Could we get a Tor specific thread? I've seen it mentioned often but think it deserves a discussion thread of its own.
Do you use Tor with a VPN? If so, which one?
What machine do you use for Tor browsing?
Do you think Tor via TAILS is a good way to go about securing browsing with a privacy tailored OS?
Do you use bridges?
Do you use home WiFi?
Anything and everything a Tor user would need to know goes here.
Other urls found in this thread:
gist.github.com
en.m.wikipedia.org
qubes-os.org
twitter.com
Useless cunts
>Do you use Tor with a VPN?
No, why? VPN's are redundant and botnets.
>What machine do you use for Tor browsing?
Custom built PC running Windows 7.
>Do you think Tor via TAILS is a good way to go about securing browsing with a privacy tailored OS?
Probably.
>Do you use bridges?
No.
>Do you use home WiFi?
Only on notebooks.
>Anything and everything a Tor user would need to know goes here.
Use only countries which can be trusted.
>Use only countries which can be trusted.
So, none?
use i2p instead
There are a few.
how do you know that its not a nsa owned server? anyone can get one almost anywhere with money.
is there anything on the tor network other than CP now?
>how do you know that its not a nsa owned server?
In Ukraine or Russia? No, I think not.
>>Anything and everything a Tor user would need to know goes here.
>Use only countries which can be trusted.
I thought that was the purpose of the VPN? Using a trusted VPN mitigates the possibility of LEA controlling an exit node, and preforming a correlation attack because your ISP can clearly see you're using Tor.
>because your ISP can clearly see you're using Tor
Then use a bridge node. VPNs are pure botnets. All of them.
>drugs & niggotry.
all non-degenerate people who only cares about privacy are hiding in the crowds of clearnet
>hiding in the crowds of clearnet
You have no clue how tracking worsk, do you? Stupid plebbitor..
How are they all botnets? If VPNs are botnets, anything you don't control directly are botnets. The Intel Management Engine running on ring -3 of your processor is a botnet.
bad choice of words. let's put it this way:
people who initially cared about privacy has abandoned tor in favor of blending into the clearnet crowd in the hopes of being unnoticed. it's a faux feeling of anonymity
what stops them buying a vps from those countries? just fake being a normal customer and no one will know before its too late.
That would be pretty dumb. It would just be better to practice better opsec and then blend into the crowd on things you can't encrypt or obscure.
Or if you wanted to be REALLY private and secure, you could throw away every electronic device, EMP your house and then kys
>Do you use Tor with a VPN? If so, which one?
Mullvad.net with wireguard and their beta testing of their quantum computing resistant algorithms
>What machine do you use for Tor browsing?
Laptop, desktop, phone
>Do you think Tor via TAILS is a good way to go about securing browsing with a privacy tailored OS? Probably, but I'd also check out the heads libre fork.
>Do you use home WiFi? Yeah.
>blending into the clearnet crowd
The problem is, you don't "blend". This isn't a croud as in real life, it's rather a path, and every single one of those paths is uniquely identified for every single user.
>a vps
A VPS. One. Not all of them that I'm connected through at any given time.
This.
Not using Tor may indeed help to stop your ISP from getting suspicious, but not using Tor also means that all activities can be viewed.
i totally agree. true privacy is best obtained offline. i've settled in the middle, using irdium over vpn.
i use mullvad vpn. they are very good and i've meet the owner personally, so i trust them
>your ISP from getting suspicious
Here never happens that. I even run an exit node, my ISP never questioned what I do online. And never should. The first time they try something stupid I'll switch to a different one, there's plenty of competition here in UA.
ok, but then whatever dirt they dig up on you will be done by warrantless illegal means and will not be held up in court
Quick rundown: gist.github.com
>>Implying the NSA doesn't just do what they want anyway
>56k speeds
Well, it's the NSA we're talking about, they can probably just buy a datacenter, and you probably read about how some Russian provider spread wrong routing information and routed the traffic of twitch, microsoft, riot games and some other company through them? Who says the NSA can't do that as well and get all your tor traffic in Russia?
Or not even buy a datacenter and just take over a bunch of machines in Russia. I bet many people are still vunlerable to the Vault 7 tools.
The pedos have moved on from Tor for the most part, at least in terms of having a public presence. I'm sure there are plenty using it for small, private trading out of the eyes of the law.
of course they'll light you up black ops style, if what you're up to is damaging to them
but they can't do shit to you legally if they obtained the info on you through illegal means
many people are still vulnerable to AOL phishers
Normally I'd say you're right, but in a way, my ISP is famous for this: en.m.wikipedia.org
So I'd rather have a VPN that at least halfway lies to me about logs.
I just use TOR to visit paywalled sites. When I use up my monthly allotment, I just go to "new identity" and start over.
A great way to use TOR in a practical manner.
They now just trade in Kik threads on Sup Forums instead, which I'm sure FBI is happy about as it comes direct from their IP
It makes me wonder sometimes if agents infiltrate a group like that and then "encourage" them to use less anonymous and encrypted methods that they have control over.
