A builder who renovates homes sent me a huge quote for a big job by emailing me a link to a website apparently using some fancy platform they outsourced to for the simple job of giving a work quote. The idiots could not possibly fuckup such a simple task more badly. I try to visit the link and get a CF block page because I use Tor.
Must say, it’s sad that there are so few Tor users in the world that perhaps they never had a customer of a customer who uses Tor. And likely many Tor users don’t even bother with activism.
What I did (and what all should do)
Left them a voicemail saying “can’t reach your quote because I am blocked. Plz print it out, fold it up, stuff it into an envelope addressed to me, and pay the postage to send me the quote the old-fashioned way”, in so many words, b/c obviously they¹ are incompetent with technology. Will be extra funny if there are gen Z office workers who cannot handle the job of printing a doc and mailing an envelope in the post. I will be happy if they have to pay postage to send me a quote as a penalty for outsourcing to an incompetent tech supplier who cannot handle a simple job of passing along a quote.
WTF is wrong with people.
¹ by “they”, I mean both the contractor and the outsourced firm. But it’s fair enough that the contractor is incompetent with tech. Absolutely unacceptable that the firm they outsourced to is incompetent.
That’s only crazy from the standpoint of normies w/out an infosec background. If you have an infosec background, then you understand and appreciate the principle of least privilege. It is foolish to disclose more information than necessary for a job. You do not need to give up your IP address to obtain a quote for work on your house, so why should you? It’s foolish. Why do you think knowing my IP address is required in order to furnish me a quote for some work? It’s rediculous, of course.
Normies, of course, do not know these basic concepts. They have a naive take on security – that you should only use security if you need it. Smarter people (infosec ppl) rightfully find the opposite - that you should operate securely by default, and demand justification for absence thereof. If I am giving up security and exposing myself more, I need a reason. Anyone who thinks otherwise is not competent with security.
Getting a quote on a renovation job is not a good reason to leave a more secure network for the clearnet.
I happen to have a machine that actually does not work on clearnet. But that’s besides the point. Even if clearnet worked for me, I would not see justification for using it in this circumstance.