Why Passages is More Secure Than Tor

Cyber Security, Managed Attribution, Nfusion

When talking to people about Passages they often ask us about how we compare to Tor. The difference comes directly from their core design philosophies.

Security

We designed Passages, first and foremost, for security against web-based attacks, while Tor was designed purely for anonymity. Both Passages and Tor provide their own browsers, but how they do that is completely different.

The Tor browser provides security by optionally disabling most kinds of active content. This breaks many websites and degrades the functionality of many more. Even so, the browser, not to mention your entire system, is still vulnerable to exploits against the browser code itself and any active plug-ins. By default the Tor browser enables all this content providing a smooth user experience at the cost of significant vulnerability.

Passages provides security by completely isolating the browser from the local computer and network. All malware is trapped within the Passages virtual machine and can’t do any significant damage. Additionally, Passages is immune to virtually all malware and attacks you will find on the Internet because the virtual machine is running Linux. Tor runs on the user’s desktop which means Windows or Mac OS X for the vast majority of people. Windows and Mac are the primary operating systems attackers build their exploits for.

Anonymity

Web anonymity comes from three things:

1. Hiding your IP address

2. Removing trackers like cookies

3. Masking your browser’s fingerprint

I discussed how all of these three tracking methods work in my previous blog post.

Tor’s primary focus is on hiding the IP address by sending all traffic through multiple different Tor “nodes,” typically three. These are run by volunteers around the world and could literally be almost anyone. The designers of Tor don’t want to trust anyone so the design is intended to make it impossible to connect a Tor user with their web activity, even by a Tor node operator. In reality there have been numerous examples of researchers and law enforcement identifying Tor users and capturing sensitive information.

The Tor browser includes tools to automatically scrub cookies, but may be trackable using various kinds of super-cookies. The Tor browser provides limited protection against browser fingerprinting which allows long term tracking and identification of individual users.

Passages hides the user’s IP address using one one of our numerous global points of presence, all of which we directly control. Passages shares the same anonymity network as Anonymizer — a security and privacy tool with an unblemished record of protecting users for over 20 years. Our philosophy is to be protected by someone you know, has a track record, and you have reason to trust. Additionally, because there is only one hop and the network is professionally managed, the performance is much better — something even Tor admits.

Passages absolutely removes all trackers by totally destroying the entire virtual machine in which the browser is running. That includes cookies and all kinds of super-cookies, even those we have never heard of. The Tor browser, like any other, could be run in a virtual machine or off a read-only disk, but that is a significant effort and only realistic for the most sophisticated and motivated users.

Finally, Passages provides robust protection against browser fingerprints by giving all Passages users effectively the same fingerprint.

Vendor Risk

The biggest difference between the two solutions comes down to trust. Tor is designed to minimize the amount of trust you are putting in operators you know nothing about. Passages puts the trust in a single entity with a long track record and huge incentives to effectively protect our users. The result is that there have been many cases of researchers and attackers operating Tor nodes to track or capture information about their users while there has never been a case like that with Passages or any of the services we run.

Tor has its uses for certain kinds of anonymous activity but it will never be appropriate for sensitive business or government applications where performance, confidentiality, or security are critical.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
esctx	session	The esctx cookie is set by Microsoft for secure authentication of the users' login details.
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.
stsservicecookie	session	This cookie is set by Microsoft for secure authentication of the users' login details.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
x-ms-gateway-slice	session	This cookie is set by Microsoft for secure authentication of the users' login details.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_UA-37785135-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
vuid	2 years	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
personalization_id	2 years	Twitter sets this cookie to integrate and share features for social media and also store information about how the user uses the website, for tracking and targeting.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
buid	1 month	No description available.
fpc	1 month	No description available.
muc_ads	2 years	No description available.
RpsContextCookie	10 minutes	No description available.
visitor_id456132	10 years	This is a cookie pattern that appends a unique identifier for a website visitor, used for tracking purposes. The cookies in this domain have a lifespan of 10 years.
visitor_id456132-hash	10 years	This is a cookie pattern that appends a unique identifier for a website visitor, used for tracking purposes. The cookies in this domain have a lifespan of 10 years.

Why Passages is More Secure Than Tor

Share this post