Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ______________________________________________________
- /_ __/ __ \/ __ \ / ____/_ __(_)___/ /__
- / / / / / / /_/ / / / __/ / / / / __ / _ \
- / / / /_/ / _, _/ / /_/ / /_/ / / /_/ / __/
- /_/ \____/_/ |_| \____/\__,_/_/\__,_/\___/ v.0.5
- =========
- Glossary:
- =========
- Clearnet: The regular internet
- - http://www.somecrap.com
- Darknet : One of the alternate internets
- - in tor, something like http://blahblahgibberish.onion (ONION sites)
- - in i2p, something like http://blahblahgibberish.i2p (forget this for now)
- - on freenet, something like http://127.0.0.0:d9w8dj98q23d8jq239080qdj90 (forget this for now)
- - could also mean any sites on clearnet that are not indexed in any of the search engines such
- as private webpages, databanks, encrypted sites and so on. But we won't use this meaning here.
- LEA : Law Enforcement Agency
- Onion : A website on TOR
- ============
- What is TOR?
- ============
- It is an alternate anonymous internet, only accessible with a special browser called the TorBrowser which is
- built on top of Firefox. TOR does not hide you in any way, it only allows you to interact
- with the internet in an anonymous way. It is virtually impossible for anyone to know what you are browsing as
- long as you use TOR, however, they will know you are browsing something using TOR (could be pictures of cats).
- Your ISP, forexample, can easily detect that you are using TOR. However, there are many legitimate uses for TOR
- and although you may be put you on a list, in essence there is nothing criminal about it. The more people that
- use it the more legitimate it becomes. Initially, Tor was designed and developed as part of the U.S. Naval
- Research Laboratory's Onion Routing program with support from ONR and DARPA. Currently, Tor development is
- supported by the Electronic Frontier Foundation. \\\\ There is nothing illegal about using TOR. ///
- If you use TOR properly you will most likely remain anonymous. The following was found in a leaked NSA slide:
- ---------------------------------------------------------------------------------------
- / \
- | βTor Stinks! [...] We will never be able to de-anonymize all Tor users all the time.β | |
- | |
- | (STRENGTH IS IN NUMBERS) |
- \ /
- ---------------------------------------------------------------------------------------
- The way it works is through high level encryption and routing of information from your computer to the final
- destination through a series of computers (nodes) linked together randomly all over the world on the TOR network.
- An onion is a good analogy to TOR. When you ask TOR to look at a page, say yahoo.com, TOR applies several
- layers of cryptographical protection to your message and sends it over the TOR network. As the message
- traverses the network of nodes (computers) it peels back each cryptographic layer at each node until it reaches
- the last node, called the EXIT node. This is the last computer on the TOR network which, has no idea about your
- IP address or where you are located. This node then forwards your request to yahoo.com on the clearnet. The EXIT
- node is the gatekeeper between the darnet and clearnet. Your message is completely peeled back by the time it
- arrives at the EXIT node to reveal the contents. Node A can only decrypt (peel) the layer A, under which it would
- see the address of the next node. After the packet reaches the next node, it can only decrypt (peel) layer B, and
- so on. For each layer, you use the respective node's public key, so only that exact node can decrypt the layer
- with its own private key. When the message reaches the EXIT node, all of the layers have been decrypted and
- message is now in plain text (it could also be encrypted if you're communicating with the server under SSL).
- If you restrict yourself to browsing onion sites (darknet) then your entire communication stream is
- encrypted - from your computer to the end computer - this is because there is no need to exit the TOR network.
- On the other hand, if you browse clearnet sites your communication stream is only partially encrypted. In the
- example above, the EXIT node is the one requesting the information from yahoo.com, and that part of the
- communication stream is unencrypted (obviously, it could also be encrypted if you're communicating with the server
- under SSL). From your point of view, you are anonymous whether you are browsing the Darknet or the Clearnet. They
- have no way of knowing who you are, the EXIT node is the only IP address that is visible. One thing to note is that
- if you visit sensitive sites on the Clearnet you risk putting the person/entity that is hosting the TOR EXIT node
- in trouble since the communication stream portion from the EXIT node to the requested site may be unencrypted and
- susceptible to prying eyes.
- --------------------------------------------------------
- / \
- | Get the browser bundle here. This is all you need. |
- | |
- | - https://www.torproject.org/download/download.html.en |
- \ /
- --------------------------------------------------------
- FIRST THING YOU MUST DO AFTER YOU INSTALL IT AND BEFORE YOU BEGIN BROWSING: DISABLE JAVASCRIPT IN THE TOR BROWSER.
- Everytime you upgrade TOR, which you should do everytime there is an update, REMEMBER TO DISABLE JAVASCRIPT and
- re-configure any settings you had previously on your old Tor browser setup.
