/os/ - Online Security

1456432007579-1 gif
(1012.81 KB, 250x251)

> 260

Why is nobody interested in this? Considering the shit hits the fan December 1st...

tor/src/or/
 or.h  
#define DEFAULT_ROUTE_LEN 3 
change this to 
#define DEFAULT_ROUTE_LEN 5 

 routerparse.c  
digest_algorithm_t alg = DIGEST_SHA1;

Leave this alone, it's required for the signature checking with each router (don't change it or it will break your connection)

If you know of any other good mods for tor post below. Thanks.

Regenerate intermediate term signing key in tor

$ tor --keygen

This will ask you to create a passphrase
make a strong one up before hand and store it somewhere (in your mind, in a notebook, in an encrypted file etc) use a random password generator for inspiration for pieces of the password:
$ passgen

Clone
https://git.torproject.org/tor.git http://dccbbv6cooddgcrq.onion/tor.git

$ mkdir ~/git
$ cd ~/git
$ torsocks -i git clone http://dccbbv6cooddgcrq.onion/tor.git

2006-11-08
https://www.torproject.org/dist/tor-0.2.9.5-alpha.tar.gz
https://www.torproject.org/dist/tor-0.2.9.5-alpha.tar.gz.asc

https://gitweb.torproject.org/tor.git/plain/ChangeLog

Changes in version 0.2.9.5-alpha - 2016-11-08   Tor 0.2.9.5-alpha fixes numerous bugs discovered in the previous alpha   version. We believe one or two probably remain, and we encourage   everyone to test this release.   o Major bugfixes (client performance):     - Clients now respond to new application stream requests immediately       when they arrive, rather than waiting up to one second before       starting to handle them. Fixes part of bug 19969; bugfix       on 0.2.8.1-alpha.   o Major bugfixes (client reliability):     - When Tor leaves standby because of a new application request, open       circuits as needed to serve that request. Previously, we would       potentially wait a very long time. Fixes part of bug 19969; bugfix       on 0.2.8.1-alpha.   o Major bugfixes (download scheduling):     - When using an exponential backoff schedule, do not give up on       downloading just because we have failed a bunch of times. Since       each delay is longer than the last, retrying indefinitely won't       hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha.

tor/src/or/
circuituse.c

else if (build_state && build_state->desired_path_len >= 4)
 cutoff = fourhop_cuttoff

change 4 to PATH_LEN + 1
so for a 5 hop length route use 6 for a 6 hop length route use 7 etc.

Stable
https://blog.torproject.org/blog/tor-02810-released

http://torsiteyqk5ajx5o.onion/dist/tor-0.2.8.10.tar.gz
http://torsiteyqk5ajx5o.onion/dist/tor-0.2.8.10.tar.gz.asc

https://www.torproject.org/dist/tor-0.2.8.10.tar.gz
https://www.torproject.org/dist/tor-0.2.8.10.tar.gz.asc

Alpha
https://blog.torproject.org/blog/tor-0296-rc-released

http://torsiteyqk5ajx5o.onion/dist/tor-0.2.9.6-rc.tar.gz
http://torsiteyqk5ajx5o.onion/dist/tor-0.2.9.6-rc.tar.gz.asc

https://www.torproject.org/dist/tor-0.2.9.6-rc.tar.gz
https://www.torproject.org/dist/tor-0.2.9.6-rc.tar.gz.asc

Tor Browser

Step 0) Make some directories
$ mkdir -p ~/tor
$ mkdir -p ~/bin
$ cd ~/tor

Open a browser and go look here :  https://dist.torproject.org  which is where the files will be pulled from

Step 1) Get the relevent files 
( using wget, endget or torsocks wget, I'll assume the user is just getting started and has a 64 bit distribution of linux )

Get the SHA256 sums
$ wget https://dist.torproject.org/torbrowser/7.0.11/sha256sums-signed-build.txt
$ wget https://dist.torproject.org/torbrowser/7.0.11/sha256sums-signed-build.txt.asc

Get the file and signature
$ wget https://dist.torproject.org/torbrowser/7.0.11/tor-browser-linux64-7.0.11_en-US.tar.xz
$ wget https://dist.torproject.org/torbrowser/7.0.11/tor-browser-linux64-7.0.11_en-US.tar.xz.asc

 Step 2) Check the sha256sum and gpg signature

$ gpg --receive-key 0xD1483FA6C3C07136
$ gpg --verify sha256sums-signed-build.txt.asc

$ cat sha256sums-signed-build.txt
$ grep *linux64* sha256sums-signed-build.txt

$ grep tor-browser-linux64-7.0.11_en-US.tar.xz sha256sums-signed-build.txt >> tor_sha256sum.txt

$ sha256sum -c tor_sha256sum.txt
$ gpg --verify tor-browser-linux64-7.0.11_en-US.tar.xz.asc

## If these don't say GOOD SIGNATURE or the sha256sum outputs BAD CHECKSUM delete the file and try again.

Step 3) Unpack the zipped tar file 

$ tar -xvf tor-browser-linux64-7.0.11_en-US.tar.xz
$ cd tor-browser_en-US
$ cd Browser
$ ls
$ pwd

Copy the present working directory into the clipboard or a text file
Now test to see if the binary works:
$ ./start-tor-browser

If so make a link

 Step 4) Link and add to $PATH

$ cd ~/bin
$ ln -s ~/tor/tor-browser_en-US/Browser/start-tor-browser tor_browser
$ echo $PATH
$ export PATH=~/bin/:$PATH
$ echo $PATH
$ cd ~

 Step 5) Start Tor Browser from command line
$ tor_browser

tor_browser_7hops png
(72.09 KB, 1000x500)

 Tor Browser 7 Hops

 step 0) Modify the tor source and compile
Do the modification recommended here:

http://s6424n4x4bsmqs27.onion/os/res/692.html#q709

or.h
#define DEFAULT_ROUTE_LEN 3
change this to
#define DEFAULT_ROUTE_LEN 7

circuituse.c

Also change this

else if (build_state && build_state -> desired_path_len >= 4)

to be:

else if (build_state && build_state -> desired_path_len >= 8 )

Now compile from source according to: 
http://s6424n4x4bsmqs27.onion/os/res/692.html#q707

Step 1) copy the tor binary into place

$ cd ~/tor/tor_browser/Browser/TorBrowser/Tor/
$ mv tor tor_old
$ cp ~/tor/tor_stable/src/or/tor tor

Step 2) Start Tor Browser
$ cd ~
$ tor_browser

 >>/1097/
A key server needs to be appended to gpg --recieve key, otherwise it defaults to internally configured keyservers, which might or might not be there. Also, keyservers interaction is done over http, which is a no no. As long as Tor is running, you can do
gpg --keyserver hkp://jirk5u4osbsr34t5.onion --recv-key 0xD1483FA6C3C07136
Or your onion keyserver of choice.  Don't know what you're doing for the cat and grep combo, checking to see if it has any sums and then those for linux64? Grep is off, either way, should be "linux64" if you're using GNU Grep 3.1. Second/last grep is good, but not for the most recent 7.5 release. 
grep "linux64-7.5_en-US.tar.xz" sha256sums-signed-build.txt >> tor_sha256sum.txt
And also switch for newest release:
gpg --verify tor-browser-linux64-7.5_en-US.tar.xz.asc
And
tar -xvf tor-browser-linux64-7.5_en-US.tar.xz
Otherwise, can confirm this process work. Only confused why you would install it under home and with user/wheel permissions? This is convoluted (key checking in general), might write up a script right now to do something quicker.

 >>/1097/
 >>/1112/
And I did, here's the script for anyone that wants to do this quickly: https://gitgud.io/gaddox/Private-Tor-Browser-Installer/raw/master/downloadTorBrowser.sh

 >>/1115/

Nice. Your script looks well designed.  I'll read it over in detail on Saturday.  See we need more people like you over here to share good work and good ideas on these kind of problems.  

The easier it is for more people to download, install, and use security, privacy and anonymity tools, the better off we will all be in the long run.  Good work.  Keep it up.  A positive feedback loop has just been initiated.  A Free Software Virtuous Cycle. Thanks for sharing Gaddox!

 >>/1116/
Cheers, Endwall. Any updates in the interim will be published at that link. And hopefully with another living soul around, it'll attract others and we can turn this closed cycle into a growing fibonacci spiral.

One thing people will notice but never say is that normies WANT TO USE VPNS THEY THINK THEY CAN USE ONE ON A PHONE.

Look at android and itunes top apps paid and free. Those lists are LITTERED with BULLSHIT VPN apps that DO NOTHING for privacy. Hypocrites. Anyone who says "lets microchip everyone I aint got nothing to hide" They do they are hiding behind that talking point instead of an actual opinion. Somehow the media has convinced the people to want to ban vpns while the top apps for mobile are vpn apps aside from games and shit like tinder.

