About Teletype
Join
CryptoEndeavour
@cryptoendeavour
December 20, 2022

NYM vs Tor in Details

We've already figured out why VPNs are more marketing than actually protecting your privacy. But what about the Tor network. Yes, it does provide enough protection, but it still has its flaws and its problems, which we will talk about and see why NYM is better.

Introduction

It is commonly believed that the Tor Browser is a completely anonymous and secure web surfing experience that gives no one the ability to track the location of its users. But is that really true?

Tor does not guarantee complete anonymity, and there are many ways to de-anonymize its traffic. Below we will look at the most commonly used methods of tracking Tor Internet traffic.

Exit Node Tracking

The principle behind Tor browser anonymity is that Internet traffic passes through randomly selected relay nodes in its network before reaching the requested web pages. Hypothetically, this scheme makes it impossible to trace the origin of the traffic. A computer in this scheme can both initiate a connection to view web content and act as a node to retransmit encrypted network traffic to other nodes in the Tor network.

However, most of the traffic does come out of the Tor network. For example, if you access a Google website with a Tor browser, traffic is routed through many relay nodes, but eventually it must leave the Tor network and connect to Google's servers. So the node where the traffic leaves the Tor network in order to display a web page can be tracked.

In the case of you visiting a site using the secure HTTPS protocol (such as using your Gmail account), you have every reason to believe that your sensitive data is protected. However, if you use Tor to access an unencrypted website, it is always possible to track your browsing history, the messages you send, and your search queries. It's worth noting that the fact of running your own Exit Node imposes certain legal responsibilities. So, for example, governments in most cases use a lot of Exit Nodes to control Internet traffic, trying to track criminals or suppress political activists.

There was a famous case in 2007 when an IT evangelist was able to intercept the emails and passwords of a hundred email users by running an Exit Node on the Tor network. It happened because those users had not encrypted their messages, mistakenly believing that Tor could protect them through its internal encryption protocol. That is not how Tor works.

Remember. When using the Tor browser to send or receive sensitive content, always do so only through HTTPS sites. Don't forget that your traffic can be monitored not only by law enforcement, but also by intruders who may be interested in your personal information.

Plugins, JavaScript and other applications will give away your IP address

By default, the Tor browser has a fairly secure setting: Javascript is disabled, plug-ins cannot be run, and if you try to download a file or run it with another application, Tor will certainly notify you.

Generally, JavaScript is not a security vulnerability, but if hiding your IP address is important to you, you should not use it. The JavaScript engine, plug-ins like Adobe Flash, external programs like Adobe Reader, even video players can expose your IP address. The high risk of using the above technologies is due to the fact that many malicious sites have exploits that take advantage of security holes in them.

As mentioned above, Tor's default browser settings avoid these problems. Of course, you can enable JavaScript and plugins in your browser yourself, but if anonymity is your priority, doing so is not recommended.

To show that these risks are by no means theoretical, here's a case in point. In 2011, a group of security researchers got the IP addresses of 10,000 people who were using BitTorrent clients over Tor. Like other applications, BitTorrent clients present a vulnerability that can give away your real IP address.

Do not change your default Tor settings. Do not use Tor with other browsers. And do not attempt to use any applications, plug-ins, or add-ons with the Tor browser. It was originally configured in the most secure way to avoid many privacy issues.

Exit Node Launch Risk

As mentioned earlier, running an Exit Node (or Exit Node) can have some legal consequences. If someone uses Tor for illegal activities and traffic leaves your Exit Node, that traffic will be traced to your IP address, after which you could easily get a visit from the authorities. That's how a man was arrested in Austria, he was charged with publishing child pornography. He was arrested for having an exit node running. The Tor Project has a number of instructions for running an Exit Node. The most important is to run the node on a dedicated IP address through Tor.

NYM

Tor tries to solve this surveillance problem by routing a ‘circuit’ through three relays, which provides better privacy than single-node VPNs. Tor encrypts traffic multiple times, so that only the final Tor node can see the destination. However, Tor’s anonymity properties can be defeated by an entity like an intelligence agency that is capable of monitoring the entire Tor network’s ‘entry’ and ‘exit’ nodes. This is because Tor does not add timing obfuscation or cover traffic to obscure the traffic patterns in circuits, which can be used to correlate flows and deanonymize users. However, Tor’s design is expected to continue to be “best of breed” for web-browsing and other stream-based traffic.

Nym can provide more powerful network-level privacy for cryptocurrency transactions, e-mail, instant messaging, and any other message-based traffic. Unlike Tor, Nym’s mixnet design guarantees network anonymity and resistance to surveillance, even in the face of adversaries capable of monitoring the entire network, by adding cover traffic and timing obfuscation. The Nym mixnet is decentralized, rather than operated by a trusted provider like a VPN, as it uses blockchain technology and economic incentives to decentralize the network. Nym node operators are incentivized to run nodes and provide good quality of service and uptime. Software updates are governed through community adoption as decisions are made by the node operators and token holders.

Read more about them on their social media, website and blog.

https://nymtech.net/download/ (NymConnect App)
https://nymtech.net
https://nymtech.net/blog/#news
https://nymtech.net/blog#videos
https://discord.gg/nym
https://www.youtube.com/nymtech
https://twitter.com/nymproject

CryptoEndeavour
December 20, 2022, 17:49
0 views
0 reactions
0 replies
0 reposts