- Not sure why but, in the new TOR/Firefox, they removed the option to disable Javascript from the menu. In any case,
- you should be OK if you do the following:
- (these guidelines are updated for the latest version of TOR as of 27 May 2014, they may change, you have been warned)
- 1) click the small S (NoScript icon) which is to the left of the address bar and hit Options. From there, navigate
- to the embeddings tab and check to forbid
- - Java
- - Adobe Flash
- - Microsoft Silverlight
- - "other plugins"
- - IFRAME
- 2) open a new tab (if you want to) and type in "about:config". This will bring up Firefox's advanced settings, say it is
- OK, you will be careful. Type "javascript" into the search box and look for "javascript.enabled" in the list. Double click
- on this and the boolean value will change from True to False (if you plan on doing the next step don't close the window yet).
- 3) It is good practice to have the referrer automatically disabled (as long as it does not hamper your browsing,
- otherwise feel free to skip this step). If you click on a link, the website you go to knows where you came from,
- if you follow this procedure, that feature is disabled and the website will have no idea where you came from.
- There are two steps, a) and b):
- a) Type about:config in your browser - Find/locate network.http.sendRefererHeader - Change the number 2 to 0
- b) Find network.http.sendSecureXSiteReferrer and set it as false.
- 4) This step is also good practice but probably not crucial so feel free to skip it if you deem it necessary. Open
- Torbrowser options and browse to privacy. There choose:
- - Tracking: Do not tell sites anything about my tracking preferences
- - History: Never remember history
- - Location Bar: Nothing
- 5) Remove all addons in your tor browser (its known that lea have been working together with mozilla plugin developers before
- and inserted malicious software that can potentially get your real identity)
- For the record, I use all 4 steps listed above. Just a couple more things before you proceed, make sure you read everything that
- is below this line. Then you can start browsing with TOR as safely as I know. That's important, because after all, I'm just some
- guy on the internet.
- ============= --------------------------------------------------
- Safety Rules: | MOST IMPORTANT MAKE SURE YOU READ EVERY ITEM |
- ============= --------------------------------------------------
- This is a list of things to do and not to do, to help preserve your anonymity, the list is not definite and it
- certainly is not exhaustive. Be wary.
- -------
- Do NOT:
- -------
- - Do NOT enable javascript (ever)
- - Do NOT recommend installing additional addons or plugins into the Tor Browser, as these may bypass Tor or
- otherwise harm your anonymity and privacy.
- - Do NOT turn off/override/disable any of the add ons that come pre-installed with TOR Browser bundle.
- - Do NOT sign up for anything with your clearnet name or password, that means no information at all about your
- clearnet activity should ever cross into the darknet activity (that was what the silkroad guy did, and it
- ended up costing him big time). Yes, passwords too.
- - Do NOT open PDFs on a computer with an internet connection, if you download them, when you open them just make
- sure it is on a machine with the internet disabled. In fact, you should be cautious with opening any document
- you download on TOR with a machine that is onlineor offline. If it is some sort of malware it can attach to your
- machine and wait until you turn internet back on. Your antivirus/malware scanners will not detect it.
- - Do NOT carry on your writting style from clearnet to darknet.
- - Do NOT post anything that could correlate you with your clearnet identity.
- ---
- Do:
- ---
- - Do DISABLE JAVASCRIPT. You can also turn off cookies, which can be used to track you. Or at least set it to
- clear them everytime you turn off the TorBrowser. Third party cookies should probably always be disabled.
- - Do write on forums, as long as you leave no identifiable mark. Not even a small one.
- As long as you post anonymously, write all you want, it's safe.
- - Do feel at ease about accessing text based information (where there is no room for malicious scripts).
- - Do participate in the topics you align yourself with.
- - Do browse Darknet/Clearnet at will, but use common sense and be cautious, and above all - religiously abide
- by the do nots*.
- * That being said, with experience and due dilligence, you will be able to safely bend some of the rules in
- the dos and donts. For example, if you are on a site that you know, with absolute certainty, that it would
- not use a malicious javascript hack then you could potentially enable javascript for that one transaction.
- ============================
- Useful resources (Clearnet):
- ============================
- If you are paranoid, access the following links with the TORBrowser (I don't bother since they are all
- clearnet and on reddit where millions of people go everyday).
- - http://www.reddit.com/r/privacy
- - http://www.reddit.com/r/silkroad
- - http://www.reddit.com/r/tor
- - http://www.reddit.com/r/onions
- - http://www.reddit.com/r/darknetplan/
- - http://www.reddit.com/r/onions
- - http://www.reddit.com/r/netsec
- - http://www.reddit.com/r/freespeech
- - http://www.reddit.com/r/gnupg
- - http://www.reddit.com/r/crypto
- - http://www.reddit.com/r/stand * Internet activism
- - http://www.reddit.com/r/tails
- - http://www.reddit.com/r/i2p
- ================
- Links (Darknet):
- ================
- This is the best assortment of onion links that I have found, from there you can find pretty much everything you
- would want to find. However, be very very careful with what you do in any sites on this directory. There are very
- good resources, and you can find great things, but proceed with caution, use common sense and follow all the safety
- rules above.
