Am I OK?

Discussion in 'privacy technology' started by ams963, May 21, 2012.

Thread Status:
Not open for further replies.
  1. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Hi,

    I use Firefox with HTTPS Everywhere and HTTPS Finder. I use minimum number of trusted add-ons with no history of passing on personal user data. I use startpage. I do not sign in to google services. I clear my cookies. I use a strong vpn service with a flexible paid plan.

    This is what I do when I want to surf the internet anonymously.

    So is this all I need? Am I OK? Please give any suggestion and advice to improve my anonymous experience.

    Best Wishes,
    ams963
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    If you dedicate a VM to anonymous surfing, you'll reduce chances of leaking information to or from your non-anonymous surfing etc. If it's important, you could avoid other potential leaks (network, shared folders, USB drives, etc).
     
  3. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    I can do the second one that is avoid potential leaks by network, shared folders, usb drives, etc.

    But I do not know about a vm. Hmm...I've never used a vm before. I am not sure if I want to ever a vm either.

    I would have to use virtual box or vmware type software, allocate pc resources for the extra os in the vm like ram, hdd ,etc. And then I've to get an extra os for the vm- either buy a windows os(I'll already be using the win os in the real machine) or for linux. I then have to learn the linux os to get around once and if I go for linux.

    It would be a hassle don't you think?

    Will my anonymity be severely threatened if I do my anonymous surfing in the same os that is my real machine?
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    On Windows, VMware Player and an Ubuntu VM would probably be best. Ubuntu is quite user friendly, and Firefox is a featured app (can't miss it). Altogether, you'll need about 15GB storage. Ubuntu is happy with 1GB memory, and it'll run in 640MB.
     
  5. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Okay. I'll try that in a few days now that you are recommending it so much. Let's see how it goes. Thank you for improving my anonymity experience. :)
     
  6. redcell

    redcell Registered Member

    Joined:
    Sep 27, 2010
    Posts:
    126

    Please consider to read my thread at
    https://www.wilderssecurity.com/showthread.php?t=294518

    Base connection > VPN A > VM VPN B + TOR

    All of the above connections must not have your purchase paper trail. Your base connection can be, you know, wifi connection. Make sure the VPN is free or promo full-featured.
     
  7. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Should I use TOR with my VPN just like Paulie said here? And do I need to setup a dedicated vm if I use TOR with my VPN?
     
  8. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Thank you. That is indeed an interesting solution. But I am against all that hassle and using a vm.

    You see I have 4 pcs. 3 of which I use for gaming and office projects. The 4th one is a win xp netbook with a ram 1gb. I occasionally surf the web using this one when I some time. This is an old machine and I want to spend as little money, effort and time as possible on this pc.

    I can use TOR with my VPN. But using a vm with an extra os and a second vpn are just too much of a hassle.

    Please help me with a rather easy, simple solution for anonymity specific to my situation described above.
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    "Installing" the VPN will probably be the hardest step. You install OpenVPN through the Ubuntu Software Center app. In a terminal, you copy the VPN credentials and config files to /etc/openvpn. Navigate (using cd) to the folder containing the VPN credentials and config files. Then type "sudo cp * /etc/openvpn/" and hit enter. Decide which route (config file) you want to use. The config files may be either foo.conf (Linux style) or foo.ovpn (Windows style). Start OpenVPN by typing "sudo openvpn 'foo.conf'".
     
  10. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Oh! I'm getting a headache o_O Please help me with my specific situation described in post #8
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    You could dedicate an old laptop to Ubuntu and VPN :)
     
  12. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    The netbook with xp is the old one. I intend to use ubuntu next year as support for xp ends in 2 years. But I like xp and want to use it until next year. In the meantime I am going to use my vpn.

    So I guess the vm idea is just not for me.

    Do you think using TOR with my VPN would at least increase my provacy to some extent?
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    Yes. But the possibility of cross-session leaks remains. See recent discussion in tor-talk about Google Analytics.
     
  14. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    What do you mean by cross-session leaks?
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    Let's say that you're browsing with Tor. Maybe you install some malware that "phones home" later, when you're browsing without Tor. That's how Anonymous got 100+ visitors to onion sites featuring CP. Or maybe some website plants a cross-site evercookie, which it and other websites can see later. See -https://trac.torproject.org/projects/tor/query?keywords=~tbb-linkability
     
  16. lurker20

    lurker20 Registered Member

    Joined:
    Feb 20, 2012
    Posts:
    53
    Have you or anyone been using Tor browser bundle sandboxed (with sandboxie)? Just wondering if this mitigates this problem or do you suggest a vm configured to "revert to snapshot"?

    Oh no you made me change my setup now :D
     
  17. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Okay now what if I don't use my vpn inside a vm or use my vpn with tor?

    I mean if I do what I mentioned in post #1 and don't use anything else in a xp sp3 system is it too much of a threat?
     
  18. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,122
    I have one question. Does a home user really need to go through this? I mean a VPN is understandable if one is connecting to a public WIFI, but if you are on your own network? o_O
    No offense though, I'm just really curious.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    I don't use TBB. Trying to isolate disparate activities on one computer is risky, I think. Even if it's a VM that you can revert. Using separate VMs is safer. Using separate machines, with no connectivity of any sort, is safer yet.

    For casual Tor, these days, I use TAILS in a VM connecting through VPNs running on pfSense VMs. If it matters, I use TAILS on an old laptop with no hard drive, connecting through VPNs (pfSense VM with LAN bridged to host eth1).
     
  20. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    No you do not; an isolated browser going through a vpn is fine for web browsing. Keeping the browser isolated prevents evercookies from being dropped onto your hard drive and potential fingerprinting of your OS, computer clock, etc being used to create a profile of you which in most cases is used for targeted marketing. The idea behind the VPN over your own network is to encrypt communications over your ISP and to obfuscate your origin address with websites.

    If you are ok with websites potentially knowing details about your operating system, add-ons, fonts, time zone, evercookies etc you can keep the browser sandboxed on your primary hard drive.

    If you want to keep that information private, this is where a live CD or a VM would come into play.

    If you want to nuke everything from orbit just to make sure mirimir’s way is the best.

    You the user will have to weigh those concerns.
     
    Last edited: May 21, 2012
Loading...
Thread Status:
Not open for further replies.