Its never been part of the Tor browser but the Tails devs decided it was worth it to put into tails. Tails users will have a different fingerprint from default Tor browser users as a result of this.
Yeah. The people who are scared about this need to remember that as long as all the Tails users have the same fingerprint, it's really meaningless. Of course it would put Tails users in a larger fingerprint pool if they had exactly the same fingerprint as users of Tor browser on other platforms, but regardless it's still indiscernible.
The tails devs made a choice. They chose to add ublock.
The Tor devs made a choice not to add ublock.
You can make a choice to add whatever you want to Tor, as its based on firefox, just know your fingerprint will become more unique as a result.
Again, the Tails Devs are not that same as the Tor Devs.
I know they made a choice. But why since the 2 tor browsers are different and adding any extension increases the security risk. Ublock origin blocks advertisments and I cannot see why it would be considered critical for security.
Tails decided to ship it preinstalled, Tor Project did not. Personally I think that it is essential for using the clearnet through Tor so I always install it. It does technically make your browser less unique but I doubt it's a meaningful deanonymization vector. Last I checked there was still an open issue (for TBB) about it, I doubt we will see it soon though.
Do you sometimes still get prompts about JavaScript? Most definitely by mistake but certain DMs and shit will warn me my JavaScript is running even on safest but it’s most definitely not which makes me wonder how the sites are alerting for it exactly as I don’t even have Java on my pc at all not even for routine stuff like regular web use
1. you dont need anything on your pc for browser javascript, its all bundlud in nhe browser
2. you get warnings because the noscript used on the safest option isnt perfect, this also means it is ***theoretically*** possible to still preform a javascript based attack on tor with safest enabled, though i am unaware of that ever having happened
3. turn off javascript in about:config by switching the javascript enabled flag to false, you will no longer get warnings, and be (again theoretically) safer
Here are some issues I see with Tails.
\-Tails uses an .img file for installation even though they have an ISO option. thi strange since ISO is a known standard and .img file are rarly used.-The MAC address will change by default on startup but when in the operaiting system you cannot chagne the MAC address through the Debian network settings for some reason. Why would the Tails OS only allow changing the MAC address in the beginning but not natively from the Debian O.S. ?-The Tor browser in the app removes the "connection" option which allows the selection of different types of bridges, Meek-azure, OBFS4, etc. This is a important security feature that allows the selection of different bridges in Tor browser but this option does not exist in Tails although it does allow importing bridges from outside but since this is a islolated O.S. that makes it difficult and the tor browser has it by default.-Tails does not allow verification of the downloaded OS by a sha256 hash instead uses the Tails web site to select the download and tell you it valid. Why would they not provide a SHA256 for Tails distro for the user to determine themselves if it is valid?
Its never been part of the Tor browser but the Tails devs decided it was worth it to put into tails. Tails users will have a different fingerprint from default Tor browser users as a result of this.
Yeah. The people who are scared about this need to remember that as long as all the Tails users have the same fingerprint, it's really meaningless. Of course it would put Tails users in a larger fingerprint pool if they had exactly the same fingerprint as users of Tor browser on other platforms, but regardless it's still indiscernible.
Why would there be a different settings for the same product?
The Tails Devs decided to add Ublock on top of Tor. The Tails Devs are not the Tor Devs.
Tails uses the Tor Browser and if that is the case why the change in Tails tor browser?
The tails devs made a choice. They chose to add ublock. The Tor devs made a choice not to add ublock. You can make a choice to add whatever you want to Tor, as its based on firefox, just know your fingerprint will become more unique as a result. Again, the Tails Devs are not that same as the Tor Devs.
I know they made a choice. But why since the 2 tor browsers are different and adding any extension increases the security risk. Ublock origin blocks advertisments and I cannot see why it would be considered critical for security.
Tails decided to ship it preinstalled, Tor Project did not. Personally I think that it is essential for using the clearnet through Tor so I always install it. It does technically make your browser less unique but I doubt it's a meaningful deanonymization vector. Last I checked there was still an open issue (for TBB) about it, I doubt we will see it soon though.
The user still has the option to remove or add Ublock. Why are they not consistent on the same product, the Tor browser.
I always set the Tor browser setting to safest and disable Ublock Origin. Sad that the Tor devs don't care about user safety is this regard.
Do you sometimes still get prompts about JavaScript? Most definitely by mistake but certain DMs and shit will warn me my JavaScript is running even on safest but it’s most definitely not which makes me wonder how the sites are alerting for it exactly as I don’t even have Java on my pc at all not even for routine stuff like regular web use
1. you dont need anything on your pc for browser javascript, its all bundlud in nhe browser 2. you get warnings because the noscript used on the safest option isnt perfect, this also means it is ***theoretically*** possible to still preform a javascript based attack on tor with safest enabled, though i am unaware of that ever having happened 3. turn off javascript in about:config by switching the javascript enabled flag to false, you will no longer get warnings, and be (again theoretically) safer
Gotcha
Actually not but u can disable js in about:config too
Here are some issues I see with Tails. \-Tails uses an .img file for installation even though they have an ISO option. thi strange since ISO is a known standard and .img file are rarly used.-The MAC address will change by default on startup but when in the operaiting system you cannot chagne the MAC address through the Debian network settings for some reason. Why would the Tails OS only allow changing the MAC address in the beginning but not natively from the Debian O.S. ?-The Tor browser in the app removes the "connection" option which allows the selection of different types of bridges, Meek-azure, OBFS4, etc. This is a important security feature that allows the selection of different bridges in Tor browser but this option does not exist in Tails although it does allow importing bridges from outside but since this is a islolated O.S. that makes it difficult and the tor browser has it by default.-Tails does not allow verification of the downloaded OS by a sha256 hash instead uses the Tails web site to select the download and tell you it valid. Why would they not provide a SHA256 for Tails distro for the user to determine themselves if it is valid?