- - http://skunksworkedp2cg.onion/sites.html
- - http://dirnxxdraygbifgc.onion/
- ============
- Scary Stuff:
- ============
- The only sure way the other side has to get to you (which is extremely unlikely but possible) is through
- time matching. This is because TOR is anonymous but it is NOT invisible. There are many ways in which your
- ISP can know if you are using TOR. That does not mean, however, that they know anything about what you are
- posting or what websites you are visiting since that is all encrypted. They just know that you are using
- TOR, and there are LOTS of legitimate uses for TOR. That allows them, if for some reason they should suspect
- you, to set up a van outside your home. Now, lets say you have just arrived home turn on lights and computer.
- Now you visit a particular forum on TOR, which LEA has control of. If, simultaneously, they are watching your
- home and see you turn on your lights at the same time that you log onto TOR and log on to that particular
- forum. Then they have reasons to fuck with you. Beware.
- =======================
- Are you super paranoid?
- =======================
- __________________________________________________________________________________________________________________
- Disclaimer:
- The text henceforth is not my own. I cannot attest to the veracity or quality of the assertions which
- in some cases seem pretty wild, but given recent Snowden revelations, I cannot say it is not possible with
- absolute certainty. As usual, take everything with a grain of salt.
- __________________________________________________________________________________________________________________
- --------
- Disable:
- --------
- (Some disables on the list are already done by TOR.)
- - 3rd Party Cookies *
- - Java
- - Javascript *
- - Flash / Shockwave (TOR does this)
- - CSS3 Webfonts
- - OCSP Validation
- - Web Sockets
- - Geolocation
- - Battery Status API FF11+
- * these ones should be disabled even if you aren't paranoid, covered above.
- -------
- Do you?
- -------
- - Run TOR from a Virtual Machine
- - Use tails or whonix?
- - Run TOR from an encrypted partition
- - Run TOR from a Virtual Machine
- - Wipe all temporary files, empty space, even if using full disk encryption?
- - Know that sites can identify your region through the TorBrowser language preferences under
- Options -> Content -> Language. choose a generic language e.g. "en" (instead of en-US), de (instead of de-de),
- and so on.
- ----------------------------
- Dangerous Operating Systems:
- ----------------------------
- - Microsoft - Verified by the German government to have back doors. Windows Nothing to hide? Are you .. sure?
- Back door means they can plant evidence without your knowledge. Back doors mean they can steal your company
- secrets. Back doors mean agencies can spy on each other and steal credit for take downs.
- - Mac OS X - Logs what you do. Apple can and will decrypt any encryption set by Mac OS X. Non corporate PGP disk
- encryption with TrueCrypt volumes on top of that for your downloads is a slightly safer, if you must use a Mac.
- - Ubuntu - By default will log all sites you visit and post back to canonical. Reformat the drive and install
- Linux. Ubuntu is no longer true linux. For those that like Ubuntu, use Mint. Other options are Fedora, CentOS,
- Gentoo, Slax/Slackware, Linux From Scratch, TinyCore, Damn Small Linux. A distro that boots from USB and runs
- in RAM is safest. Store files on encrypted USB and use a crazy strong pass phrase. It should be impossible for
- you to type this when drunk or drugged. Be sure to run Bastille hardening scripts and enable Apparmor on Ubuntu
- variants and SELinux on Redhat variants. Be sure to remount /proc with hidepid=2,gid=0 from a script in your
- encrypted volume.
- - Cell Phones - All mobile OS have embedded SSL CA certs and most have vendor root kits that
- anti-virus companies are not allowed to call spyware or remove, or they will face legal issues.
- - Mobile or - Anything created by a marketing company such as Google or by a wireless Tablet OS provider has back
- doors in it. This is not theory. It is well documented. These OS are designed to be compromised by LEA with
- simple memory cards and USB devices.
- --------------------
- Dangerous Practices:
- --------------------
- - Cloud Storage - All your data is encrypted with common root keys. Someone else is targeted, they have your data
- too!
- - Cloud Backups - same Tor Mail - No safer than ClearWeb mail. Your messages are stored as clear text. Was
- recently hacked. Hope your emails were encrypted by you.
- - Tor Gateways - If you use a username/pw through a Tor gateway, Logins others already have your username/pw.
- Yes, even if the site uses HTTPS. Many Tor exit gateways are running ssl-strip and metaslpoit.
- - Private Messages - There are no such thing as private messages. If you and your friends are not using your own
- encryption software with your own pre-shared secrets, then you have no secrets.
- - Rubber Stamping - Using the same username or password on any two sites or on any site and your cell phone is the
- same as printing your username and password on your forehead. Anything you put in your cell phone is available
- to authorities with NO effort on their part. Using the same pw on a Tor site as a ClearWeb site is daft.
- -----------
- Easter Egg:
- -----------
- Did you really make it this far? There you go, good job!
- http://allyour4nert7pkh.onion/tracker/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement