On Sat, 18 Mar 2017 17:19:00 +0000, GiaThnYgeia wrote: > READ THE MANUALS ;) :P (just kidding!) > > Various steps > > 1 About vpn and reaching the tor gate, your ISP may be able to see that > you are reaching out to make a connection to the various gates/nodes and > you may not want that, as ISPs are passing all personal information to > big-Sister. And you "may" not want them to do so. They pick on your > attempt to connect from their own DNS that you normally use. It seems > as someone vigorously is supplying all ISPs in the world with a daily > updated list of known tor exit-entry-nodes. So change your DNS servers > to what is assumed to be a safe net of DNS servers that do not log your > DNS requests. I did say assumed, didn't I? > > wiki.opennicproject.org/GettingStarted/#hn_Ubuntu_Linux > servers.opennicproject.org/ (Choose 3-4 from the list and check monthly > for dropped servers and try the ones closest to you, although the > furthest may only be a few hundred milliseconds away). > > 2 If you can afford a VPN service good for you. For the less > privileged (like 96% of the planet) there is calyx.net and bitmask.net > https://bitmask.net/en/install/linux#debian-packages or you can download > a standalone package. There is also a testing-beta 0.9.4 version. This > is a project by Leap.se and has made this open source code available and > is begging to be forked. It is like openVPN for dummies (like some of > us). > > 3 tor by torproject.org is open and free just like Debian That is why > Debian only works with torproject and not just any other tor software. > And all of them will tell your they work better! Tor is a network which > you need special configuration to enter (and exit) safely. > Everything you wanted to know and were afraid to ask: > https://onion.debian.org/ > > Once you get tor running and install tor-browser you may also add the > torproject.org repository as well. Since you are using it you might as > well use onion addresses to replace all repositories (Debian and Tor) > > *** ... once you have the "apt-transport-tor" package installed, the > following entries should work in your sources list for a stable system: > (change the stretch to jessie stable testing sid ... or what you have) > > deb 1 tor+http://vwakviie2ienjx6t.onion/debian stretch main deb 2 > tor+http://vwakviie2ienjx6t.onion/debian stretch-updates main deb 3 > tor+http://sgvtcaew4bxjd7ln.onion/debian-security stretch/updates > main deb 4 tor+http://vwakviie2ienjx6t.onion/debian stretch-backports > main deb 5 tor+http://sdscoq7snqtznauu.onion/torproject.org/ testing > main > > Remember the tor-transport package mentioned above is essential for any > of them to work and a live tor connection. If tor daemon has stopped > all those addresses will run into an error. > You can also add the deb tor+http://debian... or any other non onion > address and that works too. > > > 4 And if all this wasn't enough ..... there is MORE! Try > sandboxed-tor-browser in its 3rd current beta version. It is just like > the tails tor-browser that can not see beyond its own sandbox (the > Amnesia sandboxed disk within your disk). > > 5 None of this stuff make any sense if you are enabling scripts and > going to googlefatsbookyoohooemesen ... crap sites! You are defeating > the purpose of anonymity and privacy. Do not abuse sensible freedom! > All debian websites do not require any scripts to be accessed and read. > Most respected websites (non-invasive) are the same way. Those you can > not reach (it gets cloudy out-there) you don't want to read any way. > > 6 If you want to test your browser for torification use > check.torproject.org If you want to check the configuration of other > browsers and their effective ability to cover themselves use eff.mozilla > https://panopticlick.eff.org/ but it doesn't mean much as it is compared > with a huge amount of non-tor browsers. > > This project browserprint.info seems to be doing part of the same and > more but more directed to tor browsers. The score is getting better > with every new edition of tor-browser. The more unique your fingerprint > the easier for little-big-sisters to tell who you might be and what are > you up to. So, you want to blend in with the fish, not stick out. You > might hear that "the old tor was better than the new one, I am sticking > with the older version" and that is crap. As 99% are updating to the > latest your trusty old tor-browser will stick out like a shore thumb! > > 7 If you are using icedove/thunderbird for mail disable all your > plugins and install tor-birdie which prohibits your mail-system to > communicate without tor. Nothing comes-in nothing comes-out if the tor > connection has been dropped. > > 8 There is also tor-chatting and messaging and all kinds of other stuff > I do not use. > > 9 Don't expect Neo to come, save yourself! > > Peter Ludikovsky: >> Hello, >> >> First things first: AFAIK, just installing privoxy doesn't make it use >> Tor, it just acts as a regular proxy. Visit [1] to see if you're using >> Tor or not. In order to enable chaining through Tor you'll have to have >> a line like >> forward-socks5 / <ip>:<port> > > I used socks5://127.0.0.1:9050 on midori and the score sucked on the > above mentioned uniqueness profiler. > >> Or, you could install the torbrowser-launcher[2] package, which >> contains everything preconfigured for browsing. > > It is the only safe way to go, any deviation from the prescribed is > risking anonymity. You might as well not use any of this stuff. > >> Regards, >> /peter >> >> [1] https://check.torproject.org/ >> [2] https://packages.debian.org/jessie/torbrowser-launcher > > Read this too: > https://guardianproject.info/2016/07/31/howto-get-all-your-debian- packages-via-tor-onion-services/ > >> Am 17.03.2017 um 19:28 schrieb Glenn English: >>> I'm trying to use the Tor Browser. They don't seem to have any support >>> (beyond an FAQ) on their site, so I'm asking here. >>> >>> Jessie and XFCE on a Supermicro workstation connected through a T1. >>> >>> I installed Tor a few days ago and it was working fine -- Gmail said >>> it was having authentication problems and that I was using Firefox on >>> Winders in Paris. Just what I'd hoped for. > > Get some real mail and leave the G for nonsense ... Once your real > location and identity is recorded ... any attempts to identify or cover > yourself up from such companies are meaningless. Just separate your > private life from the "open and free" commercial services. Move on, > there is nothing to see there :) > >>> So I removed privoxy, and now Tor can't even connect to its own >>> network. > > Just do a reinstall by forget the standalone apps, do it through apt > apt-get synaptic system installation. Make sure you get all the gpg > keyring stuff done right. Once the system has safely got tor-daemon > running the first attempt to start the browser will open up a gui with > options (make sure you enable the sound part :) it will download the > browser safely through tor, which means it verifies its structure hasn't > been altered on its way to you. > > Imagine living in a country that is not as free as the US (goughh,.. > ghhgh.. bwwraaahhh..) that even reaching a tor gateway needs some bridge > somewhere because all other entry points are blocked by the government's > networking. If government agents and large corporation executives > wouldn't rely so much to the safety of this network it wouldn't exist. > They don't want their anonymity but they sure do want their own. > > Peace (by any means necessary) > kAt > > PS Do not watch Snowden videos with Tor ... with your Gmail logged in!
Really nice post, thanks: I have one [OT] question, i use Wheezy at work, but i tested Kodachi a Debian derivative, and it took the HWID! Is it a security problem? Well, a second question, are you saying, that when i use Tails, i must not permit scrips? Lat
