256 lines
13 KiB
HTML
256 lines
13 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<meta name="description" content="">
|
|
<meta name="author" content="">
|
|
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
|
|
|
|
<title>Tor Browsing Setup</title>
|
|
|
|
<!-- Bootstrap core CSS -->
|
|
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
|
|
<link href="../../assets/css/xt256.css" rel="stylesheet">
|
|
|
|
|
|
|
|
<!-- Custom styles for this template -->
|
|
<link href="../../assets/css/main.css" rel="stylesheet">
|
|
|
|
|
|
|
|
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
|
|
<!--[if lt IE 9]>
|
|
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
|
|
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
|
|
<![endif]-->
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<!-- Static navbar -->
|
|
<div class="navbar navbar-inverse-anon navbar-static-top">
|
|
<div class="container">
|
|
<div class="navbar-header">
|
|
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
|
<span class="icon-bar"></span>
|
|
<span class="icon-bar"></span>
|
|
<span class="icon-bar"></span>
|
|
</button>
|
|
<a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
|
|
</div>
|
|
<div class="navbar-collapse collapse">
|
|
<ul class="nav navbar-nav navbar-right">
|
|
|
|
<li><a href="/about.html">About</a></li>
|
|
<li><a href="/blog.html">Categories</a></li>
|
|
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
|
|
<li><a href="/contact.html">Contact</a></li>
|
|
</ul>
|
|
</div><!--/.nav-collapse -->
|
|
|
|
</div>
|
|
</div>
|
|
|
|
<!-- +++++ Posts Lists +++++ -->
|
|
<!-- +++++ First Post +++++ -->
|
|
<div id="anon2">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-8 col-lg-offset-2">
|
|
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-01-31</ba></p>
|
|
<h1>Tor Browsing Setup </h1>
|
|
<img src="0.jpeg" style="width:250px">
|
|
<p>In this tutorial we're going to cover how to browse the web anonymously, and some simple rules to follow to protect your anonymity. </p>
|
|
<p><h2><u>OPSEC Recommendations:</u></h2></p>
|
|
<ol>
|
|
<li><p>Hardware : (Personal Computer / Laptop)</p></li>
|
|
<li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
|
|
<li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
|
|
<li><p>Virtual Machine: <a href="../hypervisorsetup/index.html">Linux</a> or <a href="../whonixqemuvms/index.html">Whonix</a> or <a href="../tailsqemuvm/index.html">Tails</a> </p></li>
|
|
<li><p>Application: <a href="../vpn/index.html">VPN</a> (if your ISP doesn't allow Tor traffic) </p></li>
|
|
</ol>
|
|
<p>I recommend using this setup into one of the above mentioned VMs, for <a href="../anonymityexplained/index.html">Anonymous use</a>, as per the <a href="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
|
|
|
|
|
|
</div>
|
|
</div><!-- /row -->
|
|
</div> <!-- /container -->
|
|
</div><!-- /grey -->
|
|
|
|
<!-- +++++ Second Post +++++ -->
|
|
<div id="anon3">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-8 col-lg-offset-2">
|
|
<h2><b>Initial Setup </b></h2>
|
|
<p>If you have a regular debian distribution, do as follows to install the tor browser:</p>
|
|
<pre><code class="nim">
|
|
[ mainpc ] [ /dev/pts/5 ] [~]
|
|
→ sudo apt install tor torsocks curl apt-transport-tor gnupg2 -y
|
|
|
|
[ mainpc ] [ /dev/pts/1 ] [~]
|
|
→ sudo torsocks curl --output /usr/share/keyrings/derivative.asc --url http://www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion/keys/derivative.asc
|
|
% Total % Received % Xferd Average Speed Time Time Time Current
|
|
Dload Upload Total Spent Left Speed
|
|
100 77312 100 77312 0 0 7106 0 0:00:10 0:00:10 --:--:-- 23126
|
|
|
|
[ mainpc ] [ /dev/pts/1 ] [~]
|
|
→ echo "deb [signed-by=/usr/share/keyrings/derivative.asc] tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bookworm main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list
|
|
deb [signed-by=/usr/share/keyrings/derivative.asc] tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bookworm main contrib non-free
|
|
|
|
[ mainpc ] [ /dev/pts/1 ] [~]
|
|
→ sudo apt update -y
|
|
Hit:1 http://deb.debian.org/debian bookworm InRelease
|
|
Hit:2 http://security.debian.org/debian-security bookworm-security InRelease
|
|
Hit:3 http://deb.debian.org/debian bookworm-updates InRelease
|
|
Hit:4 https://packages.element.io/debian default InRelease
|
|
Get:5 tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bookworm InRelease [39.6 kB]
|
|
Get:6 tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bookworm/main amd64 Packages [34.3 kB]
|
|
Get:7 tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bookworm/contrib amd64 Packages [506 B]
|
|
Get:8 tor+http://deb.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion bookworm/non-free amd64 Packages [896 B]
|
|
Fetched 75.3 kB in 12s (6,284 B/s)
|
|
Reading package lists... Done
|
|
Building dependency tree... Done
|
|
Reading state information... Done
|
|
16 packages can be upgraded. Run 'apt list --upgradable' to see them.
