Silk Road forums
Discussion => Security => Topic started by: danny666 on May 27, 2013, 05:15 am
-
I have been using Tor on and off for some time now. For the last year the ONLY way I have used Tor is with Virtual Machine that forces all traffic over Tor or dropped's it. In my (professional) opinion this is the only trusted and secure way. In this way i can freely use Flash, java script and other's with zero leaks. Why don't more Tor user do this?
Tutorial based on debian:
http://www.howtoforge.com/how-to-set-up-a-tor-middlebox-routing-all-virtualbox-virtual-machine-traffic-over-the-tor-network
-
This is a great guide. I think this accomplishes the same thing as my Whonix-Gateway tutorial: http://dkn255hz262ypmii.onion/index.php?topic=161335.0
-
Basically, but i dont see the need to run 2 VM's as you do with whonix.
-
Great idea!
-
Basically, but i dont see the need to run 2 VM's as you do with whonix.
I think it's just easier. The Whonix Gateway is a preconfigured solution. You only have to set the networking up on the workstation and don't have to deal with iptables rules, etc. But your way is good too.
-
Both ways are great, and 100 times then the browser bundle or any proxy.
-
Another good solution is to use a VPN (anonymous, no-log VPN of course, sign up through Tor with btc) combined with Tor using a Linux distros, boot from USB.
PB.
-
I dont understand the whole VPN thing. Tor is basically a big, random, anonymous VPN.
The point im trying to make is that the browser bundle, or any app that simple use Tor as a proxy is not a good option. They can give you IP away in a dozen ways. If you want really secure access to Tor you should use A middle box VM or Whonix gateway setup.
-
I dont understand the whole VPN thing. Tor is basically a big, random, anonymous VPN.
The point im trying to make is that the browser bundle, or any app that simple use Tor as a proxy is not a good option. They can give you IP away in a dozen ways. If you want really secure access to Tor you should use A middle box VM or Whonix gateway setup.
You're right that a VPN does not make Tor any more secure. But what a VPN does provide is an encrypted tunnel to a foreign server that doesn't keep any logs as to what is passing through it (and of course accepts btc, with an anonymous email for reference). For those in areas with fewer active internet connections this is important as the ISP can quite easily see which of its customers are accessing Tor - obviously not an illegal act, but why share this with your ISP? With the VPN the ISP just sees the encrypted connection to an offshore server and that's it. As long as the VPN is legit, running Tor through a VPN seems pretty safe to me.
PB.
-
Is there any benefit to using this method over "Tails"?
-
Mhaura, theoretically Tails could be rooted. An attacker who roots Tails can disable the firewall and bypass Tor. This guide protects against that because Tor runs outside of the VM.
The chances are slim of that happening, but that's the worst case scenario. A more practical approach is that you might not like Tails. In this setup (as well as my Whonix-Gateway guide), you can make any OS the workstation and isolate it behind Tor.
-
I dont understand the whole VPN thing. Tor is basically a big, random, anonymous VPN.
The point im trying to make is that the browser bundle, or any app that simple use Tor as a proxy is not a good option. They can give you IP away in a dozen ways. If you want really secure access to Tor you should use A middle box VM or Whonix gateway setup.
You're right that a VPN does not make Tor any more secure. But what a VPN does provide is an encrypted tunnel to a foreign server that doesn't keep any logs as to what is passing through it (and of course accepts btc, with an anonymous email for reference). For those in areas with fewer active internet connections this is important as the ISP can quite easily see which of its customers are accessing Tor - obviously not an illegal act, but why share this with your ISP? With the VPN the ISP just sees the encrypted connection to an offshore server and that's it. As long as the VPN is legit, running Tor through a VPN seems pretty safe to me.
PB.
It's my understanding that the obfsproxy Tor Browser Bundle makes the connection traffic appear to be random stuff that doesn't appear to be Tor traffic. Would this also work?
-
I have been using Tor on and off for some time now. For the last year the ONLY way I have used Tor is with Virtual Machine that forces all traffic over Tor or dropped's it. In my (professional) opinion this is the only trusted and secure way. In this way i can freely use Flash, java script and other's with zero leaks. Why don't more Tor user do this?
Tutorial based on debian:
http://www.howtoforge.com/how-to-set-up-a-tor-middlebox-routing-all-virtualbox-virtual-machine-traffic-over-the-tor-network
Thanks for this, Danny. Do you know if there's a way to accomplish this setup with Mac?