How / When can this be needed? I imagine when someone has a friend or a family member and they need to download a file for them from the internet, e.g. because they don’t know how to do that and they need that file. Since they most likely use non-privacy-respecting operating systems and their computers will usually open the file while connected to the internet, or will connect later, then if the file is marked as downloaded over Tor, the website (and those who are told by the website - since most likely one should not expect any privacy at all with that) can know that they (i.e. he or she - the someone, who has the friend and downloaded the file) use Tor. And, since the friend will usually not have a private life with computers or smartphones, service providers of these (e.g. Big Tech) are most likely aware of that someone (in person) who downloaded this file (e.g. from a message from the friend to another friend of them - something you absolutely can’t control.) In short, if you are the someone, then it will be revealed that you (in absolute person - not pseudonym) use Tor.
If the file has no marks that it was downloaded over Tor (i.e. identical to ones downloaded over clearnet or normal browsers,) then there’s no way for the computer of your friend to know whether you are a “normal” person or a “Tor” person. This is because the file can be transferred by a USB stick that doesn’t look any different than any normal one (or if the file will be transferred in another way, I think it can still be “normal” and not suggesting that you are a “Tor” person, but I think a USB is the “most private” way - least parameters, if any (it can easily have no clue of anything, except that it has the file - then all the focus is on the file.))
Downloading the same file using clearnet and compare checksums - if they are identical, then the file has no marks that it was downloaded over Tor.
Filtering the file using software (e.g. read the file bit by bit and find marks and remove them, or read the file bit by bit and take only important (relevant) data (that will make the file “work”) and create a file from only it.
I kindly ask you to discuss the above two or share any ideas you have that can achieve the goal, or do a fruitful comment on the topic or what is said. Thank you.
In the previous discussion we came at it from the point of view of the user wanting a file. Let’s look at it from the other side. They want to mark a file downloaded from Tor but for what purpose. It has to be to know who you are and where you are. Now you are on their radar. Next the heavies show up eventually. The IP from Tor is useless so we can eliminate that.
It has to be to connect to the internet somehow because if it is just an image and marked then so what. Others like PDF or DOC can execute code so they must be filtered with software. So turn off JavaScript in PDF and macros in DOC.
Big Tech was mentioned but why do they care unless the need to report this to the authorities.
The best is software with obfuscated or hidden code which is turned on only for Tor users. We just need to let our imagination go wild for different possibilities. Today with AI it is probably easy to by bypass AV software.
Or it can be very simple. It is normal for software to check for updates. In its check it sends Ver 1.2.3 for Tor and ver 1.2.3 for others. What AV is going to catch that?
I hope that people who need to go to these tactics are smart enough to NOT click on links in email and NOT trust software downloaded from Tor or anywhere really. Eventually the software will be caught by AV so wait a while.
@BobbyB, I honestly do not understand any of what you said.
For the purpose of tracking. We are supposing they are going beyond traditional tracking of the browser alone and are marking files that users download as well (each instance for each user) so they can further track and have more data on users.
Other than that I do not understand any of what you said and it suggests that you didn’t understand what I wrote and are answering on something else. Can you please tell me what you understood from my post so I can better rephrase it?
When I asked that question it was kind of rhetorical because in the rest of that paragraph I answered my own question which is what you are also saying: tracking.
I put myself in the position of the trackers in some instances. I’m assuming they do this not just to have user data but to know who the target people are and where they are… so they can get at them. The tracking has to be via the internet. Just having a marked image on your computer does nothing.
I don’t know exactly what types of file they mark or how they mark so I speculated with some which can execute code (PDF DOC) and offer some type of solution for them. I assume the target people know this but mentioned it anyway. Filtering files was also mentioned in the previous discussion.
Lastly I mentioned marked software which is the best way. A program or app which the target people will want to use.
I’m sure these target people are afraid of getting caught with or by marked files.
OR did I read this wrong?
These trackers are not just doing a statistics exercise keeping score of how many files they were able to mark from Tor users. They have to be malicious (in our eyes).
If you know what’s the mark, remove it. If you don’t know what’s the mark, you may try to guess, but you can never be sure you actually removed it.
If you have no idea what you are looking for, your only chance to achieve any signifcant degree of confidence is to destroy a great amount of your file, most probably making it useless. As BobbyB pointed out in the previous discussion, the mark could be a single bit change, so to remove any possible mark you’d have to change every bit.