Is Tor Secure?

The Onion Router, otherwise known as Tor, is a free browser that can help you defend against traffic analysis and network surveillance which threatens personal freedom and privacy. It gives you anonymity by bouncing communication around a distributed network of relays run by volunteers all around the world. It prevents somebody watching your Internet connection from learning what sites you visit, and prevent sites that you visit from learning your physical location.

Is it bulletproof? No. There are some nodes that collect data as reported by ExtremeTech.

Reasearches have reported that 110 live nodes in Tor are “misbehaving” by collecting data on the connections that pass through it. The purpose of this collection is unclear, and there seems to be some variation in what the nodes are collecting. Some are much more sophisticated and are pulling in data that could be used to identify users. Others seem to just be tracking statistics. The most likely scenario is that some computer science researchers are running studies on Tor, which involve collecting some data. At the same time, law enforcement is running similar nodes that are trying to unmask users of illegal “hidden services” that are hosted in Tor. The Silk Road was one such hidden service.

Dropbox Accidentally Turned Off Passwords

Dropbox accidentally turned off the password feature on their file sharing service last Sunday from 4:54pm until 8:41pm. The file sharing service was eventually restored and secured at 8:46pm. Between those times, anyone can access any of the 25 million Dropbox accounts by simply typing in a random string of characters in the password field. Dropbox said, less than 1 percent of the accounts were accessed at that time period and will continue to investigate if any accounts were compromised.

It just shows you that online services such as Dropbox, and social sites such as Facebook and Twitter are not 100% secure. If you’re concerned about the security, then you shouldn’t really place any highly sensitive information on any of the online services. If you must, then you should use the highest encryption standard you can find. I recommend that you use AES-256 encryption. If you’re a Windows user, you can use the popular compression program called 7Zip. For Linux or Ubuntu users, you will find more information here in this forum.