Yes, Kik has even published a guidebook for agents. Go onto the news section of Google and type in 'Kik FBI' and you will find the article about it
Is there anything phun to do in Tor that isnt illegal or bordering illegality?
Pedos are generally dumb as fuck anyway, so it doesn't take much to catch them. The funniest one I remember was some dipshit who was showing his daughter off all over 12chan in lewd pictures, to the point that she was a celebrity there. But rather than that getting him caught, he went over to a neighbor's house, flat out told him he was fucking her and asked him if he'd like to as well. The guy called the cops instantly.
A perfect blend of arrogance and stupidity, thinking that everybody else must be a disgusting creep too because he was and had surrounded himself with others on a site devoted to said creeps.
Crypto puzzles are pretty fun, its kind of like hackthissite where you have to progress through levels
Wow what a faggot
Run a relay so political dissidents and whistleblowers can have a more reliable platform to use?
Here is my planned setup, what do you think of the idea?
>Cheap second hand netbook/notebook paid for in cash
>Remove HDD
>Attempt to physically remove wireless card [never done this before]
>Insert USB wireless antenna
>Insert TAILS USB
>Use bridge and highest settings for browsing with noscript enabled globally
>Save keys and files to encrypted persistent TAILS partition
>Remove wireless USB antenna once finished browsing and fully disconnected
I was also thinking of running wireshark afterwards to see if anything is trying to access the internet whilst I'm supposed to be offline but not sure if that's possible with the wireless card and antenna removed? I've heard of timed payloads that sit dormant for a while and then connected to a server once you aren't using Tor in order to get your real IP?
Any advice would be gratefully appreciated.
Not necessarily Tor related but what's the Sup Forums approved VPN
>VPNs are botnet
Isn't that the entire fuckin point?
I dont trust free software created for criminals and pedos
the idiots were more concerned about dailystormer then cp and silk road
Also go ahead I seriously doubt the gov doesnt control the exit nodes
Access normal sites from Tor IP to hide your identity you dumbfuck.
What point? To avoid them?
CIA datamining is blatant these days
If you weren't a brainlet you would tunnel your tor connection.
If i use a bridge node will it make my tor connection less secure?
No, it will probably be slower though.
Any opinions on this?
It's not too bad, but a little contrived. Not much point using Tails if you're going to save files to a partition anyways.
I'd recommend going with a Qubes-Whonix setup, that way even if you get compromised the attackers can't at all connect to the internet without going through Tor.
If any of your applications get compromised, they're still isolated in their own VM and can't access each other's data.
Even better is to use a Qubes-Whonix behind a Whonix-Gateway as the only connection to the internet, now even if there's a flaw in the hypervisor, your entire laptop physically can't connect to the internet without going through Tor.
That changes things a fair bit, I've heard of both qubes and whonix but have no working knowledge of either. Which one of the two would you recommended the most? If you have anything else to add then please feel free to let me know.
Qubes is about Compartmentalization, an important OpSec principle to prevent small failures in one part of your activity from contaminating all the other parts.
Concretely that means if someone finds a bug in your mail client, all they can do is read your mail and they can't for example compromise your web browser or look at your private files.
In Qubes you have a normal desktop, but all your applications actually run inside separate VMs.
Whonix is about enforcing that your connection is going through Tor at all times by separating the computer that uses the connection and the computer that provides it.
Also, I don't know what proxy you're using to post on Sup Forums, but if you're triple-posting you need something more reliable, friend.
It's hard to tell which one to start learning about, they both have points that would be beneficial. I was under the impression that TAILS also forces all connections to be routed through Tor, they have a section of their website called Tor enforcement which details more about it. It sounds like qubes is the OS offering the higher level of protection on comparison between TAILS and whonix.
I posted off my mobile and the roaming data kept going to shit, have deleted the duplicate posts now
Yes, tails does that too, but is not as secure as Whonix-Gateway + Whonix-Workstation on two different boxes of course.
My recommendation is to use Qubes-Whonix, which is running Whonix inside of Qubes, as a VM.
It's fully supported by Qubes and fairly easy to use.
So set up a whonix gateway on 1 laptop and then boot qubes from USB on a second laptop and use the qubes VM to run the whonix OS within it, have I got that right? That will be a few month's worth of learning in itself as I've never used a VM in anything other than Windows, certainty never had the knowledge to boot a secure OS inside another secure OS with the data passing through a self controlled gateway. What would happen if the gateway fucked up or was compromised in some way, wouldn't that give opportunity for an attacker to log traffic and nodes? That may be a stupid question but suppose it doesn't hurt to ask.
the whonix gateway is just another VM. the point of having the gateway in a separate VM is that you basically don't interact with it at all other than launching it that way there's no chance of you infecting the gateway by doing something dumb
I use obfsproxy (uses Tor) with OpenVPN to bypass deep packet inspection
Ah that makes sense. I will have to look for two cheap laptops rather than one. Do you know if the gateway also does anything to help with obscurity as in adding another layer to the outgoing network? This is how I think it will look.
Real IP > whonix gateway > Tor bridge > Tor relays > Tor exit node > Internet
Is that the same as an obsf4 bridge?
i think you're misunderstanding something. you don't need two computers for the whonix gateway/workstation setup. you can run both VMs on the same machine. i'm not sure having two computers would give any added benefit. and i don't think obscurity is the point, it's purely to limit the damage you can do through user error/infection. if your workstation is infected through some file you downloaded there's no way for them to get your IP because only the gateway knows your IP and the gateway is safe because you're not using it for anything.
Yes I have made a misunderstanding, when you said 'two boxes' I thought you meant as in tep computers, I get now that you just meant two separate VM environments running. I will have to spend a while watching YouTube tutorials and replicating them myself with known safe files until I'm sure I've got it right. All my information about using Tor and TAILS has come from YouTube so hopefully they've got videos on launching a whonix gateway within qubes
*two
qubes-os.org
This and the other documentation on this website and the whonix website should be every helpful to you. If you look at YouTube videos exclusively, you will limit yourself heavily
>VPNs are redundant and botnets
>Windows 7
>Tails is probably secure
>Again uses fucking Windows
You're a complete retard.
>Femanon
Makes sense now. You're one of the "WHO SAYS GURLS CAN'T KODE" bitches.
Women are useless and men can do everything a woman can do but better including being sexy women (traps)
We can even create artificial wombs.
Women are bound to become extinct due to their uselessness.
>mullvad vpn.
>This site is best viewed with javascript enabled.
>World-class, online privacy
You also should use different pairs of Whonix vms that route through different VPNs for your every online identity.
Never run the same Whonix vm instance twice. Just delete it after a session or restore with a snapshot to the original state.
How to avoid DNS leaks when using VPN + Tor?
Do not EVER use a VPN with tor, it's like adding some custom retarded fuel mix to your expensive car, you're just going to damage it.
No you shouldn't, Tor with bridge is best.
Lots of people have been caught due to 'no logs' VPN/VPS providers
After reading this it seems like tails actually is better, qubes doesn't encrypt anything you save, doesn't wipe RAM and isn't amnesic. Maybe use tails for browsing and downloading documents and then a qubes VM on its own to view the documents whilst not connected to the internet at all, would that be an idea?
They have different purposes, Tails is meant to be used if you do some one-off things every so often, but you don't need to save anything.
Qubes is meant to be what your computer runs, all the time.
Who are you quoting?
It does sound as thought tails is best suited for my needs, I want the ability to browse and download whilst keeping all downloaded content saved on an encrypted persistent partition or even in a hidden partition, the material will only be viewed every few weeks to check its up to date. With tails I can hide the fact that the Tor laptop ever even ran tails and if its looked at by law enforcement then the fact the laptop contains no hard drive and all data is stored on a USB stick in encrypted format should surely make it harder for them to pin any Tor activities to me?
Yeah, that sounds good.
Of course having the proper setup is just the first part, it doesn't guarantee you'll be safe if you fuck up online.
You've got protection but if let yourself get fucked in the ass you'll still get AIDS.
If I'm just downloading material and viewing it whilst offline then I guess the chances of fucking it up are minimal. I won't be posting identifiable information or anything like that. It would be good if tails had a built in virus scanning option.
Please don't use antivirus software on a secure machine, especially a Linux box.
Antivirus have parsers for a lot of esoteric file formats, internet access, and run at the highest privilege level. That is to say, they are full of vulnerabilities.
Fucking up come from simple user error most of the time, like logging into one of your personal account (say youtube, facebook, twitter) on the same browser you use for other activities.
But it can be more subtle things, like if you idle on IRC all day, there's a brief internet outage in your town, and you timeout from IRC 120 seconds later. Whoops, you just revealed your physical location.
>I even run an exit node
I use tor to watch pornhub. I am also at the second level on hackthissite. Dont fuck with me nigger
what's the best option here
>you -> vpn -> site
>you -> tor -> site
>you -> vpn -> tor -> site
>you -> vpn -> tor -> vpn -> site
>you -> tor -> vpn -> tor -> site
>something else?
Tor Browser always for everything.
>VMs used for sandboxing
neat, i'm glad someone else had this idea.
>I dont trust free software created for criminals and pedos
hmm, then you shouldn't trust anything what govement does
>whonix
holy fucking shit that is brilliant.
Except that's actually good advice.
Is whonix a meme? I don't get your point
no the idea of VMs to hide information from your applications
Lets say you use a VPN that is 100% uncompromised and legit.
Even if you use one, your ISP keeps logs of everything you do, so all the CIA/FBI would have to do is ask for accounts that were using your VPN IP at a specific timedate and they could easily track you.
Wouldn't that work? Do you have alternative suggestions?
How to increase opsec to be safe on Tor?
In theory that wouldn't work because your VPN has many users sharing the same IP, it's a similar principle to a mixnet.
disable js
Tor browser disables js by default, no?
no
Well that's fucking stupid.
People say its best to use a bridge whilst downloading over Tor but if that one bridge is government owned or goes offline in the middle of a download then wouldn't it expose your real IP and also continue to download over it? Also, what would happen if the bridge stayed online but one of the relays or the exit node goes offline? Sudden network failure is something that worries me about Tor.