Utilizing Tor with other `.onion` sites, means that neither your IP nor the servers IP address is exposed. Like your traffic going through 3 nodes or "hops", the a server running on the Tor network also goes through the same, meaning that the `exit-node`_cannot_ see your network traffic.
With Tor, anyone is able to setup a node meaning that you cannot possible trust anything, which there are many issues including a malicious `exit-node`, setup by an adversary in an attempt to de-anonymize users.
The Tor network is not as secure as many put it, there are a variety of attacks that can be used to de-anonymize users. An adversary can setup multiple malicious `entry`, `middle`, and `exit` nodes, then can DDoS other public Tor nodes which can either shut them offline or increase the already terrible speeds.
Many people argue against using VPNs with Tor, though there can be real-world benefits to having a setup like this.
If you are worried about an adversary knowing you are connecting to the Tor network this can be beneficial, but keep in mind your adversary can see you connect to the VPN.
Since Tor relies on other people using the Tor network, to disguise everybody so they
all seem alike, it's crucial we use Tor as much as possible.
*(You should not use Tor for anything personal or linkable-activity)*
Using Tor as much as possible helps strengthen the network as whole.
On desktop, there is the [Tor Browser](https://torproject.org/download).
On IOS there is [Onion Browser](https://onionbrowser.com)
On Android there is [Tor Browser](https://torproject.org/download#android) along with [Orbot](https://github.com/guardianproject/orbot), an application which allows you to route your entire device over Tor, or proxy specific applications.
You can proxy applications such as an [F-Droid](https://f-droid.org) client such as [Neo-Store](https://github.com/NeoApplications/Neo-Store), allowing you to use [onionized repositories](https://gitlab.com/fdroid/mirror-monitor/-/raw/master/README.md) inside F-droid.
*(We will talk about F-droid and these various applications later)*
Other applications such as [Briar](https://briarproject.org).
Any application that has a `proxy` setting can be used.
The Orbot ports:
SOCKS: `127.0.0.1:9050`
HTTP: `127.0.0.1:8118`
<br>
On Orbot, you should configure the following settings:
`Start Orbot on Boot`: Automatically start Orbot and connect Tor when your Android device boots
`Allow Background Starts`: Let any app tell
Orbot to start Tor and related services
`Isolate destination addresses`: Use a different circuit for each destination address
` Prefer IPv6 connections`: Tells exits that IPv6 addresses are preferred
`Connecting padding`: Always enables connection padding to defend against some forms of traffic analysis. Default: auto
`Circuit padding`: Enable circuit padding to defend against some forms of traffic analysis
<br>
If you wish to help contribute to the Tor network, you are able to enable the following:
`Relaying`: Enable your device to be a non-exit relay
`Run Snowflake Proxy`: Allow other Tor users to connect to Tor through your device. (This can't be used if you connect alongside bridges)
There are operating systems which are designed to work with Tor.
These systems will route all / some *(depends on the OS)* network traffic over the Tor network.
There are ways to route normal OS's over Tor, but the ones listed here are specifically designed for Tor-only use.
Some notable mentions:
- [Tails](https://tails.boum.org) - an amnesic OS which runs off a USB device.
All traffic is routed over Tor, and can be used on any computer.
Tails allows for a totally ephemeral OS, in which as soon as you shutdown the computer or pull out the USB drive, the RAM will be wiped and all contents on your session will be deleted. *(Note: persistent mode will function differently)*
- [Whonix](https://whonix.org) - a "workstation"-type OS routed over Tor.
You get the features of traditional Linux *(unlike amnesic Tails)* with it being routed over Tor.
Whonix can be run on a USB device, in KVM *(the suggested method)* or with [QubesOS](https://qubes-os.org) *(the most secure method, suggested to use Whonix if you are using Qubes)*.
Running in a virtual environment (KVM, Qubes, VM), there are two Whonix instances running.
`Whonix-Gateway` and `Whonix-Workstation`.
`Whonix-Gateway` is a separate *VM* which connects you to Tor.
Its sole purpose is to connect to the Tor network.
`Whonix-Workstation` will receive the Tor connection from `Whonix-Gateway`.
All of your applications will occur in `Whonix-Workstation`.
We need to do as much as possible to help protect the integrity of this network, and to help strengthen the network.
This can be done by regularly using Tor.
Regularly using Tor helps create more traffic on the network.
Generally, more traffic will help to anonymize users.
Consider running a [Snowflake](https://snowflake.torproject.org), this can run as a browser addon or inside of a [Docker container](https://hub.docker.com/r/thetorproject/snowflake-proxy), alternatively, you can enable Snowflake inside of Orbot.
Running a Tor relay would be the best way to help contribute to the network.
Refer to [this guide](https://community.torproject.org/relay/) on how to setup a relay.
Any relay is important but, if you can, host an `exit-relay`.
These relays are extremely important to the network as they see the clearnet traffic.
If you do not want to host a relay, you can look at the [SaveTor](https://savetor.network/) project, which is taking donations in return for hosting public Tor nodes.
- Always always always know what you are doing. You don't want to compromise yourself because you _thought_ you knew what you were doing. Make sure 100%. Do research **before**.
- Have a strong mind. Most flaws are user error, meaning YOU. Having a strong mind is critical.
You must be in a clear state of mind, and almost be "talking to yourself" mentally.
Ask yourself before you do something "is this right".
A good memory is CRITICAL. You are going to need to remember almost **EVERYTHING** you do on the internet if you want to do this _"properly"._
Don't be compromised because you forgot something.
Let's eliminate user error.
More on this subject will be later in this _guide._
- Take over-procedures. Don't "skimp" out on encryption because you don't feel like entering in a password. Don't be lazy.
- Do not compromise your security for a friend. If they are your friend, they will respect your new-founded love for being secure.
- Do not reveal more than you need to. MMJ doesn't need to know what you had for lunch.
People may think you are paranoid, but in a world like this it _is_ useful to be even a bit paranoid. This will allow you to see the true realities of the world. If you are always thinking of ways you can be compromised, you'd actually likely reduce your risk due to the fact of you constantly thinking about it, rather than just "not really thinking" about it, or rather as often as you should. Privacy and security are constantly evolving, which means that you will have to evolve with it. Are you ready for a data breach? What are you going to do if your compromised? Questions like these are what you need to ask yourself in order to be successful, you must always have a backup plan that you can execute.
Threat modeling can become an advanced topic, you will need to learn how to balance security, privacy and anonymity. You'll need to properly layout and identify what you are protecting yourself from.
Everyone has something to protect, whether it is passwords, location, internet activity, confidential documents, etc.
The items you are trying to protect will be referred here as "assets".
- [PrivacyGuides](https://privacyguides.org) - "The guide to restoring your online privacy."
- [PRISM Break](https://prism-break.org/) - "Opt out of global data surveillance programs like [PRISM](https://wikiless.org/wiki/PRISM_%28surveillance_program%29), [XKeyscore](https://wikiless.org/wiki/XKeyscore), [Tempora](https://wikiless.org/wiki/Tempora).
How to do this efficiently? Well... there is no "efficient" method, you just have to brute force this all of your data points have somewhat been eliminated.
You can first start by going to various apps that you are already signed into, start to delete all of your activities, message, posts and friends.
You'll have to do this for all of your "currently-known" services.
After you've done this, make sure everything is deleted including your PfP, and change your username, anonymize as much data as possible such as changing username, email and others.
After you've done this, you are now ready to delete this account.
As for finding services you may have forgotten, look through your entire email and find services you may have signed up for and start to do the same process.
Try to search up your commonly-used usernames to help you with this process.
Do this for every single account, just to ensure there is not anything that you may have missed.
As for finding services you may have forgotten, look through your entire email and find services you may have signed up for and start to do the same process.
Try to do searches on all of your identities and use this as a good way to help ensure that you've removed everything that you can.
Utilize services such as [HaveIBeenpwned](https://haveibeenpwned.com) to ensure you haven't suffered any data breaches and use Sherlock to help find some of your missed accounts.
For anonymity, it may be best to utilize Tor for email to help prevent an adversary from obtaining your IP address, and to help prevent fingerprinting.
Using a web browser to access email allows for malicious javascript to be utilized to capture your credentials along with your mail contents.
Some services only allow for web-based applications, while others such as Proton allow for a local-client on paid plans.
Be mindful of this.
If you need a temporary email, you are able to use:
_What is the point of using a secure messenger, if your desktop is compromised by the same adversary you are protecting against via your secure messenger and they can see all of your activity?_
The default desktop enviroment has a broken security model.
This is due to the fact of lacking permissions and proper isolation as done on mobile operating systems such as Android with their per-app permission toggles.
Some services like Firejail, Bubblewrap, SELinux and Apparmor can fix a lot of these issues, but the fact is configuring these services for every application can be a daunting task and can lead to much user-error.
