Tor as Everyday Browser

Some people here have said that they use Tor as their “everyday” browser. I’ve been considering doing that, but do you ever have any difficulties with particular sites?

For instance, does NoScript break the functionality of sites that you need to use? And if you whitelist a site, does that solve the problem?

It helps but it’s slow and as soon as you login to an account tied to you, it kind of defeats the purpose.

Also, javascript is a big issue.

1 Like

(I’m currently writing this using Tor Browser, my “everyday” browser)

With Tor Browser you can change your “Security Settings” which involves, among other things, the handling of JavaScript. In “Standard” mode, websites have full functionality–meaning JavaScript is still enabled. Nothing will “break” as it might with stricter settings. If you do use a stricter setting (which most people don’t require) it is easy enough to enable JavaScript elements you need by clicking the extension and whitelisting (I always do so “temporarily” instead of "permanently) those elements.

It is not my experience that Tor is slow. I am one of the most impatient people on the planet (you should hear me yelling at computers that use Windows) and Tor is perfectly fine for me. Tor should not be used for torrenting, and large file downloads may take a while, but for day-to-day activities, Tor is perfectly usable. There are certain sites where you shouldn’t use Tor but not because Tor is not secure–it is because those sites block Tor or will lock accounts trying to be accessed from Tor because the traffic is labeled as “suspicious” (banks do this).

You can go ahead and do all the browsing you want, including using those accounts tied to you:

There’s generally nothing wrong with logging in to “real” accounts over Tor.

Tor Browser intelligently isolates your traffic so logging in to your “real” Facebook while doing secret stuff on a different website is not correlate-able via traffic patterns.

It also isolates local state (like cookies) so it won’t leak that way.

That excerpt is from a piece on Matt Traudt’s blog, which I highly recommend reading, (and here is the v3 onion link for those interested that already use Tor).

  1. Using Tor Browser as a everyday web browser is a good idea since you generate more traffic via Tor. For instance, a third party observing your network traffic always sees that you connect via Tor. If you only use Tor for certain actions, then it’s easier to correlate this traffic. So, use it often but (as the Tor Project recommends) don’t visit exotic websites.
  2. The idea of the Tor Browser is to create one single fingerprint for all Tor users. As soon as you manipulate settings, which can be read by a website, you customize your fingerprint. JavaScript has access to many APIs and can be used to identify you, however, there are many more possibilities to track people, and JS isn’t “bad” in general. The best way to handle JS in the Tor Browser is to temporarily enable it, if needed. If you permanently whitelist websites, then you customize your fingerprint again.

Yes, I do read Matt Traudt’s blog, and frequently quote that particular post (as well as the one about Tor +VPN)! Also, as you say, I use the “temporary” setting on sites that require JavaScript, etc.

As for logging into sites, I suppose, in theory, you could change your “identity” if that was your concern. I have had the experience of certain sites (like the bank, for instance) locking me out because I was using a Tor node, but that’s probably a good thing! (I’ve noticed some email accounts also require a CAPTCHA because they treat the traffic pattern as suspicious.)

My problem is that I cannot figure out how to allow links to open from other apps in Tor Browser without the error that it’s already running.

I didn’t even think of that! thanks for mention it, if i read it before today then it just didn’t make impression like this…

also makes sense to me that they have NoScript extension hidden from view until added to toolbar by default now, and iirc, are merging noscript into TBB…?