What are /r/onions' favorite Products & Services?

From 3.5 billion Reddit comments

https://protonvpn.com/support/tor-vpn/

Let's you connect to Tor over your VPN without the use of the TBB. You may have to configure your browser to use onions.

I wouldn't use this feature if you have real protection in mind.

If you are poor maybe xiaomi is the way to go with a custom rom. I am far from poor and consider Samsung overpriced.

​

https://play.google.com/store/apps/details?id=org.torproject.torbrowser&hl=en\_GB&gl=US

Whatever you use on the clearnet, it won't be the same using Tor. Tor enforces it's own philosophy for handling DNS requests. You see that when you do a DNS leak test: https://www.dnsleaktest.com/

Now, do the same test over clearnet. See the differences?

Use Tails as your OS for anything that you need good privacy and protection.

Otherwise, KeePassX for password management, Thunderbird for email, TrueCrypt for encryption, Firefox as the browser with NoScript and Adblock Edge as addons, Pidgin with OTR for messaging, Jitsi for video chat, Bitmessage for communication, BitTorrent with a good VPN, and Multibit for Bitcoin.

I use Linux so I don't need a separate firewall. You should use Tails, but if you don't use Tails, use a Linux distro. I prefer Mint myself.

Tails is an anonymous operating system for more info go to /r/tails and read side bar. To get tails Os use this link -https://tails.boum.org/. If you're just browsing for random links on the dw you're good with the tor browser. If you wanna buy drugs and other illicit stuff use Tails for a better anonymity.

You posted on a subreddit dedicated to privacy and anonymity... and anonymity and smartphones simply do not mix. You should treat your device as an inherently insecure and hostile device.

You should read up on the concept of modes of anonymity. In a nutshell, don't mix them. Don't put data that conforms to one mode alongside data that conforms to another. Doing so effectively links them in the event of an unintended party gaining access to your data (which is extremely easy for a smartphone).

So, treat your phone as a phone and as a work and play device. Not a device to be private or anonymous. Of course, as a matter of basic privacy and security, use the device encryption and a PIN or password. Honestly, both Android and iOS have good implementations of this. Not sure about Windows Phone. That's about all you should worry about for a phone, especially if it's your main phone, linked with a Google or iCloud account, with mobile data and service attached to your real identity.

First of all, I suggest using the Tor Browser Bundle and not configuring software yourself. The TBB has been set up and tweasked by the Tor developers and should be free from leaks. By default the TBB also has location tracking disabled.

Location tracking works by the browser using wifi and other signals to find your location (at least in Firefox. Here is a link to Mozilla's FAQ on geolocation). This entirely defeats the purpose of Tor, whch is to hide your identity and location. Do not enable tracking if you want to stay anonymous.

I recommend the following light reading: Want Tor to really work? The ellipses ( . . . ) indicate the reasons for the behaviors, which can be read in full at https://www.torproject.org/download/download-easy.html.en#warning

>You need to change some of your habits, as some things won't work exactly as you are used to.

> a. Use the Tor Browser . . .

> b. Don't enable or install browser plugins . . .

> c. Use HTTPS versions of websites . . .

> d. Don't open documents downloaded through Tor while online . . .

> e. Use bridges and/or find company . . .

> Be smart and learn more. Understand what Tor does and does not offer . . .

Private Internet Access (PIA) has been challenged twice now in court and had nothing to give up because as they have always claimed, they do not log.

Here is the latest....

You are probably fine. But, if you really are very concerned about your anonymity get a laptop, install linux and never use any of your personal accounts on it.

Here are some helpful links:

https://www.deepdotweb.com/jolly-rogers-security-guide-for-beginners/

https://www.privacytools.io/

If you're going on normal sites such as Yahoo or whatever, then yeah. It's fine.

For clear web use it may not be as good as a VPN such as NordVPN because some sites, such as Google and YouTube have Tor blocks which don't allow Tor users to use their site. From what I know, all Google services have a Tor block aswell as probably other major brands/services.

The article has nothing to do with NordVPN being breached or anything, they just did a study as a third party.

Additionally, every company is thought to be "safe" until suddenly they aren't. Nord, or any company for that matter, almost certainly has vulnerabilities that may be getting exploited right now, we just don't know about them. Windows 7 was thought to be safe until Eternal Blue was leaked. OpenSSL was thought to be safe until Heartbleed came along. "Safe" doesn't exist, there's just increasing/decreasing levels of confidence

The first thing that I will say here is that security, anonymity, and privacy are NOT commodities on the internet, they are behavioral patterns. If you're buying drugs from hidden marketplaces, you don't want to be YOU, so don't BE you. You follow me?

VPN + Linux + Tor Browser Bundle. If you don't feel like learning Linux as your main OS, that's fine, but eventually you will learn Linux one way or another.

Tails is a Linux distro designed to be live, meaning you can boot it on almost any system from a USB. Whonix is another Linux distro that is designed to run on a VM, namely VirtualBox. It's a bit more complicated, but is great for use on a non-portable PC. If you're using just a laptop, stick with Tails.

If you want to be thorough about this, I recommend watching Rex Kneisley a.k.a. Crypto Dad's videos starting with this one. If you're serious about anonymity and privacy, Rex has a good guide series for you. You'll want to watch the videos about gpg4win, installing Debian, setting up bitcoin wallets, buying bitcoins, setting up a VPN, and setting up Whonix. If you're not exactly computer literate, PAY CLOSE ATTENTION. His methods tend to be quite involved, but he'll walk you through everything.

If you're not overly concerned with hardening your system, then a VPN (I recommend NordVPN) and Tor will do the job. Just be aware that there is some risk even if you do have a hardened system, so there is definitely risk if you do not. If you're just buying some weed, you should be generally ok as far as the government is concerned. It's hackers and scammers that you want to be wary of.

And lastly, I just want to remind you that security, anonymity, and privacy are NOT commodities on the internet, they are behavioral patterns. If you're buying drugs from hidden marketplaces, you don't want to be YOU, so don't BE you. You follow me?

The Tor Project give some suggestions: https://www.torproject.org/eff/tor-legal-faq.html.en

They also have some general advice for running an exit node in the US: https://blog.torproject.org/running-exit-node

Keep us updated on your situation.

It depends entirely on what you define as "safe". Do you simply want to hide your traffic from your ISP? Then it probably is fine. If you want to hide it from state-sponsored spying, almost certainly not. Privacytools.io has a very good overview of the Win10 privacy issues, among which is a keylogger (Cortana); Tor can do nothing to hide your keystrokes (which probably contain most of the data Tor tries to hide) from the operating system.

Of particular note, if you are trying to use Tor system wide (as a proxy), Win10 is a very bad option as it does not honour proxy settings and also communicates a device ID to MS across the network - Ars Technica - Even When Told Not To, Windows 10 Just Can't Stop Talking to Microsoft.

Truly would be a best case scenario if this is the cause. It always seems like when something funky happens to the tor network, we always read about police raiding hidden servers a few weeks or months later. Can you post the announcement you saw? I can't find it on https://ricochet.im/

1) Windows is not only insecure, but it is a product of a company who has been complicit in violating its own users' rights. Don't trust it. Use Linux.

You don't have to give windows up altogether, since for some that can be asking a lot. You can run Linux from a live CD or USB. Tails OS is perfectly suited for this. Also Liberte Linux.

You can aldo run the above in a virtual environment, but the potential for leaks and security flaws is higher. So you would definitely want to consider a VPN or proxy to access Tor.

2) You can use your home network, but it's just a matter of risk. I would not advise connecting directly to Tor from your home network. Tor is being targeted more heavily now than in the past. The Feds are flexing, and so we must react appropriately. Extra precautions are prudent.

A VPN will provide a layer of security and privacy due to the extra hop and encryption.

There are lots of good no-log VPNs out there. Private Interne Access is a favorite. They also run a proxy for users and accept bitcoin. CyberGhost is another good one. And Mullvad.

Just make sure to use OpenVPN access protocol. Don't get lazy and use an outdated (and weak) protocol. Stick with OpenVPN 256 bit. Anything less would be uncivilized.

Ask all the questions you need. Better to ask than to find out the hard way what you don't know.

You should be skeptical about your VPN. Some VPNs keep a log of user activity for quite a few days/weeks and these logs are handed over to the LEA if they demand it. That's how one of the Anonymous hackers was caught. He was using HideMyAss VPN; HideMyAss co-operated with the police and handed over vital logs to them.

There are many VPNs who keep non-identifiable logs, or do not keep any logs at all. You should stick with such VPNs. Here's are a list of the good VPNs.

Your ISP sees all, if they choose to look. Tor hides what you are doing through Tor. If you want to hide your Tor usage you need to tunnel it through something else such as a VPN. But here's the question: why do you care if your ISP sees that you are using Tor?

^^P.S. ^^It's ^^Tor, ^^not ^^TOR.

Edit: Based on the few posts/comments in your brief reddit history, it is clear that the number one thing you need to do to learn how to use Tor safely is the read the documentation. No really, read it. This should take you a few hours at minimum (and that's not including Googling the parts you don't understand). If it didn't, then you need to go back and do it more thoroughly.

Bitcoin is not meant to provide privacy. Bitcoin has a completely transparent ledger. All transactions and wallet amounts can be seen on the blockchain. If you are looking for privacy, you need a privacy coin. Monero is the best privacy coin I know of. You can buy Monero with bitcoin from app bisq

Depends how you're using Tor.

If you're using Whonix to use Tor you can rest assured that every program on the Whonix workstation -- even skype -- is routing its traffic through Tor. Of course Skype can still compromise you in other ways, like taking pictures with your webcam, or listening to your conversations.

If you're instead using something like Tails or Tor Browser --- where the machine your on can make direct connections to the internet --- then be aware that Skype and most other programs will be connecting directly to the internet and not routing traffic through tor.

Tor website. So you no longer can access the information about Tor or download Tor software directly.

They certainly can't block access to Tor by DNS alone, and for Layer 3 blocking you can of course use https://www.torproject.org/docs/bridges which is exactly the reason they were invented for oppressive regimes like the US.

Maybe it is faster because it is leaking lots of stuff? Torbutton for Firefox does a lot more than just toggling proxy settings...

https://www.torproject.org/torbutton/en/design/

https://blog.torproject.org/blog/google-chrome-incognito-mode-tor-and-fingerprinting

I wouldn't recommend going with a free one, it is really expensive to host VPN services, where do you think they get the money to host it? From your data ofc. There are many VPNs that aren't that expensive. And a VPN is actually a really good investment, I mean a high quality VPN that doesn't log and keeps you anonymous. I understand that people don't want to pay for it and get everything for free, but a good VPN is essential these days and I think it is worth those few bucks a month to have it. I could recommend you looking into /r/vpncoupons or /r/deals for cheaper VPN subscriptions, there are many deals for VPNs like NordVPN, ProtonVPN, Windcribe VPN, who are actually really good and worth the price.