There are some efforts to "privatize" these operating systems, though due to the fact that they are all _closed-source_, means that many of these hardening methods that we would do, can just as easily fail if the OS itself is backdoored.
The operating system you choose should not be based upon what is recommended here, you yourself will need to research what is best suited for your situation and needs.
Linux is _private by default_, meaning that your personal information is not being _harvested_ like traditional operating systems including Windows and MacOS.
Those who are looking for some excitement or extremely into privacy, security and / or anonymity should look at [Qubes OS](https://qubes-os.org) <buttontype="button"class="btn btn-default btn-xs"><ahref="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/">Tor</a></button> and [Tails](https://tails.boum.org) if you haven't already.
Simply put, most aspects of the OS are split into Qubes which are virtual machines, meaning that if something gets compromised, the rest of the system can be safely used.
Due to the way Qubes OS is built, requirements will be heavy.
-`sys-net` -> `sys-firewall` -> `sys-firewall-email-personal` -> `personal-email` - By placing the firewall here, this allows us to only whitelist internet traffic from specifically our email provider.
-`sys-net` -> `sys-firewall` -> `sys-firewall-IN-vpn-us-1` -> `sys-vpn-us-1` -> `sys-firewall-vpn-us-1` - This again gives us the ability to whitelist traffic from only the `sys-vpn-us-1`.
You should not install all of your applications on a single template qube, instead you should have different templates for each purpose.
This is done as a security measure along with helping us with proper compartmentalization.
It's best to use minimal templates as most applications will likely not get used, but if you need more applications you can simply install them in a new template.
Ensure to read the [official documentation](https://qubes-os.org/doc/templates/minimal) for minimal templates.
There is always the ability to build your own template utilizng the [Qubes builder](https://www.qubes-os.org/doc/qubes-builder/). _**However, keep in mind that by using unofficial templates you are trusting more entities because now you have to trust the Qubes team and also the maintainers of the Unofficial templates, depending on your threat model using Unofficial templates might not be worth the security risk it carries.**_
We will need to properly setup [split-pgp](https://qubes-os.org/doc/split-gpg) and [split-ssh](https://kushaldas/in/posts/using-split-ssh-in-qubesos-4-0.html).
Using the "split" method, we are able to create an additional [split-browser](https://github.com/rustybird/qubes-split-browser) and a [split-dm-crypt](https://github.com/rustybird/qubes-split-dm-crypt).
Using [u2f-proxy](https://qubes-os.org/doc/u2f-proxy) allows you to "compartmentalize the browser in one qube and the USB stack in another so that they are always kept separate from each other".
This would provide increased redundancy, though it can _potentially_ decrease security, as having another system on the network, proper hardening, etc. but is unlikely to cause any harm with the proper configuration.
We can generate an alias by thinking of a random word / phrase but this method could eventually compromise you if you keep choosing references from Star Trek.
If you are using Qubes OS, we are able to utilize compartmentalization heavily in this instance. We will start off by creating multiple qubes for our setup.
Note that SimpleLogin has been acquired by Proton, meaning that Proton will technically know all of your email aliases, but this should be no concern for this type of setup.
Your browser _can_ be easily [fingerprinted](https://wikiless.org/wiki/Device_fingerprint#Browser_fingerprint), and tracked across the web, this can be all changed.
Brave is based upon Chromium and includes significant enabled-by-default [privacy protections](https://brave.com/privacy-features/) by default unlike a lot of other browsers.
- For increased security you can block 3rd-party frames as [described here](https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-Benefits-of-blocking-3rd-party-iframe-tags).
LibreWolf contains many privacy features and additional hardening by default along with removing various "bloat" such as Pocket extension and Firefox Sync.
_"LibreWolf is always based on the latest version of Firefox. Updates usually come within three days from each upstream stable release, at times even the same day. Unless problems arise, we always try to release often and in a timely manner. It should however be noted that LibreWolf does not have auto-update capabilities, and therefore it relies on package managers or users to apply them."_
LibreWolf is a good alternative to utilizing Arkenfox on Qubes as we cannot reasonably trust a human to consistently and manually check for updates on Arkenfox.
Android allows us to have more access over our device such as installing applications from third-party repositories and having access over `ADB` and changing permissions.
You can utilize Tor on a mobile device by installing [Orbot](https://github.com/guardianproject/orbot).
Orbot allows you to route your entire device over Tor or allow proxying other applications.
[Tor Android](https://github.com/guardianproject/tor-android) is also available.
