What is the Tor Project
A free software implementation of
second-generation onion routing, a system
enabling its users to communicate anonymously
on the Internet
What is the Tor Browser Bundle (TBB)?
The Tor software protects you by
bouncing your communications around a
distributed network of relays run by
volunteers all around the world: it prevents
somebody watching your Internet connection
from learning what sites you visit, it
prevents the sites you visit from learning
your physical location, and it lets you access
sites which are blocked.
The Tor Browser Bundle lets you
use Tor on Windows, Mac OS X, or Linux without
needing to install any software. It can run
off a USB flash drive, comes with a
pre-configured web browser to protect your
anonymity, and is self-contained.
You can use Tor by
installing the browser bundle at:
https://www.torproject.org/projects/torbrowser.html.en
Download the browser
bundle and extract it to some place on your
local hard drive, I would suggest using an
encrypted volume or removable media (such as a
usb stick) that supports hardware encryption.
http://biiipvbegatnbj6k.onion/hentaikey4/ soo many other boards too
http://hg5km4y37lgir6r3.onion/ Euro BUK Simulator (remember Malaysian plane shut down over Ukraine ?)
http://yuxv6qujajqvmypv.onion/anonguide.pdf all about tor and internet security
http://xmh57jrzrnw6insl.onion Torch Search Engine
http://76qugh5bey5gum7l.onion/ Deep Web Radio
http://paisleli66axejos.onion German Forum - unzensiert - tabulos
http://kpvz7kpmcmne52qf.onion/wiki/index.php/Main_Page Hidden Wiki
GET ALL INFO YOU NEED
to Find Hidden Onion Sites for only 6.95
US $
What is Orbot?
Orbot is an application that
allows mobile phone users to access the web,
instant messaging and email without being
monitored or blocked by their mobile internet
service provider. Orbot brings the features
and functionality of Tor (read more below) to
the Android mobile operating system.
Orbot 1.0.5.2 (packaging Tor
0.2.2.25) is currently available in the
Android Market and from the Tor Project
website.
BROWSING
You can use the
Orweb Privacy Browser, which only works via
Orbot and Tor.
You can also try
Firefox Mobile with our ProxyMob Add-On to
browse via the Tor network.
INSTANT MESSAGING
For Instant
Messaging, please try Gibberbot which provides
integrated, optional support for Orbot and
Tor.
OTHER APPS
Transparent
Proxying: You must root your device in order
for Orbot to work transparently for all web
and DNS traffic. If you root your device,
whether it is 1.x or 2.x based, Orbot will
automatically, transparently proxy all web
traffic on port 80 and 443 and all DNS
requests. This includes the built-in Browser,
Gmail, YouTube, Maps and any other application
that uses standard web traffic.
What are some additional browser security addons?
****
If you're not going the route of
using the TBB or some other anonymizing
services, you can use these
solutions and technologies to help
to protect yourself online
****
HTTPS Everywhere is a Firefox and
Chrome extension that encrypts your
communications with many major websites,
making your browsing more secure. Encrypt the
web: Install HTTPS Everywhere today.
****
Adblock Plus blocks all annoying
ads on the web by default: video ads on
YouTube, Facebook ads, flashy banners,
pop-ups, pop-unders and much more.
Simply install Adblock Plus to
your browser (it is available for Firefox,
Chrome and Opera) or your Android smartphone
or tablet and all intrusive ads are
automatically removed from any website you
visit.
****
The EasyList subscriptions are
lists of filters designed for Adblock Plus
that automatically remove unwanted content
from the internet, including annoying adverts,
bothersome banners and troublesome tracking.
The subscriptions are currently maintained by
three authors, MonztA, Famlam and Khrin, who
are ably assisted by an ample forum community.
****
Ghostery is your window into the
invisible web – tags, web bugs, pixels and
beacons that are included on web pages in
order to get an idea of your online behavior.
Ghostery tracks over 1,200
trackers and gives you a roll-call of the ad
networks, behavioral data providers, web
publishers, and other companies interested in
your activity.
****
http://noscript.net/
The NoScript Firefox extension
provides extra protection for Firefox,
Seamonkey and other mozilla-based browsers:
this free, open source add-on allows
JavaScript, Java, Flash and other plugins to
be executed only by trusted web sites of your
choice (e.g. your online bank).
NoScript also provides the most
powerful anti-XSS and anti-Clickjacking
protection ever available in a browser.
What is truecrypt?
TrueCrypt is a freeware software
application used for on-the-fly encryption
(OTFE). It can create a virtual encrypted disk
within a file or encrypt a partition or (under
Microsoft Windows except Windows 2000) the
entire storage device (pre-boot
authentication).
TrueCrypt supports Microsoft
Windows, Mac OS X and Linux operating systems
(using FUSE). Both 32-bit and 64-bit versions
of these operating systems are supported,
except for Windows IA-64 (not supported) and
Mac OS X 10.6 Snow Leopard (runs as a 32-bit
process). The version for Windows 7, Windows
Vista, or Windows XP can encrypt the boot
partition or entire boot drive. There is an
independent, compatible implementation,
tcplay, for DragonFly BSD and Linux.
TrueCrypt supports a concept
called plausible denyability, by allowing a
single "hidden volume" to be created within
another volume. In addition, the Windows
versions of TrueCrypt have the ability to
create and run a hidden encrypted operating
system whose existence may be denied.
The TrueCrypt documentation lists
many ways in which TrueCrypt's hidden volume
deniability features may be compromised (e.g.
by third party software which may leak
information through temporary files,
thumbnails, etc., to unencrypted disks) and
possible ways to avoid this. In a paper
published in 2008 and focused on the then
latest version (v5.1a) and its plausible
deniability, a team of security researchers
led by Bruce Schneier states that Windows
Vista, Microsoft Word, Google Desktop, and
others store information on unencrypted disks,
which might compromise TrueCrypt's plausible
deniability. The study suggested the addition
of a hidden operating system functionality;
this feature was added in TrueCrypt 6.0. When
a hidden operating system is running,
TrueCrypt also makes local unencrypted
filesystems and non-hidden TrueCrypt volumes
read-only to prevent data leaks. The security
of TrueCrypt's implementation of this feature
was not evaluated because the first version of
TrueCrypt with this option had only recently
been released.
What is GnuPG?
GNU Privacy Guard (GnuPG or GPG)
is a GPL Licensed alternative to the PGP suite
of cryptographic software. GnuPG is compliant
with RFC 4880, which is the current IETF
standards track specification of OpenPGP.
Current versions of PGP (and Veridis'
Filecrypt) are interoperable with GnuPG and
other OpenPGP-compliant systems.
GnuPG is a part of the Free
Software Foundation's GNU software project,
and has received major funding from the German
government.
Suggested reading: https://en.wikipedia.org/wiki/GnuPG
What is OTR?
Pidgin is a free and open source
client that lets you organize and manage your
different Instant Messaging (IM) accounts
using a single interface. The Off-the-Record
(OTR) plug-in designed for use with Pidgin
ensures authenticated and secure
communications between Pidgin users.
Both Pidgin and OTR are available
for Microsoft Windows and for GNU/Linux.
Another multi-protocol IM program for
Microsoft Windows that supports OTR is Miranda
IM. For the Mac OS we recommend using Adium, a
multi-protocol IM program that supports the
OTR plugin.
Pidgin is a free and open source
Instant Messaging (IM) client that lets you
organize and manage your different (IM)
accounts through a single interface. Before
you can start using Pidgin you must have an
existing IM account, after which you will
register that account to Pidgin. For instance,
if you have an email account with Gmail, you
can use their IM service GoogleTalk with
Pidgin. The log-in details of your existing IM
account are used to register and access your
account through Pidgin.
Pidgin is strongly recommended for
IM sessions, as it offers a greater degree of
security than alternative messaging clients,
and does not come bundled with unnecessary
adware or spyware which may compromise your
privacy and security.
Off-the-Record (OTR) messaging is
a plugin developed specifically for Pidgin. It
offers the following privacy and security
features:
Authentication: You are assured
the correspondent is who you think it is.
Deniability: After the chat
session is finished, messages cannot be
identified as originating from either your
correspondent or you.
Encryption: No one else can access
and read your instant messages.
Perfect Forward Security: If third
party obtains your private keys, no previous
conversations are compromised.
Note: Pidgin must be installed
before the OTR plugin.
Note: All users are encouraged to
learn as much as possible about the privacy
and security policies of their Instant
Messaging Service Provider.
What is Tails?
Tails is a live system that aims
at preserving your privacy and anonymity. It
helps you to use the Internet anonymously
almost anywhere you go and on any computer but
leave no trace using unless you ask it
explicitly.
It is a complete operating-system
designed to be used from a DVD or a USB
stick independently of the computer's
original operating system. It is based on
Debian GNU/Linux.
You
can get the pre
configured anonymizer system that
looks like Windows 7 on a bootable DVD from jomahali.de
What is Whisper Systems?
WhisperSystems is an opensource
project dedicated to helping to secure your
mobile devices file systems and
communications.
RedPhone provides end-to-end
encryption for your calls, securing your
conversations so that nobody can listen in.
Use the default system dialer and
contacts apps to make calls as you normally
would.
RedPhone will give you the
opportunity to upgrade to encrypted calls
whenever possible.
RedPhone calls are encrypted
end-to-end, but function just like you're used
to.
RedPhone uses your normal phone
number to make and receive calls, so you don't
need yet another identifier.
TextSecure encrypts your text
messages over the air and on your phone. It's
almost identical to the normal text messaging
application, and is just as easy to use.
A full replacment for the default
text messaging application.
All messages are encrypted
locally, so if your phone is lost, your
messages will be safe.
Messages to other TextSecure users
are encrypted over the air, protecting your
communication in transit.
Google Chrome Warning
This Browser sends
the name of the file you're downloading to
Google for whitelist checking; stores your
IP address associated with the file for a
few weeks.[1]
Every URL you even
begin to type in the address bar is sent to
Google, in whole or in fragments, for
auto-completion purposes.[2][3]
Connects to Google
every 30 minutes to download a list of
malicious URLs, so the fact that you even
have Chrome open is transmitted to
Google.[1]
Asks you to login
to your Google account, so your browsing
tabs, history, etc. is stored on Google
servers.[4]
Connects to
websites in the background before you are
even finished typing them in, without your
explicit instruction.[5]
Contains an RLZ
identifier, an encoded string sent together
with all queries to Google.[6]
Summary: There is nothing,
nothing, you can do in Chrome that isn't
transmitted to Google through some channel.
Welcome to the botnet.
Recommended Alternatives
A fully free, libre, open-source (FLOSS) fork of Firefox without its built-in DRM support and Firefox Hello. Comes with LibreJS, an add-on which blocks out any non-free javascript on webpages.
A fork of Firefox optimized for modern CPU architectures. Does not include Firefox's Australis GUI.
A WebKit based browser aimed towards GNU/Linux users. Sports a cleaned up GUI that integrates better with most desktop environments, a built in ad blocker, and a unified history/bookmarks/RSS reader window.
A lightweight WebKit based browser. Features a built-in ad blocker and cookie manager.
What is bitmessage?
Key Features
It's completely free
No advertisements
anywhere
No tracking with
Google Analytics or other services at all
Send and receive
E-Mails from/to Bitmessage addresses
Send and receive
E-Mails from/to other E-Mail addresses
Personal Bitmessage
address
Supports
broadcasting
Use the E-Mail
client you are satisfied with and all its
features (address book, spam filter, folders,
rules, etc).
Instant delivery (no
POW) if your contact has an @bitmessage.ch
address too.
Server supports
IMAP, POP3 and SMTP
SSL secured with a
valid certificate
Spam filter
Easy readable alias
address
No Proxy or TOR
required but TOR hidden service and I2P
address available (see FAQ)
Webmail Access from
everywhere.
Two webmail systems,
one optimized for bitmessage compatibility,
one for all E-Mail features (attachments,
MIME, ...)
Auto responder if
you are away or want to set up a mailing list.
Auto forwarder to an
external address.
Two auto signatures
(Plain Text and HTML).
Rules for automatic
message filtering.
A free anonymous email service
that allows you to retain your complete
privacy and when coupled with gnupg it will
allow you to have a completely secure
messaging platform that cannot be cracked or
tracked by anyone.
What would this look like in an ideal world?
For general web-browsing use Tails
from an encrypted/hidden partition on
removable media. You will not have flash
and/or java support but with the
implementation of HTML5 it won't matter for
much longer. If you absolutely have to use a
site that requires Java or Flash, then your
identity might be exposed.
You can create hidden/encrypted
volumes for multiple virtual machines that you
use for other things, like "vulnerability
assessments".
While your ISP cannot intercept
your communications and neither can the
government in these scenarios they can see
that you are sending a large amount of
encrypted traffic from your location, which
could raise a red flag for certain 3-letter
acronyms interested in your activities.
Using the technique of encryption
within encryption you could use multiple
"proxified" connections using ssh/tor and
other means to obfuscate your traffic. It is
possible to use tails as a virtual machine
with all of it's traffic proxied to a remote
SSH session. This will effectively send all
your tor traffic via an ssh session,
The government is coming after
your privacy, using the technologies outlined
here will make it very difficult if not
impossible to be able to track you online.
Some random helpful free tools.