hahaha, hisser it's funny you say that... I cant remember the last time I've paid for wifi... alfa wifi card with a good yagi.. a linux distro and 10 mins - 5 hours youll be online... 
-
ICMag with help from Landrace Warden and The Vault is running a NEW contest in November! You can check it here. Prizes are seeds & forum premium access. Come join in!
H
hisser
A Metallic kitchen strainer makes a great antenna too
Hisser, that makes sense. Maybe I'm a knee-jerk guy! I admire your pro-active approach & I started using Etherape to get a better lowdown on what's happening in my browser.
I'm still not understanding why the VPN is a necessity though?
The thing is, I've never seen any reports of the Tor network directly being compromised bad enough to decloak someone (I'm sure it may have happened, and could happen, but it seems like it would have to be a coordinated effort). I've seen several reports of VPNs ratting out customers. No matter how sincere or insistent they were about not logging. On a positive note, I'm sure TPB would have inventive ways of dealing with this, and they do have a reputation of not being namby pamby yes men.
Say if I put a VPN in front of Tor, to hide from my ISP that I'm using Tor, doesn't the VPN company then have my real IP, plus (depending on how much I don't trust them to log) a list of every request made through Tor? That would be a lot of trust for me to put into a corporate entity, especially in a foreign country. When the shit hit the fan, it would be me (a foreign citizen with not many rights in Sweden) against the authorities, with the capitalist freedom-loving VPN operator left to either hand over the data, or go to jail. Actually the truth is, I would not even know about it. The authorities go straight to the VPN and force them to log the customer in question, if they weren't already logging. The customer has no idea. This has happened before.
So unless I've got it all twisted, what do you see as the advantages of adding the VPN, and if it's ok to discuss, where do you put yours in the chain & why? (in terms of private browsing)
People may want to look into OTR tech for messaging. Peace.
I'm still not understanding why the VPN is a necessity though?
The thing is, I've never seen any reports of the Tor network directly being compromised bad enough to decloak someone (I'm sure it may have happened, and could happen, but it seems like it would have to be a coordinated effort). I've seen several reports of VPNs ratting out customers. No matter how sincere or insistent they were about not logging. On a positive note, I'm sure TPB would have inventive ways of dealing with this, and they do have a reputation of not being namby pamby yes men.
Say if I put a VPN in front of Tor, to hide from my ISP that I'm using Tor, doesn't the VPN company then have my real IP, plus (depending on how much I don't trust them to log) a list of every request made through Tor? That would be a lot of trust for me to put into a corporate entity, especially in a foreign country. When the shit hit the fan, it would be me (a foreign citizen with not many rights in Sweden) against the authorities, with the capitalist freedom-loving VPN operator left to either hand over the data, or go to jail. Actually the truth is, I would not even know about it. The authorities go straight to the VPN and force them to log the customer in question, if they weren't already logging. The customer has no idea. This has happened before.
So unless I've got it all twisted, what do you see as the advantages of adding the VPN, and if it's ok to discuss, where do you put yours in the chain & why? (in terms of private browsing)
People may want to look into OTR tech for messaging. Peace.
H
hisser
Hi ScrubNinja, using a VPN with TOR is just a precaution, in case some data is transmitted in clear text, since many websites that use HTTPS also have elements that are hosted in HTTP only,(or if you make the mistake of using HTTP only) even though data between you and TOR is totally encrypted, at the exit node it's not, and if the people behind the hostile exit node are determined enough they can trace it back to you, but if you use a VPN they'll end up facing that instead, not a perfect solution but it surely will make it harder to be traced, this way you're not only hiding from your ISP that you are using TOR, but also hiding from TOR that you are using your ISP.
I like to use Wireshark for analyzing packets, Etherape gives kickass maps
Another choice instead of OTR if you don't want to sign up with instant messaging services is Cryptocat
Cheers bro
I like to use Wireshark for analyzing packets, Etherape gives kickass maps
Another choice instead of OTR if you don't want to sign up with instant messaging services is Cryptocat
Cheers bro
were people fail with vpns is that, they go get the ones with the "BEST advertising/cheapest price".. They don't do their research..
imo tor does a okay-good job as what it does, but they are alot of honey pots on tor, and alot of tor networks are set up in the usa, and as well as other countries..
heres a list imho that would be best..
user> internet
user> internet> proxy
user> internet> tor
user> internet> VPN
User> internet> VPN >tor
User> internet> MULTI-VPN via proxychains..........<---------Best Solutions.....
user> internet> MULTI-VPN via proxychains> tor (by now, you're having flashs backs of 56k netzero and aol internet speeds) and more than likely shouldn't be doing what you're doing...............
imo tor does a okay-good job as what it does, but they are alot of honey pots on tor, and alot of tor networks are set up in the usa, and as well as other countries..
heres a list imho that would be best..
user> internet
user> internet> proxy
user> internet> tor
user> internet> VPN
User> internet> VPN >tor
User> internet> MULTI-VPN via proxychains..........<---------Best Solutions.....
user> internet> MULTI-VPN via proxychains> tor (by now, you're having flashs backs of 56k netzero and aol internet speeds) and more than likely shouldn't be doing what you're doing...............
