[ overboard / sfw / alt / cytube] [ leftypol / b / WRK / hobby / tech / edu / ga / ent / music / 777 / posad / i / a / R9K / dead ] [ meta ]

/tech/ - Technology

"Technology reveals the active relation of man to nature"
Name
Email
Subject
Comment
Captcha
Tor Only
Flag
File
Embed
Password (For file deletion.)
Matrix   IRC Chat   Mumble   Telegram   Discord
ReturnCatalogBottom

File: 1608526015238.jpg ( 74.01 KB , 1024x768 , 31821-1.jpg )

 No.2177

I posted this in another thread but I think it deserves its own thread.I've been seeing a lot of people saying that installing tor is super hard and difficult, and, even if you use windows it's not that hard. All you have to do is install the tor browser and go into the browser bundle files and run the executable for tor, or, just use the browser bundle.Like it's not hard at all.But, being the pros (and dirty commies that we are) we don't use fucking bourgeois Microsoft.So, I've set up a super simple and comprehensive guide to installing and using tor like a pro on Linux.This is why we use Linux.STEP ONE:Downloading tor:ctrl+alt+t: Open terminal:Sudo apt install torsudo service tor startSTEP TWO:Downloading and setting up privoxy.sudo apt install privoxyEdit the config file:vim /etc/privoxy/config(If you don't have vim sudo apt install vim)add in text at the bottom:(vim insert mode: press I)forward-socks5 .onion 127.0.0.1 9050(press escape)Type :wq (write quite)Done, ammo loaded cannons ready to fire.STEP THREE:Set up firefox to use tor:about:preferences: Network settings, Use custom proxy(Privoxy runs on port 8118) 127.0.0.1 8118Check off "Use this proxy for all protocols"Done.Takes literally 5 seconds and you don't have to inconvenience yourself by downloading a whole brand new fucking browser ONLY for the simple task of bouncing around encrypted packets through a bunch of proxies. You also don't have to live with the hellscape that is Microsoft and the billions of exploits and bugs in and written for it. (Not to mention back doors.)And before anyone starts bitching; Setting up firefox for privacy isn't that difficult.Basically turn off all telemetry and geo location, referer headers (but you will need http refer headers for 8chan) and some other shit, Guide here:https://www.privateinternetaccess.com/blog/2018/09/firefox-hardening-guide/But honestly none of that even matters unless you are a windows user or a pedophile and let's hope you aren't either one of those.Have a nice day.
>>

 No.2178

&gt&gt13342just use tails or Tor browser, you nerd.just joking, comrade
>>

 No.2179

&gt&gt13355Honestly tails isn't a bad option if you are going to do some serious irl activity.Like if we where going to plan strikes or marches over the net i'd use tails
>>

 No.2180

&gt&gt13342theres already a board for this &gt&gt&gt/tech/
>>

 No.2181

File: 1608526015577.png ( 343.69 KB , 800x450 , onbatko.png )

We all know how to do that.I'm on gentoo.
>>

 No.2182

File: 1608526015751.webm ( 4.89 MB , 500x281 , stallmanquest.webm )

&gt&gt13575
>>

 No.2183

&gt&gt13592lelnever change gentooposter
>>

 No.2184

File: 1608526016016.jpg ( 176.85 KB , 1200x822 , mostbasedkeyboard.jpg )

So, of course, old Thinkpads are the laptop of choice for every Linux user I know, but are there any newer models worth buying? I'm still using a T420 from like 2012. I'd like to get at least 1080p, but I don't feel like doing the IPS mod. Also would any newer models be compatible with pic related?
>>

 No.2185

&gt&gt13794&gt&gt13544plz move this discussion to TECH board
>>

 No.2186

&gt&gt13592>the final 30slmao
>>

 No.2187

&gt&gt13342>install the tor browser>installdownload a zip file, extract it, and double click on the executable file, to be more precise
>>

 No.2188

>>299The T430 can accept the T420/T410 keyboards after a BIOS mod is installed to patch some keys. Most of the keys are pretty trivial though to the best of my knowledge so you could probably get away with just rebinding them in linux if you didn't feel comfortable flashing anything to the board. It'll be a pretty modest upgrade but its really as far as you can go with the classic keyboards without getting one of the 51nb systems (and those can be super expensive, lack free bios alternatives and perhaps some community support if something were to wrong)
>>

 No.2189

But anon, if we cared about our privacy we wouldn't be able to post here because space_ doesn't respect our freedom.
>>

 No.2190

Being butthurt aside, you should set up tor for firefox like thisPrivoxy is kind of an unnecessary thing to set up, and the config described in the OP would only use tor for onion links.Also whack this in your about:config to avoid DNS leaks
>>

 No.2191

>>604I use privoxy so I can use multiple different hidden services such as i2p in conjunction with tor.
>>

 No.2192

>>605I do understand the use case for privoxy. I was just pointing out that if an anon were to follow OP's instructions firefox would not be using tor, which is what >How to set up linux for tor usagewould imply.
>>

 No.2193

>>615routing traffic through tor and allowing tor traffic over firefox are two different things.
>>

 No.2194

>>618>forward-socks5 .onion 127.0.0.1 9050
>>

 No.2195

File: 1608526016812.jpg ( 151.13 KB , 1400x1047 , hp_6470b_keyboard.jpg )

>>299Also refurbished HP business line laptops are go to choice for linux users.Pic related, HP ProBook 6470b from early 2013, with 3rd gen i5 3230M, socketed, none of that BGA soldered bullshit. Back cover can be opened in less than 5 seconds without any tools. Basically the similar ruggedness and features as thinkpad.Had a HP Compaq 6910p, with Core2 Duo, basically the same as Thinkpad T61 although the entire laptop was from plastic, but you could throw it around like a thinkpad.
>>

 No.2196

>>619Yeah, I don't see the point in forcing all your traffic through tor. Youc an be de-anonymised that way if you aren't careful.
>>

 No.2197

>>2177public service announcement:Don't do as this anon says and think you are anonymous while using the default firefox browser over the tor network.Tor works by making all its users look identical to web servers. The tor browser is modified in ways that makes it look different to webservers than the default firefox browser.If you try to use tor with firefox you will immediately be identified as the only person on the tor network using the firefox browser.Just use the tor browser, because this is what everyone else uses.
>>

 No.2198

Tor would be useless if you fall on a node controlled by the NSA, so one should at least exclude all the nodes from counties in the 14 eyes. Also don't use distros using systemd.
>>

 No.2199

>>2198>Tor would be useless if you fall on a node controlled by the NSA, so one should at least exclude all the nodes from counties in the 14 eyes.Elaborate? I really don’t have a clue what you’re talking about.
>>

 No.2200

>>2199conspiracy theory that the US government spies on the tor network by running tor exit nodes. due to the design of the protocol, they would have to control like 3/4 of all the nodes on the network to be able to successfully deanonymize anyone.
>>

 No.2201

>>2200What are the chances that conspiracy is true?
>>

 No.2202

>>2200>they would have to control like 3/4 of all the nodes on the network to be able to successfully deanonymize anyone.which they can/do easily achieve
>>

 No.2203

>>2199
>>2200
NSA can pretty much control every tor node in the 14 eyes countries. Also it is very cheap to run a tor node so it wouldn't cost much for NSA to create a lot of controlled nodes.
>>2201
More than likely
>>

 No.2204

>>2203
They can't do much with just one exit node.
>>

 No.2205

User-friendly, sane guide:
1. Use Debian-based GNU/Linux distribution (like Ubuntu, Mint, Debian).
2. sudo apt install torbrowser-launcher
3. Open Tor Browser Launcher, check 'download over system-tor' and install
4. Launch Tor Browser, use it with setting 'High' on security slider

To use normal Firefox over tor as OP suggested is stupid as fuck since you 100% deanonymized yourself, considering normal Firefox gives you a very unique fingerprint in the tor network, where people of course mostly use the Tor Browser, with all the added security features which comes with their browser hardening as well.

