Hasta La Gadget!

“Tor” evokes an image of the dark web; a place to hire hitmen or buy drugs that, at this point, is overrun by feds trying to catch you in the act. The reality, however, is a lot more boring than that — but it’s also more secure.

The Onion Router, now called Tor, is a privacy-focused web browser run by a nonprofit group. You can download it for free and use it to shop online or browse social media, just like you would on Chrome or Firefox or Safari, but with additional access to unlisted websites ending in .onion. This is what people think of as the “dark web,” because the sites aren’t indexed by search engines. But those sites aren’t an inherently criminal endeavor.

“This is not a hacker tool,” said Pavel Zoneff, director of strategic communications at The Tor Project. “It is a browser just as easy to use as any other browser that people are used to.”

That’s right, despite common misconceptions, Tor can be used for any internet browsing you usually do. The key difference with Tor is that the network hides your IP address and other system information for full anonymity. This may sound familiar, because it’s how a lot of people approach VPNs, but the difference is in the details.

VPNs are just encrypted tunnels hiding your traffic from one hop to another. The company behind a VPN can still access your information, sell it or pass it along to law enforcement. With Tor, there’s no link between you and your traffic, according to Jed Crandall, an associate professor at Arizona State University. Tor is built in the “higher layers” of the network and routes your traffic through separate tunnels, instead of a single encrypted tunnel. While the first tunnel may know some personal information and the last one may know the sites you visited, there is virtually nothing connecting those data points because your IP address and other identifying information are bounced from server to server into obscurity.

In simpler terms: using regular browsers directly connects you and your traffic, adding a VPN routes that information through an encrypted tunnel so that your internet service provider can’t see it and Tor scatters your identity and your search traffic until it becomes almost anonymous, and very difficult to identify.

Accessing unindexed websites adds extra perks, like secure communication. While a platform like WhatsApp offers encrypted conversations, there could be traces that the conversation happened left on the device if it’s ever investigated, according to Crandall. Tor’s communication tunnels are secure and much harder to trace that the conversation ever happened.

Other use cases may include keeping the identities of sensitive populations like undocumented immigrants anonymous, trying to unionize a workplace without the company shutting it down, victims of domestic violence looking for resources without their abuser finding out or, as Crandall said, wanting to make embarrassing Google searches without related targeted ads following you around forever.

Still, with added layers of security can come some additional hiccups, like lag or longer loading times. That could be true for some users depending on what they do online, but anecdotally it’s gotten a lot faster in recent years, and users have said they barely notice a difference compared to other browsers. Sameer Patil, associate professor at the School of Computing at the University of Utah, studied this by having students and staff try out Tor as their main browser. “I was personally very surprised at how many sites and things just work fine in the Tor browser. So not only did they work as intended, but they also were fast enough,” Patil said.

But even if online privacy isn’t your main concern personally, using Tor can help support industries that heavily rely on it. By using the anonymous and secure browser, you’re supporting activists, journalists and everyone else’s privacy because the more people that use it, the more secure it gets, according to Patil. If only certain sensitive groups use it, it’ll be easier to deanonymize and ultimately track down identities. When you’re one in a billion using it, that task becomes nearly impossible.

This article originally appeared on Engadget at https://www.engadget.com/tor-dark-web-privacy-secure-browser-anonymous-130048839.html?src=rss

The Fox News host awkwardly applauded the GOP Rep for her “TMI” moment with conservatives.

The potentially deadly diseases are spreading into new regions due in large part, say scientists, to global warming.

“We are numb,” admitted the former Missouri Democratic senator.

Apple will soon start cracking down on Apps that collect data on users’ devices in order to track them (aka “fingerprinting“), according to an article on its developer site spotted by 9to5Mac. Starting with the release of iOS 17, tvOS 17, watchOS 10 and macOS Sonoma, developers will be required to explain why they’re using so-called required reason APIs. Apps failing to provide a valid reason will be rejected started in spring of 2024.  

“Some APIs… have the potential of being misused to access device signals to try to identify the device or user, also known as fingerprinting. Regardless of whether a user gives your app permission to track, fingerprinting is not allowed,” Apple wrote. “To prevent the misuse of certain APIs that can be used to collect data about users’ devices through fingerprinting, you’ll need to declare the reasons for using these APIs in your app’s privacy manifest.”

The new rules could increase the rate of app rejections, some developers told 9to5Mac. For instance, an API called UserDefaults falls into the “required reason” category, but since it stores user preferences, it’s used by a lot of apps. At the same time, it sounds like Apple will basically need to take a developer’s word for reason declarations. If those prove to be false, though, it would certainly have a paper trail for any potential penalties. 

Fingerprinting apps can use API calls to retrieve characteristics of your smartphone or PC, including the screen resolution, model, OS and more. It can then take all this information and create a unique “fingerprint,” so it can identify you when you go to other apps or websites.

Apple effectively declared war on tracking when it released iOS 14.5 in 2021, requiring developers to ask users’ permission before tracking them. Since that feature arrived, only 4 percent of US iPhone users have agreed to app tracking. Now, it’s trying to stop fingerprinting (also called canvas fingerprinting), which first appeared in the digital zeitgeist a decade ago. Back in 2018, Apple said it would address fingerprinting on macOS by limiting the data that websites can access on its Safari browser, and now, it’s addressing the issue with apps as well.

This article originally appeared on Engadget at https://www.engadget.com/apple-cracking-down-on-fingerprinting-with-new-app-store-api-rules-080007498.html?src=rss