For the fellow geeks - this one breaks down the Stuxnet virus and how it worked. Fascinating stuff if you're into computer security:
http://www.ted.com/talks/ralph_langner_cracking_stuxnet_a_21st_century_cyberweapon
Edit: Since a few people have shown an interest in security, I picked up one of these USB flash drives (the PrivacyVault Personal) that are encrypted AND have a standalone anti-virus product on the stick. This enables your data to be password-protected, and also scans all files being stored onto the drive independent of whether there's one already installed on Windows. This prevents viruses being transferred from computer to computer and I think it is a necessary feature when dealing with less-than secure Windows machines. The encryption application also works with Linux which is awesome. http://www.kingston.com/us/usb/encrypted_security
Also, if you are really really concerned about your operating system storing information about you and spitting out data on the Internet, think about using Tails as an operating system, famously used by Edward Snowden. https://tails.boum.org/
ideally everyone should not only use tor but also run tor exit nodes from their home computers so that we can all retain our online anonymity. unfortunately, normal human beings won't ever do that because they're too easily convinced by others to give up their freedoms. phrases like "you'll only be protecting criminals" or "if you have nothing to hide blah blah" actually resonate with a lot of people.
and so we're all fucked and nice things are ruined.
edit: should probably link this stuff for people interested:
It's always been accepted that you're better off downloading an entire encrypted OS on an offline computer that's never touched the internet before.
Things like TAILS exist for this purpose. Your security is only as good as the user and the system you're on.
Edit: This gained some traction. If you're interested check out:
https://en.m.wikipedia.org/wiki/Tails_(operating_system)
P.S. This is a great way to store Bitcoin on a USB stick. It'll allow you to basically have 2 layers of security before you even reach the BTC.
Syrian atheist living in Turkey,
As a NETSEC guy, and fellow atheist, PLEASE TAKE MY ADVICE. Follow the preceding tips on online anonymity, even in Turkey. Atheism can get you killed.
IF YOU USE ANDROID, download Orbot/Orfox from "The Tor Project" on the Play Store.
After installing, add the add-ons "HTTPS Everywhere", "uBlock Origins", and "noscript".
IF YOU USE WINDOWS, don't. Download the OS Tails from "https://tails.boum.org/" and create a bootdrive with a USB thumb drive (instructions on site). Boot the machine into Tails, and use the preconfigured Tor Browser. (PS, if you are IT literate, Tails is good to run in a VM)
IF YOU USE iOS, OR INSIST ON WINDOWS, be aware of the risks. You are not protected. I'm tired of seeing freethinkers die.
This will provide you a reasonable level of privacy while discussing atheism.
WHEN ON TOR/ORFOX:
Visit "https://www.propub3r6espa33w.onion/" to anonymously report any human rights abuses where you are. Especially regarding your atheism.
Well, no, VPNs are absolutely not a start toward anonymity. At most you'd make it look like your traffic is coming from one fixed address instead of another. If it's a shared VPN service, sure, your traffic might be mixed in with other people's traffic. However, there are far more unique identifiers that identify you than just your address. See EFF's Panopticlick to see just how unique you are, even when using a VPN.
What a VPN is good for is encrypting your data when it's in transit between your computer and your VPN provider. This makes it great for securing your data on a public WiFi network or from people who may otherwise be snooping on your Internet traffic (read over-reaching governments or American ISPs).
Securing your data in transit != anonymity. There is a very important distinction. One implies your data can't be read if observed, the other implies one can't tell that it's you doing something.
Edit: If you need anonymity, I'd look into using something like Tails. It's actually designed to help you be anonymous, unlike VPNs.
> Good thing the Tor Browser is free, open source, and easy to use for decent protection against mass surveillance on the web.
The Tor Browser isn't foolproof. If you're ever doing something seriously subversive (like quoting the section of the Declaration of Independence that calls for overthrowing tyrannical governments), you'll want layered security. I'd suggest Tails on someone else's computer (library, net café, etc).
> And don't forget: warrantless spying against innocent Americans is unconstitutional, and the cowardly pieces of shit pushing it should be considered traitors and thrown in jail.
I agree 100%. But they won't prosecute themselves.
Donated 5 BTC. Stay safe everyone. Armour the tank before you enter the flank.
Transaction ID: a4ca8f3bb305e9ee1460f4f0e2a9e089675d6972394f33885d2d218f50855d2e
Donation link: https://tails.boum.org/donate/index.en.html - PayPal - Bitcoin - Bank Transfer
No, Tails is not as easy as burning a CD. I just tried to run Tails for the first time. Wouldn't boot. Why? Because my new laptop has UEFI Secure Boot enabled by default, as all new machines that come preloaded with Windows 8 do. That means knowing how to go into the BIOS settings to turn it off, and then turn it back on to get back into Windows 8, which also requires re-loading the Secure Boot security policy settings.
Edit: To the OS snob down voters "That's what you get for buying a Windows 8 laptop!!!" That doesn't invalidate GP's point. Windows 8 is here, and Windows 8 hardware is here and here to stay. More and more computers by default will have this enabled. And Tails has no plans to support UEFI secure boot (next to last bullet under the "non goals" section). Tails will become harder and harder for average computer users who don't want to screw with their BIOS settings to use. Downvote all you want, but that's the sad truth of the state of modern hardware thanks to Microsoft.
~~The article is incorrect. Electrum will be included in the next release, 1.3, and is not a part of the current release.~~
>In the latest distribution, version 1.2.3, Tails now includes Electrum.
Is incorrect.
As /u/kyletorpey mentioned, here's the call for testing for the upcoming release (~~which should be out within a couple of weeks~~): https://tails.boum.org/news/test_1.3-rc1/index.en.html
EDIT: 1.3 has just been released! Upgrade is strongly encouraged!
Use Tails Linux off a USB flash drive for the ultimate in privacy. Also, feel free to read up in /r/VPN about other things you can do, new privacy laws in the US (Rule 41, which just passed, though this is an old article) and the UK have really kicked up the conversation over there on hiding your tracks. I highly recommend you hide anything you think might ever be used against you, and just to be safe, hide everything else as well. US and UK legislation is so deep and all over the place that all they need to do is start an investigation in order to find a reason to jail your ass, no matter how law abiding you think you are.
I know I sound like a crazy person, but to be fair, you should absolutely be afraid of your government nowadays. They stopped serving you a long time ago, it's only recently we've started to notice.
Of course they know where to go, it's not a difficult thing to set up. One interesting piece of info from the Snowden leaks was that the NSA (as of 2012) simply could not crack PGP and OTR and had serious difficulties with Tor and Truecrypt. Using a combination of these can result in a "near total loss of insight"
A shame that there's no preconfigured, live OS that can bring all those tools together. Oh, wait.
Fair warning, XKEYSCORE is confirmed to put you on a list should you click that second link.
Use an alt and post it. If you are concerned about your IP being figured out, use a VPN. Or you know, install TAILS on a USB and make an alt and post if you are that concerned about losing your precious karma.
e: https://tails.boum.org/install/win/usb/index.en.html That tells you how to make a bootable tails stick. For a VPN, use PIA. If you really want the truth to come out, let it the fuck out.
Brush up on your operational security and get a grasp on the core concepts before attempting any test runs. Assume your hardware and software is vulnerable. Use a secure live cd as your operating system. Air gap your encrypting hardware, and don't use that hardware for general purpose computing.
>How do I know my choice of site to download it from hasn't compromised Tails? How do I know if Tails has or hasn't been compromised at all?
This is where OpenPGP signatures come into play. The key given verifies the integrity of the file and ensures that it hasn't been tampered. However, you could be the victim of a MITM attack by a state authority or malicious entity which seeks to undermine your version of tails and provide you a tampered backdoored copy and its corresponding signature. The Tails team provides this guide to 'better' protect you against that. Ultimately, you can try getting the verification key from several locations (countries?) and devices to verify the installation you have is genuine.
Sofortmaßnahmen, die mir unverzichtbar erscheinen:
Nutzung eines sichereren und quelloffenen Betriebssystems mit TOR, z.B. Tails
Für Email-Nutzer: Ausschließlich sicher verschlüsselte Emails versenden und das gesamte Adressbuch darüber informieren, dass Unverschlüsseltes ungelesen als Spam behandelt wird.
In den Kalender eintragen, dass man während des Bundestagswahlkampfes die an der Gesetzgebung beteiligten Parteien an den Info-Ständen aber so was von zusammenscheißt.
This ISP thing seems to be passing, so to hook you all up:
If you want an in-browser VPN, I highly recommend TouchVPN.
You're/You'll be welcome.
So how's your day?
No, in general they are not. If you're actually concerned you can use TAILS, which is a privacy-oriented operating system. If you're going to be doing anything illegal there you definitely should be using it.
> So moral of the story is to use a live cd while using Tor?
Yes, but it should be common sense that if your OS is compromised your Tor client is too.
> What happens if you need to store data?
With Tails you can make an encrypted, persistent usb volume, read the warning section first.
If you want to be 100% sure that there's no digital trace of your private key, you could:
But honestly for most people that's probably overkill.
EDIT: A better way has been posted to https://tails.boum.org/news/version_3.0/#known-issues
- Start the operating system you want to use Tails Installer on. - If you want to use Tails Installer in Tails 3.0, set up an administration password.
- Choose Applications ▸ System Tools ▸ Root Terminal to open a terminal with administration rights.
- Execute the following command to fix the bug in Tails Installer:
perl -pi -E 's,media_removable,removable,' /usr/lib/python2.7/dist-packages/tails_installer/creator.py
- Tails Installer should not expose this problem again… until you restart Tails, as these changes will be reverted upon restart.
Original comment:
I have a hacky way to resolve it. You need to boot Tails 3.0 with the administrator option. Then open a Terminal and type "sudo nano /usr/lib/python2.7/dist-packages/tails_installer/creator.py" and type the admin password when requested. This opens the Nano editor, in the editor press ctrl+W ('Where Is' option, basically Search). Search for 'removable', this will take you to a line with
'removable': drive.props.media_removable,
change this to
'removable': True,
(case sensitive and don't forget the comma)
Then press ctrl+O (Write Out option, basically save file) to save the modified file. If you start the installer you should not get the message "Configured as non removable by its manufacturer".
Don't use Tor on iOS, it is not even close to being equivalent to its desktop counterparts.
I also don't recommend using Windows or OS X if you're gonna be browsing marketplaces (what most people use Tor for), or anything else for that matter. TAILS is the way to go if you really care about your security and privacy.
Use a liveboot privacy orientated OS like Tails to avoid leaving a trail or creating a unique extended computer thumb-print based on installed fonts, add-ins, flash-cookies, and monitor resolution...
If you think that's not enough and you have some coins left:
https://www.erowid.org/donations/
https://www.torproject.org/donate/donate.html.en
I also like to draw attention to:
https://tails.boum.org/contribute/how/donate/index.en.html
I actually know a good bit about this stuff.
I would advocate everyone here to use free open source software (FOSS) because anything else is blind. Using clean binaries is the first step to taking back your privacy.
Look into GNU/Linux distros. Most are incredibly accessible for beginners, but are indeed complex, and for good reason, when it comes to tinkering.
But you have to go further. Even with trusted programs, anonymous actors still have many ways to steal your data, compromise your system, monitor you, and censor the information you receive.
We need to stop trusting sites by default until trust is broken. The policy ought to be to distrust sites by default (blacklist ip/domain) and selectively allow that which appears trusted.
You should be running Firefox specifically because of NoScript. You need to be using high entropy, long (24+ char) passwords, unique to each site, stored in a password manager. Your master password should be a sentence without spaces that only makes sense to you (32+ char), stored in KeePass.
You should flash Tomato or DD-WRT on your router, and pipe all traffic through a private VPN.
For all sensitive communications, USE TAILS https://tails.boum.org/
It's a change in mindset that technologists in this society need to promote, not keep secret. It's going to require some education. Because every day the fascists are inventing new ways to compromise your peace of mind.
"Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly."
Great question.
Once malicious exit nodes or relays are detected, they are removed from the network. It is only safe to assume that a very tiny % of the 1000s of exits and relays are owned by LE and they do passive monitoring/testing on them.
Obviously you want to be careful when logging into sensitive accounts or doing something that might be traced/monitored. The tor network is not 100% safe but using it in combination with something like TAILS makes it still an extremely awesome to useful tool to remain and stay anonymous.
Put the correct name on the package to avoid suspicion. Only order from someone with a good rating and good reviews about their stealth. Never sign for a package or pick it up from a post office. Some people like to write return to sender on the outside of an unopened package and sit on it for a few days before opening just in case, but that seems like overkill. If you do get a controlled delivery keep your fucking mouth shut and ask for a lawyer. Edit: Try to avoid having your package cross a border and do not keep any digital records. Use something like https://tails.boum.org/ to place your order. Also use encryption to mask your address in case the server gets seized.
> You can also see during the documentary that he uses virtualized instances/desktops on his laptop.
Interesting that Tails cautions you against running it in a virtual machine -- I guess since then your Host OS, your VM software vendor and your Guest OS can all spy on you, so if any of them are compromised you're vulnerable.
Sure but there's not as much shady things as people seem to believe and you're going to be disappointed. There's almost no chance you will accidentally click on child porn but If you're really worried use something like a Tails Live CD so if you do click on it out anything else shady there won't be any traces left on your computer of what you did.
Use Tails as your OS for anything that you need good privacy and protection.
Otherwise, KeePassX for password management, Thunderbird for email, TrueCrypt for encryption, Firefox as the browser with NoScript and Adblock Edge as addons, Pidgin with OTR for messaging, Jitsi for video chat, Bitmessage for communication, BitTorrent with a good VPN, and Multibit for Bitcoin.
I use Linux so I don't need a separate firewall. You should use Tails, but if you don't use Tails, use a Linux distro. I prefer Mint myself.
asking at #tails @oftc I have been pointed to this, which is quite extensive:
https://tails.boum.org/contribute/design/memory_erasure/
I would love to have that converted into a package and get that functionality on vanilla Debian :)
Also, this is a good time to remind everyone that if you have bandwidth to spare, you should seed the Tails torrent: https://tails.boum.org/torrents/files/tails-i386-1.3.torrent
I currently seed it on both of my full node boxes since they are already running 24/7.
Oma veikkaus on, että poliisit käyttivät tietoliikenneanalyysiä. TOR-verkko ei auta mitään, jos sinulta menee liikennettä TOR-verkkoon samaan aikaan kun TOR-verkossa tehdään laittomuuksia sinun lähellä. Poliisi-setä näkee molemmat liikenteet, vaikka ei pysty murtamaan liikenteen suojausta. Legendaarinen esimerkki on oppilas, joka teki pommiuhkauksen yliopistoonsa TOR-verkon kautta, mutta hän oli ainoa henkilö kampuksella joka käytti TOR-verkkoa pommiuhkauksen aikaan. Tyhmempikin kyttä osaa ratkaista tuon mysteerin.
Ehkä joku osaa esittää paremman ratkaisun, mutta itse suosittelisin TOR-liikenteen reitittämistä VPN:n kautta. Tällöin Fobba näkee vain liikennettä VPN-palvelimelle, ei itse TOR-verkkoon.
Edit: Toinen vaihtoehto on kiikuttaa läppäri Mäkkäriin tai vastaavan paikkaan, jossa on ilmainen wifi. Tosin saattavat estää TOR-liikenteen. Ei ole tullut testattua.
Edit: Jos joku miettii miten TOR-liikenteen saa reititettyä VPN:n kautta, niin helpoin tapa on ehkä asentaa/konfata VPN-tunneli, asentaa VirtualBox tai vastaava, imuroida Tails ja ajaa se virtuaalikäyttöjärjestelmänä. En mene takuuseen, että toimii, jokainen varmistakoon itse Wiresharkilla, mutta kaiken järjen mukaan pitäisi toimia.
Jos haluaa päästä edes lähelle todellista anonymiteettia, täytyy käyttää Tailsia tai vastaavaa. Kun kaikki käyttävät identtistä käyttöjärjestelmää ja liikenne menee Tor-verkon kautta, on hyvin vaikea jäljittää erillisiä käyttäjiä esimerkiksi selaimen sormenjäljen mukaan. Tosin tämäkään ei ole pomminvarmaa ja vaatii myös käyttäjältä tietoisuutta tietoturvasta. Esimerkiksi tilin luominen ja sen käyttäminen useampaan kertaan luo välittömästi keinon jäljittää käyttäjää.
Myös käyttäjiä pitäisi olla mahdollisimman paljon, koska ihmisiä pystytään suodattamaan vähästä käyttäjämäärästä. Esimerkiksi, jos r/Suomessa käy paskapostaamassa joku kello 10 Tor-verkon kautta ja samaan aikaan Suomessa on vain 100 Tor-verkon käyttäjää, voidaan välittömästi rajata paskapostaajaa sataan mahdolliseen käyttäjään.
Use you local cafés open WiFi with a laptop you got at some random second hand store and pay cash for it.
Finally use https://tails.boum.org/ on a USB stick.
Literally untraceable.
Open wifi is the worst nightmare of the government... which is why all routers come with preassigned passwords nowadays to get rid of plausible deniability.
Tails is an anonymous operating system for more info go to /r/tails and read side bar. To get tails Os use this link -https://tails.boum.org/. If you're just browsing for random links on the dw you're good with the tor browser. If you wanna buy drugs and other illicit stuff use Tails for a better anonymity.
Also if you run a seebox or already have a 24/7 full node setup, you should also seed the TAILS torrent: https://tails.boum.org/torrents/files/tails-i386-1.3.2.torrent
edit: Also, TAILS now includes Electrum by default, making the combination a very secure and effective bitcoin storage solution.
Store coins: Boot up TAILS -> run electrum -> write down 12 word seed -> send coins from your existing wallet to one of the receive addresses in electrum
Spend/move coins: Boot up TAILS -> run electrum -> enter 12 word seed -> connect to internet -> click send coins tab and send them wherever you want
Tails will be 64-bit from June 13 onward with the release of Tails 3.0: https://tails.boum.org/news/Tails_3.0_will_require_a_64-bit_processor/index.en.html
You're right, though, the GUI doesn't work on tails currently. The graphics are all messed up and you can't see stuff.
Having said that, it would definitely be pretty sweet if Tails at some point in the future came pre-loaded with the Monero GUI the same way it currently does with Electrum.
If you are on a laptop, and are not on your home network you can escape the tracking by using TAILS. It is a "live" operating system that you boot from a CD or USB drive, and is intended to not leave traces of your activity on the computer you are using. <Begin Humblebrag>I'm pretty good at computer security, and depending on your setup, can probably figure something out<end brag>. PM me if you have questions.
As with all opensource projects, you are free to fork and create your own distribution. As I told you on the support mailing list, remember that Tails is supportd and run by volunteers.
Secondly, you have ignored the documentation, and not read the specific instructions that point out there are reboot problems with certain hardware platforms, and Tails gives a very specific methodology for reporting bootup problems. See here:
https://tails.boum.org/support/known_issues/index.en.html
So perhaps rather than screaming at the folks who are trying to help you, jump in and make the product better by reporting bugs, issues, and problems. Saying "SCRAP ALL YOUR WORK AND GO BACK TO HOW IT WAS" is not helpful (and perhaps you should have said that back when Tails reported they were going to systemd, something like 6 months ago?)
I would get a copy of Tails and burn the ISO to a USB drive and boot your PC with that. It will force all of the communication over Tor for anonymity and includes other privacy tools.
As a person with limited technical skills, you should look into getting Tails. It's a Linux distribution that you can burn on a CD and boot from and makes it very easy to communicate and do things securely, at least as secure as you can with limited knowledge. You don't need to mess with your data or anything. You burn it on a CD and then boot from it, and as soon as you reboot your computer is exactly as it was. It doesn't mess with your hard drive. It doesn't leave a real trace.
It forces all communication through Tor, which is a routing network designed to anonymize your connection. Basically, you can connect to websites and they don't know what address you connected from.
If you connect to your personal facebook, Tor is a waste of time. That will de-anonymize you, and Tor is only for anonymity and nothing else.
I don't know about any classes, but Tails is a good start. Just remember, it's forcing all traffic through Tor which will slow it down, and also it won't matter if you connect to personal accounts. Use it for specific things.
At the very least it would be very difficult for a government entity to see what you're doing without heavily watching the other end of the communication. They can see you're using Tor but unless they have eyes on facebook.com's side, they might not infer you're connecting to it. It can help there somewhat, but it's really not to protect against that.
Buy a laptop with cash.
Burn a Tails linux live cd.
Only connect to the internet while running off the live CD.
Only connect to public wifi provided by a business and never do it from inside the business. That is, sit in your car outside the cafe/hotel/whatever or use a cantenna to connect to public wifi at a distance (best option).
Do not sign into any accounts you did not create while running off this configuration.
> So uh. How do I use Tails?
Probably rhetorical question, but still someone might find it useful:
Linked in the sidebar for a reason. Burn it to a read-only DVD, boot your computer to it. When you turn it off, it forgets anything you do on it. If you're that paranoid, it might run without a hard drive installed at all (haven't tested it but see no reason why it wouldn't).
Not true. Gavin could have simply brought his own Tails DVD-R disc (or less ideally, USB flash drive) and they could have booted that and used its integrated copy of Electrum.
Signal is crazy easy to use. It replaces your text messaging app on Android, but is a second messaging app on iOS.
On Android, it seamlessly works as a regular text messaging app. But when someone you're texting uses Signal, it silently upgrades to an end-to-end encrypted connection so that your text messages cannot be read, even by the operators of Signal.
TAILS is probably the easiest and least error-prone way to get started with all the privacy tools. They even have a nice installation guide that is geared toward newbies. All you need is a flash drive (they want you to have two, but you only need the second one if you want it to have a persistent volume, AFAIK) and a computer.
Yes, you'll have to learn a bit, but it's really not too bad. Privacy isn't difficult, it's just not the default. Let me know if you get stuck.
Get a laptop, pull the Hard Drive out and run a Live CD like Tails on it.
Even if it does contain something malicious and is sophisticated enough to do something to a Linux host, nothing is damaged or compromised and you just need to reboot your computer to get it off your system.
I downloaded 1.2.3 about 6 hours ago. Just checked the website and 1.3 is up.
Edit: It gives you a warning if persistence is disabled when you start Electrum. It's running Electrum 1.9.8.
Make sure to use a TOR browser/service matey
I go a bit extreme and run Tails OS off a USB
Not directly, no. The only way they could find out is if there was another exploit like what happened before (assuming Tor has no other back doors or encryption troubles). Just make sure your friend enables NoScript (so javascript is disabled) and never installs any plugins. To be extra safe, use a bootable distro such as Tails (https://tails.boum.org/) which has no chance at leaving behind any traces of what your friend was doing on Tor.
Tor is as secure as you make it, pretty much. If you use your real name or any other identifying information on a hidden service or login to any pre-existing clearnet accounts, you put yourself at risk.
Have fun, and don't let your friend do anything too illegal
If anyone here decides to hop on and look around after reading this thread, do yourself a huge favor and use a flash drive with tails linux. Boot into that, it's more anonymous than just using tor alone and it will go a long way in protecting your main boot from being hacked or getting viruses.
Also, don't forget about Tails: https://tails.boum.org. It's an operating system on a CD. You put it in the machine, restart, and it boots from the disk. No need to install. Once you turn your machine off all your communication history is gone. Oh, and EVERYTHING in Tails goes through Tor. It's Snowden's OS of choice.
The OS was developed to run from a disk, and was developed to be secure and safe for use.
Tor browser is cool, but if your Windows/Mac/Linux machine is infected with malware, or the OS contains a 0day exploit (one that Microsoft doesn't know about) you're stuffed. I can say with 110% certainty there are 0days in Windows.
Regardless of what May likes to say she will never stop people using Tails/Tor/Encryption. All of her proposals are useless if people start taking their privacy seriously (ps. get off Facebook ... they really are the bad guys. You can't take your privacy seriously while still using Facebook).
Remember: When you use Tor NEVER EVER use your real name. Adopt a new persona. Never connect to anything over Tor that could reveal who you are. Don't log into anything connected to your real name. Don't use your credit card over Tor.
If anyone wants to make a tonne of cash in the UK, set up a company that makes open source routers that are pre built to run via Tor.
Regardless of what the media say about Tor and its insecurity, it's still pretty much safe if you don't leak any data about yourself. No Government is going to spend ALOT of time, money and resources trying to track an average Joe. Even in cases where they do invest money into tracking someone via Tor they mostly fail.
When people are caught via Tor its because a website has been compromised by the security services, or a user leaves a trail back to them.
Once you start taking privacy seriously you end up down a rabbit hole. Life gets a little harder. For example, I refuse to use a smart phone so I lose out on the luxuries of owning one.
If you want all the bells and whistles Snowden recommends then the best thing to do would probably be to remove the hard drive.
After that you will need to disable secure boot in the BIOS and follow the guides for installing Tails to a USB drive. The new install process baby steps your through it automatically.
https://tails.boum.org/install/index.en.html
FYI, It is spelled Tor.
You should get yourself a copy of Tails OS for when you need that extra level of privacy while browsing/chatting/etc. Download it from the library or a friend's computer if you want to be extra careful. It runs off a USB stick and doesn't leave any traces of itself behind on the machine when you're done.
> "NSA targets users of Backtrack Linux and Tails." Do headlines which sound like this make you hesitant to download a copy?
If they do, then the NSA is winning. Perhaps they can put you under a microscope and direct billions of dollars of computing power at you and break Tails and find out what you've been doing with it.
BUT, if you don't use Tails, they can uncover all your secrets ever so much more easily. Also, the more people who use Tails, the more secure it is. This is vital for the people who use it to protect themselves and their families from being imprisoned, tortured or killed.
Download it now, here: https://tails.boum.org/
This shit is dope... I knew my donations were ending up some where...
Don't forget to donate to the Tails project if you think this shit is dope.
https://tails.boum.org/contribute/how/donate/index.en.html or 1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2
Tails release 1.3 will have Electrum built in. The ~~current~~ old version (1.2.3) does not have Electrum.
~~You can download and try a 1.3 release candidate from here:~~
~~https://tails.boum.org/news/test_1.3-rc1/index.en.html~~
Edit: 1.3 Just released! Download it from here:
https://tails.boum.org/download/index.en.html
If you are using persistence, enable "Bitcoin client" in the persistence tool.
(Applications > Tails > Configure persistent volume)
Bit Coins are an easy fix. Just Google Bitcoins and go to their front page; it's the easiest it's going to get.
As for good .onions, I can only recommend Hidden Wiki http://kpvz7ki2v5agwt35.onion. The reason being that if you know a good .onion it's best to keep it hush-hush because of unwanted attention.
Before you even begin exploring .onion's though you're going to want to bulk up your security. I recommend starting off at Tails (https://tails.boum.org/index.en.html) than further researching other precautions.
You're also going to want know about PGP encryption though for communication over Tor. http://www.reddit.com/r/techsupport/comments/m47nc/how_do_i_use_a_pgp_key_or_how_to_use_it_in_general/
This is all I know right now, I am still researching heavily before I actually use some parts of the .onion network. Right now I've given up on regular interwebs for advice and have switched my research to the Hidden Wiki and the Silk Road forums for constructing a bulletproof Tor experience.
Go here select windows download and you should be running tor, at which point you should have an encrypted connection out that your parents cannot see unless they have installed monitoring software in your computer itself (that would require your password), if you suspect that happened then follow the steps here to install a new operating system (ubuntu) and use that instead. If you are really paranoid then use tails instead however I think that goes further then you need for your needs.
You can buy a Windows computer. You are going to use Tails on a USB stick which won't affect the windows on the computer. People say don't buy Mac because there are conflicts with installing and using tails.
Make sure whatever you buy is not on the "known issues" list: https://tails.boum.org/support/known_issues/index.en.html
Edit: And make sure you have two USBs 8gb or larger to do the Tails install. Known to work USB list: https://www.reddit.com/r/DarkNetMarketsNoobs/wiki/bible/buyer/tails#wiki_usb_sticks
>What we don't want
>Some users have requested support for VPNs in Tails to "improve" Tor's anonymity. You know, more hops must be better, right?. That's just incorrect -- if anything VPNs make the situation worse since they basically introduce either a permanent entry guard (if the VPN is set up before Tor) or a permanent exit node (if the VPN is accessed through Tor).
For Tails: By default, your ISP knows you're running Tor. If you select bridge mode, then they probably don't, docs. It probably doesn't matter.
The cable doesn't matter.
Download Tails:
https://tails.boum.org/download/index.en.html
Verify the ISO:
https://www.reddit.com/r/DarkNetMarketsNoobs/comments/37y6u2/verifying_tails_iso/crqr1nx
Install the ISO on a USB using Rufus:
Use the default values, except:
Change the drop down for "bootable disk using" from FreeDOS to ISO Image.
Click on the button to the right of the ISO image and select the Tails ISO from the file manager.
READY should be displayed near the bottom of the Rufus window.
Hit Start.
Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:
use the Internet anonymously and circumvent censorship; all connections to the Internet are forced to go through the Tor network;
leave no trace on the computer you are using unless you ask it explicitly;
use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.
website: https://tails.boum.org/
You should use it for your orders on markets.
You will notice some really sketchy stuff happening if you post anything anti-surveillance here. I've been banned many times.
Also, logging in under r/restorethefourth, slowed my computer down until I replaced my entire operating system. That's why I now use - https://tails.boum.org/news/
Get Onion Browser for your phone and Tor Browser for your PC.
If your family has access to your PC, then also get Tails or a linux distribution with Tor on USB key or DVD. Now it doesn't matter if they install keyloggers on your PC or know how to bypass, for example, any virtual machine software you installed. You just boot up into your own operating system that they cannot change.
I am no expert, but I believe, assuming you are using a USB, that TAILS loads itself into the computers memory. Therefore, the speed would be entirely dependent on the computer you are using. All your internet traffic will be routed through TOR which means that internet speed also varies. It is not a total solution, but if you know you are going to be browsing for something you want to keep private, TAILS is a good precaution (probably one of the best precautions).
EDIT: Also, if you are going to be sending sensitive information using TAILS with some sort of end-to-end encryption is highly recommended. Details on encryption with TAILS.
For everyday browsing a non-usa VPN would probably be sufficient.
And here I thought from the title that the TAILS project was being discontinued or something...
You may want to post a bug report to the TAILS tracker OP, seems like a low level bug.
If you're that concerned make an alt-account and use tools like Tails OS (use via VirtualBox) and Tor. You can use 10 minute email to avoid having to put in one of your email addresses.
Other than that I have yet to see anything go "too far" in this sub.
Fuck that! Download and install TAILS on to a USB thumb drive.
It boots on any computer without accessing the HDD or leaving any traces that it was plugged in and routs all internet traffic through the TOR network (don't log into any of your accounts on the TOR network).
You're pretty much anonymous on the TOR network, and though not impervious to tracking, it does make it much harder. It also bypasses most censorship filters.
If you want to install TAILS on to a USB drive or CD, go to https://tails.boum.org/ and follow the instructions.
I've used it and continue to use it.
I recommend installing this before its blocked by ISP's.
A rooted android means that someone would just have to compromise your Google account and install a malicious root app from the play store to own it. Also, Orbot is not as well tested as the Tor desktop client, and the VPN feature it has is marked "experimental use only". Do not do this.
Instead, purchase a cheap laptop in cash and use TAILS. If you're extra paranoid, take out the hard drive, camera, microphone and speakers, and store the TAILS USB somewhere else.
You can get TAILS here: https://tails.boum.org
Edit: Formatting
Edit2: Added TAILS link
>Wondering if it is possible to use your phone for the entire process of buying something off the darknet? From start to finish, could one actually never have to turn on their computer and only use their phone ??
I'm sure that people do this, but smartphones are inherently insecure devices.
The cellular carrier can typically get complete control of the phone remotely and dump its memory. The FBI can probably do the same with a Stingray.
If you have a computer, boot Tails on it and use it for your darknet market transactions.
Just use Tails and send the coin from CoinBase to its built-in Electrum wallet, first. Don't do this with Electrum (or other "light" wallets) on other platforms, though, unless you really, really know what you're doing.
>am i right in believing tails while solve this problem
No.
Tails uses the standard Tor setup. If your ISP blocks Tor, Tails will not be able to get around it by default.
You need to use a bridge when using Tor whether or not you are using Tails if your ISP blocks access to the Tor network.
Bridge info:
https://www.torproject.org/docs/bridges
Tails info:
The Tails bridge documentation:
https://tails.boum.org/doc/first_steps/startup_options/bridge_mode/index.en.html
You could just install tails on the laptop and go with the persistent volume which would hold anything you want to save in an encrypted volume.
I tried to select torrent, and instead of a torrent file, I got a page talking about how torrents are no longer supported beacause they are exploitable. I have that page, if you would like to see it.
And standard internet protocol is not an option thanks to router parrental controls. Fortunately, I know about
^^I ^^think ^^its ^^kind ^^of ^^funny ^^that ^^my ^^parents ^^think ^^they ^^can ^^block ^^sites ^^like ^^youtube ^^and ^^reddit ^^from ^^a ^^nerd ^^like ^^me ^^XD
So before you get started on your journey you need to ask yourself a couple of things. What is your use for tor/tails/anonymity? If you're asking here I assume you are looking to buy off the DNMs. Just browsing the DNMs is fine to do through tor only (tor being the browser only). Now if it comes down to purchases, you need to run for through tails ( a Linux operating system that you will boot off a USB). The reason why you want to boot from a separate os is so you keep whatever you are doing off your laptop's hard drive (among a lot of other reason). There is a link to the "Bible" in the sidebar you should read and memorize that. Ask questions if you need help understanding a concept. Whatever your use for tor and tails, always read first. Read through this and then come back here to ask questions or feel free to ask here. Edit: typing this from mobile was hard. Edit 2: forgot da rules (removed violating text)
you can use tails your personal computer.
here a bit more detailed:
Using Tails on a computer doesn't alter or depend on the operating system installed on it. So you can use it in the same way on your computer, a friend's computer, or one at your local library. After shutting down Tails, the computer will start again with its usual operating system.
Tails is configured with special care to not use the computer's hard-disks, even if there is some swap space on them. The only storage space used by Tails is in RAM, which is automatically erased when the computer shuts down. So you won't leave any trace on the computer either of the Tails system itself or what you used it for. That's why we call Tails "amnesic".
This allows you to work with sensitive documents on any computer and protects you from data recovery after shutdown. Of course, you can still explicitly save specific documents to another USB stick or external hard-disk and take them away for future use.
tl;dr you can use Tails on your normal computer and do not have to buy a burner laptop.
Many more layers of obscurity (govt agencies could raid/subpoena the VPN provider and force to hand over records if they have them), and it's possible for them to get info from your browser (fonts, cookies, etc). Tor relays your packets through a network of anonymous nodes before going through an exit node and off to the internet, and is also a barebones mozilla browser that was created with the intention of browser security. Keep in mind that the feds own most of the exit nodes (they're user-run), so even if they don't know WHO you are, they could still have your traffic. Hell, you could even set up an exit node yourself and just watch everyone's traffic. Never sign into any services through Tor because it a.) identifies you and b.) even though they use https most of the time, it still opens you up to giving your credentials away. It's unusably slow. If you're really into being secure online, try Tails.
Ah, la famosa legge Pisanu... mi pare abbiano abrogato soltanto la parte in cui si richiedeva un documento per poter accedere al Wi-Fi pubblico. E almeno in teoria, sarebbero vietate anche le connessioni cosiddette anonime; a 'sto punto fatti direttamente Tails e accedi con un profilo fasullo (mi raccomando non dire all'NSA che te l'ho suggerito io, eh).
Ringrazia il governo Berlusconi III e tutti i webeti da ospizio geratrico ancora in Parlamento.
If anyone wishes to download this, I'd suggest doing so over TOR, or better still download tails (https://tails.boum.org) and Chuck it on a USB stick.
It's not going to be difficult for ISP's to create a list of people who have visited the download link otherwise.
I don't think that using OS X is any less safe than using Windows.
You should avoid both of those operating systems, if you can.
See if you can boot Tails on your Mac hardware instead.
https://tails.boum.org/about/index.en.html
https://tails.boum.org/doc/first_steps/installation/manual/mac/index.en.html
La miglior distribuzione per la privacy è (Tails)[https://tails.boum.org]. Può essere contenuta in un disco USB perfino in maniera mascherata. Viene usata da molti hacktivisti o giornalisti in zone dove non c'è libertà di espressione
Using WiFi that isn't tied to your name is a great way to (usually) improve your anonymity. You should be able to use Tor as you would on any network, although if the network you're on blocks Tor, you may have to use a Tor Bridge to access the network. There is good info available about using Tor Bridges online.
HOWEVER, it is then very important that you use a spoofed MAC Address for your wireless card when connecting. Not all wireless cards support this, either. If you're using Tails, which you should be anyway, one of the "More Options" available when you boot and opt to look at them is MAC Spoofing. Note that the system may not inform you whether or not the spoofing was successful, so proceed with caution. It may pay to invest in a wireless card that is fully supported with Free, Libre Software, like one made by Atheros. They're available on eBay (and elsewhere) for less than $10.
Definitely use a live distro, and specifically Tails . It can take some time getting used to, but it is as secure as it gets and the site has nice documentation. It has everything you'll need, a bitcoin wallet, tor browser etc. Using a dedicated laptop is not needed at this case, but if you insist you can install the distro on the hard disk. However, I'd suggest you just use a small usb stick, since it's much more inconspicuous and easier to hide.
There isn't any proof, because there isn't any need for any.
On a computer, you can run a fully open-source system like Tails and know with a very high degree of certainty that there isn't any secret code running in background that may compromise your security.
With Android and iOS devices, on the other hand, the OS itself requires a huge amount of secret, closed-source blobs of code that are in fact demonstrated to be able to remotely activate the device, its location beacon, its microphone, etc.. There is no way to work around this closed-source code, there is no way to modify it, there is no way to mitigate its abilities on your mobile device. And of course, any code running with superuser privileges on the device can read out private keys from memory, record keystrokes, messages, sites visited, etc.
If you think that a mobile device can be as secure as a full-fledged computer, you simply haven't studied the issue sufficiently, and that's all there is to it.
I was looking over the Tails linux documentation the other day, and i noticed an interesting thing i haven't seen before - Shamir's secret sharing, and from gfshare's page:
>Example use-case for secret sharing
>Alice has a GPG secret key on a usb keyring. If she loses that keyring, she will have to revoke the key. This sucks because she go to conferences lots and is scared that she will, eventually, lose the key somewhere. So, if, instead she needed both her laptop and the usb keyring in order to have her secret key, losing one or the other does not compromise her gpg key. Now, if she splits the key into a 3-of-5 share, put one share on her desktop, one on the laptop, one on her server at home, and two on the keyring, then the keyring-plus-any-machine will yield the secret gpg key, but if she loses the keyring, She can reconstruct the gpg key (and thus make a new share, rendering the shares on the lost usb keyring worthless) with her three machines at home.
Not sure whether it will help, but sounds interesting.
DO NOT, i repeat: DO NOT hold your bitcoins on any wallet to which you don't exclusively own the private keys.
download Tails 1.3 from https://tails.boum.org/download/index.en.html
burn it on a CD/DVD or USB flash drive.
boot from said CD/DVD/USB.
it comes with a bitcoin wallet called electrum.
when you run electrum it will give you 12 words to memorize, you can restore your wallet using these words if you forget them your bitcoins are gone, NEVER SHARE THEM WITH ANYONE OR THEY WILL HAVE ACCESS TO YOUR BITCOIN!
move your bitcoins to the electrum wallet, that way no one can move your money without your consent. thank me in a year or two when someone hacks Coinbase.
Use the Electrum wallet through tails. You will want to enable persistence on tails using this guide
Then, go to here to get electrum. Take some time to browse the electrum website, its really an awesome wallet to use through tails
Tails comes equipped with a built-in pgp program, look to the top right of your desktop and right click the clipboard. This guide will teach you to use pgp encryption. Know that shit inside and out, its a hell of an important step
go to your applications tab on your desktop, then click on the iceweasel browser. That is the tor browser
I've read that you shouldn't use the same Tor session to use two identities at the same time. So using my real Facebook account in the same session as any anonymous account, could potentially link my Facebook account with the anon account. Unless I had an anon Facebook account, but why the fuck would anyone want that?
Edit: Here's where I read it. Granted it's TAILS and not Tor, but I'm sure the same logic applies.
I personaly would use tails if i wanted to hide potential information about me. It's a live linux distro with focus on privacy. It defaults on routing through tor. When you set up tor yourself there are a lot errors you can make, which could reveal informations about you.
Sigh here you go.
That should be everything you're gonna need.
Totally man! So what you want todo is this:
Get Tails on a USB key, this way you won't need a HDD. As of right now, I wouldn't worry about VPN. I would personally recommend adopting a VERY STRICT policy of never accessing a DNM (or Tor anything at all) from home. Take a nice drive somewhere, some place without cameras.
As far as encryption, I would recommend this:
Create a public/private key (within the application itself), this is used to decrypt all data that has been encrypted with your public key. Also used to encrypt messages before you send them.
Like sharkman kinda said, its not good to overexert because it's almost always unnecessary. But a good amount of safety is always good, i recommend just using a GnuPG program like GPG4Win for private messaging with people over subjects on the darkweb.
Heres the link to download: https://www.gpg4win.org/
If you are distributing illegal substances or material, just use tailsOS
> I've always wondered why js was enabled by default.
They mention the reasons several times.
https://tails.boum.org/doc/anonymous_internet/Tor_Browser/#index2h2
With the minimum of researh you would find this
The Raspberry Pi and many tablets are based on the ARM architecture. Tails does not work on the ARM architecture so far. If you could find that and could read that... I am not sure what is unclear.
Rasberry pi = ARM Tails + ARM = FAIL therefore... . . . No. It cannot.
BTC Overkill Edition
using os x to buy fro dnms is discouraged, however using tails on a mac is completely fine. start you journey here https://tails.boum.org/install/mac/index.en.html and do not hesitate to ask your questions in this sub if you have some.
good luck and stay safe.