You can check https://haveibeenpwned.com/Passwords to see if a password you use has been exposed. If the password has been exposed that does not mean that is was 100% your password unless the password is very unique.

yes, there's nothing illegal about using onions that don't display CP or stolen/copy written shit. ordering drugs, fraud, etc is a different story. just make sure you're using different stylometry and username and such from anyone you use for anything questionable.

https://www.whonix.org/wiki/Template:Stylometry

Please read their transparancy report https://protonmail.com/blog/transparency-report/

You can see they get daily requests to access user data and they comply.

I would recommend Tutanota or StartMail instead

Can you just use Paint, photoshop/gimp, or some image editor to get the colors off of the logo? Just dig around on https://www.torproject.org/ for images. Also, if you try watching some Tor talks, like from Roger or Jacob, then you might get some ideas about how they make their slides look. Is that what you're talking about?

Probably best to use OnionShare.

It lets you share files directly with the person you want to give the file to, but routes everything over Tor.

It has a clearly visible log in the UI so you can figure out if someone accessed the file already.

It's free, opensource, created by the Tor Project.

Hello, I'am the author of the blogpost. proof: Keybase

--

I've been running this script for a few days and got really good results. I bought a few "juicy" domain names(e.g buybitcoin.us) and made good-looking templates in bootstrap and then just set up a simple admin-login over at admin.domain.com.

--

The python-script is simple, it downloads a list of all fingerprints that allow exitports and generate a unique password for each one, then it simply POST the data though that node, e.g:

08371E51EC422173DE1D748EF07E2096A6C046D3:myuniquepassword55prefixpadding

--

The phisingsite obviously logs every login so I just need to check who logged in twice. Not every password is accepted to login, I did not wanted to involve any databases so I made this part purely in PHP by accepting anything with a specific prefix(e.g anything_prefix)

--

In 3 days I discovered 4 nodes that was sniffing, the sad part is that only 2 of them logged in with the same password as I posted through the exitnode and and the other ones just visit my subdomain and tried to login with admin:admin. Of course, these two could have been bots but I have of course robots.txt disallowing any indexing and my site has just been up for 2 days.

--

Then we have the "leak"-methods which are unique. I have a few really nice methods for this, one is to spoof secret PDFs(like the one you can see to your right) with included links which are unique. Now I just need to upload/download these via legit filehosting services and wait for anyone to press on the links.

--

There are many things you can do actually and this is more a technique rather than an actual script/tool. It's kinda simple, you post juicy stuff and wait for them to grab it, if they do you'll know!

--

I would be happy to answer questions and thanks for sharing my blogpost (:

If you are looking for privacy, forget free vpn. The cost to keep a decent and secured service is big. It requires hardware, electricity, maintenance, internet service, etc. If you are not paying, you are probably the product being sold.

I have been using NordVPN for the last 6 months and so far, I am pretty happy with it. The price is fair for what they offer.

ProtonMail is free anyways.

Instead of Vipre there is Avast, Malwarebytes, Avira

KeePass, LastPass, and Dashlane both have free versions of password managers that are great.

VPNs aren’t usually free, but TunnelBear will give you 500MB of free data. You should just pay for a good VPN like ExpressVPN or NordVPN if you’re going to use a VPN.

In terms of free “private” browsing I guess you can use Tor and DuckDuckGo.

A few ideas:

Are you sure you downloaded the USB Installer Image and not the DVD ISO? Note: this link is copied from the tails installer page just to use as a reference, but regardless, I don’t encourage anyone to download it directly from this link.

Consider trying Etcher to create the USB from the Installer Image. It’s recommended in the tails installer page.
It’s pretty simple, few less options than Universal USB Installer.

Does your USB key have a second partition? Some manufactures include a “convenient” extra partition with some tools. Make sure you fully erase your USB key before installing.

Hey, buddy. You need to connect to the Tor network in order to view .onion sites. Take a look at this article, "surf anonymously on your iPhone or Android phone using Tor." The author suggests either an app called "Covert Browser," or "Tor client by Sid77" if you're jailbroken.

You might find it useful to read this guide at the Tor Project, "Hidden Service Protocol."

> Just the government doesn’t want you to have it.

Depends much which branch of which government?

• DEA? They don't seem to care much about the deep web except for major market places.
• Stuff that could contribute to overthrowing US-friendly governments? DoD/NSA probably cares a lot, probably owns the VPN (or at least owns some employees there), and you're in trouble.
• Anything that's only offensive to some non-US government? They probably don't have the budget to track you through VPNs or Tor (unless they happen to run NordVPN - which is certainly possible).

"We can't find him! He's using 7 proxies in incognito mode!!"

This sort of applies here. While it helps to have multiple layers of security, remember that each layer will slow you down some. In this case, it depends on the quality of the VPN, since that becomes the weak link. Freedome seems acceptable, based on the minimal research I've done. May help you to keep it on while using Tor, but it's not really necessary.

I have mixed feelings about this. There are positives about getting more people using Tor, since it does increase the mixing effect and increase anonymity accordingly... but there are a few major potential negatives as well:

• Feds are targeting Tor more heavily now than ever, so it's not exactly a riskless time to be using Tor, even in an innocent capacity -- and we can reasonably expect it will increase.

• Will TPB run a relay? Or a set of relays? Perhaps exit node(s)? Or a bridge at the very least? Otherwise, encouraging their users to use Tor for torrents will further bog down and already overburdened network and leave less bandwidth for journalists and activists in oppressive states whose lives might depend on it.

• We need to know how this is different from TBB (other than the FoxyProxy addition). It will need to be deconstructed. Where is the source?

• Many users are likely not aware of the proper configuration for Torifying p2p apps (perhaps this is why they say the program does not hide your IP address... even though it uses Tor)

Apologies if these questions have been answered elsewhere.

The Tor connection and the normal Internet connection are split so there's no relation between the two, as long as you don't route your normal traffic through Tor. As xrandr said, don't use any of your clearnet associations on Tor. If you make an identity on the clearnet that uses on of your aliases in Onionland, only login through it with Tor. For example, on this site, I'm using Tor along with my Mullvad VPN for an extra layer of security against potential threats. And for God's sake, please do not use anything that could be remotely related to your real-life identity. You don't want to get doxed and end up on an /i/ board.

Step one:

Start yoga and breathing exercising months in advance because it fucking sucks.

Step 2: install GrapheneOS or an equivalent with a hardened malloc with the ability to re-secure the bootloader. Ensure you have full disk encryption.

Pgp: https://www.openkeychain.org/

Tor Browser from Torproject

Protonmail and XMPP via Jabber and Orbot for all

Links from dark.fail

Final step: ditch the phone and get a chrome book, degoogle it by removing wp screw and flashing gallium OS then boot from tails usb. Or buy a $40 used laptop with minimum specs or higher with no hard drives just ensure the BIOS allows USB booting.

>Is it even possible to "search" for hidden *.onion domain websites?

Tor search engine:

http://kbhpodhnfxl3clb4.onion/

>I know this apparently is against some of the "rules" of using TOR, but is it possible to save only passwords on TOR?

Click on the green onion to the left of the URL bar and select "Preferences".

Select the "Security Settings" tab and uncheck "Don't record browsing history ...".

Hit OK.

Click on the top left orange "TorBrowser" and select "Options".

Select the Security tab and check mark "Remember passwords for sites".

>or at least Navigation History?

Select the Privacy tab.

Set "TorBrowser will:" to "Use custom settings for history" and make any other changes you need.

>how do I download and save them to my computer?

You should be able to download files after clicking through a popup "Download an external file type?" warning. The "Download file" button will become active after a few seconds. For PDF files, the file will be shown directly in Firefox. You can download the document by clicking on the icon of a page with a down arrow in it on the top right (in the PDF viewer). You can also save it directly by right clicking on the PDF link and selecting "Save Link As"

For extra security, you should really use the Tails OS when downloading and reading documents.

https://tails.boum.org/

Sure. But keep in mind that a Raspberry Pi might not be the best option. People are trying to use them everywhere, but they often overestimate their capability or usefulness.

As for actually doing this: the Raspberry Pi runs pretty standard flavors of linux, so using existing software should be no problem. You have to get the following things working:

• A web server
• Tor
• If possible, sandbox or VM software to run both of those in (this is where the Raspberry Pi starts becoming less practical)

After that, you can just modify your torrc file to point towards your local web server as described here.

https://cock.li/auth/register

over Tor: http://cockmailwwfvrtqj.onion/auth/register > Cock.li is your go-to solution for professional E-mail and XMPP addresses. Since 2013 cock.li has provided stable E-mail services to an ever-increasing number of users. Cock.li allows registration and usage using Tor and other privacy services (proxies, VPNs) and is run by "some dude", not a business. I use this E-mail service personally so I have a vested interest in keeping it up, stable, and secure.

NordVPN has onion over VPN. I was using the chrome browser and no it wasn’t a www. site. TOR stands for ‘the onion router’ and after some research I’m thinking the NordVPN system works like the tor project?

Tried all of the free ones. Not that they're all bad, but it's worth paying for Private Internet Access. One click and you're all set.

I can try to explain it a bit more.

When browsing the normal web (clearnet), most traffic is encrypted with something called HTTPS. This allows one to secure their traffic sent to servers on the web, among other functions (such as verification that you're talking to the correct server). Whenever you are browsing a clearnet website using Tor, traffic is encrypted by Tor up to the exit node. [1] After that, the Tor browser will use HTTPS to communicate with the clearnet site (if the clearnet site supports it). This is the "encryption" that your browser is looking for when it shows the globe and says "Your connection to this website is unencrypted."

However, with hidden services there is no "exit node" because the traffic does not leave the tor network. Instead, both your Tor browser and their hidden service build circuits in the Tor network. These circuits meet at a "rendezvous point," which is a tor node. [2] Since all traffic between Tor nodes (and the Tor client) in a circuit are encrypted [1], there is no point in which your data can be seen unencrypted. The browser still looks for HTTPS, though, and when it doesn't see HTTPS it claims that the traffic is "unencrypted." This is false, it's simply not encrypted with HTTPS, but rather it is encrypted through one's Tor circuit.

I am glossing over some details here like public and private keys, and how hidden services are found in order to make this as friendly as possible for non-technical readers. If you would like even more detail, please let me know.

1 https://www.torproject.org/about/overview.html.en#thesolution

2 https://www.torproject.org/docs/hidden-services.html.en

As one user has already said, use a secure OS like Tails. If that's above your skill of proficiency, here is some tips.

1.) Download, install, and run TMAC v6

2.) Get a paid VPN service with zero logging policy and connect to any server but one in the US/UK due to their 5 Eyes presence.

3.) Do not use passwords that you normally use. Install a password generator that stores your keys locally. Absolutely no saving to the cloud. 4.) Browse safely and securely.

You should brush up on learning basic Linux distros. It will be your guidepost to learning how TAILS works as well as insight into other distros of Linux.

In most cases your data is private and safe unless you are a person of interest in which case most information on you can be easily ascertained. The encryption laws really enable the Australian government the right to get information from businesses that hold data on you or force you to hand over your passwords. Keeping safe and private is pretty easy and most of what you'll do on Tor will be fine. If you're not already under surveillance and your host machine is 'clean' you are private for the most part. Use a good offline encryption tool for sensitive files and leave it in the cloud. Easy would be Cryptomator and more tricky might be Veracrypt. These satisfy most users. Use good passwords. Use an online strength tester https://howsecureismypassword.net

No. The Tor network does not rely on DNS. You can actually delete all of your DNS servers and just use bridges and Tor will continue to function normally. Using bridges is a good thing anyway, so you should check it out.

Anyway, DNS servers will not compromise Tor if you are using the Tor Browser Bundle because their version of Firefox is configured to make all its DNS requests through Tor. You can use whatever DNS servers you like, though I avoid using those from my ISP for privacy reasons.

> The end user can listen in on anything passed through his portal, so if you access your bank thinking your safe because it dotted from 1,2,3 and 4 well your not, 4 can read/copy your data

This is not true if you use SSL (https), like any online bank does. Using HTTPS Everywhere is a good idea. An exception is for self-signed certificates, because the exit node can do a man-in-the-middle attack in that case.

(Btw, your/you're, there/their :-) )

A few thoughts:

1. "Crimes" between consenting adults are not true crimes. Governments only weaken their legitimacy by creating and prosecuting them.
2. I hope he's learning about all the cool tech improvements that have happened in the last decade: Whonix on Qubes, Jami, etc
3. Important safety tip: SHUM!

Mullvad is considered prestigious for its anonymous payment methods and many independent audits, so it's pretty trustworthy. Alternatively, a cheaper solution is ProtonVPN which goes through an independent audit every year and has a free option with paid options that offer a larger range of servers.

Me too, but I stopped cause of recommendation. But TBH I still don't know 100% sure why. I thought Parrot OS and other security OS did that. Anyway, it is the common consensus that when you browse on Tor, not to use a VPN..... cause Tor does a random nod and a VPN hs sets of nods you pick or at random. And especially if you do use a VPN, not to use one that is under the control of the Five Eyes. Using a 5 eyes VPN, lets say like a Canadian company like Windscribe, in theory by law they need to keep a log. NordVPN is based off at Panama which doesn't require to keep logs.

OpenVPN is open source and its like a client (third party client) where you can add your favorite VPN companies configuration and use it. ProtonVPN is private company which provides vpn service. If people think that the client provided by the vpn company in this case ProtonVPN is full of bugs, compromised or if the user is using Linux (where majority of the time only open source softwares are used) they can use openvpn by adding said configuration. ProtonVPN is not made from openVPN Although, they do provide the necessary configuration for using it on OpenVPN.

Also, ProtonVPN is free with limited server access in other words their Tor server is paid.

No lol, for real you don’t need a VPN, unless you’re visiting specifically illegal sites, then a VPN could help, but in general the chances of you being tracked on TOR are much much slimmer and lower than you being tracked on clearnet, like for example, when you access ANY site on the clearnet, the owner gets your ip address, on the deep web, or by using TOR, the website gets the last ip address of yours after the bounce that TOR makes (if you don't know what bounce is: basically, TOR takes your IP address bounces it to 3 different locations and changes it on the way, and after that bounce, you access the site you wanted) so the VPN in theory acts like a 4th bounces, but some VPNs stores your data and information, which means, any site you access they see it, store the data, and might report it to the government, that's the case for a VPN called HideMyAss, it claimed not to store data, yet it did, and someone got caught because of them storing his data. So it's up to you to use VPN or not, but it's not required to access the deep web :p, it's optional. Hope this explains it all.

IPVanish? Have you ever inspected the integrity of your VPN service by watching packet traffic on wireshark?

VPNs = LOTS OF COMPETITORS + A OCEAN OF END USERS WITH A LACK OF BASIC FUNDAMENTALS OF COMPUTER NETWORKING = LOTS OF VPN PROVIDERS THAT DONT CARE ABOUT YOUR PRIVACY AS MUCH AS THEY CARR ABOUT YOUR MONEY.

Be Wise.

What are you doing in the deep web then lol? Tor + VPN and Tor over VPN are safer than just Tor or just VPN. But what exactly are you trying to be safe from? Viruses? Hackers? ISP snooping?

Malicious websites, viruses and ads can be blocked by antivirus software, ad blockers or VPN that has cyber security feature.

Some people can hack you even through VPN or/and Tor but of course it is way more difficult if you use them both.

ISP can only see that you are using Tor or if you also use VPN then they can only see that you use VPN but not what you are doing in the deep web. Also, VPN will help you stay safe even if your traffic exits through the node as tracking it back to you would be very close to impossible.

I myself prefer using Tor over VPN + CyberSec features that I get with NordVPN. You should specify your needs or worries so people here could answer your questions and give a piece of advice.

Suggest getting a VPN focused on security and privacy, you can check Torrentfreak's article, check Nord, Proton, VPNArea

Even without TOR, it truly does. It adds anonymity as well as encryption, so your ISP is unable to track you and collect information on your habits. There’s only so many VPN’s one can trust. Some store your home IP addresses which is something we do not want. Others may leak your true identify for others to see. I've had good luck with PIA, although NordVPN is just as good, with heavier encryption.

/r/bisq is a Tor-based fully decentralized market. You can buy Monero for fiat or other payment methods there.

Alternately you can do an in person trade at https://localmonero.co

Soon you will be able to use the native-Monero Tor-based DEX, Haveno

https://github.com/haveno-dex/haveno

185.15.246.132 (nordns.com) appears to be a legit DNS used by the TOR browser to avoid queries to your normal DNS server which might be used to figure out sites you are visiting... the other ones are not used by a TOR bunde downloaded from https://www.torproject.org/... and as others alreadyhave stated, the only file available on the "shady" site is an exe, no OS X or Linux version :/

They are private tor nodes you can connect to directly. You request a few from the project. Since they're non-public, they are hard if not impossible, to block. Obfsproxy is a new Tor addon that disguises your traffic to look like skype, secure http, other innocent things, so that protocol-level analysis won't work. Here is more info: https://www.torproject.org/docs/bridges

Don't configure Tor yourself- use the Tor Browser Bundle.

The reason they discontinued the Tor Browser Button is that you will not configure your browser correctly, there are a LOT of things that can leak information about you.

Your user agent, plugins that haven't been disabled, and lots and lots of other insecurities will make Tor useless.

Don't think you can figure it out- if you don't understand localhost (127.0.0.1 - the IP you asked for) then you don't have the technical knowledge to make yourself secure- there is a lot that needs to be locked down.

The service you need to develop is just like any httpd. If your service works on a light net, it will work on a dark net. The only trick is to configure the hidden service that will proxy between the darknet and your service.

https://www.torproject.org/docs/tor-hidden-service.html.en#two

Yeah, this is a good one. If we’re thinking the same thing, the whole service is called CryptPad and it has a ton of services similar to Google Suite, including cloud storage called CryptDrive. It’s a pleasant, easy to use alternative to Google Suite.

Yes.

Although you should just use the Tor Browser directly, ~~https://play.google.com/store/apps/details?id=org.torproject.torbrowser_alpha&hl=en_US~~

Edit: https://play.google.com/store/apps/details?id=org.torproject.torbrowser&hl=en_US

I’ve been trying to figure out the dark web too. I’ve downloaded Tor and onion browsers, I’ve got IPVanish, is there really a Facebook onion site you have to go to? This is why I haven’t gotten on yet because I don’t know when ppl are being serious or when they are fucking with you, I’m very ignorant when it comes to this, however I don’t want to be, I want to learn, unfortunately I haven’t been able to find a place of well meaning individuals... I don’t expect anyone to walk me through it and type 1000 words plus, if someone could just give me some actual advice and point me to where I could research it myself I would greatly appreciate it!

Doesn't surprise me.

Protonmail is either run by, or in close partnership with, a major data mining company.

>> The company that ‘’officially’' operates ProtonVPN is ProtonVPN AG, a Switzerland based company[1]. However, the business is in reality operated by PROTONVPN LT, UAB a Lithuania based company, which has the same office address as Tesonet, UAB. Both company offices are located at: J. Jasinskio g. 16C, Vilnius 03163, Lithuania[2][3]. PROTONVPN LT, UAB is a separate company that ProtonMail outsources the protection of its users information to - ultimately run by Tesonet out of Lithuania[4]. Furthermore, Tesonet is operating a data mining operation out of Lithuania[5]. TesoNet also operates NordVPN[6], which claims to be based in Panama, not Lithuania[7]. This is specifically the type of situation that ProtonMail themselves say not to trust[8]. It’s appalling. In short NordVPN and ProtonVPN are operated by the same people/team/company. It's likely a joint venture between ProtonMail and Tesonet.

Fair enough. I’m playing with stuff I’m learning about as I go. It was the search site DuckDuckGo on an android device. So an app. Yes, I’m finding out I should use a computer, not a mobile device. The way I’m thinking is that TOR was active because the onion over VPN option with NordVPN acts in the same way as the TOR project? It’s just another way to get through to the deepweb? Or so my thoughts go... is there a better forum than reddit to discuss these things? An anonymous link that I could get? Read my other replies on what I want to discuss and link up with people about.

It depends on the VPN. You can also get a private IP that hasn't been blocked and use that. Since it's for you exclusively it wont be easily flagged. Torguard is great for this. Also Windscribe has special Netflix servers that work pretty well until discovered by Netflix, but Windscribe usually changes their IP's when this happens. /r/NetflixViaVPN is a great subreddit for this.

I run my server at home and use Tor over VPN (Mullvad). Hardening depends on which distro you're running. I personally use Ubuntu Server 16.04 and here are a few guides:

?m=1

>What - if anything - would the browser bundle offer that would make things more secure?

Quite a bit. Using a conventional browser for Tor is not nearly as anonymous as using Tor Browser, mostly due to fingerprinting issues. For the same reason, one should never install Add-Ons to, or modify the advanced configuration of Tor Browser.

For a very thorough discussion of the different ways that a normal browser can de-anonymize you, see https://www.torproject.org/projects/torbrowser/design/

> It's Tails. It is not an acronym

It is indeed "Tails" but it is also indeed an acronym.

>"the-amnesic-incognito-live-system" Tails

It's right on the banner of their website. https://tails.boum.org/

We children should respect our elders passing. Especially when they’ve done so much for us.

Rest in peace, Mr. Bowden!

Oh. And. Uhh. cough

>From then until his death, Bowden was a tireless defender of such rights. He was on the board of directors of Tor, and …

One of ours, guys!

Orbot + root for routing everything via tor. Works very well, but it's a big app in terms of data AND cpu usage, so you can really only run it and your browser and do what you need to do and then close everything.

I'd suggest using the Universal USB Installer for installing the OS in your flash drive. It does it automatically (all you do is provide the ISO image) and it should do all the formatting and configuration for you.

Also, make sure that the USB option is higher than the HDD one in the BIOS boot order.

