Microsoft Defender Flags Tor Browser as a Trojan and Removes it from the System - Deform

shish_mish@lemmy.world to Technology@lemmy.world – 1268 points –
Microsoft Defender Flags Tor Browser as a Trojan and Removes it from the System - Deform
deform.co
204

You are viewing a single comment

If you have to use Tor you shouldn't be using Windows.

This is a bad response to this news. There are many reasons why you might want to run tor on Windows and gatekeeping people out of tor because they are not on a chosen OS is a terribly way to get more people into thinking about privacy and security practices. Yes if you have the highest threat model you might want to avoid Windows as well, but not everyone needs absolute privacy/security for what they do. But why should you not have access to a tool that can help improve things even if you are not able to switch everything to a more private/secure alternative?

Really you should want everyone and anyone to run on tor, even if they don't need it, even if they are on windows. The more people using it the more secure it is for those that do require it.

Yeah I agree. To be clear, if you take the reverse of my statement, i.e. if you're on Windows, you shouldn't use Tor, then I would be gatekeeping.

But I'm not implying that, but rather the reverse. I'm saying if you have use Tor for whatever reasons to bypass censorship, do illegal stuff and avoid being tracked, you should at least be aware that at the kernel level, how you're accessing the internet has already been compromised by Microsoft, and consider alternatives OSes

Of course I'd still want people running Windows to be able to use Tor, and also I'd say leaving Windows isn't something you would only do at the "highest threat model".

Privacy will almost always be a trade-off with convenience, I'm pushing the awareness to get people to act, should they choose to. That's all.

You might not have intended to imply that, but your original words can be taken in many different ways. Such as a dismissive well this news does not matter because you should not be using TOR if you are on windows. You did not say that exactly, but either interpenetration needs some reading between the lines as you did not really say all that much. So it could be taken that way just as much as the way you actually intended. And on the internet if things can be interpreted multiple ways they will be.

Taking “If P then not Q” as equivalent to “If not Q then not P” is just straight up broken thinking. We shouldn’t have to preface each comment with a primer on the basics of how to think.

I know you meant well, but I don't think their interpretation implied any logical fallacy. I used a conditional statement but my statement was prescriptive, not descriptive.

The difference between "I should" and "I have to/must" is a modal one. I implied "if I have to X then I shouldn't Y". They swapped X and Y around to get "If I have to Y then I shouldn't X", which is just a plain misinterpretation. The use of what is and what ought implies a recommendation or opinion, not mutual exclusivity. For that, I would have to use the same modality "If I have to X then I must not do Y".

It's like mixing up "If I have an infectious disease, I shouldn't go outside" vs. "If I have to go outside, I shouldn't have an infectious disease". To me, they have a subtle difference. There is compromise and decision-making involved.

I'll spell it out anyway because why not. I can't be bothered to edit my original comment. While it's sensational-sounding, anyone who take issue with what I said don't take surveillance properly so I can't help them, while those that misinterpreted me like nous did can find out for themselves here.

::: spoiler spoiler If I have to use Windows, then I can still use Tor understanding and accepting that the OS at the kernel level is a black box that logs and tracks whatever it wants. I can compromise because I might just want to read a blocked news site or Wikipedia. Likewise, if I'm stuck somewhere and I have to use Windows to use Tor then it is a compromise. But that doesn't mean I shouldn't use Tor. I'm responsible for my bad opsec should anything bad come my way.

versus

If I have to use Tor, then something is wrong with the way I'm able to access and/or spread information (I handle sensitive or illegal topics, that can harm me or others if found out), and I can't do it privately because there is surveillance involved. At the kernel level windows is a blackbox that mishandle my data and has the ability to observe everything I do. Therefore I ought to not use Windows. :::

I'm not saying you're wrong (frankly, I'm on your side), but the majority of the general population, i.e. windows users, would take it as such. This is more to do with the failure of the various education systems more so than anything else.

If you have to bust out explanations from IQ test questions to explain yourself, then you've failed to communicate with 98% of whoever reads your comment. You can't expect people to put in more than a modicum of effort to understand your message.

Most people understand how to think without needing to know how to formalize the process.

Oh my God, nerds, stop arguing about absolutely nothing other than who was rught

1 more...
1 more...
1 more...
1 more...

Sometimes people use Tor just to get around 'This site is blocked in your country'

But hey, I hear ya! I've been running Linux as my daily driver since 2015, and the more they enshittify Windows, the more I recommend others make the switch.

