[ / / / / / / / / ] [ b / news+ / boards ] [ operate / meta ] [ ]

/onion/ - Tor Hidden Services

Tor and "darknet" discussion

Catalog

Name
Email
Subject
Comment *
File
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Options
Password (For file and post deletion.)

Allowed file types: jpg, jpeg, gif, png, webm, mp4, swf, pdf
Max filesize is 8 MB.
Max image dimensions are 10000 x 10000.
You may upload 5 per post.

File: 1418964467317.jpg (6.14 KB, 275x183, 275:183, imgres-14.jpg)

 No.5

I'm looking to get into tor, I'm on a mac for the time being, is there anything I can do to better privacy. I'm not even planning on doing anything illegal, but just incase I stumble apon something I don't want to get v&.

I know about not using javascript, flash, and quicktime. Is there anything else I shouldn't use while I have tor.

 No.6

forgot to put, I also heard not to use html5 is this true?

 No.7

>>6
HTML5 is a language that a webpage can be coded in. It has nothing to do with functions that can be enabled or disabled.

Don't use Javascript, Adobe Flash, Quicktime, Java and don't open *illegal* files you download while online.

For you just download the MAC version of TOR[https://www.torproject.org/download/download-easy.html.en#mac]

You'll be alright, especially since you're not going to be doing illegal shit.

 No.10

>>5
>Is there anything else I shouldn't use while I have tor
when you download the bundle here >>7 everything you don't want to use will be disabled by default. basically, the safest way to run Tor is by running it as is and dont fuck with anything

 No.325

>>10
>the safest way to run Tor is by running it as is and dont fuck with anything
Kek

 No.483

>>7
>don't open *illegal* files
Didnt you mean dont open any files?

 No.486

>>10
Because I'm feeling nice. Don't listen to this faggot, OP.

http://pastebin.com/JEz5XeLK

 No.491

Also, an underutilized strategy is to enable your tor instance to be an internal relay.

If you also route internal traffic to tor, then /your/ traffic will become harder to identify from /other's/ traffic. That was the point of surfing while acting as a relay (Non-exit).

My day job is literally doing nothing but analyzing data (mostly bioinformatics) but without going to deep into it, it adds entropy (or noise) to the significant bits of data.

In my "secure" setups (as secure as my feeble mind allows me), I've set up artificial traffic scripts. All they do is simulate random browsing on random sites at random times regardless if i'm there or away from the set-up. That adds another uncertainty.

Would and adversary be able to classify it as /my/ traffic? /Theirs/? Or just auto-generated?

However all of it might be moot with this:
>>http://www.net-security.org/secworld.php?id=18092

In which case I'd encourage you use an unlisted bridge using obfs3 (a way to obfuscate traffic; obfs3 has shown to be able to cross the the great Chinese firewall).

>>Stylometry

Stylometry is a form of heuristic identification by using language patterns in the way one writes. So if possible, I'd suggest using different diction on differing sites along side different way of expression. Wax poetic on one forum, and be cold and meticulous on another.

 No.493

Even the tor browser bundle download site recommends turning off javascript & not running "as is".

Some people turn off frames

http://www.wired.com/2013/09/freedom-hosting-fbi/

"Some visitors looking at the source code of the maintenance page realized that it included a hidden iframe tag that loaded a mysterious clump of Javascript code from a Verizon Business internet address." about:config browser. frames. enabled


Even if a download does NOT require JavaScript, it may require browser frames
A document is loaded in an iframe for the captcha - so this doc. is retrieved and it is only the image-file of the captcha which is not generated (nor is an audio-file retrieved for the sound version of the captcha)

The download may require ( like many other hosts) iframes enabled for the Captcha

 No.494

File: 1427698803711.jpg (69.15 KB, 1249x344, 1249:344, screenshot.1.jpg)

I have found the following about:config settings to work on most onion sites for simple viewing

You may have to return a few to defaults to comment on an onion site or upload
it depends on the site

#1!!!! about:config javascript.enabled False

about:config

then type in search box
Right click on
network.http.sendSecureXsiteReferrer
and on the popup menu left click on Toggle to change the value from true to false.



Right click on
extensions.torbutton.saved.sendSecureXSiteReferrer
and on the popup menu left click on Toggle to change the value from true to false.


Right click on
network.http.sendRefererHeader
and in the popup menu left click on Modify.Right now the value of it is 2.Change that number to 0 and click Okay.

You may use the following if your Tin Hat is sparking


Does your Internet Service Provider (ISP) block or otherwise censor connections to the Tor network? or spy on you?

To enter bridges into Tor Browser, follow the instructions on the Tor Browser download page to start Tor Browser. When the 'Tor Network Settings' dialogue pops up, click 'Configure' and follow the wizard until it asks:



https://bridges.torproject.org/bridges
https://tails.boum.org/doc/first_steps/startup_options/bridge_mode/index.en.html

In order to use bridges, you must know in advance the address of at least one bridge. The Tor Project distributes bridge addresses in several ways, for example from their website and via email.
Bridges are less reliable and tend to have lower performance than other entry points.

browser.frames.enabled false this may fuckup the captcha to download a file

 No.507

>>494
Hi what do you think about running Tor inside Sandoxie for when using windows 8.1?


Delete Post [ ]
[]
[Return][Go to top][Catalog]
[ / / / / / / / / ] [ b / news+ / boards ] [ operate / meta ] [ ]