Hello, Ok, I could use a hand here. What I'm trying to build is a nice anonymous setup. Please correct/complete me. First I am running a windows 7 host machine with WDE (at the moment with PGP but will switch to TC) with the 1st VPN here. I will be using then a VM OS (here I want some advice, for a linux noob, some sort of a user friendly OS, how linux mint 12 fits there?) I don't know what yet, on which I plan to install the 2nd VPN (I made my research on that and already chose the providers). So how that work? I simply fire the 1st VPN on the host, then boot the guest and fire VPN 2nd there? Or are there any other setting to be made? I read about a VPN>TOR>VPN build described by @mirimir, but that is way to geeky for me. Also seems unpractical. On the host I will be mostly using a "normal" browser (for that I have firefox hardened with all the about:config tweaks, noscript, https everywhere, request policy etc), as tor is too slow for me, some torrent programs and some chatting (here I could also use a good advice, should I use services like privytalks?) Or a pidgin with OTR would do it? Extra Measures: - never use anything on the internet on the machine that could tie me with my real ID. - VPNs paid anonymously from a remote location with bitcoins/LR - encrypt pagefile, disable hibernation, disable firewire (are these required if I use WDE?), enable password with screensaver at 3min - surfing on my unprotected neighbour's wifi, all sharing off, MAC spoofing every now and then, - using random premium sock5 on top of the 2nd VPN (is this overkill?) - by the time I will unencrypt PGP and use TC, I want to have the bootloader on an SD and replace the machine TC with the windows one (not sure how I can accomplish to do that, meaning how can I replace with the windows one, read and reread and still dont quite get it, the press esc to delete thing), and plan to have a DBAN in the dvd for plausible deniability in case I can manage to hide the fact that my machine is encrypted. Could I achieve that? - all sensitive data kept in crypted containers. And that's about it. Please let me know what you think, if I'm too paranoid, or what I should add, discard or whatever. And excuse my English.
Not quite actually (never ran linux or that stuff, whish I knew that though), not something to get the big bad boys after me, just private anonymous chatting, private PGP emails, and P2P without having to worry about the ISP. I'm not in a very pleasant place to live in terms of freedom on the internet. I want to feel at ease knowing no one is eavesdropping and my data remains as private as it should be. No other comments?
How about something simple and old school like using good old classic mail (envelope and stamps and paper), it is legally more protected than any other communication (apart from face to face). And if you want to encrypt it, you can use one-time-pad to make your msg matematically unbreakable, or if you would like to start a bit simpler, use Gnupg to encrypt and ascii armore msg and than print it and send it in. That way no communication is sent over the "wire". Some say one-time-pad is inconvinient and slow, because you have to exchange pad's beforehand over secure line or in person, that is true, but i'll quote Finucci brothers from movie Oscar (1991): "you want it done fast, or you want it done good." Or you can use gnupg keypairs, but you also have to "trust" or "know" that -that- public key is your friends. To send large files, encrypt them, store on a dvd, usb or card, put it in envelope and send it, .... no internet used p.s. good read on one-time-pad: -https://en.wikipedia.org/wiki/One-time_pad -http://users.telenet.be/d.rijmenants/en/onetimepad.htm -http://www.cs.utsa.edu/~wagner/laws/pad.html
Do you game? If not, then I'd recommend using Ubuntu on both the host and VM. Software RAID is very fast in Ubuntu. And encrypted LVM is easy to set up. And yes, you could run one VPN on the host, and another on the VM. You could run a Windows VM too. If you run your first VPN on a pfSense VM, rather than on the host, your Windows VM (or host OS) could access the Internet directly at the same time that your Linux VM is using the VPNs. If you do game, then use Windows on the host.
