| View previous topic :: View next topic |
| Author |
Message |
Fulgurance
Veteran
Joined: 15 Feb 2017
Posts: 1200
|
 Posted: Tue Jan 29, 2019 5:17 pm Post subject: [Solved] Questions about Tor |
 |
|
Hello, i have just questions about Tor.
I don't would like to go into dark net. Just use it to anonymate my connection. Is it possible to use it only for that (not with tor brower) ?
And i have seen into website mozilla firefox integrate tor functionnalities. Do you know good tutorial or documentation to add tor functionnalities ? (i would like to use firefox, not tor browser)
And tor-hardening use flag is it just for vanilla packages ? Or usable ?
Last edited by Fulgurance on Sat Feb 02, 2019 11:17 pm; edited 1 time in total |
|
| Back to top |
|
 |
Jaglover
Watchman
Joined: 29 May 2005
Posts: 8291
Location: Saint Amant, Acadiana
|
|
| Back to top |
|
|
Muso
Veteran
Joined: 22 Oct 2002
Posts: 1052
Location: The Holy city of Honolulu
|
| Posted: Wed Jan 30, 2019 3:38 am Post subject: |
|
|
You can use proxychains via tor.
_________________
"You can lead a horticulture but you can't make her think" ~ Dorothy Parker
2021 is the year of the Linux Desktop! |
|
| Back to top |
|
|
1clue
Advocate
Joined: 05 Feb 2006
Posts: 2569
|
| Posted: Wed Jan 30, 2019 5:22 am Post subject: |
|
|
Full disclosure, I tried tor once to see what it was about, and that's it. But I've done some reading.
If you go through the tor network and browse, they (allegedly) can't see your correct IP address on the other side, nor can anyone in the middle except your real ISP, and whoever has hooks into that. Maybe your government?
But the thing is, the tor browser was made specifically to eliminate as much risk as possible of someone tracing back to you in other ways.
If you use Firefox, and you go to example.com, and there are cookies or some other fingerprint by which they can identify you, you've been identified. If you go to gmail and login, they know who you are. Google, gmail, youtube, any one of the sites in that corporate family all share data. Once you're tagged all that work of going through tor is irrelevant.
I'm 100% sure that the same can be said for other sites of a common parentage. Google is just a favorite example of a company that likes to look over your shoulder, and which is frequently subpoenaed for legal proof of someone's interest in a person, place or thing.
If I actually cared what my government thought of the websites I visit I may have put more effort into learning about tor, but I can't really say I care enough to bother. |
|
| Back to top |
|
|
toralf
Developer
Joined: 01 Feb 2004
Posts: 3922
Location: Hamburg
|
| Posted: Wed Jan 30, 2019 8:31 am Post subject: |
|
|
The Tor Browser is based on Firefox.
Run https://tails.boum.org in a virtual machine if you need more anonymity.
Finally anonymity != dark net - the former is a technical thing, the later a social one.
Just my 2ct. |
|
| Back to top |
|
|
Fulgurance
Veteran
Joined: 15 Feb 2017
Posts: 1200
|
| Posted: Wed Jan 30, 2019 9:27 am Post subject: |
|
|
| And, little question. I think Tor only is not sufficient, is it recommanded to add VPN ? (i think tor isn't VPN) |
|
| Back to top |
|
|
1clue
Advocate
Joined: 05 Feb 2006
Posts: 2569
|
|
| Back to top |
|
|
Fitzcarraldo
Advocate
Joined: 30 Aug 2008
Posts: 2034
Location: United Kingdom
|
|
| Back to top |
|
|
1clue
Advocate
Joined: 05 Feb 2006
Posts: 2569
|
| Posted: Wed Jan 30, 2019 5:38 pm Post subject: |
|
|
Very nice!
Neither actually focuses on the real issue with both approaches though: If you ever connected to your destination site or one of its siblings with the browser you're using, then there can be a cookie/token which can be retrieved from the destination server, and they can know who you are. They can use logs from your connection on the open Internet to get your physical location.
Cookies and such are categorized by the site which creates them. Your browser does not care if the cookie was set over the open Internet and then retrieved through TOR, but if you're going through the effort to use TOR then you most likely care about those things a lot.
Likewise automatically filled out forms, security credentials and whatever else saved by your browser can undo everything you were hoping for by using TOR in the first place.
Sorry I said all this earlier, but this point is important. By the time you get to the destination site, there's really no difference between using a VPN or TOR, or going straight there. The only thing that really changes is where your apparent IP address is, and how easily your network packets can be backtracked to their origin. The payload can be seen at the remote site, decrypted. If you have compromising information there, and somebody you don't like is watching, then they know who you are and what you did. |
|
| Back to top |
|
|
The Doctor
Moderator
Joined: 27 Jul 2010
Posts: 2678
|
| Posted: Wed Jan 30, 2019 9:46 pm Post subject: |
|
|
| 1clue wrote: | | The only thing that really changes is where your apparent IP address is, and how easily your network packets can be backtracked to their origin. |
In other words, if you want to do anything requiring a log in, use your browser for tor and non tor traffic, etc. then it makes no difference. One big warning with tor is not to use it for anything involving money as there is a real risk of it being stolen.
Although if you have a specific browser for viewing "cute cat pictures" then it may offer some benefit.
_________________
First things first, but not necessarily in that order.
Apologies if I take a while to respond. I'm currently working on the dematerialization circuit for my blue box. |
|
| Back to top |
|
|
1clue
Advocate
Joined: 05 Feb 2006
Posts: 2569
|
| Posted: Wed Jan 30, 2019 10:28 pm Post subject: |
|
|
| The Doctor wrote: | | 1clue wrote: | | The only thing that really changes is where your apparent IP address is, and how easily your network packets can be backtracked to their origin. |
In other words, if you want to do anything requiring a log in, use your browser for tor and non tor traffic, etc. then it makes no difference. One big warning with tor is not to use it for anything involving money as there is a real risk of it being stolen.
Although if you have a specific browser for viewing "cute cat pictures" then it may offer some benefit. |
Not exactly.
If you're going to use TOR then you may want to consider a completely separate Linux account, and create brand new accounts on whatever sites you need to login to, but avoid logging in if at all possible. And never create an account which links to something that can be traced back to you.
Just thing about the crap that shows up in ads after you google something. Or if you have an Alexa or any other device with voice commands, notice how your ads tend to follow what you talked about whether you used a deliberate voice command or not.
I think it would be insanely hard to keep the accounts separate, especially if you're doing it for a long time. |
|
| Back to top |
|
|
Fitzcarraldo
Advocate
Joined: 30 Aug 2008
Posts: 2034
Location: United Kingdom
|
| Posted: Wed Jan 30, 2019 11:16 pm Post subject: |
|
|
I've read that Snowden used Tor Browser running in Tails booted from a LiveCD.
Putting aside so-called 'supercookies' and 'evercookies', the problem is that canvas fingerprinting means you can be tracked without the tracker knowing and storing your IP address (or other location identifier) or machine identifier (the Tor network hides your IP address from the visited Website or third-party server) and without needing to store anything on your machine (unlike cookies). Advertisers or other nefarious sites/servers can share your fingerprint with other sites/servers and they will know it is you who is browsing. If you revisit a site it will know it is you again. Here are a few results using the EFF's Panopticlick 3.0 tracking tester on the machine I'm using at the moment (I have omitted the full results, for privacy reasons):
Firefox 65.0 with Privacy Badger, Disconnect and DuckDuckGo Privacy Essentials installed
| Quote: | Is your browser blocking tracking ads?
✓ yes
Is your browser blocking invisible trackers?
✓ yes
Does your blocker stop trackers that are included in the so-called “acceptable ads” whitelist?
✓ yes
Does your browser unblock 3rd parties that promise to honor Do Not Track?
✗ no
Does your browser protect from fingerprinting?
✗ your browser has a unique fingerprint
Note: because tracking techniques are complex, subtle, and constantly evolving, Panopticlick does not measure all forms of tracking and protection.
Your browser fingerprint appears to be unique among the 152,027 tested in the past 45 days.
Currently, we estimate that your browser has a fingerprint that conveys at least 17.21 bits of identifying information. |
Firefox 65.0 Private Window with Privacy Badger, Disconnect and DuckDuckGo Privacy Essentials installed
| Quote: | Is your browser blocking tracking ads?
✓ yes
Is your browser blocking invisible trackers?
✓ yes
Does your blocker stop trackers that are included in the so-called “acceptable ads” whitelist?
✓ yes
Does your browser unblock 3rd parties that promise to honor Do Not Track?
✗ no
Does your browser protect from fingerprinting?
✗ your browser has a nearly-unique fingerprint
Note: because tracking techniques are complex, subtle, and constantly evolving, Panopticlick does not measure all forms of tracking and protection.
Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 76033.0 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 16.21 bits of identifying information. |
Tor Browser 8.0.5 (based on Mozilla Firefox 60.5.0esr) Standard Security Level; Tracking Protection Always; Do Not Track Always; Privacy Badger installed
| Quote: | Is your browser blocking tracking ads?
⚠ partial protection
Is your browser blocking invisible trackers?
⚠ partial protection
Does your blocker stop trackers that are included in the so-called “acceptable ads” whitelist?
✓ yes
Does your browser unblock 3rd parties that promise to honor Do Not Track?
✗ no
Does your browser protect from fingerprinting?
⚠ partial protection
Note: because tracking techniques are complex, subtle, and constantly evolving, Panopticlick does not measure all forms of tracking and protection.
Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 3380.53 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 11.72 bits of identifying information. |
_________________
Clevo W230SS: amd64, VIDEO_CARDS="intel modesetting nvidia".
Compal NBLB2: ~amd64, xf86-video-ati. Dual boot Win 7 Pro 64-bit.
OpenRC udev elogind & KDE on both.