Thanks for the schooling, fellas. I learned some today.
Running Etherape and Tor makes me feel like operation Desert Storm is unfolding on my desktop. Wireshark is ok I guess. Needs more lasers and flashing things though.
Running Etherape and Tor makes me feel like operation Desert Storm is unfolding on my desktop.
Wireshark is ok I guess. Needs more lasers and flashing things though.
H
hisser
Glad to help ScrubNinja!
It seems Google finally made a permanent Opt-out for tracking cookies! I updated the first post for those who prefer to use it over Firefox.
It seems Google finally made a permanent Opt-out for tracking cookies! I updated the first post for those who prefer to use it over Firefox.
Hey bro's you know what? I was using the Tor browser today, just occasionally bringing up etherape to check what's happening, and I noticed a protocol I hadn't seen before - HTTP-ALT on port 8080, and it had been used recently. So I clicked a link in Tor or ran a search or something, and yup, it lit up. It was to something like jgv48392.dediseedbox.com. Was pretty baked, sorry guys, and then I had to run out, screaming like a girl. 
An unencrypted connection? Am I missing something or was that probably some kind of malicious exit node?
I guess it's a great advert for adding the VPN, huh?
I also noticed in the regular Firefox (Linux version) that it sends out some kind of data simply when you switch your selected search engine at the top right. Each time you switch, it sends. Then I noticed you can click in the address bar, then back to the search bar, and it will send each time again! I tried the same things in Tor browser, and nothing happened! Nothing else seemed unusual. I didn't spend long on it.
Any thoughts on that? EtherApe is suddenly my favourite program! I thank you again for this thread, hisser.
Edit: I got my firewall locked a lot tighter after this.
An unencrypted connection? Am I missing something or was that probably some kind of malicious exit node?
I guess it's a great advert for adding the VPN, huh?
I also noticed in the regular Firefox (Linux version) that it sends out some kind of data simply when you switch your selected search engine at the top right. Each time you switch, it sends. Then I noticed you can click in the address bar, then back to the search bar, and it will send each time again! I tried the same things in Tor browser, and nothing happened! Nothing else seemed unusual. I didn't spend long on it.
Any thoughts on that? EtherApe is suddenly my favourite program! I thank you again for this thread, hisser.
Edit: I got my firewall locked a lot tighter after this.
Last edited:
H
hisser
I wouldn't worry much about it being 8080, lots of nodes use that, the connection will still be encrypted, you can't communicate directly with the exit node the traffic has to pass between other nodes first.
check this for more info: http://torstatus.blutmagie.de/
About the search bar in Firefox, maybe its for the results prediction/auto complete crap?
Cheers
check this for more info: http://torstatus.blutmagie.de/
About the search bar in Firefox, maybe its for the results prediction/auto complete crap?
Cheers
I never saw that page before, excellent. Ok, I found them on the list as FriendlyBruteforce on, yup....8080. Thanks.
I have the search suggestions off. Seems kinda odd. I'll keep on it.
I have the search suggestions off. Seems kinda odd. I'll keep on it.
T
Trichomie
Hi all. Don't know any tech to help but read enough to keep myself somewhat safe online. Tor > FireFox > Startpage
Still use the last full version of Tor I could find (vidalia-bundle-0.2.2.34-0.2.15 -03-17-12) that you could install on your machine instead of using the Tor browser bundle. It still functions normally and shows I'm using Tor here https://check.torproject.org/. These sites http://www.ipaddresslocation.org/ & http://www.ip-adress.com/ip_tracer/ show fictitious IP and location. Is it safe to use that old version of Tor or should I go with the browser bundle?
I didn't like the way my machine ran after installing and running the browser bundle so I went beck to the full version.
Don't really want to go with the VPN. It just seems like another outside link to me.
Think I'll try the virtual machine that oldone suggested. oldone, could you provide more complete instructions as I looked into it but it was over my head ATM so I didn't even download anything yet.
Lotta good info in here. Thanks everybody.
Still use the last full version of Tor I could find (vidalia-bundle-0.2.2.34-0.2.15 -03-17-12) that you could install on your machine instead of using the Tor browser bundle. It still functions normally and shows I'm using Tor here https://check.torproject.org/. These sites http://www.ipaddresslocation.org/ & http://www.ip-adress.com/ip_tracer/ show fictitious IP and location. Is it safe to use that old version of Tor or should I go with the browser bundle?