Normal Firefox settings leaks to Google, for one.
>>

 No.2206

>>2204
The NSA controlls lots of nodes in lots of countries. It's very cheap for a normal person to have a tor node, so for the massive budget of the NSA the cost of having multiple tor nodes is like a drop in the ocean. If you want prices you can search for VPS cost to see approximately how cheap it is to rent a server for tor.
>>

 No.2207

>>2206
ITT: Tor noobs who don't understand tor. having control of an exit node by itself is about as useful as having no legs. In order to be effective you need access to both an entry and exit node so you can do timing correlation attacks and that is much MUCH more difficult and costly.

>>2205

OP here, I make suggestions about hardening firefox. If you want to use normal tor browser that is fine, but, you are pretty limited on what you can do with it, also, you can't use I2P, freenet, or Zeronet with it, so, might has well learn to harden firefox.
>>

 No.2208

>>2207 The NSA has a huge budget and therefore can do timing corellation attacks, also those aren't the only attacks they can pull off. I know that you can't do much with just an exit node, the problem is that it's very easy and cheap for the NSA to buy lots of compromized nodes in a lot of countries, so it's more likely that the will not only have an exit node. If you take a look at the tor metrics you will see that the vast majority of the nodes are in the 14 eyes countries, aka countries that the NSA is authorized to operate. If you connect to the tor network with the tor rowser
you can see which tor nodes you are using, take a look, it's more than likely that at least
two of the nodes you are connecting to are located within the 14 eyes.
>>

 No.2209

File: 1608526017869.gif ( 710.05 KB , 240x240 , 4e61ea41fbfb4639d4faf3890e….gif )

>>2208
Yeah bu8t the way tor opperates is it randomly decifers what entry node you are going to be using, also, there are bridges, also, tor entry nodes are protected and legitimized by tor administrators themselves. That's why they call them Guard nodes.

Do you know the ammount of man power it would take to corrilate an entry and exit node? The NSA would have to already have you as a target and some how know and control the guard node that you are connecting through. Very unlikely.
>>

 No.2210

File: 1608526017955.pdf ( 507.91 KB , Dingledine.pdf )

>>2209
where did you get that tor guard nodes are legitimized by the tor staff? All it says in the tor wiki is "To become a guard, a relay has to be stable and fast (at least 2MByte/s) otherwise it will remain a middle relay." In fact one of the reasons why tor's guard nodes stay the same for some period of time is to minimize the risk of falling on an exit node controlled by people with malicious intent i.e. governments, read the
attached pdf. Also the NSA has a brand new facility in utah to analyze and decrypt data, some of it definitely caught in tor. As for corrilating a guard and an exit node, depending on the number of controlled nodes they have could happen at random, without them having to do pretty much anything.
>>

 No.2211

>>2210
Yeah but the guard relays have to actually be chosen to be put on the network and used as a guard relay. They are trusted relays. That's how they become guard relays. There is a talk that ISIS does about on youtube. I haven't watched it in quite a while, but, it's the only lecture she has ion youtube.
Decyrpting data is also, impossible, unless these people have quantum computers, which, they may, but, with the information I have I don't think that is going to happen. That's why no one can point to a time the actual tor network itself has faltered. If you can I would like too see it.
>>

 No.4363

>>4810
download tail os put in flashdrive, boot in flashdrive you're done.
>>

 No.4367

>>2184
What is your budget?
>>

 No.4368

There is so much harmful and overcomplicated advice in this thread. So much more effort just to shoot yourself in the foot more.

1. Literally just download and run Tor Browser. Goes for every OS.

2. For using Tor with other software, just use Tor Browser as a SOCKS5 proxy, the proxy address is 127.0.0.1:9150. Goes for every OS as well.

Don't trust random advice about Tor "enhancements" from the Internet, almost all of it is by brainlets who don't understand anything about Tor.

Think first. Think hard how Tor works and how Tor Browser works. And then think hard how your additional configs and setups can only be doing more harm to yourself by straying away from the herd. Tor is all about uniformity. Being a smartass and a snowflake with super-l33t configs and extensions will only make you stand out more. Don't be a dumbass.

Here's some things that unironically will improve your use of Tor Browser:

- apparmor: this will heavily restrict what the adversary can do if your Tor Browser gets hacked. apparmor is a standard linux tool that restricts access of programs to your OS. It comes preinstalled on some major distros, but you'll need to get apparmor profiles for Tor Browser from the torbrowser-launcher.

- nftables: you can use it to block every outgoing traffic except Tor, so none of the software you combine with Tor will leak. nftables is currently replacing iptables as the standard linux firewall, some major distros already made the switch.
>>

 No.4369

>>4873
No.
the deep web is a more edgy pre-2008 internet i have seen more fuckup thing the clear web.
>>

 No.4373

>>4885
>now
>>

 No.4375

>>4373
>Implying tor is comprimised in anyway

Proof? Most people who say this don't actually understand how tor functions. tor is based on encryption algorithms that hash the senders data into complex algorithms that only the receiver has to key too and neither the sender nore the receiver know where sed data is coming from. So, unless the glows some how cracked quantum computing then you have no fucking idea what you are talking about. If they have quantum computers all data is compromised.
>>

 No.4401

The above advice about using the bundle is good. It is intended to reduce the fingerprint from the Tor browser.

Use Tails if doing other things is required.

The thing that probably should be of concern is that several spook infested agencies do provide the funding for the developers, so they could possibly have frist dibs on any exploits that are discovered. The exit nodes have feds running them no doubt, but technically that isn't a big problem. Other leak vectors are bigger issues, so keep the browser updated. If paranoid compile by yourself.

Of course the exit node can do MITM on traffic but the usual measures work against that.

Also, better if there are a lot of other people using it, or the feds just find the source of the obvious Tor traffic and you get v&.

Generally, Tor should be fine for anonymization, but don't loosen your guard if doing confidential stuff.

The best way is to do real talking, if you are paranoid. Better, build real labour power so you don't have to rely on Tor and technical fixes. The Bolsheviks, in spite of being surveilled by the glowies, were victorious.
>>

 No.4404

>>4401
Solid and uplifting post comrade.
>>

 No.4438

>>4401
What about anonymisation for privacy in piracy (running a torrent server for example), rather than stuff like anti-government action, cp or drugs? I know those get shut down, but I don't often hear what happens to owners of pirate sites. I'm in the EU, if that makes a difference.
>>

 No.4447

You probably could torrent over Tor. But a VPN is probably better for that, for both your sanity and that of the Tor network.

Running pirate sites that have high traffic will definitely get you the attention of the feds, the corps. and your ISP. If you're just pirating yourself then that isn't that likely, though sometimes the companies will try to scare you with cease and desist notices, which actually was also one way that phishers could extort targets by using the threat of alleged copyright violations, and your ISP might take action.

There was an anonymous protocol for torrents but it didn't seem to have a lot of adoption for pirate offering.

Perhaps someone with more knowledge could comment on other P2P file share protocols, like GNUNet, if those are better for privacy and anonymity. Or whether there's an alternative to dumping heavy traffic through the already slower Tor, that can allow for anonymous torrenting. Actually on that topic you could just run a torrent website as a Tor hidden site, and that will provide some anonymity, so long as you aren't compromising your information during the other aspects of pirate service.
>>

 No.4475

>>2207
you can have multiple browsers anon… use tor for tor browser, hardened firefox for clearnet, whatever for i2p, and chromium for everything that breaks ;)
>>

 No.4476

>>2209
wait cant they just get data from your ISP for timing correlation anyways? id be surprised if they dont just filter off of ISPs tbh
>>

 No.4477

File: 1608526234231.jpg ( 38.57 KB , 330x440 , catRidingDog.jpg )

>>4375
if u arent using https, the exit node can see what you're doing. Anyways, they know what site youre on, and more specific data depending on how the stuff is transmitted (like inthe form of url data versus just packets to a general purpose url). So if someone with exit node can correlate your usage from either the entry node or just your isp, they can supposedly see where u were looking on tor, and worst all packets u sent
im pretty sure?
>>

 No.4478

>>4438
make an onion site on a vps that doesnt take any info and is operated out of 14 eyes. Keep a backup site in case u do get shut down by the company i guess. keep your database encrypted until called upon obviously if anything sensitive. Only use tor to connect to the server when configuring it. Should keep u safe, these r the basics, look into it. grugq has some case studies in some like deceased 2013 blog about cyber criminals n shit, one case study about how this pedo ring basically got away by just using yknow, standard opsec but just sticking to it well and not giving out personal info, using proxies for everything, not using VPNs for security, and shit. So nah anti-gov shit stays up unless infiltrated, cp stays up -> gets killed -> comes back, and drugs always stay up lol but who do u think really profits off that, govs r the og cartels. Anyways yeah, whatever u do just have good basic opsec and u should be fine, tor isnt horribly broken, just use it how you are told to use it by people who know their shit. i.e. dont do shit on tor u do on clearnet, dont change ur browser, close sessions frequently, dont have it full screen, ideally use whonix or sandboxing or smth, whatever. If you're super noided there's always yknow, doing it out of public wifi also, so even if its deanonymized its not tied to u
good luck anon
>>

 No.4488

The recent update for the browser bundle standardizes the screen size for the full screen browser window, so that leak is probably not that big of a problem now.

Also if using public WiFi to be anonymous, consider cloning the MAC address to something else than the one that could be traced if hotspot operators log that and can correlate the traveling of the device.
>>

 No.4548

apps
>>

 No.4549

>>4488
>The recent update for the browser bundle standardizes the screen size for the full screen browser window, so that leak is probably not that big of a problem now.
No, the recent update (10.0) completely fucks up resolution fingerprint resistance, because the rounding is buggy. 1) it doesn't round to multiples of 100 but is slightly off. 2) the window size is different between initial window and subsequent new windows.
Secondly, the canvas fingerprint resistence doesn't work anymore.
Thirdly, what you're referring to (a technique called "letterboxing") has already been part of the 9.5 version.

See for yourself:
https://arkenfox.github.io/TZP/tzp.html
https://www.amiunique.org/
>>

 No.4567

god you people are retarded. You can't figure out how to install a fucking program through the package manager? Kill yourselves.
>>

 No.10825

bump
>>

 No.10826

>>4567
eat shit you rude prick
>>

 No.10828

>>4567
The problem is the rice mentality of some linux users, idiots who think they're l33t because they customize. You can't just use defaults that were designed to make you as anonymous as possible. No, you've got to fuck your shit up with a snowflake configuration that makes you special.
>>

 No.10829

>>10828
The TBB defaults are rather limited tho and I even talked with some TOR devs that otr said the recommendation for sticking to the defaults is just for novices.
>>

 No.10833

>>10829
Like what? If you mean stuff like running TBB in a sandbox then yeah, but that's not changing TBB itself and if anything it limits some aspects of TBB even further.
>>

 No.10844

File: 1632365203459.png ( 15.99 KB , 614x620 , sadtime toad.png )

I wish I knew why I can never make torsocks work with anything.
>>

 No.10847

>>10844
Example? What is the output? I think torsocks had a bug a while ago with long URLs or something like that, but it's been fixed since then.
>>

 No.10848

>>10847
Generally it just hangs in the terminal and says nothing, no matter what program I attempt to use it with. I don't get what I'm doing wrong.
>>

 No.10849

>>10848
That means it's working
>>

 No.10850

>>10849
Except the programs I want to use it with never actually start up.
>>

 No.10851

>>10850
at least post ptrace result?
>>

 No.10852

>>10850
That sounds like a fault of the programs not tor lol.
>>

 No.10853

>>10851
You mean strace? I dunno how to make use of this, but here:
https://pastebin.com/u44EUcy4

>>10852
I find it highly unlikely Firefox is incompatible with torsocks.
>>

 No.10854

>>10853
>torsocks + Firefox
>not Tor Browser
Why?

Firefox is quite a complex piece of software, and TBB devs still can't guarantee that some random add-on couldn't leak. So I don't know how you can expect vanilla Firefox to work flawlessly by just putting torsocks on top. Not to mention that TBB is fine-tuned for that purpose, not just fingerprint-wise but also in terms how it handles stream isolation, which can't be replicated even by enabling IsolateDestAddr.

What to you want to achieve in the first place?
If you want to run multiple TBBs, each with their own session and tor process, then that's possible by setting a different control and socks port through user.js.
If you want to make TBB your default web browser that external processes automatically use to open URLs, that's possible as well by modifying the cmdline in start-tor-browser.desktop and using xdg-settings.
I can write you detailed instructions if that's what you're looking for.
>>

 No.10855

>>10854
>Why?
Because that's just one simple example of a popular program that should work with torsocks but doesn't. I'm trying to get something to work with torsocks. Stop judging my software choices like an autist, I'm trying to troubleshoot here, I'm not actually going to use Firefox.
>>

 No.10856

>>10855
How can you expect us to troubleshoot your problem if you're unwilling to tell us anything and provide misleading examples? Then you call me an autist when I try to work with what you gave us lol.

At least try using torsocks with something basic like wget and post the result of that FFS.

>just one simple example of a popular program that should work with torsocks but doesn't
Wrong, it's not simple and it's not guaranteed. Only a few programs are officially guaranteed to work. Firefox might work or not, but it's a ridiculous test case for testing if torsocks works at all. https://gitlab.torproject.org/legacy/trac/-/wikis/doc/torsocks
>>

 No.10857

>>10856
Tails OS sure seems able to get torsocks to work with a wide range of things.
>>

 No.10858

>>10857
Tails doesn't use torsocks at all, you have no idea what you're talking about.
https://tails.boum.org/contribute/design/Tor_enforcement/

Anyway, torsocks works fine for me, but I'm not trying to make it torify whole browsers or operating systems. Sounds like you encountered a user error.
>>

 No.10859

>>10858
Huh, guess I had torsocks misconstrued then. I thought it was the big tool used generally to route non-browser applications through Tor. I still can't make it work with anything.
>>

 No.10862

>>10859
Torsocks is basically a monkey patch: it is a hack that replaces the connect() system function at runtime with its own wrapper.
But if a program does some weird shit then torsocks's wrapper might break something. Or some part of a program might use a different method of connecting, which means torsocks's wrapper will be bypassed and the program will leak. Browsers have become almost their own operating systems, they probably reimplement large parts of the network stack. That's why I would be surprised if applying torsocks to firefox actually did work.

Try this:
torsocks curl -I https://www.example.com/


The above should output HTTP headers. If not then inspect with strace:
strace torsocks curl -I https://www.example.com/


Then look for the connect() calls, something like this:
connect(5, {sa_family=AF_INET, sin_port=htons(9050), sin_addr=inet_addr("127.0.0.1")}, 16)


There's other options than just torsocks though. The program might internally support SOCKS proxies without documenting it. Often they check the ALL_PROXY or all_proxy environment variables. So you can try running this:
ALL_PROXY="socks5h://127.0.0.1:9050" all_proxy="socks5h://127.0.0.1:9050" /path/to/my/program


As a last resort there's Whonix. Not practical, but very likely to work.

Unique IPs: 6
[Return][Catalog][Top][Home][Post a Reply]
Delete Post [ ]
[ overboard / sfw / alt / cytube] [ leftypol / b / WRK / hobby / tech / edu / ga / ent / music / 777 / posad / i / a / R9K / dead ] [ meta ]
ReturnCatalogTopBottomHome