1. News websites are some of the absolute worst when it comes to violating people's privacy.

2. Ad-blockers generally work the same way that anti-malware software works. If there's no definition, or if the heuristic doesn't appear hostile, it won't block.

3. One-hop proxies do not protect privacy from abusers.

4. Abusers (news websites, data companies including artificial intelligence companies, stalkers who buy data from data companies, governments, etc) are everywhere, not just now but maybe when a new President of the United States take office.

5. Once your data is gathered, it's gone into a million black boxes, and a million other black box algorithms force content to you or censor content from you in ways you will never, ever know about.

I've been running Tor relays for over 14 years. Emerald Onion has been online for nearly 8 of those. Emerald Onion would not receive requests for user data from the US federal government if the US federal government had a way to get that data on their own. The NSA wouldn't have clearly stated (Snowden docs) that they will never be able to mass-deanonymize Tor users if they thought there might be some possibility to do so. And that's aside from the fact that the NSA is not the threat actor most people need to be worried about. Abusers like data brokers that enable other abusers are not global passive adversaries.

A global passive adversary is a threat actor who has visibility over a large percentage of the world's internet traffic, who has the funding to permanently store metadata associated with encrypted traffic, and who has the funding to develop tooling to automate the analysis of said captured traffic.

Problem #2 above is not often understood in the context of Tor Browser. Tor Browser, by default, provides false metadata to all resources loaded in the browser. If an ad-blocker doesn't have a heuristic or definition of a malicious web resource, the ad-blocker will fail you. If an ad-blocker doesn't or can't block HTTP GETs or POSTs to IP addresses (without DNS), the ad-blocker will fail you. Tor Browser, by default, without any configuration or payments for services, blocks or prevents the vast majority of privacy-invasive HTTP risks. And, ad-blockers don't change your IP or IP subnet.

Safety By Default

Take back your power. Find ways to use Tor. Find ways to improve some of your habits. Start changing your habits when interacting with news websites.

Only ever download Tor Browser from the source: http://torproject.org/download/

Tor's anonymity is most effective when you treat the internet as read-only. Meaning, minimize signing into web services in Tor Browser unless the service you're using is safe, like most fediverse (Mastodon, etc) instances.

Tor Browser has issues accessing many websites online. What you can do to help this situation is to focus on the ones that do not block Tor. My biggest source of news is from Mastodon. What i do is i log into Mastodon in Tor Browser. This way the links that I click from Mastodon open in Tor Browser.

Invaluable: archive.is

If a news site doesn't load in Tor Browser, I can easily copy the link into archive.is, also opened (and pinned) in Tor Browser. Archive.is is sadly in love with Captchas, but once you move past one, it's worth it.

1. Archive.is will commonly have the news articles that you want to read captured, and without paywalls, Javascript, vidoes, and other noise.

2. If archive.is doesn't have the article you need, you can have it get it for you. It will take a minute for it to cache the target news article, but once it has it, you can read it. Privately in Tor Browser.

I also co-seed Democracy Now! episodes (in 1080p resolution from the Internet Archive) at news.disobey.net, which I can stream in Tor Browser without interuptions.

These are just some of the simple but powerful ways that I use Tor Browser.

Be safe out there!