Tor-unfriendliness

When I registered via Whonix, it totally blocked me from posting on the forum. I couldn’t even message anyone in private. I did got kindly approved after sending an email.

Don’t get this wrong, but Is there any particular reason for not being tor-friendly(just don’t tell me it’s spam)?

I’m a bit confused as to why you would visit this forum under Tor, to be honest.

2 Likes

When a user registers, their IP and email address are automatically checked against the Stop Forum Spam database.

If the check returns a match, the account is silenced until a mod manually approves the account.

Although this is mostly just very useful for preventing the forum from being overrun by spam accounts, it does occasionally turn up a false positive–for example, when a user signs in with an IP from a VPN provider or a Tor exit node. Since people who are trying to do spam often use Tor or VPNs for that, it is common for these IPs to be flagged and added to the database.

It does seem strange to use Whonix or Tor, but then go and sign in to a website on purpose. On the other hand, some folks need to use these tools to circumvent censorship in their country, or for other legitimate reasons.

6 Likes

I guess, but I kinda doubt a forum for an decently obscure flavor of something already somewhat obscure is going to be banned by a government. I don’t know though, because I thankfully live in a country that doesn’t do such bullcrap (hopefully the word “bullc-” doesn’t put me in trouble. I wanted to use the “sh-” word, but I don’t think that would fly).

Well, like? Censorship is a legit reason, but the other one I can think of it is just personal idiosyncrasies, in which case, if that’s your thing, sure.

My ISP blocked GitHub for months. And I live in a country with decent access to internet.

Needing VPN/Tor is totally reasonable.

4 Likes

This forum is very tor-friendly, as proof for this we have you here, writing stuff :slight_smile: Yes it took an email, but you are here.

And yes, the anti-spam system got triggered by your exotic set-up. But I’m sure you are used to encountering various quirks while navigating with tor.

6 Likes

What the hell!? Why block GitHub!?

I guess in my mind it doesn’t seem like a huge stretch to arrive at a scenario where this would be considered legitimate, but of course how “legitimate” is defined here would be relevant.

Still, here are a few ideas off the top of my head:

  • The user wants to remain anonymous. Yes, they are signing in to an account, but these accounts can also be anonymous if you are careful with the information you provide to the website.
  • The user wishes to circumvent an ISP who inspects their traffic or sells information about their internet usage to data brokers or ad companies.
  • The user does not have an aggressive threat model, rather they are experimenting with Whonix primarily to check it out and become familiar with the tools and how they work. They are trying to use the internet in a normal way to see how their experience on Tor compares with what they are used to.

And so on, and so on.

8 Likes

There’s lots of very non free countries on this planet, and getting worse everyday. Lots of folks prefer, beg and vote to remove freedom.

Why I’ll never understand, but it’s more common than not.

8 Likes

Sad but true

3 Likes

Alright. I see.

That’s because they package restriction, government spying, etc. as “convenient”, “for your safety”, etc.

And what do human beings love the most (as a collective) on this planet? → Convenience.

Pretty smart tactic. It works very well. :upside_down_face:

1 Like

Because someone in Power thought it was a good idea and because they got in power by having a good marketing team they know how to sell :ox: :poop: to the :clown_face: :earth_americas:

5 Likes

I know you deleted your comment, but you’ve already started on the right track just by asking questions. This is the first step to getting something that gives you both control and convenience.

Ask a friend with the know-how, ask a forum member, ask a search engine, etc.

For instance, when it comes to software, websites like alternativeto.net, and slant.co can help a lot. If privacy or security are what you seek, then you can use more privacy-oriented websites like https://www.techlore.tech or https://www.privacytools.io.

Understand, however, that striking a balance between privacy/security and convenience is not usually a priority for the best/top tools in each industry. For instance, Obsidian is likely the best tool out there due to its extensibility and platform availability, but it’s closed-source. That being said, if you are very serious about privacy/security, you could actually lock down Obsidian the same way you can lock down a web browser.

To do this, you’ll need to use a firewall implementation like firewalld, ufw, or portmaster. In addition to this, you’ll need to download the new updates to Obsidian (or another app) directly from their website and replace your existing one. This is way less convenient than just having the app auto-update each time it launches, but at least you can guarantee that no information is being sent to their servers or anywhere else.

In doing all that, you’d have the inconvenience of updating apps the W1nd0ws way, but the convenience of having an app that can do a whole lot. And of course, you’d fully control all your data.

Another method of course, is to use the free and open-source apps that are provided by the Official distro repos. Not enough for me, but is enough for lots of users.

1 Like

I’ve deleted my comment because, I can’t lie, I made it at anger after losing a match of Counter Strike. :sweat_smile:

I also deleted it because while I do care about my privacy, I want convenience too. It’s why I use standard old Firefox, with the telemetry disabled and the Strict profile for security. Is it enough? I hope it is. I have no reasons to doubt Mozilla at least cares about privacy more than Google does. If y’all have dirt on them, tell me and possible alternatives.
I understand that most of you here would go to the extra mile to get their stuff strengthened, would use less convenience software and methods of maintaining such software, etc, and I respect that, but I’m personally not as strongly willed to go through such things and I’m not as punctual too to update every time there’s a new update available too. As much as possible, I try to go with the privacy conscious alternatives to big tech software, though.

2 Likes

Well, so far, you’ve taken many more steps than the majority of the world. You’re using Linux and Firefox, disabled telemetry in your web browser, turned on the strict mode, and you’ve asked questions.

:clap:

3 Likes

It was more rhetorical. I’m actually very aware. I just don’t want to get flagged for political/freedom comments.

:clown_face:

“Freedom, we’ve got it under control.”

3 Likes

Why not use captcha-like protection then? Just don’t use 3rd party such as google.
I remember trying at least 3 different countries with 3 totally different identities, none of them passed through. Tried to reg another day couple of times - same story.

Is that a joke? How approving one account is a proof?
There’s nothing exotic, Tor is used with defaults. The only exotic thing in the whole setup is Tor itself, therefore it’s not tor-friendly.

I like the way you interact with each other here on the forum btw, helping with obvious things and elaborating on things that you probably went through and back gazillion times and on another side know the ins and outs of how the things work on the deep level.

Look, you’re going about this the wrong way. At the end of the day the admins here are just trying to help people out. They have given their collective time to build something and maintain a thriving community.

There is no all-mighty developer or army of developers behind this forum working day and night to make the forum users’ wishes come true. We are making the best use we can out of preexisting out-of-the-box forum software. Don;t get me wrong there are people putting a lot of effort into making this instance work, but not as you think. If you are that much of an ambassador of tor, spin your own instance of discourse, play around with the settings, maybe fork it and add tor-friendliness into it.

When your work is mature enough to go into the main repo we will gladly adopt it here too. This is how things work in OSS world. Bitching and moaning is the number one de-motivator in this arena.

The forum software provides a lot of automated tools to help with spam protection and keeps track of a lot of miscreants across thousands of discourse instances. Occasionally it flags out suspicious behavior of legit users. These occurrences however are rare. The huge upside is the fact that this forum is spam free. This is no small feat in this day and age.

I invite you to try out better suited communities if you don’t think you fit here. Try to work on your attitude, nobody owes you anything. You have your account active and have been granted the opportunity to be part of something. Do something great with it.

8 Likes

Time to necro this letter :grin:

3 Likes