After all, downloading files is what Tor Browser Bundle does all the time. However, if you download something out of the ordinary, say a really big file or a lot of files in a specific pattern, it might be possible to correlate the traffic from the server to the Tor network and the traffic from the network to you.
Or having a dystopian government, monitoring every connection, possibly colluding with like-minded governments. Or being a moron. Tor is basically the same as hiding in a crowd. So if you avoid doing stuff to stand out and if the crowd is big enough, downloading files should be fine. Sign up to join this community. The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group.
Create a free Team What is Teams? Learn more. Ask Question. Asked 4 years, 1 month ago. Active 1 year, 10 months ago. Viewed 53k times. Improve this question. Steven Doe Steven Doe 31 1 1 gold badge 1 1 silver badge 3 3 bronze badges. I figured as much.
I know that, in general, so much as visiting a website is the equivalent of downloading files, because your computer needs retune files from the computer or server it is connecting to in order to display the page your attention to connect to. Well thanks for answering my questions Good sir. I very much appreciate it. Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community. Already on GitHub?
Sign in to your account. As reported by Taipo files uploaded via submissions are unable to be downloaded. This appears to be specific to TorBrowser as the user was able to download encrypted files via Orfox Browser for Android. The text was updated successfully, but these errors were encountered:.
It will be worth to investigate this bug by today so to include the eventual bugfix in the coming release. Sorry, something went wrong. In Tor Browser it appears that the files are reaching the backend, but are not correctly written to disk. Could you recheck the following things NSkelsey?
I believe the issue is with the interruption from the insecure file download dialogue that occurs when saveAs is called within RTipDownloadRFile and other similar stops in the code base. After downloading the file from the backend, the FileSaver. However this is from a case where the download was successful. I find this issue to only be partially reproducible on my machine. Thus, "opening" a Word document is quite akin to running a script.
And, indeed, macro virus do exist. Even with macros disabled , some nifty attacks against anonymity can be performed with Word files. For instance, Word documents can be signed. Word will want to verify this signature, which means first validating some X. As such, a Word document which you merely open may imply network activity to target names that are embedded in the document well, in certificates which are embedded in the document.
The nice part is that these accesses will be performed by some system components which may completely disregard your browser configuration -- thus happening outside of the Tor umbrella.
Goodbye anonymity! So don't open potentially hostile Word documents. However, if you trust the file, then there is no problem, yes? At least as long as you can be sure that the file you got is really the one you believe it is Amusingly enough, digital signatures can help you there, but the mere act of verifying the signature can entail activity which makes you totally non-anonymous, as explained above. That warning box is to inform you that, by using a 3rd party application, you might leak information over the internet.
One example of this is media players that look up media information on a server, by sending the filename and other information such as file size or the hash of the file. The download itself is over Tor, so your IP is still hidden during the download, but other activities may not.
If the file has a script that is phoning home, and the application opening the file executes said script, then your real IP will be exposed whether you trust the source or not, whether the intent is malicious or not. Sign up to join this community. The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group.
Create a free Team What is Teams? Learn more.
0コメント