Hacker News new | comments | show | ask | jobs | submit login

Likely actual result: Firefox will become increasingly irrelevant.

If Tor is going to be a built-in feature of Firefox, most employers are going to flag it as malware. This is a ridiculously dumb thing on so many levels -- promote privacy by directing your network traffic to "volunteer" proxy services?

Most businesses deploy Firefox ESR, so I wouldn't be surprised if they omit the Tor capabilities in that version.

You already don't know what proxies your traffic is going through. Using Tor might increase the odds of a bad actor a bit but end-to-end security is something the web is getting better at right now.

The risk now is that some bad actor is replacing TLS certificates, which is an uncommon and tamper-evident event. Tor is handing your traffic to an unknown 3rd party.

Plus, users do not understand what Tor is or how to use it.

Fighting political battles with software is dumb — the end result is going to be a permanent loss of freedom, as governments force the use of platforms with trusted app stores.

The risk now is BGP hijacking. Or really just normal operation of BGP. You data could go anywhere on the planet on its way to the destination and you're not going to know ahead of time what path any particular packet will take.

If you're using TLS, it doesn't matter so much if the exit node is malicious because they still won't be able to read it.

How about my compromised browser exfiltrating information to an onion address?

Obviously I’m being downvoted into oblivion, but I truly feel this is a solution looking for a problem.

It's been my understanding that Firefox has been soft splitting its consumer and business versions of the product for a while. This would presumably just be another step down that road.

Why would they do that? employers could still spy on you before the data gets on the tor network...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact