>Do you use Tor with a VPN? No, why? VPN's are redundant and botnets.
>What machine do you use for Tor browsing? Custom built PC running Windows 7.
>Do you think Tor via TAILS is a good way to go about securing browsing with a privacy tailored OS? Probably.
>Do you use bridges? No.
>Do you use home WiFi? Only on notebooks.
>Anything and everything a Tor user would need to know goes here. Use only countries which can be trusted.
Zachary Diaz
>Use only countries which can be trusted. So, none?
Samuel Green
use i2p instead
Kevin Lee
There are a few.
Eli Diaz
how do you know that its not a nsa owned server? anyone can get one almost anywhere with money.
Jackson Jones
is there anything on the tor network other than CP now?
Cooper Young
>how do you know that its not a nsa owned server? In Ukraine or Russia? No, I think not.
Brody Fisher
>>Anything and everything a Tor user would need to know goes here. >Use only countries which can be trusted.
I thought that was the purpose of the VPN? Using a trusted VPN mitigates the possibility of LEA controlling an exit node, and preforming a correlation attack because your ISP can clearly see you're using Tor.
Caleb Turner
>because your ISP can clearly see you're using Tor Then use a bridge node. VPNs are pure botnets. All of them.
Justin Perry
>drugs & niggotry. all non-degenerate people who only cares about privacy are hiding in the crowds of clearnet
Gabriel Torres
>hiding in the crowds of clearnet You have no clue how tracking worsk, do you? Stupid plebbitor..
Hunter Richardson
How are they all botnets? If VPNs are botnets, anything you don't control directly are botnets. The Intel Management Engine running on ring -3 of your processor is a botnet.
Hunter Peterson
bad choice of words. let's put it this way:
people who initially cared about privacy has abandoned tor in favor of blending into the clearnet crowd in the hopes of being unnoticed. it's a faux feeling of anonymity
Xavier Jones
what stops them buying a vps from those countries? just fake being a normal customer and no one will know before its too late.
Ryan Fisher
That would be pretty dumb. It would just be better to practice better opsec and then blend into the crowd on things you can't encrypt or obscure.
Or if you wanted to be REALLY private and secure, you could throw away every electronic device, EMP your house and then kys
Elijah Phillips
>Do you use Tor with a VPN? If so, which one? Mullvad.net with wireguard and their beta testing of their quantum computing resistant algorithms >What machine do you use for Tor browsing? Laptop, desktop, phone >Do you think Tor via TAILS is a good way to go about securing browsing with a privacy tailored OS? Probably, but I'd also check out the heads libre fork. >Do you use home WiFi? Yeah.
Cameron Ross
>blending into the clearnet crowd The problem is, you don't "blend". This isn't a croud as in real life, it's rather a path, and every single one of those paths is uniquely identified for every single user.
>a vps A VPS. One. Not all of them that I'm connected through at any given time.
Hunter James
This.
Not using Tor may indeed help to stop your ISP from getting suspicious, but not using Tor also means that all activities can be viewed.
Jose Sullivan
i totally agree. true privacy is best obtained offline. i've settled in the middle, using irdium over vpn.
i use mullvad vpn. they are very good and i've meet the owner personally, so i trust them
Gabriel Fisher
>your ISP from getting suspicious Here never happens that. I even run an exit node, my ISP never questioned what I do online. And never should. The first time they try something stupid I'll switch to a different one, there's plenty of competition here in UA.
Camden Brooks
ok, but then whatever dirt they dig up on you will be done by warrantless illegal means and will not be held up in court
>>Implying the NSA doesn't just do what they want anyway
Isaiah Turner
>56k speeds
Zachary Nelson
Well, it's the NSA we're talking about, they can probably just buy a datacenter, and you probably read about how some Russian provider spread wrong routing information and routed the traffic of twitch, microsoft, riot games and some other company through them? Who says the NSA can't do that as well and get all your tor traffic in Russia?
Dylan James
Or not even buy a datacenter and just take over a bunch of machines in Russia. I bet many people are still vunlerable to the Vault 7 tools.
Nolan Sullivan
The pedos have moved on from Tor for the most part, at least in terms of having a public presence. I'm sure there are plenty using it for small, private trading out of the eyes of the law.
Nathan Wood
of course they'll light you up black ops style, if what you're up to is damaging to them but they can't do shit to you legally if they obtained the info on you through illegal means
So I'd rather have a VPN that at least halfway lies to me about logs.
Samuel Peterson
I just use TOR to visit paywalled sites. When I use up my monthly allotment, I just go to "new identity" and start over.
Zachary Cooper
A great way to use TOR in a practical manner.
Juan Nguyen
They now just trade in Kik threads on Sup Forums instead, which I'm sure FBI is happy about as it comes direct from their IP
Aiden Myers
It makes me wonder sometimes if agents infiltrate a group like that and then "encourage" them to use less anonymous and encrypted methods that they have control over.
Aiden Carter
Yes, Kik has even published a guidebook for agents. Go onto the news section of Google and type in 'Kik FBI' and you will find the article about it
Wyatt Hughes
Is there anything phun to do in Tor that isnt illegal or bordering illegality?
Anthony Watson
Pedos are generally dumb as fuck anyway, so it doesn't take much to catch them. The funniest one I remember was some dipshit who was showing his daughter off all over 12chan in lewd pictures, to the point that she was a celebrity there. But rather than that getting him caught, he went over to a neighbor's house, flat out told him he was fucking her and asked him if he'd like to as well. The guy called the cops instantly.
A perfect blend of arrogance and stupidity, thinking that everybody else must be a disgusting creep too because he was and had surrounded himself with others on a site devoted to said creeps.
Easton Howard
Crypto puzzles are pretty fun, its kind of like hackthissite where you have to progress through levels
Juan Thomas
Wow what a faggot
Michael Lee
Run a relay so political dissidents and whistleblowers can have a more reliable platform to use?
Colton Thomas
Here is my planned setup, what do you think of the idea?
>Cheap second hand netbook/notebook paid for in cash >Remove HDD >Attempt to physically remove wireless card [never done this before] >Insert USB wireless antenna >Insert TAILS USB >Use bridge and highest settings for browsing with noscript enabled globally >Save keys and files to encrypted persistent TAILS partition >Remove wireless USB antenna once finished browsing and fully disconnected
I was also thinking of running wireshark afterwards to see if anything is trying to access the internet whilst I'm supposed to be offline but not sure if that's possible with the wireless card and antenna removed? I've heard of timed payloads that sit dormant for a while and then connected to a server once you aren't using Tor in order to get your real IP?
Any advice would be gratefully appreciated.
Juan Myers
Not necessarily Tor related but what's the Sup Forums approved VPN
Matthew Ward
>VPNs are botnet Isn't that the entire fuckin point?
Parker Moore
I dont trust free software created for criminals and pedos
the idiots were more concerned about dailystormer then cp and silk road
Also go ahead I seriously doubt the gov doesnt control the exit nodes
John Myers
Access normal sites from Tor IP to hide your identity you dumbfuck.
Carson Mitchell
What point? To avoid them?
Caleb Miller
CIA datamining is blatant these days
Samuel Roberts
If you weren't a brainlet you would tunnel your tor connection.
Joseph Taylor
If i use a bridge node will it make my tor connection less secure?
Jason Hernandez
No, it will probably be slower though.
Robert Flores
Any opinions on this?
Anthony Stewart
It's not too bad, but a little contrived. Not much point using Tails if you're going to save files to a partition anyways.
I'd recommend going with a Qubes-Whonix setup, that way even if you get compromised the attackers can't at all connect to the internet without going through Tor. If any of your applications get compromised, they're still isolated in their own VM and can't access each other's data.
Even better is to use a Qubes-Whonix behind a Whonix-Gateway as the only connection to the internet, now even if there's a flaw in the hypervisor, your entire laptop physically can't connect to the internet without going through Tor.
Brandon Rodriguez
That changes things a fair bit, I've heard of both qubes and whonix but have no working knowledge of either. Which one of the two would you recommended the most? If you have anything else to add then please feel free to let me know.
Noah Foster
Qubes is about Compartmentalization, an important OpSec principle to prevent small failures in one part of your activity from contaminating all the other parts. Concretely that means if someone finds a bug in your mail client, all they can do is read your mail and they can't for example compromise your web browser or look at your private files. In Qubes you have a normal desktop, but all your applications actually run inside separate VMs.
Whonix is about enforcing that your connection is going through Tor at all times by separating the computer that uses the connection and the computer that provides it.
Also, I don't know what proxy you're using to post on Sup Forums, but if you're triple-posting you need something more reliable, friend.
Cameron Diaz
It's hard to tell which one to start learning about, they both have points that would be beneficial. I was under the impression that TAILS also forces all connections to be routed through Tor, they have a section of their website called Tor enforcement which details more about it. It sounds like qubes is the OS offering the higher level of protection on comparison between TAILS and whonix.
I posted off my mobile and the roaming data kept going to shit, have deleted the duplicate posts now
Anthony Gutierrez
Yes, tails does that too, but is not as secure as Whonix-Gateway + Whonix-Workstation on two different boxes of course.
My recommendation is to use Qubes-Whonix, which is running Whonix inside of Qubes, as a VM. It's fully supported by Qubes and fairly easy to use.
Chase Sanchez
So set up a whonix gateway on 1 laptop and then boot qubes from USB on a second laptop and use the qubes VM to run the whonix OS within it, have I got that right? That will be a few month's worth of learning in itself as I've never used a VM in anything other than Windows, certainty never had the knowledge to boot a secure OS inside another secure OS with the data passing through a self controlled gateway. What would happen if the gateway fucked up or was compromised in some way, wouldn't that give opportunity for an attacker to log traffic and nodes? That may be a stupid question but suppose it doesn't hurt to ask.
Gavin Hernandez
the whonix gateway is just another VM. the point of having the gateway in a separate VM is that you basically don't interact with it at all other than launching it that way there's no chance of you infecting the gateway by doing something dumb
John Jenkins
I use obfsproxy (uses Tor) with OpenVPN to bypass deep packet inspection
Nathan Brown
Ah that makes sense. I will have to look for two cheap laptops rather than one. Do you know if the gateway also does anything to help with obscurity as in adding another layer to the outgoing network? This is how I think it will look.
Real IP > whonix gateway > Tor bridge > Tor relays > Tor exit node > Internet
Nicholas Peterson
Is that the same as an obsf4 bridge?
John Bell
i think you're misunderstanding something. you don't need two computers for the whonix gateway/workstation setup. you can run both VMs on the same machine. i'm not sure having two computers would give any added benefit. and i don't think obscurity is the point, it's purely to limit the damage you can do through user error/infection. if your workstation is infected through some file you downloaded there's no way for them to get your IP because only the gateway knows your IP and the gateway is safe because you're not using it for anything.
Isaiah Miller
Yes I have made a misunderstanding, when you said 'two boxes' I thought you meant as in tep computers, I get now that you just meant two separate VM environments running. I will have to spend a while watching YouTube tutorials and replicating them myself with known safe files until I'm sure I've got it right. All my information about using Tor and TAILS has come from YouTube so hopefully they've got videos on launching a whonix gateway within qubes
This and the other documentation on this website and the whonix website should be every helpful to you. If you look at YouTube videos exclusively, you will limit yourself heavily
Charles Cook
>VPNs are redundant and botnets >Windows 7 >Tails is probably secure >Again uses fucking Windows You're a complete retard.
>Femanon Makes sense now. You're one of the "WHO SAYS GURLS CAN'T KODE" bitches.
Juan Jenkins
Women are useless and men can do everything a woman can do but better including being sexy women (traps)
Carter Butler
We can even create artificial wombs.
Women are bound to become extinct due to their uselessness.
Brandon Sanchez
>mullvad vpn. >This site is best viewed with javascript enabled. >World-class, online privacy
Jace Reed
You also should use different pairs of Whonix vms that route through different VPNs for your every online identity. Never run the same Whonix vm instance twice. Just delete it after a session or restore with a snapshot to the original state.