Agreed. I thought of ISP restrictions too, but I would say if where you live places a level of censorship due to political reasons or otherwise and you need to access it for whatever reasons so you need Tor then by all means Microsoft is not your friend since they're a privacy nightmare.

There are also VPNs for banned media, I typically wouldn't want to use Tor for anything more than textual content as it puts too much load on the Tor network.

I typically wouldn't want to use Tor for anything more than textual content as it puts too much load on the Tor network.

While I agree that the Tor network is slow, it also depends on excess traffic to “bury” the more sensitive stuff. Part of why Tor works is because the actual sensitive stuff gets buried under all of the noise of regular users. Without all of that excess traffic, it’d be much easier to track what is happening.

As an extreme example, imagine how insecure the Tor network would be if there were only two users. It’d be blatantly obvious that those two users are communicating. By adding more users and more traffic, those two users can more easily hide in the sea of traffic. In short, more use does slow things down, but it’s also better for privacy overall.

Now that POW DDOS protection has started to roll i am actually finding tor to not be much worse than regular browsing. The markets are quick, dread is quick, tor times is quick, and pitch is quick. Where i find it slow is going back to the clearnet. If it ends with .onion though it loads pretty damn quick

Me too. I noped out of Win10 after fighting with Win7 too much. Most people tell me I'm just unusual however I think more people than will admit just browse the web and can't handle Win95 levels of customization and lack of making decisions for you. People are generally overwhelmed with the mere idea that they could customize their computer to work in different ways... Heck, on Windows it's varied if you can even reasonably change to a different default browser without being "techie" (stupid low bar considered techie by many)...

I really need to bite the bullet and wipe windows off my new laptop. I've had an arch based distro downloaded and ready to go since mid August. Just don't want to have to download my steam library again. My shitty Internet is painful sometimes.

Can't you just move it?

Can confirm you can just move the game files to your Linux steam library to avoid redownloading

That might help. Sadly I don't have enough raw space worth of thumb drives. And I'd do a full install of Linux, no dual booting.

Buy a second drive, they are cheap these days. Then you can keep the OEM Windows around, for a just in case.

Only if you have another place to hold it temporarily.

You can't really install linux onto an NTFS drive. So you have to wipe the NTFS partition and start over with something like EXT4... that will kill the games.

Is there no way to save your stream library to an external hard drive?

I've got a bunch of large games. And not as much space worth of thumb drives.

The other concerns, I have two programs that would be a pain to get running with wine.

1 more...

Oof, I hear ya there. At least in my case I pretty much only play older games from GOG, usually in a virtual machine, so no Steam for me.

I did however go out of my way to download and compile the source code for Descent 1 and 2 directly on Linux, that was fun figuring out how to compile LOL!

Good luck with your Steam library though. If it was me, I'd test Linux out in a virtual machine first so you can test out copying your games over without outright wiping Windows first.

1 more...
1 more...

I'd love to switch, but my laptop makes that quite hard and the computer still has years in it before I probably need to think about replacing it.

I've got an asus rog and sometimes need the backlight on the keyboard. As far as I could tell, no one had figured out how to do it without the windows only asus made software.

I keep a small partition set aside in case I need it for settings, but I leave the keyboard on one setting all the time.

Fedora by far has the best bootloader setup for modern bleeding edge hardware. Their Anaconda system (not related to Python's "conda") uses a shim key that is signed by Microsoft's 3rd party UEFI key signing arrangement. Outside of the questionable philosophical implications around this arrangement and system, overall the setup is ideal for the end user. Fedora can on coexist with a windows partition easily, encrypt the entire thing and Windows can't mess with anything on the Linux side. Personally, I haven't ever actually used Windows since W8. My workstation router runs on a whitelist firewall so W11 is in a post internet age where it rightfully belongs. It might as well be a tab in the UEFI bootloader settings for all I care.

Fedora also has a system that builds the Nvidia kernel module from scratch every time the Linux kernel is updated. Around half of the updates still require me to do a quick restart after initial boot to enable the Nvidia kernel module. It falls back to the open source alt driver and still works fine, but I do AI stuff and need the CUDA API, so I have to reboot to get that working once a week or two. Fedora really is quite easy now. I would use something like NIX, but the Anaconda system is unmatched and too good to give up. You will have secure boot locked all the time even if you can not register custom keys or do not care to set them up manually.

Oh, I don't need the keyboard to be pretty. Just lit up at all which seems to be effective locked by asus.

