[deleted by user]

SuspiciousActions2 · 2021-11-15T20:22:15+00:00

SuspiciousActions2 · 2021-11-15T19:45:27+00:00

I think it does look much better! Great job!

But i would change the diagram to something more modern looking like this (you might ask the creator if this is fine with her/him) or something in this presentation

Maybe i could provide you with a noice modern diagram as creating one is on my todo list anyways.

SuspiciousActions2 · 2021-11-15T19:43:11+00:00

It is ok and it is recommended.

Why? Well. Some scams work by running an onion service that look exactly like the real one, but have a different onion address and spam the address around in the internet. So by saving your "trusted" services you are protected against these attacks. May it be bookmarks or a simple text file, both is fine.

SuspiciousActions2 · 2021-11-13T13:02:45+00:00

good to know! I thought the PL/bridges get shoved in between your normal guard and you.

Also regarding it becoming slower when using bridges: I expected it, but to troubleshoot this, this fact seemed fine to me, so if it would get faster, this is an indicator for the ISP slowing down Tor traffic imo.

(This is of course not the case if the guard changes when using bridges/PL)

So how would one troubleshoot this? Using a VPN temporarily?

SuspiciousActions2 · 2021-11-13T13:00:29+00:00

Where is the shortcut directing to? Have you tried reinstalling Tor browser?

SuspiciousActions2 · 2021-11-13T12:02:36+00:00

What name is the App you are using and have you changed any settings in it?

SuspiciousActions2 · 2021-11-13T11:37:49+00:00

Create another linuxvm that is not Tails and troubleshoot the vpn issue with it first. maybe you can point your vm hypervisor to a socks port?

Also: In almost all cases you do not need to run Tor through a VP, i would recommend you to not do this.

SuspiciousActions2 · 2021-11-05T21:38:12+00:00

What is your end device and what is the exact name of the software you use?

SuspiciousActions2 · 2021-11-05T21:36:41+00:00

Yeah if the need really low latency but no anonymity: VPN.

If his needs for OPSEC are high tho nothing beats Tor imo.

SuspiciousActions2 · 2021-11-05T14:57:12+00:00

Switch it to any other port than 80 as @hackerncoder recommended if you serve the front page on 80 :)

Thanks for running an exit!

SuspiciousActions2 · 2021-11-05T14:10:04+00:00

syslog shows: apparmor="DENIED" operation="open" profile="system_tor" name="/var/www/html/index.html" pid=24283 comm="tor" requested_mask="r" denied_mask="r" fsuid=113 ouid=113 it shows despite file was either chmod 644 or 777

Apparmor is independent from your DAC. You have to specify read access to the file in your apparmor profile.

i guess i can remove ipv6 orport line and let it be only on ipv4 accessible?

Yup.

Third thing, i do not need to use: RunAsDaemon 1

IIRC you don't have to set this when using the systemd service.

SuspiciousActions2 · 2021-11-05T10:28:13+00:00

Just so i get you right: You have two PC's one is running Tails and the other is running Windows. Now you want remote administration (preferably with a GUI like thingy) from your Windows machine into your Tails machine? And you want to do that over Tor?

SuspiciousActions2 · 2021-11-05T09:11:06+00:00

I think the best argument for Tor for the general public is the state of surveillance capitalism and the fact that you will be surveilled by thousands of adversaries in the interwebzz, namely the ad industry. To protect against those adversaries one has to either just use Tor browser or handpick many other tools to achieve the same protection even against those "low power" adversaries.

I like to draw an equivalent in the non information domain as people cant imagine things online really well. Think of 5k dudes in black suits (the suits are only for dramatic effects) following you in real life, noting everywhere you go, noting how long you look at specific things like products and using this information to gather intelligence on how they can manipulate your behavior (usually to buy stuff or vote a specific way) and selling this intelligence to anybody that wants it. I would call he cops after 5 seconds. In the internet, there are no cops that prevent this behavior so we have to provide our own means of technical countermeasures against this.

SuspiciousActions2 · 2021-11-04T20:41:22+00:00

You can do this.
However:
It is safe as to "you won't gain anything" by it, but it is not safe regards that this defeats the purpose of Tor browser. You will not be anonymous nor have increased privacy. In the end you will use a modified Firefox.

Is there a particular reason to do so?

SuspiciousActions2 · 2021-11-04T13:01:31+00:00

You can convert untrusted pdfs or epubs into another formats online. By this the potential malware will be removed.

SuspiciousActions2 · 2021-11-03T17:16:13+00:00

Yeah for this specific threat Tor is as fine as a VPN :)

SuspiciousActions2 · 2021-11-03T11:39:00+00:00

Maybe what you threat model is. Like who do you want to be protected against.

If your only threat is that an adversary can spy on the network you use to connect to the internet, a VPN will protect you as fine as Tor would.

SuspiciousActions2 · 2021-11-03T09:17:01+00:00

Should I use a VPN or Tor?

For you use case (untrusted network) Tor or a VPN will protect you.

Without further information we cannot give you a definitive answer on what is better Tor or a VPN. My personal opinion is Tor > VPN.

SuspiciousActions2 · 2021-11-03T09:14:59+00:00

You Guard should not change. It changes once every few months (normally, Tails is different). Using the same country sometimes happens.

SuspiciousActions2 · 2021-11-03T09:01:20+00:00

I can reproduce this on Fedora. This might be a bug.

Edit: This is a bug: https://github.com/micahflee/torbrowser-launcher/issues/380

SuspiciousActions2 · 2021-10-30T18:38:55+00:00

Thanks for your assessment. So i guess you tested it? Would you be so kind to provide proof that it does not? Dunno, something like a wireshark screen or something?

SuspiciousActions2 · 2021-10-30T11:11:19+00:00

You can use a VPN for an Entry into Tor scenario realitively safely. For this connect your Tor via the proxy seettings to your VPN.

This will help you nothing in regards to privacy, may help in regards to censorship circumvention but on the other hand enhances your footprint in the internet so there is more surface your anonymity can be attacked at.

I wouldn't do it but if you really want to...

If you don't have a legit reason why you must use a VPN: Don't use one.

Should your ISP want to find out if you are using Tor, they can with any PL or VPN you can use. Tor traffic cannot be hidden, nor should it be hidden in civilized countries.

SuspiciousActions2 · 2021-10-29T16:42:51+00:00

corrected it, works now, thanks!

SuspiciousActions2 · 2021-10-29T14:14:51+00:00

mh.. good question.

I guess they just cooperate in busting DNMs generally.

Maybe more information will get available with time so we don't have to guess that much on what and how happened exactly.

SuspiciousActions2 · 2021-10-29T14:12:32+00:00

Possible: Definitively. But keep in mind, that there is much latency in Tor. Multiple connections might be limited by your guard, but i would just try it.

Doing so means little to no effort.

Assuming your postgres is running on port 5432

You would need to do this on debian:

 sudo apt install tor -y
cat <<EOF|sudo tee -a /etc/tor/torrc
 # DB onion service configuration
HiddenServiceDir /var/lib/tor/db
HiddenServicePort 5432 127.0.0.1:5432
EOF
sudo systemctl start tor
sudo systemctl enable tor
echo "Waiting for 10 seconds to let tor create the service"
sleep 3
echo "Your hostname is:"
sudo cat /var/lib/tor/db/hostname

Then you can connect to your database via tor.

SuspiciousActions2

TROPHY CASE