Luke Richardson
How to avoid DNS leaks when using VPN + Tor?
Jack Morris
Do not EVER use a VPN with tor, it's like adding some custom retarded fuel mix to your expensive car, you're just going to damage it.
Lucas Powell
No you shouldn't, Tor with bridge is best.
Lots of people have been caught due to 'no logs' VPN/VPS providers
Jace White
After reading this it seems like tails actually is better, qubes doesn't encrypt anything you save, doesn't wipe RAM and isn't amnesic. Maybe use tails for browsing and downloading documents and then a qubes VM on its own to view the documents whilst not connected to the internet at all, would that be an idea?
Carson Ross
They have different purposes, Tails is meant to be used if you do some one-off things every so often, but you don't need to save anything.
Qubes is meant to be what your computer runs, all the time.
Brandon Mitchell
Who are you quoting?
Owen Clark
It does sound as thought tails is best suited for my needs, I want the ability to browse and download whilst keeping all downloaded content saved on an encrypted persistent partition or even in a hidden partition, the material will only be viewed every few weeks to check its up to date. With tails I can hide the fact that the Tor laptop ever even ran tails and if its looked at by law enforcement then the fact the laptop contains no hard drive and all data is stored on a USB stick in encrypted format should surely make it harder for them to pin any Tor activities to me?
Juan Sanchez
Yeah, that sounds good.
Of course having the proper setup is just the first part, it doesn't guarantee you'll be safe if you fuck up online.
You've got protection but if let yourself get fucked in the ass you'll still get AIDS.
Carter Phillips
If I'm just downloading material and viewing it whilst offline then I guess the chances of fucking it up are minimal. I won't be posting identifiable information or anything like that. It would be good if tails had a built in virus scanning option.
Owen Morris
Please don't use antivirus software on a secure machine, especially a Linux box. Antivirus have parsers for a lot of esoteric file formats, internet access, and run at the highest privilege level. That is to say, they are full of vulnerabilities.
Fucking up come from simple user error most of the time, like logging into one of your personal account (say youtube, facebook, twitter) on the same browser you use for other activities. But it can be more subtle things, like if you idle on IRC all day, there's a brief internet outage in your town, and you timeout from IRC 120 seconds later. Whoops, you just revealed your physical location.
Colton Stewart
>I even run an exit node
Mason Lopez
I use tor to watch pornhub. I am also at the second level on hackthissite. Dont fuck with me nigger
Colton Watson
what's the best option here
>you -> vpn -> site >you -> tor -> site >you -> vpn -> tor -> site >you -> vpn -> tor -> vpn -> site >you -> tor -> vpn -> tor -> site
>something else?
Isaiah Campbell
Tor Browser always for everything.
Lincoln Thomas
>VMs used for sandboxing neat, i'm glad someone else had this idea.
Jaxson King
>I dont trust free software created for criminals and pedos
hmm, then you shouldn't trust anything what govement does
Jaxson Watson
>whonix holy fucking shit that is brilliant.
Jeremiah Hughes
Except that's actually good advice.
Kevin Reed
Is whonix a meme? I don't get your point
James Murphy
no the idea of VMs to hide information from your applications
Nathaniel Young
Lets say you use a VPN that is 100% uncompromised and legit.
Even if you use one, your ISP keeps logs of everything you do, so all the CIA/FBI would have to do is ask for accounts that were using your VPN IP at a specific timedate and they could easily track you.
Logan Ross
Wouldn't that work? Do you have alternative suggestions?
Parker Cruz
How to increase opsec to be safe on Tor?
Thomas Flores
In theory that wouldn't work because your VPN has many users sharing the same IP, it's a similar principle to a mixnet.
Dylan Lopez
disable js
Anthony Ross
Tor browser disables js by default, no?
Hunter Richardson
no
Christian Watson
Well that's fucking stupid.
Hudson Bell
People say its best to use a bridge whilst downloading over Tor but if that one bridge is government owned or goes offline in the middle of a download then wouldn't it expose your real IP and also continue to download over it? Also, what would happen if the bridge stayed online but one of the relays or the exit node goes offline? Sudden network failure is something that worries me about Tor.