Re: tor -- way OT
- Date: Sun, 19 Mar 2017 10:43:58 +0000 (UTC)
- From: Latincom <latincom@xxxxxxxxx>
- Subject: Re: tor -- way OT
On Sat, 18 Mar 2017 17:19:00 +0000, GiaThnYgeia wrote:
> READ THE MANUALS ;) :P (just kidding!)
> Various steps
> 1 About vpn and reaching the tor gate, your ISP may be able to see that
> you are reaching out to make a connection to the various gates/nodes and
> you may not want that, as ISPs are passing all personal information to
> big-Sister. And you "may" not want them to do so. They pick on your
> attempt to connect from their own DNS that you normally use. It seems
> as someone vigorously is supplying all ISPs in the world with a daily
> updated list of known tor exit-entry-nodes. So change your DNS servers
> to what is assumed to be a safe net of DNS servers that do not log your
> DNS requests. I did say assumed, didn't I?
> servers.opennicproject.org/ (Choose 3-4 from the list and check monthly
> for dropped servers and try the ones closest to you, although the
> furthest may only be a few hundred milliseconds away).
> 2 If you can afford a VPN service good for you. For the less
> privileged (like 96% of the planet) there is calyx.net and bitmask.net
> https://bitmask.net/en/install/linux#debian-packages or you can download
> a standalone package. There is also a testing-beta 0.9.4 version. This
> is a project by Leap.se and has made this open source code available and
> is begging to be forked. It is like openVPN for dummies (like some of
> 3 tor by torproject.org is open and free just like Debian That is why
> Debian only works with torproject and not just any other tor software.
> And all of them will tell your they work better! Tor is a network which
> you need special configuration to enter (and exit) safely.
> Everything you wanted to know and were afraid to ask:
> Once you get tor running and install tor-browser you may also add the
> torproject.org repository as well. Since you are using it you might as
> well use onion addresses to replace all repositories (Debian and Tor)
> *** ... once you have the "apt-transport-tor" package installed, the
> following entries should work in your sources list for a stable system:
> (change the stretch to jessie stable testing sid ... or what you have)
> deb 1 tor+http://vwakviie2ienjx6t.onion/debian stretch main deb 2
> tor+http://vwakviie2ienjx6t.onion/debian stretch-updates main deb 3
> tor+http://sgvtcaew4bxjd7ln.onion/debian-security stretch/updates
> main deb 4 tor+http://vwakviie2ienjx6t.onion/debian stretch-backports
> main deb 5 tor+http://sdscoq7snqtznauu.onion/torproject.org/ testing
> Remember the tor-transport package mentioned above is essential for any
> of them to work and a live tor connection. If tor daemon has stopped
> all those addresses will run into an error.
> You can also add the deb tor+http://debian... or any other non onion
> address and that works too.
> 4 And if all this wasn't enough ..... there is MORE! Try
> sandboxed-tor-browser in its 3rd current beta version. It is just like
> the tails tor-browser that can not see beyond its own sandbox (the
> Amnesia sandboxed disk within your disk).
> 5 None of this stuff make any sense if you are enabling scripts and
> going to googlefatsbookyoohooemesen ... crap sites! You are defeating
> the purpose of anonymity and privacy. Do not abuse sensible freedom!
> All debian websites do not require any scripts to be accessed and read.
> Most respected websites (non-invasive) are the same way. Those you can
> not reach (it gets cloudy out-there) you don't want to read any way.
> 6 If you want to test your browser for torification use
> check.torproject.org If you want to check the configuration of other
> browsers and their effective ability to cover themselves use eff.mozilla
> https://panopticlick.eff.org/ but it doesn't mean much as it is compared
> with a huge amount of non-tor browsers.
> This project browserprint.info seems to be doing part of the same and
> more but more directed to tor browsers. The score is getting better
> with every new edition of tor-browser. The more unique your fingerprint
> the easier for little-big-sisters to tell who you might be and what are
> you up to. So, you want to blend in with the fish, not stick out. You
> might hear that "the old tor was better than the new one, I am sticking
> with the older version" and that is crap. As 99% are updating to the
> latest your trusty old tor-browser will stick out like a shore thumb!
> 7 If you are using icedove/thunderbird for mail disable all your
> plugins and install tor-birdie which prohibits your mail-system to
> communicate without tor. Nothing comes-in nothing comes-out if the tor
> connection has been dropped.
> 8 There is also tor-chatting and messaging and all kinds of other stuff
> I do not use.
> 9 Don't expect Neo to come, save yourself!
> Peter Ludikovsky:
>> First things first: AFAIK, just installing privoxy doesn't make it use
>> Tor, it just acts as a regular proxy. Visit  to see if you're using
>> Tor or not. In order to enable chaining through Tor you'll have to have
>> a line like
>> forward-socks5 / <ip>:<port>
> I used socks5://127.0.0.1:9050 on midori and the score sucked on the
> above mentioned uniqueness profiler.
>> Or, you could install the torbrowser-launcher package, which
>> contains everything preconfigured for browsing.
> It is the only safe way to go, any deviation from the prescribed is
> risking anonymity. You might as well not use any of this stuff.
>>  https://check.torproject.org/
>>  https://packages.debian.org/jessie/torbrowser-launcher
> Read this too:
>> Am 17.03.2017 um 19:28 schrieb Glenn English:
>>> I'm trying to use the Tor Browser. They don't seem to have any support
>>> (beyond an FAQ) on their site, so I'm asking here.
>>> Jessie and XFCE on a Supermicro workstation connected through a T1.
>>> I installed Tor a few days ago and it was working fine -- Gmail said
>>> it was having authentication problems and that I was using Firefox on
>>> Winders in Paris. Just what I'd hoped for.
> Get some real mail and leave the G for nonsense ... Once your real
> location and identity is recorded ... any attempts to identify or cover
> yourself up from such companies are meaningless. Just separate your
> private life from the "open and free" commercial services. Move on,
> there is nothing to see there :)
>>> So I removed privoxy, and now Tor can't even connect to its own
> Just do a reinstall by forget the standalone apps, do it through apt
> apt-get synaptic system installation. Make sure you get all the gpg
> keyring stuff done right. Once the system has safely got tor-daemon
> running the first attempt to start the browser will open up a gui with
> options (make sure you enable the sound part :) it will download the
> browser safely through tor, which means it verifies its structure hasn't
> been altered on its way to you.
> Imagine living in a country that is not as free as the US (goughh,..
> ghhgh.. bwwraaahhh..) that even reaching a tor gateway needs some bridge
> somewhere because all other entry points are blocked by the government's
> networking. If government agents and large corporation executives
> wouldn't rely so much to the safety of this network it wouldn't exist.
> They don't want their anonymity but they sure do want their own.
> Peace (by any means necessary)
> PS Do not watch Snowden videos with Tor ... with your Gmail logged in!
Really nice post, thanks:
I have one [OT] question, i use Wheezy at work, but i tested Kodachi a
Debian derivative, and it took the HWID! Is it a security problem? Well,
a second question, are you saying, that when i use Tails, i must not