Note: If your computer is rather old, the motherboard might not support booting from a flash drive (though that might be odd if the option shows up in the BIOS menu). If the above fails, Google your motherboard model.

> What are the best machines for it?

Look at 4.x on https://www.qubes-os.org/doc/system-requirements/ and specifically at https://www.qubes-os.org/hcl/

I use Qubes OS on desktops rather than notebooks, YMMV.

If you want government secret stuff then I'd recommend https://wikileaks.org/

Not sure why you're looking here. Anything that's just basic data, like information on government secrets, on .onion sites is going to be replicated on the clearnet in a much more convenient fashion.

Changes

• Security fixes

  • Upgrade the web browser to 24.6.0esr-0+tails1~bpo60+1 (Firefox 24.6.0esr + Iceweasel patches + Torbrowser patches). Also import the Tor Browser profile at commit 90ba8fbaf6f23494f1a0e38d63153b3b7e65d3d3 from ttp/tor-browser-24.6.0esr-3.x-1.
  • Install Linux 3.14 from Debian unstable (fixes CVE-2014-3153 and others).
  • Install openssl from Squeeze LTS (fixes CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-3470 and CVE-2014-0224).
  • Install GnuTLS from Squeeze LTS (fixes CVE-2014-3466.).
  • Minor improvements
  • Add Squeeze LTS APT sources. It has been given a low pinning priority so explicit pinning must be used to actually install anything from it.
  • Upgrade Tor to 0.2.4.22-1~d60.squeeze+1.
  • Upgrade I2P to 0.9.13-1~deb6u+1.

Edit: Wrong link in title

maybe, but likely not because of Tor. The most likely reason you would be located would be because your computer leaked some information about who/where you are.

I recommend taking a look at the Tails ISOs. For a little more security run in it a VM (virtualbox), for even more security boot directly off the CD.

Posted here because I've noticed some interest here in the past for something similar. Mainly built because I found Covert Browser sketchy and not as usable as it could be -- has issues with POST requests, which breaks https://duckduckgo.com/lite/ and basically all website logins. (Also, Onion Browser allows UA spoofing and customizing the cookie accept policy. Caveat: apparently you can't disable JS in UIWebView -- which means Covert Browser is subject to that as well unless they have some sort of interesting hack for it -- so UA spoofing and such aren't necessarily foolproof.)

(This is mainly for non-jailbroken folks; I've seen some other instructions for Cydia-enabled devices that actually install a standard Tor client daemon + a proxy toggle option. The sid77 port looks fairly well documented with instructions on eHow and etc. That'd probably be my recommendation for people who actually have jailbreak.)

Still waiting on App Store approval; submitted over the weekend, needs to go through the whole "encryption export" compliance check and stuff before it even gets to the regular app review queue, so probably 10 days or so from what I have researched.

Quite the learning experience putting this together. (Integrating tor, submitting an "encryption registration" with the government, double-checking with Tor Project that I wasn't using their trademark improperly, supplying all the necessary docs to Apple, etc. etc.)

It's getting easier, though. This project, which I worked on bundles up I2P and an OpenJDK 16 VM into a "jpackage" then sticks that into an installer which includes a Firefox profile and a script to launch it. Using it with either Firefox or Tor Browser installed results in a turnkey I2P setup and doesn't interfere with any non-I2P-Browsing configuration. It's the easiest and safest path I could come up with to a "Garlic Browser Bundle."

> Why doesn't i2p get mentioned much in the deepweb world or am I just going blind ?

no. you're not blind. i2p just doesn't get much love for a variety of reasons (lack of content, difficulty finding things, entirely programmed in java etc.) I think i2p is pretty good despite its critics.

> Im just wondering in reality would hosting with i2p be the safer option in regards to staying safe and cutting out potential ddos attacks?

dos attacks still happen on i2p but their aimed at the network. this page explains all the issues and features of i2p network in its current state: https://geti2p.net/en/docs/how/threat-model

I recommend CyberGhostVPN. It’s paid for, but it’s extremely secure; so far their record is spotless, they’ve never cooperated with LEO or any governments and they’re located outside of the 14 eyes so you don’t have to worry much about that.

It is still possible. ~~Only on Linux~~ /u/codereign corrected me that you could do the same thing on Windows, which is very nice to know. You could download the tor package on your distribution's package management. The default tor port is 9050. So after you run tor (sudo service tor start), open Firefox/Chromium/Konqueror and in proxy, set your SOCKS to localhost, port 9050. To better setup, use FoxyProxy to switch the proxy of choice.

Here is an edit. It isn't recommended to use anything else other than TBB, unless TBB doesn't work (eg. root mode).

No torrenting on TOR. Not allowed, too slow, I am told that exit nodes will drop torrent requests (not sure how/if that works), you'll slow everybody down.

Use a VPN, there are free ones out there if $6/month is too much for you... but I recommend Private Internet Access.

> Yeah I know that, but HTTPS is not just for encryption but also for identification.

It's for centralized control over identification.

The system is designed so that the Certificate Authorities can track down the web site owners through billing records; and if needed (i.e. by National Security Letter or similar) sell certificates to governments so they can impersonate websites and so that a Certificate Authority can enable eavesdropping on sites like Gmail.

When you talk of HTTPS "security" in the context of the centralized "Trusted" "Certificate Authorities" - it's not talking about securing the website hosting company, or the end user. It's talking about securing the Internet FROM things like many .onion sites.

