/tech/ - Tech


Mode: Reply

Max message length: 8192


Max file size: 80.00 MB

Max files: 5


(used to delete files and postings)


Remember to follow the rules

(74.01 KB 1024x768 31821-1.jpg)
How to set up linux for tor usage. Comrade 08/06/2019 (Tue) 23:50:13 No. 2280
I posted this in another thread but I think it deserves its own thread.

I've been seeing a lot of people saying that installing tor is super hard and difficult, and, even if you use windows it's not that hard. All you have to do is install the tor browser and go into the browser bundle files and run the executable for tor, or, just use the browser bundle.

Like it's not hard at all.

But, being the pros (and dirty commies that we are) we don't use fucking bourgeois Microsoft.

So, I've set up a super simple and comprehensive guide to installing and using tor like a pro on Linux.

This is why we use Linux.


Downloading tor:

ctrl+alt+t: Open terminal:

Sudo apt install tor
sudo service tor start


Downloading and setting up privoxy.
sudo apt install privoxy

Edit the config file:

vim /etc/privoxy/config

(If you don't have vim sudo apt install vim)

add in text at the bottom:
(vim insert mode: press I)

forward-socks5 .onion 9050

(press escape)

Type :wq (write quite)

Done, ammo loaded cannons ready to fire.


Set up firefox to use tor:

about:preferences: Network settings, Use custom proxy

(Privoxy runs on port 8118) 8118
Check off "Use this proxy for all protocols"


Takes literally 5 seconds and you don't have to inconvenience yourself by downloading a whole brand new fucking browser ONLY for the simple task of bouncing around encrypted packets through a bunch of proxies.

You also don't have to live with the hellscape that is Microsoft and the billions of exploits and bugs in and written for it. (Not to mention back doors.)

And before anyone starts bitching; Setting up firefox for privacy isn't that difficult.

Basically turn off all telemetry and geo location, referer headers (but you will need http refer headers for 8chan) and some other shit, Guide here:


But honestly none of that even matters unless you are a windows user or a pedophile and let's hope you aren't either one of those.

Have a nice day.
just use tails or Tor browser, you nerd.
just joking, comrade
Honestly tails isn't a bad option if you are going to do some serious irl activity.
Like if we where going to plan strikes or marches over the net i'd use tails
theres already a board for this >>>/tech/
(343.69 KB 800x450 onbatko.png)
We all know how to do that.
I'm on gentoo.
(4.89 MB stallmanquest.webm)

never change gentooposter
(176.85 KB 1200x822 mostbasedkeyboard.jpg)
So, of course, old Thinkpads are the laptop of choice for every Linux user I know, but are there any newer models worth buying? I'm still using a T420 from like 2012. I'd like to get at least 1080p, but I don't feel like doing the IPS mod. Also would any newer models be compatible with pic related?

plz move this discussion to TECH board
>the final 30s
>install the tor browser
download a zip file, extract it, and double click on the executable file, to be more precise
The T430 can accept the T420/T410 keyboards after a BIOS mod is installed to patch some keys. Most of the keys are pretty trivial though to the best of my knowledge so you could probably get away with just rebinding them in linux if you didn't feel comfortable flashing anything to the board. It'll be a pretty modest upgrade but its really as far as you can go with the classic keyboards without getting one of the 51nb systems (and those can be super expensive, lack free bios alternatives and perhaps some community support if something were to wrong)
But anon, if we cared about our privacy we wouldn't be able to post here because space_ doesn't respect our freedom.
Being butthurt aside, you should set up tor for firefox like this

manual proxy configuration:
http proxy port: 0
ssl proxy port: 0
ftp proxy port: 0
socks host port: 9050
check SOCKS v4
No Proxy for: localhost,

Privoxy is kind of an unnecessary thing to set up, and the config described in the OP would only use tor for onion links.
Also whack this in your about:config to avoid DNS leaks

network.proxy.socks_remote_dns true
network.dns.disablePrefetch true
network.dns.disableIPv6 true
I use privoxy so I can use multiple different hidden services such as i2p in conjunction with tor.
I do understand the use case for privoxy. I was just pointing out that if an anon were to follow OP's instructions firefox would not be using tor, which is what
>How to set up linux for tor usage
would imply.
routing traffic through tor and allowing tor traffic over firefox are two different things.
>forward-socks5 .onion 9050
(151.13 KB 1400x1047 hp_6470b_keyboard.jpg)
Also refurbished HP business line laptops are go to choice for linux users.

Pic related, HP ProBook 6470b from early 2013, with 3rd gen i5 3230M, socketed, none of that BGA soldered bullshit. Back cover can be opened in less than 5 seconds without any tools. Basically the similar ruggedness and features as thinkpad.

Had a HP Compaq 6910p, with Core2 Duo, basically the same as Thinkpad T61 although the entire laptop was from plastic, but you could throw it around like a thinkpad.
Yeah, I don't see the point in forcing all your traffic through tor. Youc an be de-anonymised that way if you aren't careful.
public service announcement:
Don't do as this anon says and think you are anonymous while using the default firefox browser over the tor network.

Tor works by making all its users look identical to web servers. The tor browser is modified in ways that makes it look different to webservers than the default firefox browser.

If you try to use tor with firefox you will immediately be identified as the only person on the tor network using the firefox browser.

Just use the tor browser, because this is what everyone else uses.
Tor would be useless if you fall on a node controlled by the NSA, so one should at least exclude all the nodes from counties in the 14 eyes. Also don't use distros using systemd.
>Tor would be useless if you fall on a node controlled by the NSA, so one should at least exclude all the nodes from counties in the 14 eyes.
Elaborate? I really don’t have a clue what you’re talking about.
conspiracy theory that the US government spies on the tor network by running tor exit nodes. due to the design of the protocol, they would have to control like 3/4 of all the nodes on the network to be able to successfully deanonymize anyone.
What are the chances that conspiracy is true?
>they would have to control like 3/4 of all the nodes on the network to be able to successfully deanonymize anyone.
which they can/do easily achieve
>>2302 >>2303 NSA can pretty much control every tor node in the 14 eyes countries. Also it is very cheap to run a tor node so it wouldn't cost much for NSA to create a lot of controlled nodes. >>2304 More than likely
>>2306 They can't do much with just one exit node.
User-friendly, sane guide: 1. Use Debian-based GNU/Linux distribution (like Ubuntu, Mint, Debian). 2. sudo apt install torbrowser-launcher 3. Open Tor Browser Launcher, check 'download over system-tor' and install 4. Launch Tor Browser, use it with setting 'High' on security slider To use normal Firefox over tor as OP suggested is stupid as fuck since you 100% deanonymized yourself, considering normal Firefox gives you a very unique fingerprint in the tor network, where people of course mostly use the Tor Browser, with all the added security features which comes with their browser hardening as well. Normal Firefox settings leaks to Google, for one.
>>2307 The NSA controlls lots of nodes in lots of countries. It's very cheap for a normal person to have a tor node, so for the massive budget of the NSA the cost of having multiple tor nodes is like a drop in the ocean. If you want prices you can search for VPS cost to see approximately how cheap it is to rent a server for tor.
>>2309 ITT: Tor noobs who don't understand tor. having control of an exit node by itself is about as useful as having no legs. In order to be effective you need access to both an entry and exit node so you can do timing correlation attacks and that is much MUCH more difficult and costly. >>2308 OP here, I make suggestions about hardening firefox. If you want to use normal tor browser that is fine, but, you are pretty limited on what you can do with it, also, you can't use I2P, freenet, or Zeronet with it, so, might has well learn to harden firefox.
>>2310 The NSA has a huge budget and therefore can do timing corellation attacks, also those aren't the only attacks they can pull off. I know that you can't do much with just an exit node, the problem is that it's very easy and cheap for the NSA to buy lots of compromized nodes in a lot of countries, so it's more likely that the will not only have an exit node. If you take a look at the tor metrics you will see that the vast majority of the nodes are in the 14 eyes countries, aka countries that the NSA is authorized to operate. If you connect to the tor network with the tor rowser you can see which tor nodes you are using, take a look, it's more than likely that at least two of the nodes you are connecting to are located within the 14 eyes.
>>2311 Yeah bu8t the way tor opperates is it randomly decifers what entry node you are going to be using, also, there are bridges, also, tor entry nodes are protected and legitimized by tor administrators themselves. That's why they call them Guard nodes. Do you know the ammount of man power it would take to corrilate an entry and exit node? The NSA would have to already have you as a target and some how know and control the guard node that you are connecting through. Very unlikely.
(507.91 KB Dingledine.pdf)
>>2312 where did you get that tor guard nodes are legitimized by the tor staff? All it says in the tor wiki is "To become a guard, a relay has to be stable and fast (at least 2MByte/s) otherwise it will remain a middle relay." In fact one of the reasons why tor's guard nodes stay the same for some period of time is to minimize the risk of falling on an exit node controlled by people with malicious intent i.e. governments, read the attached pdf. Also the NSA has a brand new facility in utah to analyze and decrypt data, some of it definitely caught in tor. As for corrilating a guard and an exit node, depending on the number of controlled nodes they have could happen at random, without them having to do pretty much anything.
>>2313 Yeah but the guard relays have to actually be chosen to be put on the network and used as a guard relay. They are trusted relays. That's how they become guard relays. There is a talk that ISIS does about on youtube. I haven't watched it in quite a while, but, it's the only lecture she has ion youtube. Decyrpting data is also, impossible, unless these people have quantum computers, which, they may, but, with the information I have I don't think that is going to happen. That's why no one can point to a time the actual tor network itself has faltered. If you can I would like too see it.
>>4810 download tail os put in flashdrive, boot in flashdrive you're done.
>>2287 What is your budget?
There is so much harmful and overcomplicated advice in this thread. So much more effort just to shoot yourself in the foot more. 1. Literally just download and run Tor Browser. Goes for every OS. 2. For using Tor with other software, just use Tor Browser as a SOCKS5 proxy, the proxy address is Goes for every OS as well. Don't trust random advice about Tor "enhancements" from the Internet, almost all of it is by brainlets who don't understand anything about Tor. Think first. Think hard how Tor works and how Tor Browser works. And then think hard how your additional configs and setups can only be doing more harm to yourself by straying away from the herd. Tor is all about uniformity. Being a smartass and a snowflake with super-l33t configs and extensions will only make you stand out more. Don't be a dumbass. Here's some things that unironically will improve your use of Tor Browser: - apparmor: this will heavily restrict what the adversary can do if your Tor Browser gets hacked. apparmor is a standard linux tool that restricts access of programs to your OS. It comes preinstalled on some major distros, but you'll need to get apparmor profiles for Tor Browser from the torbrowser-launcher. - nftables: you can use it to block every outgoing traffic except Tor, so none of the software you combine with Tor will leak. nftables is currently replacing iptables as the standard linux firewall, some major distros already made the switch.
>>4873 No. the deep web is a more edgy pre-2008 internet i have seen more fuckup thing the clear web.
>>4885 >now
>>4886 >Implying tor is comprimised in anyway Proof? Most people who say this don't actually understand how tor functions. tor is based on encryption algorithms that hash the senders data into complex algorithms that only the receiver has to key too and neither the sender nore the receiver know where sed data is coming from. So, unless the glows some how cracked quantum computing then you have no fucking idea what you are talking about. If they have quantum computers all data is compromised.
The above advice about using the bundle is good. It is intended to reduce the fingerprint from the Tor browser. Use Tails if doing other things is required. The thing that probably should be of concern is that several spook infested agencies do provide the funding for the developers, so they could possibly have frist dibs on any exploits that are discovered. The exit nodes have feds running them no doubt, but technically that isn't a big problem. Other leak vectors are bigger issues, so keep the browser updated. If paranoid compile by yourself. Of course the exit node can do MITM on traffic but the usual measures work against that. Also, better if there are a lot of other people using it, or the feds just find the source of the obvious Tor traffic and you get v&. Generally, Tor should be fine for anonymization, but don't loosen your guard if doing confidential stuff. The best way is to do real talking, if you are paranoid. Better, build real labour power so you don't have to rely on Tor and technical fixes. The Bolsheviks, in spite of being surveilled by the glowies, were victorious.
>>4919 Solid and uplifting post comrade.
>>4919 What about anonymisation for privacy in piracy (running a torrent server for example), rather than stuff like anti-government action, cp or drugs? I know those get shut down, but I don't often hear what happens to owners of pirate sites. I'm in the EU, if that makes a difference.
You probably could torrent over Tor. But a VPN is probably better for that, for both your sanity and that of the Tor network. Running pirate sites that have high traffic will definitely get you the attention of the feds, the corps. and your ISP. If you're just pirating yourself then that isn't that likely, though sometimes the companies will try to scare you with cease and desist notices, which actually was also one way that phishers could extort targets by using the threat of alleged copyright violations, and your ISP might take action. There was an anonymous protocol for torrents but it didn't seem to have a lot of adoption for pirate offering. Perhaps someone with more knowledge could comment on other P2P file share protocols, like GNUNet, if those are better for privacy and anonymity. Or whether there's an alternative to dumping heavy traffic through the already slower Tor, that can allow for anonymous torrenting. Actually on that topic you could just run a torrent website as a Tor hidden site, and that will provide some anonymity, so long as you aren't compromising your information during the other aspects of pirate service.
>>2310 you can have multiple browsers anon... use tor for tor browser, hardened firefox for clearnet, whatever for i2p, and chromium for everything that breaks ;)
>>2312 wait cant they just get data from your ISP for timing correlation anyways? id be surprised if they dont just filter off of ISPs tbh
(38.57 KB 330x440 catRidingDog.jpg)
>>4889 if u arent using https, the exit node can see what you're doing. Anyways, they know what site youre on, and more specific data depending on how the stuff is transmitted (like inthe form of url data versus just packets to a general purpose url). So if someone with exit node can correlate your usage from either the entry node or just your isp, they can supposedly see where u were looking on tor, and worst all packets u sent im pretty sure?
>>4983 make an onion site on a vps that doesnt take any info and is operated out of 14 eyes. Keep a backup site in case u do get shut down by the company i guess. keep your database encrypted until called upon obviously if anything sensitive. Only use tor to connect to the server when configuring it. Should keep u safe, these r the basics, look into it. grugq has some case studies in some like deceased 2013 blog about cyber criminals n shit, one case study about how this pedo ring basically got away by just using yknow, standard opsec but just sticking to it well and not giving out personal info, using proxies for everything, not using VPNs for security, and shit. So nah anti-gov shit stays up unless infiltrated, cp stays up -> gets killed -> comes back, and drugs always stay up lol but who do u think really profits off that, govs r the og cartels. Anyways yeah, whatever u do just have good basic opsec and u should be fine, tor isnt horribly broken, just use it how you are told to use it by people who know their shit. i.e. dont do shit on tor u do on clearnet, dont change ur browser, close sessions frequently, dont have it full screen, ideally use whonix or sandboxing or smth, whatever. If you're super noided there's always yknow, doing it out of public wifi also, so even if its deanonymized its not tied to u good luck anon
The recent update for the browser bundle standardizes the screen size for the full screen browser window, so that leak is probably not that big of a problem now. Also if using public WiFi to be anonymous, consider cloning the MAC address to something else than the one that could be traced if hotspot operators log that and can correlate the traveling of the device.
>>5045 >The recent update for the browser bundle standardizes the screen size for the full screen browser window, so that leak is probably not that big of a problem now. No, the recent update (10.0) completely fucks up resolution fingerprint resistance, because the rounding is buggy. 1) it doesn't round to multiples of 100 but is slightly off. 2) the window size is different between initial window and subsequent new windows. Secondly, the canvas fingerprint resistence doesn't work anymore. Thirdly, what you're referring to (a technique called "letterboxing") has already been part of the 9.5 version. See for yourself: https://arkenfox.github.io/TZP/tzp.html https://www.amiunique.org/
god you people are retarded. You can't figure out how to install a fucking program through the package manager? Kill yourselves.


no cookies?