I didn't like the way my machine ran after installing and running the browser bundle so I went beck to the full version.
Don't really want to go with the VPN. It just seems like another outside link to me.
Think I'll try the virtual machine that oldone suggested. oldone, could you provide more complete instructions as I looked into it but it was over my head ATM so I didn't even download anything yet.
Lotta good info in here. Thanks everybody.
This2ShallPass
New member
I love this thread. When I searched this sub-forum last year for ideas it was not here and I thought a computer security guide was was sorely missed. I was surfing here and other places naked for a good while because I didn't fully realize the dangers.
I would like to add for novice users that it's important to use an anonymous email AND USERNAME that you use NOWHERE ELSE to sign up for any websites or services you wish to remain anonymous from. What's the point of going through all of this if your email or username can be traced back to you. For about 6 months I was using the same username here that I used on my home town sport team site and that was stupid (hence the new alias here).
Also on a more technical level the entire forum would benefit if the guide was slightly expanded to include protection from attacks on our end. What happens when your PC is physically compromised?
Accessing the internet from a Virtual machine on a USB stick (while following the other tips listed here) is a great way to keep your PC clean period, and you can run your VPN from your virtual machine as well. If your computer is compromised minus the USB stick, you are clear. You just have to manage the USB stick.
A second important tool that I feel should be included is TrueCrypt. You can install a TrueCrypt volume on your computer and toss some porn or anything else that looks like it should be hidden in there. Then you install a hidden volume inside that one and put your secret OS inside there. They find the porn drive but not the important one.
Hope I made a dent and again thanks for the thread.
I would like to add for novice users that it's important to use an anonymous email AND USERNAME that you use NOWHERE ELSE to sign up for any websites or services you wish to remain anonymous from. What's the point of going through all of this if your email or username can be traced back to you. For about 6 months I was using the same username here that I used on my home town sport team site and that was stupid (hence the new alias here).
Also on a more technical level the entire forum would benefit if the guide was slightly expanded to include protection from attacks on our end. What happens when your PC is physically compromised?
Accessing the internet from a Virtual machine on a USB stick (while following the other tips listed here) is a great way to keep your PC clean period, and you can run your VPN from your virtual machine as well. If your computer is compromised minus the USB stick, you are clear. You just have to manage the USB stick.
A second important tool that I feel should be included is TrueCrypt. You can install a TrueCrypt volume on your computer and toss some porn or anything else that looks like it should be hidden in there. Then you install a hidden volume inside that one and put your secret OS inside there. They find the porn drive but not the important one.
Hope I made a dent and again thanks for the thread.
Cosmic Surfer
Member
yes this is a great thread and eager to learn more!
PeopleWish
Active member
What is the best option for encrypting e-mail?
TOR is excellent for using these forums. Yes, I've read that it is still possible to gather your information if LEO have the resources, but when you compare this forum against the vast array of evil on the deep web, you realize this forum must be really low on the priority list for LEO.
I use Comodo Dragon as my browser and have been running Spotflux as my VPN. Anyone know anything about Spotflux? Is it worth a damn? I also jack my wifi from about a half mile away with a homebuilt double biquad antenna. Hope Karma dont come bite me in the ass for that one. I would really like to upload a few pics or maybe start a grow thread soon, but I live in the buckle of the bible belt and they kinda frown on that kind of thing around here. I didn't type any of what you just read...it wasnt me I swear !
I didn't think anyone went to such lengths to protect anonymity as I did. I sometimes feel stupid about it. It's fairly easy to set up though and is my own personal way to combat boredom too. I don't go quite as far as majortom though. I still use FF but never logon as administrator and always have "private browsing" automatically turned on and have my history automatically erased every time I shut it off. I use Hotspot Shield for my VPN and put the add-on Addblock Plus on FF so I don't have to see the ads flashing at me constantly. I also set my router to short-range though (unlike majortom there) so no one else might be able to pick up the signal. I changed my SSDI on my router to "guess" and also set my router not to broadcast the SSDI anyway.
I'm all about privacy and thought I might be going a little over-board. But those little things by themselves do make my surfing feel a little more secure and that alone makes it worth any effort.
I'm all about privacy and thought I might be going a little over-board. But those little things by themselves do make my surfing feel a little more secure and that alone makes it worth any effort.
H
hisser
Found this useful site that compares HTTPS fingerprints: https://www.grc.com/fingerprints.htm
Latest posts
-
-
-
-
question for sam the skunkman on the original haze- Latest: RingtailCanyon
-
Latest posts
-
-
-
-
question for sam the skunkman on the original haze
- Latest: RingtailCanyon
-