If your device has the ability to create multiple profiles, you can create a "Tor-only" profile, in which the entire profile is routed over Orbot and you are utilizing Tor Android.
The main differences between centralized and decentralized is that a single authority cannot easily block a decentralized network as there is not a single server unlike centralized.Decentralized services are _sometimes_ prone to leaking metadata and may cause issues when federated.
- [Matrix](https://matrix.org) Matrix provides a federated platform, which allows for anyone to host their own server, meaning that it is resistent to censorship as the network does not rely on a single server.
Choosing your secure messenger will depend on your use-case.
For instance, if you want to protect your traditional SMS / MMS messages, [Signal](https://signal.org) will be the best option if you are looking for a simple replacement that uses your telephone number, allowing contacts to easily add you, which would make this "easy adoption" unlike something like Matrix.
If you are looking to participate anonymously in various communities, you may want to utilize [Matrix](https://matrix.org) as one of your options.
For instance, if someone stalks your behavior and notices you leave your device unattended, this can lead to malicious activity taking place such as compromising firmware, installing a small Bluetooth transmitter, accessing device information if the device is unencrypted, or even just outright taking the device.
At first glance, many of this seems like defining qualities, but they can be altered in a manner in which that can help prevent you from being identified.
Based on [this article](https://www.technologyreview.com/2019/06/27/238884/the-pentagon-has-a-laser-that-can-identify-people-from-a-distanceby-their-heartbeat/) your heart rate can be identified from up to 200 meters away.
To change your heart rate, you can rely on external substances such as medications or energy drinks to do this.
Doing such will raise / lower your heart rate based upon what you do.
To hide your heart rate from such technology, it is advisable to use tinfoil to block the signal.
This can be done via foil clothing or line a jacket with the proper tinfoil material.
When walking into a store, ensure to lower your spine or lean in a way that your true height is not identifiable based on the measurements on the door.
It is advisable to remove any electronic equipment on your vehicle.
For additional protection, you may:
- Tint the windows
- Remove / replace vehicle badges and emblems
- Remove the vehicle license plate, replace with a fake one, or severely damage or cover the plate to beyond recognition (dirt / debris or license plate physically wearing off)
- Remove all signs of VIN or any other unique identifiers
- [Tracking you with Wifi](https://www.vice.com/en/article/y3p7xj/scientists-are-getting-eerily-good-at-using-wifi-to-see-people-through-walls-in-detail)
- [Real Time Object Tracking System using Thermal Camera](https://medium.com/analytics-vidhya/real-time-object-tracking-system-using-thermal-camera-b4d077a20f16)
You should not be trying to setup a secure system if the hardware itself cannot be trusted.Anything can be pre-loaded with malicious code designed to compromise security, especially how mass-production has been increasing over time, meaning they just need to compromise a device on the production line.
[PortaPow Pure USB Data Blocker (Multicolored)](https://www.amazon.com/PortaPow-Pure-USB-Data-Blocker/dp/B07W928WRR/) - This USB-A Data Blocker is made of transparent plastic, meaning that you can physically verify that the data pins have been removed along with the removal of their "SmartChip".
Which will prevent an additional attack surface from being used.
[PortaPow USB-C to C Data Blocker](https://www.amazon.com/PortaPow-USB-C-Data-Blocker-Twin/dp/B082WDHS22/) - A USB-C cable that does not transfer any data.
[Faraday Pouch](https://wikiless.northboot.xyz/wiki/Faraday_cage) - This will block all radio waves and signals, which can ensure that absolutely no connection is traveling out of your devices.
An *easy* method of implementing plausible deniability is to utilize [Hidden VMs](https://github.com/aforensics/HiddenVM) — Use any desktop OS without leaving a trace.
Sometimes, you will need to host a server anonymously.
This can be a pain, as a lot of popular services require some sort of ID, credit card, address, etc.
For true "anonymity", we will tend to avoid these services.
These range from Amazon Azure, to Linode.
For a server, it's advisable to pay with crypto-currency, such as Monero, Zcash or some other type of "privacy"-respecting currency.
If you need a domain, it's advisable to use [Njalla](https://njal.la) <buttontype="button"class="btn btn-default btn-xs"><ahref="http://njallalafimoej5i4eg7vlnqjvmb6zhdh27qxcatdn647jtwwwui3nad.onion/">Tor</a></button> as they do not collect any personal information, and they are well-known for their strong privacy.
For the actual server, you can use [1984](https://1984.is/) or the listed options below:
