Anonymity for everyone

Hi,
i just thought i might share this with whoever is interested.
If you like to anonymize your data packages that are send back and forth, you might like to give this a try. It will, to an extend, protect users against threats on the internet.

It is in the repositories if look it up ‘tor’.

Tor: anonymity online

This is now quite some years that I am using tor, thought of writing a thread on this about two weeks ago but since you named it here I will drop my “perplexities” here. Recently there have been a few changes in the tor download page for Linux that are not very clear. First of all try to open a non English download page (for example the Italian one) and you will notice that the links are broken. If you do not get discouraged you will try the English one where you will find the repositories to be added and they work. But for OpensSUSE for what I have seen in that depository **(LINK) **](http://deb.torproject.org/torproject.org/rpm/suse/) there is no trace of the 64 bit version. If then a user thinks of going to the official repositories what does she find on the tor site: ***“Do not use the packages in the native repositories. They are frequently out of date. That means you’ll be missing stability and security fixes.” ***And end citation. Now this is a mouth full and it make the thing even more difficult, because for me (64bit user) then it would leave only the source packages and this kind of install requires more maintenance and attention then a repository.
Service wise you have to notice that by the mere principle you will have some limitations too. The TOR network relies on relays that are put at the availability of the public for free. While in the first time there was a hard core of activists, trying to establish a working network, it is a know fact that a number of agencies (for example a bunch of farm boys and some nice people in the “centre of all countries” as well) did build up very eagerly a number of servers in order to try to skim passwords and valuable information. One should use TOR for fun purpouses only when “just a nice dose of anonymity” is requested and should never do any important actions (financial or payments) over this net. The TOR creators do tell this also when you start the program: "This is experimental software. Do not rely on it for strong anonymity."

If you then want to really gather a bit of anonymity for your packages it will be also necessary to do the following: besides TOR you will install privoxy as described on the site, do the portforwarding and then try it out first. You can do so by going on an iptracker. If the result is “you are currently in Alaska” while you are in reality in Denver then you will know it works. Tor recommends a particular plug-in for the activation in Firefox, “torbutton”, personally I configured it with “Foxyproxy” and it works flawlessly. The overall connection quality did not cease to improve during the recent years. You barely notice it, even on a UMTS/3G connect, a fact that was unthinkable only 2 or three years ago.

Then for a minimum “real” anonymity you would have to:

  • surf without plug-ins, java and javascript, flash and so on. You may use “noscript” plug-in for doing the job.
  • no cookies
  • use Firefox and if possible no referrer and no indication about the OS employed.
    As you see all this comes out quite tedious. Yes we are very “beloved and watched” while we are serving. After all personal taste and consumer preference profiles are gold worth for any industry.

But it is still a good thing and a responsible choice using TOR, OTR and Gnu-PG whenever you can.
Thanks for reminding us.

P.S. Firefox “personas” and privacy are also fully incompatible. Just to let you know.
A good website for learning about “fingerprinting” browsers you have HERE](http://panopticlick.eff.org/i). Impressive, isn’t it?
And a very trivial one: try to change your Google bookmark to https://google.com. The service works already well and when you are without any further security on a hotspot (you know you shouldn’t) it protects you from your inquiries being skimmed by third parties, since you are protected by the https protocol.

Though TOR does provide you with anonymity within itself, there are points when you are entering and leaving TOR when it is clear that you are using TOR and so it is theoretically possible for some, by paying attention to those points, to get significant information about you.

I highly appreciate this exchange. It helps to understand matters.

The reason i brought it up, was by reading an article about websites in general and googles approach via google-add.
Now not everyone is concerned with that issue but some are.

I do use nonscript in my firefox but could not (for some reason) disable javascript.
Tor seems a nice addition to make it harder for anyone else to find out who and where you are located.
Thanks @stakanov for the input. In my blindness i did use it from the repositories. Got to check the version of that.

I checked my version and it says v0.2.1.26 which compares to the version stated on the website.
So at least i got the current version.

Hello yester. So since you are interested in the matter a few more points.
Once people did suggest to use “squid” proxy together with tor and privoxy to reduce latency. However there was a problem of DNS leaking and although I found this comments, i have no further info if this has been resolved. Following Wikipedia it seems so.
Nowadays the problems seems minor given the low latency of the TOR network.

Javascript: if you are using noscript, all javascript is automatically blocked if you do not authorize it. So the problem does not subsist.

The function of web browsers to advise in case a website is a menace or known to spread counterfeited material is also not compatible with anonymity. This because every page you open your browser will contact a central server and who has access to this server will have a perfect profile of where you go and what you read.
As I told you, perfect anonymity is impossible and the degree you reach in it is a trade off. You will have to renounce to certain features in order to get to a higher measure of privacy. But then you are ought to be much more responsible on what you do on the web too. There is no free lunch.

You may use also a VPN server to heighten security and privacy. There is a bunch of offers around the world. You may use these to connect in public hot-spots to avoid monitoring of transactions via credit card (have to confirm or to buy a ticket with R. Air and you are on the run? This would be a case where you need either a cable or a contract with a vpn provider). OpenVPN is a much higher security then PPTP protocol. PPTP is protecting against the good bad boys but OpenVPN is then good against the real bad ones. So you will prefer to pay a service that offers the latter.

Have fun.

The buttons on the board are so confusing. Pressed to wrong one and my message was gone :frowning:

I agree with no free lunch. Everything comes at sacrifices.
If i can minimize my exposure then that is already a win situation.

Proxy server are a rare thing in todays world. I remember that the time i started with internet, my provider did have a proxy server which everyone was free to use. Not in todays world anymore. Haven’t seen any from at&t.

Btw. i do really enjoy this topic and overall exchange. :slight_smile:

You might reconsider doing business with AT&T, if there are other services in your area. They have a pretty shady history when it comes to privacy.

I have to see what my options are.
I think in my area (that is in la of ca) verizon or cable.

For those of you that use bit torrents you know full well that every time you are connected to the hive or whatever you can see everyones IP addresses. I do not condone transferring of illegal torrents but I do recommend hiding your IP address while connected to this type of setup or chat or game-room.
The Main computer I use for these type things is a Mac so I am not the guy that can tell you the Linux way on this subject yet, however on my Mac I use a program that is called NetShade. They offer me there own secure proxy server to use for $15 a year. If I choose not to pay them the fee and just use their program to filter public proxy servers from around the world, there are Thousands. I use their filter to only choose for myself 3 Dot secure Proxy’s with a ping of less than 2 seconds. This generates a list that usually gives me 30 - 50 servers from all over the world to choose from. Please note that any of you that would consider using Proxy servers for illegal activity, your ISP will always be aware of what you are doing. There is no way to hide your activity from your ISP. Because there are those that choose the illegal path there is a growing number of wireless crackers out their, and with tools at their disposal like b|t Linux has to offer, it is getting worse all the time. So Lock up your networks and set up your personal firewalls and use Proxy servers or check out OpenVPN to protect your online vulnerabilities. Just stay legal, stay safe, have fun.
:wink: