Update on developments within the Onion, courtesy of The Privacy Advocate

As a reader of decentralize.today you'll know I am a big fan of Tor and strongly recommend anyone and everyone who care about their privacy to use the Tor Browser.

The Tor Browser works on any website and you don't need to use domains only ending with .onion. However although using it will always give you that little extra layer of protection, it can be tricky to find the right .onion domain. For example, the BBC or DW do have them but don't exactly publish on the front page and they are not alone, many other big publications also actually have .onion domains. Even decentralize.today has one on our dt.gl domain so feel free to drop in, you'll find us at:

4relgfjrpcir5jg6bj3jzhrujc5d5zvbbwx27sg2jtgzuhnhv56antad.onion

That all said, Tor have finally addressed the issue of finding .onion domains in their latest  update by introducing Onion-Location header.

If your website has the integrated Onion-Location, the Tor Browser will ask if you would like to visit the site using the onion address:

In settings, you can select to prioritize .onion sites, or like to be asked each time you visit a site which has this header enabled.

As a website owner you will need to activate this in Apache:

eader set Onion-Location "http://your-onion-address.onion%{REQUEST_URI}s"

You will also need to enable the rewrite module.

On nginx, add this to your server configuration:

add_header Onion-Location http://<your-onion-address>.onion$request_uri;

I think this is an fantastic step forward and make use of the .onion domains way easier and way more popular. I am excited about it and hope we see more and more people starting to use the Tor Browser as a result.

If you are not yet familiar with the Tor network, I recommend reading up on it in my Privacy Cookbook or searching through decentralize.today for one of the many articles covering the topic including this one:

TOR Network the onion router
I have previously pointed out in the Privacy Cookbook that by using a VPN it will be possible (and enjoyable) to watch the Bundesliga (post C-19) or Netflix USA when you are somewhere else in the world, but it is still a single point of failure when it comes to privacy. Sure it encrypts your browsin…

Don't be afraid of using Tor, there is a lot misinformation out there about it, but for a very good reason...if you want true privacy, Tor is your solution. Remember, a VPN service is a single point of failure, you're trusting a middle man, but with Tor there is an extra layer of protection that delivers to you the power to stay private.

Stay safe and stay secure!

The Privacy Advocate