Soooo... I hate to come off as condescending, but I don't think you guys are really fully aware of how Tor and DNS work. I sincerely mean no offense, it's just the impression I get.A domain name server (DNS) holds the IP addresses for all the clients under its domain. Basically. A DNS query is what you call it when you send a message to the DNS asking for a client on its domain. It returns the numeric 127.0.0.1 style IP address to you, and you then address your packet to said IP and send it off into oblivion. Then it gets routed to the destination. That's the gist of it.DNS is not forced over Tor. Tor simply implements its own system. The problem is that its system is built on top of the usual internet one, so any program not aware of the fact that it should leave all DNS queries up to the Tor program can just go off and ask for the IP itself. Not all programs do this, but some do. What Tails does is just forcibly redirect ALL traffic through Tor, so even if some program tries to do its own address resolution, it doesn't actually contact a DNS and say "hi, address of Silk Road the BIGGEST DRUG SITE EVER plz!" Or something to that effect anyway :)A Virtual Private Network is basically something that takes your computer and makes it a part of an abstract, logical (as opposed to physical) network. It's supposed to be an extra layer of protection, but... I don't know. I mean it all depends on who you're using, and I have no experience with it at all except for places I've worked to be able to access classified in-network-only data when I was off site. I don't care for them myself and would avoid that route, but again, my opinion is only semi-informed. Take it as such.Personally I think anything except Windows is acceptably secure. Windows probably is too, I just don't care for how much harder it is to look under the hood in Windows than in Linux. There's a lot of worrying that goes on about technical security, but really, if you're selling... you should be worried about them charging you for the drugs you possess and the selling of them. They're very unlikely to want you badly enough to look in this kind of depth at anyone.My feeling is the only reason they ever even would is if they can't pin the usual stuff on somebody or they think a lot more is going on. Or maybe throw it in just to scare you into plea bargaining or something, I dunno.Quote from: jase00 on May 27, 2013, 08:12 amI'm probably wrong (as I am not that familiar with TOR or iptables.. I prefer BSD) but anyways.. in the tutorial doesn't it allow DNS to pass through ?? And if so.. wouldn't DNS be the thing most likely to leak the URL if TOR had an issue ?I'm sorry, but I can't understand your question or the assumptions that are the basis of it. A URL is just a Universal Resource Location (locator? Whatever). http://something.someone.whatevs is a URL. HTTP is the protocol, and the rest is the name of something. The DNS turns that into a numeric location that you then use, but the URL itself doesn't leak anything except... well, that you want a certain site over a certain protocol (HTTP = HyperText Transfer Protocol).P.S. - it's Tor, not TOR. It's not technically an acronym, it's just a sort of... moniker I think. Anyway, for some reason it's Tor, and if you use TOR people assume you don't know enough about it to even know it's "Tor" yet.