^(OTOH - if you want HTTPs on an .onion site -- using self-signed certs would make sense if you have a good way of securely transmitting the certificate authority's keys that you used to sign that self-signed cert)

Tor is good enough by itself and any 3rd party won't make it better. If you have problem with Tor connectivity simply use a bridge. There is no difference between VPN and your typical ISP. It's only a matter of who will you share your data with. If you must have a VPN for some reason then at least check current recommendations on the community-baked website https://www.privacytools.io/providers/vpn/ You shouldn't blindly trust websites which say "zero log policy" or something like that. Until you verify it by yourself those are just some generic marketing catchy-sentenses.

It is very unsafe, from an anonymity standpoint. The anonymity you get from Tor Browser is from having it behave exactly like nearly every other person using Tor Browser all over the world. If your browser does something different, it will have an incredibly distinctive fingerprint that will make you immediately identifiable to any site you visit, breaking your anonymity almost completely.

A better option for you would be to adjust Tor Browser's Security Slider so that the javascript related to those ads is not executed. It may even hide the ads completely. You can still manually whitelist domains that you need scripts from with the NoScript button (or by right-clicking in the page).

For a more in-depth discussion of this and other browser-related hazards, check out https://www.torproject.org/projects/torbrowser/design/

Not sure if it was anything to do with these apps or not but-

If it's that red onion browser posted below then it looks potentially shady, especially with those reviews saying they had to leave a positive review to unlock the app and the fact that it's a paid one.

Don't trust any apps or programs that aren't provided or endorsed by either The Tor Project or The Guardian Project

I'm not even sure that there are any available on IOS?

No, you have to (and should) be using the tor browser bundle (https://www.torproject.org/projects/torbrowser.html.en). DDG is a great browser, but it doesn't index darknet sites. Check the sidebar for search engines that do.

Well you shouldn't order off a DNM from your phone as its not even remotely close to being a good idea or safe. You should instead order from a computer that you're running an OS called Tails on. Tails is good as it erases all evidence of ever being on your computer when you shut it down. It also routes all traffic through Tor so theres that. Some other things you will need to learn about are PGP and Bitcoin. I can go into more depth if youd like, but for now I would recommend checking out /r/darknetmarketsnoobs as its a good starting place if youd like to purchase a product off a DNM.

If you're worried about viruses, then don't download anything from Tor. You wont just get some random virus by only browsing Tor. If you plan on downloading PDFs or whatever from Tor, use Tails. It will keep your actual OS/computer from revealing your identity or even getting viruses.

It is definitely not as secure as Tor Browser. No applications are safer whatsoever than Tor Browser Bundle on Linux. Red Onion is not an official app from the Tor Project nor The Guardian Project and we don't know how it matches the updates. I just checked the app on the App Store and it's not even free. Avoid at all cost.

If the code is not fully open so it can be audited, you will never know if it has backdoors (maybe except by analyzing packets traffic) or potential nasty flaws.

Apple is dark and closed, so we don't know how they deal with user's data and everything installed on your JailPhone, but thanks to Snowden, we have our little ideas...

If you want to use Tor and reach .onions with a mobile, use Android with Orbot.

The directions to create a tor hidden service (which is accessed by using a .onion address) are very clear. However, if you do not have at least some basic command line skills, you are going to have a terrible time trying to make it work properly.

https://www.torproject.org/docs/tor-hidden-service.html.en

If you are interested, install Ubuntu Server on the old laptop, figure out how to get a webserver running on it (Personally I recommend lighttpd, but apache is certainly an option. Many people around the tor community seem to recommend thttpd, but it's not in the default Ubuntu repos anymore.).

The biggest reason you have no business running a .onion site is that you will probably not be successful in setting up a webserver that is secured properly, since it seems like you probably don't know how to set up a webserver on Ubuntu at all.

https://tails.boum.org/

don't use your own computer for tor if you're worried about physical access. In my case I have the above running on a hypervisor in server not local to me and I can connect to it at will. Running it locally should also be sufficient as it will destroy most of your cached resources on reboot.

Then what you need to do is actually read the Tor Project website beyond just the downloads page. There is this stuff that nearly every piece of software has called "documentation" that explains how to use the program. You really need to get in the habit of reading the information that the designers of an application provide.

Just to clarify what others have said, a Tor bridge is not the same as connecting to Tor over a proxy. A Tor bridge is just a Tor relay that's not listed in the main Tor directory. If you're having trouble with bridges try obfuscated bridges.

https://www.torproject.org/docs/faq#WhyCalledTor

Why is it called Tor?

Because Tor is the onion routing network. When we were starting the new next-generation design and implementation of onion routing in 2001-2002, we would tell people we were working on onion routing, and they would say "Neat. Which one?" Even if onion routing has become a standard household term, Tor was born out of the actual onion routing project run by the Naval Research Lab.

(It's also got a fine translation from German and Turkish.)

Note: even though it originally came from an acronym, Tor is not spelled "TOR". Only the first letter is capitalized. In fact, we can usually spot people who haven't read any of our website (and have instead learned everything they know about Tor from news articles) by the fact that they spell it wrong.

Sweet, nice job! Check out these guidelines under "Want Tor to really work?" https://www.torproject.org/download/download-easy.html.en#warning "You need to change some of your habits, as some things won't work exactly as you are used to . . ."

I tried posting to /r/darknetmarkets but the mods said I didn't provide enough proof so they removed this post. Truth be told, this was a pretty easy (and lucky) find that LE could have done the same. I say it's lucky because when I did some investigation into the IP, it appears that this is a new server.. the admin is likely moving around to avoid detection.

I found this on Censys.io when I queried for the address of Wall Street's forum... and this IP popped up.

https://www.censys.io/ipv4/62.138.14.136/table#80