When I tried, I had put Ubuntu on it. That process seemed to go pretty good except the keyboard. Even got the WiFi working just fine. I may give fedora a try, but I'm way too lazy to switch back and forth between os's depending on how dark the room I'm in is.

Have you considered learning how to type? (I know, kind of snarky) I don't need to look at my keyboard or see my hands, there's little bumps on the home keys and then you just type based on location.

It's not regular typing. It's primarily using the f-keys and numbers. Particularly for functions in my IDE.

Most of the time I'm using an external monitor and keyboard, so get very little practice on the built in one except when it's in less than ideal situations like flying.

When I get my next laptop, I'll be keeping Linux capabilities in mind. But that's years away. I'm not even sure where to start with reverse engineering the hardware, and also don't see myself spending months of my free time to make it work. I don't have that much free time and there are too many other things I'd like to be using that time for.

Does it not stay set at a default or have some amount of functionality? Like my Gigabyte Aorus has the full settings nonsense app in Windows, but if I set it to one thing, the change is persistent. I just always keep it on low and green. The function keys will let me alter the brightness between medium, bright, and alien abduction; which is super annoying because I can't get back to low, but there is something.

You may find some info searching too, some people occasionally make their own kernel modules or app for individual machines. I would take a look at Linux Hardware Probe (https://linux-hardware.org/) to see what shows up with your model, although the peripheral accessories are not usually the focus, they may be mentioned.

The main thing I was worried about with the proprietary settings like RGB was actually the thermal management settings that are also in that app. I have the 3080Ti, aka the 16GBV monster GPU. I can't say any details about how the thermal performance will work with gaming or whatnot, but I do some AI training loads that hold the GPU at absolute max load for hours and it has never gotten above 80C. It throttles as expected, and each laptop's thermal design will vary, but I can put the laptop with its vent inlet ports directly in front of a window AC and the GPU will hold max load at 70C for as long as I have ever pushed it (3-5hours straight). I'm playing with buggy code, much of it written by myself, and I never attempt to override the Nvidia settings, but with daily use since the beginning of July, I've had no complaints. This was the big thing weighing on me in the back of my mind. Just thought I might mention it if you change your mind and want to make the switch.

Oh no, the lights were just off. I never change it anyways. I'm not one to care about making the keyboard do anything dynamic.

I ran into the same issue when I uninstall the bloatware from asus in windows.

Honestly, asus just is a huge pain here and I'll definitely be avoiding them in the future.

FWIW I just put Windows onto a ROG GX531GX to gift it to a family member, (I told him it was a testament of my love that I was going from Linux TO Windows on a system for the first time ever) but have been gaming on it under Linux for a couple of years, and under KDE plasma was a slider for the keyboard backlight with the power settings, which required no extra attention from me (that I can recall) to get there.

I may have had to install an "asus laptop" or similar labeled package from my package manager and forgotten about it, but it was for sure no more than that or I'd have remembered.

Edit: I'm posting this from a different computer but it was likely one of these.

Yeah, but linux breaks heavily modded Skyrim. Something about ubuntu or something breaks skse, and honestly I don't care enough.

At least on Arch Linux, I've gotten a heavily modded Skyrim to run just fine (tbh, even better than on windows), so it should definitely be doable, although perhaps a bit tricky.
This was with a vanilla wine & some winetricks and a quite old Skyrim base game, though, so not sure about the newer Skyrim iterations.

The true reason for Microsoft’s continued monopoly, and the reason behind its strategic acquisition of Starfield

I have to say, my computing life changed A LOT for the better when I stopped playing games on the PC back when the PS3 was out. I got so tired of Windows getting screwed up by various games and their anti-cheat crap. I think in 2023, it might make sense to separate out functions a little - used computers run Linux just fine and are cheeeap. So if you want a yar har, web browsing, e-mail processing, programming etc computer, do that on the more private / (to be better) OS and then have your game only computer for gaming.

Let's not blame the victims of Microsoft's fuckery here.

someone is giving them money and rewarding the fuckery - and has been for several decades now.
i wish the MS benefactors would at least make the payments conditional on improvement.

Yeah, all businesses that need to run proprietary software that only exists on windows.

Good luck convincing your manager to use crossover/wine for your XRD machine.

People who think people using windows do it voluntarily are so out of touch with the industry.

Arch users are never shaking those allegations. Are are aware that people use Tor for other things, right?

2 more...