Web lists-archives.com

Re: tor -- way OT

On Sat, 18 Mar 2017 17:19:00 +0000, GiaThnYgeia wrote:

> READ THE MANUALS  ;)  :P  (just kidding!)
> Various steps
> 1  About vpn and reaching the tor gate, your ISP may be able to see that
> you are reaching out to make a connection to the various gates/nodes and
> you may not want that, as ISPs are passing all personal information to
> big-Sister.  And you "may" not want them to do so.  They pick on your
> attempt to connect from their own DNS that you normally use.  It seems
> as someone vigorously is supplying all ISPs in the world with a daily
> updated list of known tor exit-entry-nodes.  So change your DNS servers
> to what is assumed to be a safe net of DNS servers that do not log your
> DNS requests.  I did say assumed, didn't I?
> wiki.opennicproject.org/GettingStarted/#hn_Ubuntu_Linux
> servers.opennicproject.org/  (Choose 3-4 from the list and check monthly
> for dropped servers and try the ones closest to you, although the
> furthest may only be a few hundred milliseconds away).
> 2  If you can afford a VPN service good for you.  For the less
> privileged (like 96% of the planet) there is calyx.net and bitmask.net
> https://bitmask.net/en/install/linux#debian-packages or you can download
> a standalone package.  There is also a testing-beta 0.9.4 version.  This
> is a project by Leap.se and has made this open source code available and
> is begging to be forked.  It is like openVPN for dummies (like some of
> us).
> 3  tor by torproject.org is open and free just like Debian That is why
> Debian only works with torproject and not just any other tor software. 
> And all of them will tell your they work better!  Tor is a network which
> you need special configuration to enter (and exit) safely.
> Everything you wanted to know and were afraid to ask:
> https://onion.debian.org/
> Once you get tor running and install tor-browser you may also add the
> torproject.org repository as well.  Since you are using it you might as
> well use onion addresses to replace all repositories (Debian and Tor)
> *** ... once you have the "apt-transport-tor" package installed, the
> following entries should work in your sources list for a stable system:
> (change the stretch to jessie stable testing sid ... or what you have)
> deb 1 tor+http://vwakviie2ienjx6t.onion/debian stretch main deb 2
> tor+http://vwakviie2ienjx6t.onion/debian stretch-updates main deb 3
> tor+http://sgvtcaew4bxjd7ln.onion/debian-security stretch/updates   
> main deb 4 tor+http://vwakviie2ienjx6t.onion/debian stretch-backports
> main deb 5 tor+http://sdscoq7snqtznauu.onion/torproject.org/ testing
> main
> Remember the tor-transport package mentioned above is essential for any
> of them to work and a live tor connection.  If tor daemon has stopped
> all those addresses will run into an error.
> You can also add the deb tor+http://debian...  or any other non onion
> address and that works too.
> 4  And if all this wasn't enough ..... there is MORE!  Try
> sandboxed-tor-browser in its 3rd current beta version.  It is just like
> the tails tor-browser that can not see beyond its own sandbox (the
> Amnesia sandboxed disk within your disk).
> 5  None of this stuff make any sense if you are enabling scripts and
> going to googlefatsbookyoohooemesen ... crap sites!  You are defeating
> the purpose of anonymity and privacy.  Do not abuse sensible freedom!
> All debian websites do not require any scripts to be accessed and read.
> Most respected websites (non-invasive) are the same way.  Those you can
> not reach (it gets cloudy out-there) you don't want to read any way.
> 6  If you want to test your browser for torification use
> check.torproject.org If you want to check the configuration of other
> browsers and their effective ability to cover themselves use eff.mozilla
> https://panopticlick.eff.org/ but it doesn't mean much as it is compared
> with a huge amount of non-tor browsers.
> This project browserprint.info seems to be doing part of the same and
> more but more directed to tor browsers.  The score is getting better
> with every new edition of tor-browser.  The more unique your fingerprint
> the easier for little-big-sisters to tell who you might be and what are
> you up to.  So, you want to blend in with the fish, not stick out.  You
> might hear that "the old tor was better than the new one, I am sticking
> with the older version" and that is crap.  As 99% are updating to the
> latest your trusty old tor-browser will stick out like a shore thumb!
> 7  If you are using icedove/thunderbird for mail disable all your
> plugins and install tor-birdie which prohibits your mail-system to
> communicate without tor.  Nothing comes-in nothing comes-out if the tor
> connection has been dropped.
> 8  There is also tor-chatting and messaging and all kinds of other stuff
> I do not use.
> 9  Don't expect Neo to come, save yourself!
> Peter Ludikovsky:
>> Hello,
>> First things first: AFAIK, just installing privoxy doesn't make it use
>> Tor, it just acts as a regular proxy. Visit [1] to see if you're using
>> Tor or not. In order to enable chaining through Tor you'll have to have
>> a line like
>>   forward-socks5	/	<ip>:<port>
> I used socks5:// on midori and the score sucked on the
> above mentioned uniqueness profiler.
>> Or, you could install the torbrowser-launcher[2] package, which
>> contains everything preconfigured for browsing.
> It is the only safe way to go, any deviation from the prescribed is
> risking anonymity.  You might as well not use any of this stuff.
>> Regards,
>> /peter
>> [1] https://check.torproject.org/
>> [2] https://packages.debian.org/jessie/torbrowser-launcher
> Read this too:
> https://guardianproject.info/2016/07/31/howto-get-all-your-debian-
>> Am 17.03.2017 um 19:28 schrieb Glenn English:
>>> I'm trying to use the Tor Browser. They don't seem to have any support
>>> (beyond an FAQ) on their site, so I'm asking here.
>>> Jessie and XFCE on a Supermicro workstation connected through a T1.
>>> I installed Tor a few days ago and it was working fine -- Gmail said
>>> it was having authentication problems and that I was using Firefox on
>>> Winders in Paris. Just what I'd hoped for.
> Get some real mail and leave the G for nonsense ...  Once your real
> location and identity is recorded ... any attempts to identify or cover
> yourself up from such companies are meaningless.  Just separate your
> private life from the "open and free" commercial services.  Move on,
> there is nothing to see there :)
>>> So I removed privoxy, and now Tor can't even connect to its own
>>> network.
> Just do a reinstall by forget the standalone apps, do it through apt
> apt-get synaptic system installation.  Make sure you get all the gpg
> keyring stuff done right.  Once the system has safely got tor-daemon
> running the first attempt to start the browser will open up a gui with
> options (make sure you enable the sound part :) it will download the
> browser safely through tor, which means it verifies its structure hasn't
> been altered on its way to you.
> Imagine living in a country that is not as free as the US (goughh,..
> ghhgh.. bwwraaahhh..) that even reaching a tor gateway needs some bridge
> somewhere because all other entry points are blocked by the government's
> networking.  If government agents and large corporation executives
> wouldn't rely so much to the safety of this network it wouldn't exist.
> They don't want their anonymity but they sure do want their own.
> Peace (by any means necessary)
> kAt
> PS  Do not watch Snowden videos with Tor ...  with your Gmail logged in!

Really nice post, thanks:
I have one [OT] question, i use Wheezy at work, but i tested Kodachi a 
Debian derivative, and it took the HWID! Is it a security problem? Well, 
a second question, are you saying, that when i use Tails, i must not 
permit scrips?