Fitzcarraldo's blog |
|
| Back to top |
|
|
Fulgurance
Veteran
Joined: 15 Feb 2017
Posts: 1200
|
| Posted: Thu Jan 31, 2019 11:27 pm Post subject: |
|
|
| I have successfully configured firefox to use Tor. Now, i have buy nordvpn subscription. How can i configure tor to use nordvpn VPN ? On torrc file ? And how ? |
|
| Back to top |
|
|
1clue
Advocate
Joined: 05 Feb 2006
Posts: 2569
|
| Posted: Fri Feb 01, 2019 5:40 am Post subject: |
|
|
| I would think that if your VPN is configured correctly, you would already be using it. Your default route should point through the VPN tun/tap device, whatever public IP that's using. |
|
| Back to top |
|
|
Syl20
l33t
Joined: 04 Aug 2005
Posts: 619
Location: France
|
| Posted: Fri Feb 01, 2019 8:51 am Post subject: |
|
|
| Fitzcarraldo wrote: | | the problem is that canvas fingerprinting means you can be tracked without the tracker knowing and storing your IP address (or other location identifier) or machine identifier (the Tor network hides your IP address from the visited Website or third-party server) and without needing to store anything on your machine (unlike cookies). |
This tracking technique can be avoided, by using CanvasBlocker, for example. But it probably isn't as effective as Tor. |
|
| Back to top |
|
|
Fulgurance
Veteran
Joined: 15 Feb 2017
Posts: 1200
|
| Posted: Fri Feb 01, 2019 9:54 am Post subject: |
|
|
Sorry if ask you again, but i don't have success to use my new VPN with openvpn.
I have following this tutorial: https://nordvpn.com/fr/tutorials/linux/openvpn/
It's official tutorial for Linux. I have following graphical tutorial part, but when i click on my VPN on networkmanager to connect to my VPN, no error and no connection. Nothing...
| Code: | fulgurance@msi-gs73vr-6rf ~ % eix openvpn
* app-crypt/openvpn-blacklist
Available versions: (~)0.4-r1 (~)0.5 {PYTHON_TARGETS="python2_7"}
Homepage: http://packages.debian.org/sid/openvpn-blacklist
Description: Detection of weak openvpn keys produced by certain debian versions in 2006-2008
* app-metrics/openvpn_exporter
Available versions: (~)0.2.1
Homepage: https://github.com/kumina/openvpn_exporter
Description: Prometheus Exporter for OpenVPN
* net-analyzer/nagios-icinga-openvpn
Available versions: (~)0.0.1 {PYTHON_TARGETS="python2_7 python3_4 python3_5 python3_6"}
Homepage: https://github.com/liquidat/nagios-icinga-openvpn
Description: A Nagios plugin to check whether an OpenVPN server is alive
[I] net-misc/networkmanager-openvpn
Available versions: 1.8.8 {gtk test}
Installed versions: 1.8.8(00:56:48 01/02/2019)(-gtk -test)
Homepage: https://wiki.gnome.org/Projects/NetworkManager
Description: NetworkManager OpenVPN plugin
[I] net-vpn/openvpn
Available versions: 2.4.6 **9999 {down-root examples inotify iproute2 libressl lz4 +lzo mbedtls pam pkcs11 +plugins selinux +ssl static systemd test KERNEL="linux" USERLAND="BSD"}
Installed versions: 2.4.6(00:56:32 01/02/2019)(lzo pam plugins selinux ssl -down-root -examples -inotify -iproute2 -libressl -lz4 -mbedtls -pkcs11 -static -systemd -test KERNEL="linux" USERLAND="-BSD")
Homepage: https://openvpn.net/
Description: Robust and highly flexible tunneling application compatible with many OSes
[I] sec-policy/selinux-openvpn
Available versions: 2.20180114-r1 2.20180114-r2 (~)2.20180114-r3 2.20180701-r1 (~)2.20180701-r2 **9999
Installed versions: 2.20180701-r2(00:55:49 01/02/2019)
Homepage: https://wiki.gentoo.org/wiki/Project:SELinux
Description: SELinux policy for openvpn
Found 6 matches
fulgurance@msi-gs73vr-6rf ~ % eix ca-certificates
[I] app-misc/ca-certificates
Available versions: 20180409.3.37 {cacert}
Installed versions: 20180409.3.37(13:04:19 11/01/2019)(-cacert)
Homepage: https://packages.debian.org/sid/ca-certificates
Description: Common CA Certificates PEM files
|
Problem with not set use flag ?
(Actually, i have disabled Tor to test it) |
|
| Back to top |
|
|
Fulgurance
Veteran
Joined: 15 Feb 2017
Posts: 1200
|
| Posted: Sat Feb 02, 2019 11:18 pm Post subject: |
|
|
Problem solved, i have just forget to active specific kernel features 
And for my VPN, it's solved, because they have server with TOR. I haven't any utility to use tor on my laptop. |
|
| Back to top |
|
|
CaptainBlood
Advocate
Joined: 24 Jan 2010
Posts: 3626
|
| Posted: Thu Oct 17, 2019 11:06 pm Post subject: |
|
|
| Fulgurance wrote: | | Problem solved, i have just forget to active specific kernel features |
Could you please elaborate?
Thks 4 ur attention. |
|
| Back to top |
|
|
|
Networking & Security