These cucks want all they microchips laws to go through. They think hola free vpn .apk is going to hide them as they downvote something they are supposed to downvote. Look at chrome extentions firefox extensions. All browser fingerprint spoofing.Look at the most torrented proprietary software. All virus protection programs like mcaffe and norton antivirus. 
they think that they are not supposed to use vpns or shit that actually works.  A bunch of incognitos pretending they dont need privacy. They dont need privacy now that being a pathetic homosexual that does nothing but pout about liberal nonsense is the ideal citizen.

 >>/1120/
Perhaps the most loud are the most unaware. I would bet my money the ones who care know anything about VPNs aren't dumb enough to yell and scream about muh terrorists or such. Or atleast there may be a little overlap.

 >>/1122/
Yes I am a sec beginner so I am loud in my observation of this lol.Any politicizing of technology is dangerous. Also proprietary companies like google are a threat too.

 >>/1124/
Ah mate, I'm on your side, there's been some miscommunication. What I meant was the age old "vocal minority" being the loudest, while the majority quietly enjoys their lot, with a slyly opportunistic smirk.

 >>/1115/

slide -> bump

https://gitgud.io/gaddox/Private-Tor-Browser-Installer/raw/master/downloadTorBrowser.sh

Tor Browser
https://dist.torproject.org/torbrowser/8.0a4/tor-browser-linux64-8.0a4_en-US.tar.xz
https://dist.torproject.org/torbrowser/8.0a4/tor-browser-linux64-8.0a4_en-US.tar.xz.asc
https://dist.torproject.org/torbrowser/8.0a4/sha256sums-signed-build.txt
https://dist.torproject.org/torbrowser/8.0a4/sha256sums-signed-build.txt.asc

Tor Proxy on Local Area Network (LAN)

What ?
Setup multiple computers on a LAN to route through a tor proxy for specific applications (Links2, , etc)

Why ?
-To allow novice Linux users (mom,dad,etc), to use Tor on applications that allow socks proxy settings like links2, without needing to know how to start Tor in the command line or setting a tor daemon. 
- (My reason) To allow another computer to handle Tor with a base install and to close all ports except for 9050 (or a randomly chosen port) outbound on a select computer that you use for Tor browsing and other Tor applications (endcurl, endget, endtube, oldtube, torsocks) etc.

-If you have an implant or a beacon with key logging it will usually broadcast out on port 53 or port 80, close everything (using endwall.sh and comment all ports out except local host for the ports you need and the random outbound port you will use for Tor) and set Tor outbound to a random port (not 9050 say 34591) and set your Tor proxy server to accept inbound for this random port.  This will basically squash outbound beacons.

How ?
You will need two computers to test this.  On the Tor proxy server,find out the LAN router assigned internal ip address using 
$ ip link 

( for example say its 192.168.5.153) and add these lines to /usr/local/etc/tor/torrc

SocksPort 127.0.0.1:9050
SocksPort 192.168.5.153:34591   

This tells tor to listen on ip interface 192.168.5.153 on port 34591 for SOCKS5 connections.

Next allow the computers that you want to allow to connect to your Tor SOCKS proxy with the following lines

SocksPolicy accept 127.0.0.1
SocksPolicy accept 192.168.5.153
SocksPolicy accept 192.168.5.154     
## SocksPolicy accept 192.168.0.0/16   # Allows everyone on your LAN to be allowed to connect to Tor
SocksPolicy reject *

So now 192.168.5.153 and 192.168.5.154 are authorized to connect to your tor proxy.  
You also need to allow inbound access through the firewall.  

use 

$ ip link 
on each computer or nmap to discover the ip's and mac addresses and add them as variables into endwall.sh

##########  CLIENT IP and MAC ADDRESSES ############## 
proxyhost_ip=192.168.5.153
proxyhost_mac=FF:FF:FF:FF:FF:FF

client1_ip=192.168.5.154
client1_mac=EE:EE:EE:EE:EE:EE

######### LOCAL HOST SECTION ###########
lo_open tcp 9050
lo_open tcp 34591   

############## SERVER INPUT SECTION #########################
server_internal_1p tcp 34591 $proxyhost_ip $proxyhost_mac
server_internal_1p tcp 34591 $client1_ip $client1_mac

######### Add more clients individually as required
now rerun endwall on the proxy server

$ su
# ./endwall.sh

###################################
Now over on your client computer make sure that you have outbound locked to the server in endwall.sh

add the ip addresses and mac addresses to your script as before then add

################## CLIENT OUTPUT SECTION

client_out_internal_1p tcp 34591 $proxyhost_ip $proxhost_mac

#######################

Now comment out the rest of the output section as desired and rerun endwall.sh on the client .

Test this configuration by opening links2 and changing the proxy output from 127.0.0.1:9050
to 192.168.5.153:34591. Now access an onion webpage in links to test it.  Should work.

For torsocks you now use the -a and -P flags 

$ torsocks -a 192.168.5.153 -P 34591 -i curl www.google.com

I will be modifying all of the Endware files to allow for setting the Tor socks proxy ip and port in the script.  I'll default it to 127.0.0.1 and 9050 so that it acts the same as before but you will be able to modify it in the script moving forward.  I'll leave the variables torsocks_ip=192.168.5.153 and torsocks_port=34591 commented out as examples in all of the scripts moving forward.  

So now you can safely close all outbound client out ports except for 34591 and route everything through your tor proxy server.  I'm currently operating this way. It seems to work / have positive effects. The idea is that all of the outbound implant beacons

The idea here is to have a minimal install no GUI just a few packages on the Tor proxy server, and use it as a proxy into Tor.  On your client computer you will have a full GUI, and probably have installed several packages, some, which unknown to you, will have malware.  This malware can be as simple as keylogging with an output beacon going out through port 53 or port 80.  It will take you months of scanning your logs to even clue in to  what's happening, in the mean time all of your Tor postings are correlated back to you by running the messages against a giant database of clear text key strokes.

So you close all of the ports including port 53 and port 80 to general output, you may mac address bind port 53 to a dns server (same computer as the proxy server) using the same method described with endwall.sh, as well as setup squid to mac address bind port 3128 to the squid proxy for 80,443 and close regular port 443 and port 80 output by commenting out those sections in outbound.  That way general output on port 53,80,443 etc is suppressed (dropped), so that the malware beacons can't talk out.

I have a computer with parabola openrc with only a single port open to send socks5 proxy to the Tor proxy server.  That's as good as it gets for me for now. My main desktop is MAC address bound to DNS servers (2 computers) and MAC address bound to the Tor Proxy, and Squid Proxy.  I leave some ports open so that I can watch TV with endtv and endstream, which don't work behind squid.  So I leave port 80,443,1935 open to general output on my desktop so that I can watch TV still. But you can modify some of the streams to lowest quality (low bandwidth streams) and run them behind Tor, reasonably well if you want to close port 80 and 443 for good. Oh but yeah you have to run it with  3 hops for a good transfer rate, still better than a VPN i guess. So you need to compile and link two versions of Tor, tor_stable with 6 hops and mods, and tor_stock with just the stock configuration with 3 hops.   I use tor_stock when I use mpv to get around georestrictions, but you can use it for everything if you lower the bit rate on the streams.

Doing similar port restricting and mac address binding proxy schemes using OpenBSD or Gentoo Linux would be the next step. The final step will be to use dumb 8-bit machines to proxy into the Tor Proxy once someone designs it and produces the software.

https://metrics.torproject.org/bubbles.html#country 
> requires Java Script 

84 countries with 6676 relays (3464 visible) 
Germany, US, Netherlands, France are the largest pools of relays.

https://metrics.torproject.org/bubbles.html#country-exits-only 

58 countries with 908 exits (776 visible)

It would be nice if this page displayed point counts by country circle. But estimating by the size of the circles about 1/8th of world relays are in USA, and 1/5th of world exits are in USA. 

US relays 6676/8 = 834.5 ~ 835 
US Exits 908/5 = 181.6~182

So if all 3 nodes in your path stay in the United States, you have 835 C2 * 182 possible paths. this is 63,371,490 or 64 million If you are under surveillance as then only 835*182 = 151,970 possible paths need to be investigated. This is an extremely tractable problem.

Hypothetical Algorithm for De-anonymizing Tor Users who use Exit Nodes to view Clear-net resources.

Approximate stats: 6000 Total Relays, 1000 total exit nodes

6000 C 3 = 3.5982002 E10 

So that's 35.9 Billion possible three node combinations/path selections.

Here is a possible type of attack, or analysis method. I would model all three node paths for travel time, or just model / send ping packets through each of the 36 Billion paths and make a lookup table of travel times. Then if you have all entry and exit nodes monitored (which they don't) then you could use this lookup table and compare it to what you see in real life. This will rule out certain paths.

Say that Joe is an important person who uses Tor, and all of Joe's outbound connections have been placed under surveillance. Joe connects at node A at time t0, and simultaneously within a 5 second window traffic emerges at 1000 distinct exit nodes and was observed. Calculate the time difference between these connections, and compare with the lookup table values that contain these entry and exit nodes. This will weed out several of the possible paths. So say the empirical travel time / delay time to these 1000 nodes from node A ranges from 100ms to 400ms, then you can cross off all paths with node A and the exit node (in the lookup tables) that are greater than 400ms from your ping tests, and less than 100ms and come to a smaller subset of 3 node paths. 

Form there examine (from your listening posts) if any of those potential 3 node paths matches connections between node A and the remaining possible exit nodes. Namely look at all of Node A's connections in that time window and compare this to the remaining paths in the lookup table. That will give an even smaller subset of paths to examine.

At that point you could calculate probabilities of the path selections being correct and rank them by the most probable. Seems like a lot of work but with only 34 Billion possible paths this seems tractable for a super-computing cluster.

So say Joe is an important person and has been placed under surveillance. All of his connections to node A are timestamped and logged. Given that you know Joe connected to Node A, you really only have to look at 5999 C 2 possible paths = 17,991,001, or about 18 million paths. Very tractable. 

So from all exit nodes that are monitored from the traffic bursts in that 5 second window, calculate delta t from Joe's connection to node A at t0 to the first burst of data coming from the 1000 exit nodes. From this calculation 100msC C > 400ms This should bring your 2 million possible paths down to tens of thousands, then rank them by the distance of dt_joe to dt_model. A -> B_j -> C_k dt_model dt_observed From the top 100 closest rankings ( smallest absolute difference | dt_model - dt_model | , examine the connections from Node A to middle Node B_j and see if any of those node A connections match with the top 100 paths. If so you now have the complete path. If not look at the top 200. This would weed the paths from 10^4 down to maybe 100 or so.

Then from these 100 possible connections observe what they do and correlate this to things you already know about Joe and his habits. This should weed the connections down to 2 or 3. If all three of the connections happened inside of the surveillance grid ( pass through listening posts (logged routers) along their path) then all of this analysis could be performed, probably automated and within a day or two.

But now since you only observed 1000 exit nodes making traffic and you know node A was used by Joe, you only have to search 5999*1000 = 5,999,0000 possible paths from C observed to B possible middle nodes. So you only need to do 6 million delta t travel time comparisons.

| dt_model - dt_observed | where dt_model is from the lookup table of values containing node A and C, and dt_observed are the actual calculated dt values from Joe's first connection to the first output burst at those 1000 exit nodes.

And this is why you want two things :
1. Intractable amount of possible paths. 
2. Entire path not under a single surveillance grid.

Which can be achieved by. 1. Making the path length longer than 3 hops. 2. Chosing each node far away from each other outside of the supervision and jurisdiction of a single monitoring authority.

US relays 6676/8 = 834.5 ~ 835 
US Exits 908/5 = 181.6~182

So if all 3 nodes in your path stay in the United States, you have 835 C2 * 182 possible paths. this is 63,371,490 or 64 million. If you are under surveillance as mentioned then only 835*182 = 151,970 possible paths need to be investigated. This is now an extremely tractable problem.

150,000 dt_model constructed by sending ping packets through all 64 million 3 node USA only paths.

182 exit nodes * # number of new connections in 5 second window. 

Measure all of those dt's and compare to the model values. Remove all model paths that are bigger or smaller than your max and min. Rank paths by smallest travel time distance.  Examine all connections from Node A and match with your remaining model paths. 

Rank paths by smallest travel time distance difference. closest model to real data ranked higher.Observe the top 100 paths. Repeat this process over 30 mins - 1 hour to build statistics.  The paths that constantly remain in the top 10 are your likely complete paths.  Tabulate all internet traffic from these remaining exit connections, and pin them into Joe's profile file. Then generate a report. 

This could go from 150,000 -> 10000 -> 100 -> 2. 

Also why your circuit should change frequently.

 >>/1399/
 >>/1399/
Given the need for increased hops the mod for 6 hops in the tor source code along with endrc 14 eyes exclusion helps 1 and 2. Now you say using exit nodes for clearnet resources.Does all clearnet resources seem the same or would say using proxy-chains with multiple or single proxies over 127.0.0.1:9050 be roughly the same thing?

 >>/1405/
Cross correlation on bit rate as a selector would be a cheaper and faster way to de-anonymize Tor users, and it would work most of the time.  

Going through 3 high anonymous proxies after jumping out of tor before hitting your target would be helpful in my opinion. Anything to make it harder for them to pin point where you're coming from is helpful. Once you're not coming from the Tor network certain things open up, and you may just avoid detection by not coming from the tor network when you touch your target.   Try different things / combinations.  Proxychains is helpful for using high anonymous ssl and socks5 proxies after exiting tor. It might be helpful. That's just my opinion, I'm not an expert.

 >>/1412/
very good info thanks. Good rule of thumb.

 >>/2/
> What's the safest possible way to browse the internet anonymously and safely? 

Qubes with Whonix.
/thread

 >>/1443/
https://en.wikipedia.org/wiki/Qubes_OS

Linux-based OSes and others) Userland Fedora, Debian, Whonix, Microsoft Windows 

The main install is Fedora (Red Hat), runs on Systemd,  the Whonix gateway and workstation run on Debian on Systemd.   And they recommend also running MS Windows.  Is the Xen Hypervisor really able to create perfect isolation?   Can hardware based methods get around that and grab everything from memory if you're using modern Intel CPU and chip-set with AMT and ME management engine?  

I don't trust Red Hat, I don't trust Debian or Systemd, and I certainly don't trust MS Windows for privacy based applications, although they're rock solid for non privacy based platforms. If you're using a full fledged desktop environment like KDE or Gnome, you probably already have malware installed on your setup. I think this is security theater.  Isolation is a good idea, but why not just get two machines , one for the gatway running on OpenRC on gentoo, or Hyperbola, running tor that you compile from source, with 6 hops, and the other machine with a minimal desktop (fvwm, twm etc), fire-walled and locked down forwarding only what you want (specific applications on specific ports) and blocking all others, like links browser, icecat or even tor-browser through the gateway machine proxying on port 9050 through tor.   Rather than trusting virtual machines and hypervisors which are un-audited and bound to have bugs, and backdoors, and zero-day exploits.  

Cool idea, worth checking out, but not the end of the thread....not even close.  x86,x86-64 are not where you want to be for security, or privacy, and minimal means less software, only what is necessary for the job at hand.   Good recommendation to check out, but it has some problematic features.  I use the isolation method that I described proxying through a tor proxy on a second machine with a minimal install with 4-10 packages after base installed and fire-walled with modified endwall.sh , 6 hop modded tor, compiled from source.  Cubes has some good ideas (isolation), but I wouldn't trust my life on it, and I have serious reservations about Red Hat, Fedora, Systemd, MS Windows, and un-audited virtual machines and hypervisors. Isolation and compartmentalization are good ideas though and should be practiced. For instance make an air-gaped machine as your No internet zone, and you can be certain that it has no internet connectivity or access, not just take some programmer's from Invisible Things Lab word for it...

Kernel type Microkernel (Xen Hypervisor running minimal Linux-based OSes and others) 
Userland Fedora, Debian, Whonix, Microsoft Windows

There's nothing minimal about KDE...or Fedora. 

Worth checking out for ideas, but don't do anything that would get you killed or imprisoned on it.  Systemd on Fedora, with MS windows...Debian on Systemd on a  virtual machine on a Hypervisor....on x86-64 with Intel AMT and ME....think deeper about this problem... 

I don't care if Edward Snowden or Edward Norton uses this and swears by it. There are deeper more serious problems going on at a more fundamental level (hardware, bios, kernel, user land, package repository) , that this product isn't going to help you to avoid.

Isolation and compartmentalization are good ideas, but just use 4 different machines instead, rather than relying on one computer, some virtual machines and a hypervisor to do the isolation for you... 

For browsing onions for porn or for cyber-stalking your ex.... go ahead. But for serious shit that could land you in jail or get you killed, using this system and expecting immunity from surveillance is unwise.

 >>/1445/
Taken from a post on Nanochan,

"the post was asking about using virtualization as an added layer to browse tor. no one has answered the question yet. the reason to do that is because there are N-many ways to figure out who you are through javascript and/or through nuances in your hardware setup and how it interacts with elements on a page. it's called a fingerprint. check out the site amiunique. also look into these issues, there's a lot of discussion about them. so using a virtualization, as one solitary post below pointed, will make it more difficult for others to discover identifying characteristics about your hardware setup." Nanonymous 2019-11-13 21:42:05 No.16537 

So one upside of using virtualization is that it can obscure / make uniform the details of your hardware, for fingerprinting, should a javascript exploit or something else open you up while browsing the web through Tor Browser with javascript turned on for some reason...  Isolation, Compartmentalization and Anti-fingerprinting.

 >>/1496/
Yep. This stuff is important because it's certainly not infeasible for a Tor browser escape/infoleak exploitation to be made, so virtualization like Whonix becomes very useful in mitigating the usefulness of such an exploit.

Install openBSD set up tor proxy. block all non tor packets. use tor browser. Why? The internet isn't private or anonymous. You've already de anonymized yourself here. If nsa wants to watch you flip through pages, they will, but I think you should be more concerned about "script kiddies" trying to crack your WPA.

 >>/1443/
No it's not.

Current Tor Browser User Agent:

Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0

how many unrelated/chained in other countries vpn's should a person use? I would guess a person like kevin mitnick would say about 25. A more reasonable number may be 7. 1 is basically not enough but I am seeking more suggestions.

 >>/1526/
Funneling your traffic through >7 will probably not help your privacy in any significant way. Just use Tor Browser.

What's the good word about using TOR from a geographically isolated position?
Would you be fingerprinted straight away?

> 1527

I disagree
If you use only 3 hops, and all traffic stays within the country of origin, then they can deanonymize you with cross-correlation, wit 70-80% accuracy, by cross correlating the input and output streams and looking at bit rate as the selector for the time series.  

I say use as many as seems reasonable for your application, and jump very far away from your physical location. I found that file transfers for endtube/ oldtube became very slow after around 8-9 hops. so I backed that off to 7.  For a sensitive application (endmail) mod it for 12 hops. 

I use tor browser, and links -g for browsing and posting, my tor router is ruunning on a headless server and I route the traffic to the tor proxy port (9050) on that machine on the network, from my x org client.  I have this modded for 7 hops, then when it comes out the other end it connects to 3 hops when using the tor browser, but the final exit of the 7 hops for the proxy connection, is the start of the 3 hops for the tor browser conenction. When i'm browsing for the most part I use links -g with 7 hops chained to the headless tor proxy machine.  when I need to do web 2.0 , I use tor browser proxied through the tor router proxy machine. 

I have found that this is a significant improvment in anonymity. 

> 1538

The ISP will know that you're using Tor.  If you jump on the first hop to a distant country and bounce around 12 times in adjacent or distant coutries, it's less likely that your host country (the one that you're trying to evade) will have infrastructure in all 12 of those locations to perform robust analysis.  If your circuit switches every 30-60 seconds, then the statistics for the cross-correlation will get scrambled because the time delays will keep changing every 30 seconds.

In general just watching is safer than actively posting.  

The people who try to get you to keep it stock but then don't give logical reasons why this is better (appealing to authority etc) are not looking out for you. They have an automated system to deanonymize Tor, and it works best with stock Tor browser with 3 hops. It's been used against me.   Since I've switched to long chain hops, I've had less problems. 

IF you want to download stuff 7-9 is the boundary.  If you're just sending messages beack and forth, 12-15 hops should be sufficient.  Your first hop should be very far away, out of your jurisdictin, and subsequent hops should traverse as many countries as possible.  That's my advice.  I've found this strategy helpful.

To post on here with links -g, you need to set the cache to 0,
ESC -> SETUP -> Cache

set all the values to zero, and uncheck aggressive cache. Then you can get the captcha updates by refreshing with CNTRL +r .   

My setup:
Tor Browser on Xorg (twm) -> headless server port 9050 as socks proxy -> Tor ->distant country for 1st hop + 7 hops ->exit=> 3 hops as per regular 

or :
Links2 -g or links in terminal
-> 9050 on headless server-> 7 hops -> endchan.

Other options:

Close all ports except port 9050 outbound, proxy to port 9050 on headless server with tor socks5 proxy -> 15 hops -> target. 

experiment with adding 2-3 https or socks 5 non tor proxies at the end depending on what you're doing.  If you're sending endmail to a endfix server , with 15 hops, and 1 port I think you're probably OK. 

My preference for operating systems is MS DOS 5 + links -> proxy
or FreeDOS +links -> proxy. 

A retail box of MS DOS 5 from 1988 has no malware or keylogging on it by default, it's a single tasking OS, you need to install a packet driver, and the browser software (links), then that's all you have to worry about.  With unix/linux there's usually way to much going on.

Those are just my opinions on the matter. Try different things, and see what works for you.

I say DOS + Links + TCP/IP driver -> linux/unix server on arm or other non x86-64 system running tor with 15 hops mod.  DOS will give you privacy, linux/Unix security, and Tor with Links browser anonymity. Using a physical proxy will isolate the systems. With DOS you only need to worry about 2 pieces of software spying on you (the browser and the packet driver). In linux top says there are around  200 proceses working in the background.  That's 198 too many.

 >>/1540/
 >>/1540/
brainstorming your dos suggestion. is their any worthwhile sandboxing methods like firejail maybe that bubblewrap program or running the tor daemon over fssb https://github.com/adtac/fssb be beneficial? kind of stops the logging aspect found in ~/.tor/

 >>/1540/
> says there are around 200 proceses working in the background. That's 198 too many.
I know. Stuff like watchdog and all kinds of daemons running wild.the biggest load of crap is telling people systemd is all you got to look out for. First of all javascript but only systemd is not true. That's why I like your approach.

Use Digital Research DR DOS if you don't like Microsoft.  I have retail copies of MS DOS 5.0 on 5.25" floppies from 1991, and MS DOS 6.22 on 3.5" floppies retail from 1994. NSA\CIA\FBI etc don't have a time machine and can't time travel and insert malware into the base system retroactively.

DOS is a Single Tasking 16 bit Operating System programmed in x86 assembly; only 1 process on the top of the stack at a time. No keyloggers, runs in 384 KB of memory.  

You'll have to audit 2-3 pieces of software ( a driver for a 3com or Intel NIC, and links 2 browser ) and compile using Borland Turbo C, or get a GCC compiler for DOS.
www.delorie.com/djgpp

Get a 486, or 386 with 16MB RAM install DR DOS or MS DOS, a NIC, a packet driver and the binary for Links, or compile it your self, set it to route through port 9050 on your tor router (running on Linux/UNIX).  With that you'll be free to post whatever you want, nobody will know what you're doing on your computer, and if tor (or whatever comes next) works properly, then you'll be anonymous. 

Free to read what you want from the internet, and post what you want to the internet.

> But but it's not FREE software, 
>  It's not GNU.
Precisely, I don't get copyright (legal) freedom, but I get actual (physical) freedom in the real world.
>  But you could download an exploit; your system isn't secure.

Don't download and run anything from the internet on the DOS computer if you want it to remain with integrity. Just text reading and posting. Use it as a communications tool. Build a different computer for DOS gaming or use DOS Box on Linux/UNIX. 

Start with Free-DOS or MS DOS on a Pentium 3, get it working, then down grade your system until you're satisfied.  This is as far as a normal person should go and will achieve the desired effect.

https://github.com/microsoft/MS-DOS/

The ultimate step is to build an 8-bit computer with a soldering iron (RC2014), launch a browser in a community audited version of CP/M, connect by socks 5 proxy to a unix computer running tor with 12-15 hops, and use a text browser for the web and and irc client in text mode. Proxy out to  Tor or I2P or whatever the next super duper anonymity router is.  In the mean time do this with DOS.  This won't be a solution for the everyman or for the newbie, but it will be a solution for the serious thinking man.

 >>/1541/
Anything you can do to isolate the tor daemon from the system or its running processes will help.   I'm running it as a user with a custom torrc.   If you can first run firejail or bubble wrap, or chroot it and get the tor daemon to still function it might help.  I consider the linux/unix environment potentially hostile to the user and a potential source of packet inspection.  Basically linux can be used to keylog the users and destroy the anonimity factor in real time or in post analysis.  If there is key logging with an output beacon on your machine, you don't have privacy, and Tor Browser isn't going to help you with anonymity.   If there is malware that can mess with the tor daemon as it's running, then it might be wise to try to isolate the process, so yeah probably a good idea.  I'll try running it with firejail it probably won't work.  If you get a setup like  that and find it beneficial, please post the steps and instructions here. Thanks.

I am big fan of Minecraft and like to watch different minecraft video on Youtube.But for watching I use https://veepn.com/vpn-apps/vpn-for-firefox/ because I can not log itnto my youtube channels.

 >>/151/
personally followed Woflsgang's latest tutorial (with the script)
worked pretty well on my VPS