|
|
|
|
[ mainpc ] [ /dev/pts/1 ] [~]
|
|
→ sudo apt install tb-starter tb-updater -y
|
|
|
|
[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
|
|
→ systemctl enable --now tb-updater-first-boot.service (3)
|
|
|
|
Created symlink /etc/systemd/system/multi-user.target.wants/tb-updater-first-boot.service → /lib/systemd/system/tb-updater-first-boot.service.
|
|
|
|
[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
|
|
→ systemctl --no-pager --no-block status tb-updater-first-boot.service
|
|
|
|
● tb-updater-first-boot.service - Helper Service for /usr/bin/torbrowser to determine when it is save to Copy Tor Browser from /var/cache/tb-binary to user home by Whonix developers
|
|
Loaded: loaded (/lib/systemd/system/tb-updater-first-boot.service; enabled; preset: enabled)
|
|
Active: active (exited) since Wed 2024-01-31 08:59:34 CET; 2s ago
|
|
Docs: https://github.com/Whonix/tb-updater
|
|
Process: 140334 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
|
|
Main PID: 140334 (code=exited, status=0/SUCCESS)
|
|
CPU: 690us
|
|
|
|
[ mainpc ] [ /dev/pts/1 ] [~]
|
|
→ torbrowser
|
|
INFO: ARCH 'x86_64' detected.
|
|
INFO: ARCH_DOWNLOAD 'linux-x86_64' detected.
|
|
INFO: CURL_PROXY:
|
|
INFO: Not running inside Qubes Disposable Template, ok.
|
|
INFO: Using stable version. For alpha version, see: https://www.whonix.org/wiki/Tor_Browser#Alpha
|
|
INFO: Running connectivity check... Downloading...: https://www.torproject.org
|
|
INFO: CURL_OUT_FILE: /home/nihilist/.cache/tb/temp/tbb_remote_folder
|
|
INFO: Connectivity check succeeded.
|
|
INFO: Find out latest version... Downloading...: https://aus1.torproject.org/torbrowser/update_3/release/downloads.json
|
|
INFO: CURL_OUT_FILE: /home/nihilist/.cache/tb/RecommendedTBBVersions
|
|
INFO: Learn more about this Download Confirmation Notification.
|
|
https://www.whonix.org/wiki/Tor_Browser#Download_Confirmation_Notification
|
|
INFO: Previously downloaded version: none
|
|
INFO: Currently installed version: None installed. (Folder /home/nihilist/.tb/tor-browser does not exist.)
|
|
INFO: Online detected version: 13.0.9
|
|
QUESTION: Download now?
|
|
y/n?
|
|
y
|
|
|
|
INFO: Because you are not using --nokilltb, now killing potentially still running instances of Tor Browser...
|
|
firefox.real: no process found
|
|
INFO: Digital signature (GPG) download... Will take a moment...
|
|
INFO: Downloading...: https://www.torproject.org/dist/torbrowser/13.0.9/tor-browser-linux-x86_64-13.0.9.tar.xz.asc
|
|
INFO: CURL_OUT_FILE: /home/nihilist/.cache/tb/files/tor-browser-linux-x86_64-13.0.9.tar.xz.asc
|
|
INFO: Downloading Tor Browser...
|
|
INFO: Downloading...: https://www.torproject.org/dist/torbrowser/13.0.9/tor-browser-linux-x86_64-13.0.9.tar.xz
|
|
INFO: CURL_OUT_FILE: /home/nihilist/.cache/tb/files/tor-browser-linux-x86_64-13.0.9.tar.xz
|
|
INFO: Digital signature (GPG) verification... This will take a moment...
|
|
INFO: Using digital signature signing key by The Tor Project.
|
|
INFO: Digital signature (GPG) verification ok.
|
|
INFO: Installation confirmation
|
|
Currently installed version: None installed. (Folder /home/nihilist/.tb/tor-browser does not exist.)
|
|
Downloaded version : 13.0.9
|
|
We have not previously accepted a signature yet. Therefore assisted check for downgrade or indefinite freeze attacks skipped. Please check the Current Signature Creation Date looks sane.
|
|
Previous Signature Creation Date: Unknown. Probably never downloaded a signature before.
|
|
Last Signature Creation Date : January 23 13:14:38 UTC 2024
|
|
According to your system clock, the signature was created 8 days 3 hours 25 minutes 2 seconds ago.
|
|
gpg reports:
|
|
gpg: Signature made Tue 23 Jan 2024 02:14:38 PM CET
|
|
gpg: using RSA key 613188FC5BE2176E3ED54901E53D989A9E2D47BF
|
|
gpg: Good signature from "Tor Browser Developers (signing key) " [ultimate]
|
|
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
|
|
Subkey fingerprint: 6131 88FC 5BE2 176E 3ED5 4901 E53D 989A 9E2D 47BF
|
|
Learn more about this Installation Confirmation Notification.
|
|
https://www.whonix.org/wiki/Tor_Browser#Installation_Confirmation_Notification
|
|
QUESTION: Install now?
|
|
y/n?
|
|
y
|
|
|
|
INFO: Extracting /home/nihilist/.cache/tb/files/tor-browser-linux-x86_64-13.0.9.tar.xz ...
|
|
extraction percent done: 19 / 100
|
|
extraction percent done: 44 / 100
|
|
extraction percent done: 63 / 100
|
|
extraction percent done: 82 / 100
|
|
extraction percent done: 100 / 100
|
|
|
|
</code></pre>
|
|
|
|
<p>Next, we'll do some slight configuration changes, starting with the automatic connection:</p>
|
|
<img src="1.png" class="imgRz">
|
|
<p>Then we make sure that all javascript is disabled, using the shield option on the top right corner, make sure it's set to the "Safest" setting:</p>
|
|
<img src="2.png" class="imgRz">
|
|
<p>Then a personal preference, let's switch on the dark theme:</p>
|
|
<img src="3.png" class="imgRz">
|
|
<img src="4.png" class="imgRz">
|
|
<p>And from there you can start browsing. You can browse the clearnet first to see how the tor connection works:</p>
|
|
<img src="5.png" class="imgRz">
|
|
<p>As you can see here, when browsing to the clearnet, your traffic is being encapsulated threefold, meaning that you are entrusting your connection to 3 tor node owners around the globe. And on top of that, they are in 3 different countries.</p>
|
|
<img src="6.png" class="imgRz">
|
|
<p>Next, when you browse to a website that can be accessed via a .onion link, you might get the above message that shows up. I prefer to not prioritize onions to avoid unnecessary page refreshes. Instead i click on the .onion available button if it appears.</p>
|
|
<img src="7.png" class="imgRz">
|
|
<p>Now when you're connected to the .onion hidden service, you can see that your connection goes through more tor nodes, this is the best way to access websites online, you're not leaking any info they don't need to know that way. Plus, since we are on the "safest" setting, we are not loading any javascript that may be used to fingerprint our activity online. </p>
|
|
</div>
|
|
</div><!-- /row -->
|
|
</div> <!-- /container -->
|
|
</div><!-- /white -->
|
|
<!-- +++++ Footer Section +++++ -->
|
|
|
|
<div id="anonb">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-4">
|
|
<h4>Nihilism</h4>
|
|
<p>
|
|
Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
|
|
|
|
</p>
|
|
</div><!-- /col-lg-4 -->
|
|
|
|
<div class="col-lg-4">
|
|
<h4>My Links</h4>
|
|
<p>
|
|
|
|
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
|
|
|
|
</p>
|
|
</div><!-- /col-lg-4 -->
|
|
|
|
<div class="col-lg-4">
|
|
<h4>About nihilist</h4>
|
|
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
|
|
</div><!-- /col-lg-4 -->
|
|
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<!-- Bootstrap core JavaScript
|
|
================================================== -->
|
|
<!-- Placed at the end of the document so the pages load faster -->
|
|
|
|
</body>
|
|
</html>
|