Using Tor Browser as your primary browser is a bad idea because it's way behind on security features and you mark yourself out as an interesting target. Using Chrome over Tor is strictly better from a privacy viewpoint than using Chrome on its own. So it depends what you're optimising for. If privacy is your absolute priority, the Tor Browser reduces the number of cases of information leakage but still requires you to have the discipline to avoid any other methods of leaking your identity. If you understand all the issues around that then you probably also understand enough to ignore Tptacek and use it anyway. But if you don't, using the Tor Browser leaves you in a worse position than you'd otherwise be in - you're less secure and you're probably leaking PII anyway.
There are cases where using the Tor Browser makes sense, but it's a terrible blanket recommendation. If you're not actively trying to hide your identity, using it will make you less secure than you would otherwise be.
> If privacy is your absolute priority, the Tor Browser reduces the number of cases of information leakage but still requires you to have the discipline to avoid any other methods of leaking your identity.
Yes. But Tor Browser is released specifically to help you manage this. Information leakage through the web browser is amazingly easy - and it doesn't take logging onto a website to be finger printed (Chrome over Tor is probably a fairly unique fingerprint on its own). Why not find out for your self how unique at https://panopticlick.eff.org/
> If you understand all the issues around that then you probably also understand enough to ignore Tptacek and use it anyway.
No comment.
> But if you don't, using the Tor Browser leaves you in a worse position than you'd otherwise be in - you're less secure and you're probably leaking PII anyway.
Doubt it but again citations needed.
> There are cases where using the Tor Browser makes sense,
agreed.
> but it's a terrible blanket recommendation.
Citation needed.
> using it will make you less secure than you would otherwise be.
Citation needed.
> If Chrome leaks any local information this is not true.
Leaking information over Tor is no worse than leaking it over non-Tor, and in general cases Chrome isn't directly sending information that allows a single site to identify you.
> Chrome over Tor is probably a fairly unique fingerprint on its own
What's your threat model? That's a serious question.
Sandboxing does not have to be provided at application level. The OS or a virtual machine can take case of confinement.
> Leaking information over Tor is no worse than leaking it over non-Tor, and in general cases Chrome isn't directly sending information that allows a single site to identify you.
More like: Leaking local information over Tor is equivalent to not using Tor, and in general cases the user has no control over what data Chrome is sending.
> Sandboxing does not have to be provided at application level. The OS or a virtual machine can take case of confinement.
The OS is in no position to sandbox multiple tabs running in the same browser good grief
> More like: Leaking local information over Tor is equivalent to not using Tor
This isn't even slightly true
> in general cases the user has no control over what data Chrome is sending.
Nor do they have any control over what data the Tor Browser is sending. At some point you have to trust that your software is doing what it's supposed to do.
If privacy is an absolute priority for you, then yes, run Tor Browser. But be aware that in return for privacy you're giving up security. For most people that tradeoff will result in less privacy in the long run. If someone isn't in a position to make an informed choice, a blanket "Use Tor" recommendation may do much more harm than good.
> The OS is in no position to sandbox multiple tabs running in the same browser
Who said anything about tabs?
>> More like: Leaking local information over Tor is equivalent to not using Tor
> This isn't even slightly true
There is no middle ground. There are two states here. Anonymous and not anonymous. Once one is not anonymous they are not anonymous. If one leaks one's local IP one is not anonymous. If one leaks one's voice data one is not anonymous.
> At some point you have to trust that your software is doing what it's supposed to do.
I agree. The thing is that Tor Browser is supposed to be limiting data leakage whilst Chrome is supposed to be sending data to Google.
If all your tabs run in the same process, any vulnerability triggered by malicious content in one tab has access to all the content in any other tab. Sandboxing the brower process makes it more difficult for that to result in taking over your entire system, but in this case merely taking over the browser is sufficient.
So no, OS-level sandboxing isn't sufficient. And if you don't understand that, you should not be making assertions about security.
