READ THE MANUALS ;) :P (just kidding!) Various steps
1 About vpn and reaching the tor gate, your ISP may be able to see that you are reaching out to make a connection to the various gates/nodes and you may not want that, as ISPs are passing all personal information to big-Sister. And you "may" not want them to do so. They pick on your attempt to connect from their own DNS that you normally use. It seems as someone vigorously is supplying all ISPs in the world with a daily updated list of known tor exit-entry-nodes. So change your DNS servers to what is assumed to be a safe net of DNS servers that do not log your DNS requests. I did say assumed, didn't I? wiki.opennicproject.org/GettingStarted/#hn_Ubuntu_Linux servers.opennicproject.org/ (Choose 3-4 from the list and check monthly for dropped servers and try the ones closest to you, although the furthest may only be a few hundred milliseconds away). 2 If you can afford a VPN service good for you. For the less privileged (like 96% of the planet) there is calyx.net and bitmask.net https://bitmask.net/en/install/linux#debian-packages or you can download a standalone package. There is also a testing-beta 0.9.4 version. This is a project by Leap.se and has made this open source code available and is begging to be forked. It is like openVPN for dummies (like some of us). 3 tor by torproject.org is open and free just like Debian That is why Debian only works with torproject and not just any other tor software. And all of them will tell your they work better! Tor is a network which you need special configuration to enter (and exit) safely. Everything you wanted to know and were afraid to ask: https://onion.debian.org/ Once you get tor running and install tor-browser you may also add the torproject.org repository as well. Since you are using it you might as well use onion addresses to replace all repositories (Debian and Tor) *** ... once you have the "apt-transport-tor" package installed, the following entries should work in your sources list for a stable system: (change the stretch to jessie stable testing sid ... or what you have) deb 1 tor+http://vwakviie2ienjx6t.onion/debian stretch main deb 2 tor+http://vwakviie2ienjx6t.onion/debian stretch-updates main deb 3 tor+http://sgvtcaew4bxjd7ln.onion/debian-security stretch/updates main deb 4 tor+http://vwakviie2ienjx6t.onion/debian stretch-backports main deb 5 tor+http://sdscoq7snqtznauu.onion/torproject.org/ testing main Remember the tor-transport package mentioned above is essential for any of them to work and a live tor connection. If tor daemon has stopped all those addresses will run into an error. You can also add the deb tor+http://debian... or any other non onion address and that works too. 4 And if all this wasn't enough ..... there is MORE! Try sandboxed-tor-browser in its 3rd current beta version. It is just like the tails tor-browser that can not see beyond its own sandbox (the Amnesia sandboxed disk within your disk). 5 None of this stuff make any sense if you are enabling scripts and going to googlefatsbookyoohooemesen ... crap sites! You are defeating the purpose of anonymity and privacy. Do not abuse sensible freedom! All debian websites do not require any scripts to be accessed and read. Most respected websites (non-invasive) are the same way. Those you can not reach (it gets cloudy out-there) you don't want to read any way. 6 If you want to test your browser for torification use check.torproject.org If you want to check the configuration of other browsers and their effective ability to cover themselves use eff.mozilla https://panopticlick.eff.org/ but it doesn't mean much as it is compared with a huge amount of non-tor browsers. This project browserprint.info seems to be doing part of the same and more but more directed to tor browsers. The score is getting better with every new edition of tor-browser. The more unique your fingerprint the easier for little-big-sisters to tell who you might be and what are you up to. So, you want to blend in with the fish, not stick out. You might hear that "the old tor was better than the new one, I am sticking with the older version" and that is crap. As 99% are updating to the latest your trusty old tor-browser will stick out like a shore thumb! 7 If you are using icedove/thunderbird for mail disable all your plugins and install tor-birdie which prohibits your mail-system to communicate without tor. Nothing comes-in nothing comes-out if the tor connection has been dropped. 8 There is also tor-chatting and messaging and all kinds of other stuff I do not use. 9 Don't expect Neo to come, save yourself! Peter Ludikovsky: > Hello, > > First things first: AFAIK, just installing privoxy doesn't make it use > Tor, it just acts as a regular proxy. Visit [1] to see if you're using > Tor or not. In order to enable chaining through Tor you'll have to have > a line like > forward-socks5 / <ip>:<port> I used socks5://127.0.0.1:9050 on midori and the score sucked on the above mentioned uniqueness profiler. > Or, you could install the torbrowser-launcher[2] package, which contains > everything preconfigured for browsing. It is the only safe way to go, any deviation from the prescribed is risking anonymity. You might as well not use any of this stuff. > Regards, > /peter > > [1] https://check.torproject.org/ > [2] https://packages.debian.org/jessie/torbrowser-launcher Read this too: https://guardianproject.info/2016/07/31/howto-get-all-your-debian-packages-via-tor-onion-services/ > Am 17.03.2017 um 19:28 schrieb Glenn English: >> I'm trying to use the Tor Browser. They don't seem to have any support >> (beyond an FAQ) on their site, so I'm asking here. >> >> Jessie and XFCE on a Supermicro workstation connected through a T1. >> >> I installed Tor a few days ago and it was working fine -- Gmail said >> it was having authentication problems and that I was using Firefox on >> Winders in Paris. Just what I'd hoped for. Get some real mail and leave the G for nonsense ... Once your real location and identity is recorded ... any attempts to identify or cover yourself up from such companies are meaningless. Just separate your private life from the "open and free" commercial services. Move on, there is nothing to see there :) >> So I removed privoxy, and now Tor can't even connect to its own network. Just do a reinstall by forget the standalone apps, do it through apt apt-get synaptic system installation. Make sure you get all the gpg keyring stuff done right. Once the system has safely got tor-daemon running the first attempt to start the browser will open up a gui with options (make sure you enable the sound part :) it will download the browser safely through tor, which means it verifies its structure hasn't been altered on its way to you. Imagine living in a country that is not as free as the US (goughh,.. ghhgh.. bwwraaahhh..) that even reaching a tor gateway needs some bridge somewhere because all other entry points are blocked by the government's networking. If government agents and large corporation executives wouldn't rely so much to the safety of this network it wouldn't exist. They don't want their anonymity but they sure do want their own. Peace (by any means necessary) kAt PS Do not watch Snowden videos with Tor ... with your Gmail logged in! -- "The most violent element in society is ignorance" rEG
