Perfect OpSEC - Become Invisible Online
This series is for educational purposes only. To get back to top-level table click here. Highlights:
- DO NOT ACCESS CLEARNET SITES WITH YOUR TOR BROWSER
- DISABLE JAVASCRIPT
Tor Browser
Everyone is going to be poking around on the web, that's almost the whole point of all this work - so we can interact with whatever goodies we want to on the web without anyone else knowing. Currently the best method of loading a webpage for privacy remains to be the Tor Browser. In this blog I'll go through some do's and don't when using Tor to maintain privacy!
Security Settings
Click on the shield icon at the top of the Tor browser and click "Advanced Security Settings" and set the value to "Safest". Note For Tails Users: Tails will reset this value on system restarts, so make sure you do this everytime you launch Tor on Tails!
Privacy Checking
To check that your I.P. address is a Tor exit node, and that your security settings are correct, go to https://whatsmybrowser.org/ and ensure the following: -Javascript is disabled! -No browser details can be detected!
Plugins
Additional addons/plugins should not be installed. Plugins not supported by the TorProject run the risk of bypassing the Tor network and accessing the net directly, which runs the risk of leaking your real I.P. address. It should be a clear indication to anyone why this is an issue, but people sometimes disregard this risk and lose a large part of their OpSec over this mistake.
Shredding History / Footprints
This section only applies to users who use the Tor browser while not using Tails or Whonix. The recommended tool for cleaning footprints, history, cache, etc. from your drive(s) is using a program known as CCleaner. When using the program it is recommended to go to 'Options' > 'Settings' and then selecting "Complex Overwrite" (7 passes) and "Secure File Deletion". Make sure all the boxes are ticked when cleaning including the 'Windows' and 'Application' tabs. This is normally recommended before the connection to Tor, and after you've left Tor, to wipe all cookies etc. Remember that although this may clear a good deal of the tracks left behind on your PC, wiping your drive(s) with random data and zeros from a live operating system is the only way to permanently clean your tracks. It is also good to note that there is no reliable way to wipe solid state drives so using hard drives is the preferred hardware.
Cookies - How The NSA Is Using Them To Track Tor Users
Let's suppose that there is an online shopping website, owned, or controlled by the NSA. When a normal user will open that website from his/her real I.P. address, the website creates a cookie on the user's browser and stores the real I.P. address and other personal information about the user. When the same user will again visit the same NSA owned website, enabling Tor this time on the same browser - the website will read the last stored cookies from the browser, which includes the user's real I.P. address, and other personal Information. Furthermore, the website just needs to maintain a database of real I.P. addresses against the Tor Proxy enabled fake I.P. addresses to track anonymous users. The more popular the site is, the more users can be tracked easily. Documents show that the NSA is using online advertisements, i.e. Google Ads to make their tracking sites popular on the internet. How You Can Avoid Cookie Tracking? By using the Tor browser exclusively for darknet activities. Browsers can't read cookies created by other browsers so using your standard browser for clearnet use can save you from this issue. However, you should always clear the cookies (with CCleaner or alike) after you’re done so any stored information, such as login information will not be stored on the computer's drive. If you're doing something very interesting, you should use Tor on an amnesic operating system, such as Tails, so that any data is dumped when the machine is closed.