Https, bridges and Javascript ;security concern

Alright let's say I connected to tor on my mobile network with obfs4 bridge and I have setup transparent proxying and https everywhere on my firefox browser now my question is: will my mobile isp know which Sites I visited? What I do is encrypted by https so they won't know what I do on the sites for sure but I don't know if they can log the requests to the sites I try to visit By Javascript being enabled, which third party knows sensitive information about my device?

/u/sapiophile your opinion is welcome


Comments


[1 Points] pallmallman12:

You're using a mobile device?


[1 Points] Bbmcisrightyoufools:

By mobile network, do you mean you used your phone's WiFi hotspot feature? If this is the case, your ISP will not know what sites you've visited, as use of the obfs4 bridge obscures what you're doing. However, the tor exit nodes will know which sites you're connecting to, and will be able to see what you're doing if they're running something like SSLStrip.

If you're talking about using your mobile to access the DNMs, stop this immediately, burn your house down and move to Belize. Mobile phones are NOT secure for use in high risk environments like the DNMs. Especially Android. Orbot uses Webview to display content, and anyone who's ever done Android dev knows that Webview is an exploitable piece of shit. If you have to ask questions about security, use one of the pre configured distros for this, like Whonix or Tails.