<li><p>Virtual Machine: <ahref="../hypervisorsetup/index.html">Linux</a> or <ahref="../whonixqemuvms/index.html">Whonix</a> or <ahref="../tailsqemuvm/index.html">Tails</a></p></li>
<li><p>Application: <ahref="../vpn/index.html">VPN</a> (if your ISP doesn't allow Tor traffic) </p></li>
<p>I recommend using this setup into one of the above mentioned VMs, for <ahref="../anonymityexplained/index.html">Anonymous use</a>, as per the <ahref="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
→ echo "deb [signed-by=/usr/share/keyrings/derivative.asc] tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bookworm main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list
deb [signed-by=/usr/share/keyrings/derivative.asc] tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bookworm main contrib non-free
Created symlink /etc/systemd/system/multi-user.target.wants/tb-updater-first-boot.service → /lib/systemd/system/tb-updater-first-boot.service.
[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
→ systemctl --no-pager --no-block status tb-updater-first-boot.service
● tb-updater-first-boot.service - Helper Service for /usr/bin/torbrowser to determine when it is save to Copy Tor Browser from /var/cache/tb-binary to user home by Whonix developers
INFO: Digital signature (GPG) verification... This will take a moment...
INFO: Using digital signature signing key by The Tor Project.
INFO: Digital signature (GPG) verification ok.
INFO: Installation confirmation
Currently installed version: None installed. (Folder /home/nihilist/.tb/tor-browser does not exist.)
Downloaded version : 13.0.9
We have not previously accepted a signature yet. Therefore assisted check for downgrade or indefinite freeze attacks skipped. Please check the Current Signature Creation Date looks sane.
Previous Signature Creation Date: Unknown. Probably never downloaded a signature before.
Last Signature Creation Date : January 23 13:14:38 UTC 2024
According to your system clock, the signature was created 8 days 3 hours 25 minutes 2 seconds ago.
gpg reports:
gpg: Signature made Tue 23 Jan 2024 02:14:38 PM CET
gpg: using RSA key 613188FC5BE2176E3ED54901E53D989A9E2D47BF
gpg: Good signature from "Tor Browser Developers (signing key) " [ultimate]
<p>Next, we'll do some slight configuration changes, starting with the automatic connection:</p>
<imgsrc="1.png"class="imgRz">
<p>Then we make sure that all javascript is disabled, using the shield option on the top right corner, make sure it's set to the "Safest" setting:</p>
<imgsrc="2.png"class="imgRz">
<p>Then a personal preference, let's switch on the dark theme:</p>
<imgsrc="3.png"class="imgRz">
<imgsrc="4.png"class="imgRz">
<p>And from there you can start browsing. You can browse the clearnet first to see how the tor connection works:</p>
<imgsrc="5.png"class="imgRz">
<p>As you can see here, when browsing to the clearnet, your traffic is being encapsulated threefold, meaning that you are entrusting your connection to 3 tor node owners around the globe. And on top of that, they are in 3 different countries.</p>
<p>Next, when you browse to a website that can be accessed via a .onion link, you might get the above message that shows up. I prefer to not prioritize onions to avoid unnecessary page refreshes. Instead i click on the .onion available button if it appears.</p>
<p>Now when you're connected to the .onion hidden service, you can see that your connection goes through more tor nodes, this is the best way to access websites online, you're not leaking any info they don't need to know that way. Plus, since we are on the "safest" setting, we are not loading any javascript that may be used to fingerprint our activity online. </p>