Tor Anonymity: Things NOT To Do While Using Tor

[Batu69]

 

Do you run Tor on Windows? Do you Google and Torrent on Tor? Here is a list of things you should NOT be doing while using Tor or else your privacy is as vulnerable as without Tor.

 

The Onion router, or Tor as it is more commonly known as, is a free anonymity software which people all over the world use for hiding their real identity while browsing the internet. A user’s online privacy and anonymity is something that is not always respected by ISPs and government officials, not at all in today’s world.

 

In an age where cybercrime is growing with a breath-taking pace, add to that the activity of government agencies like NSA spying intensely on their citizens’ internet activity, anonymity and privacy while using the internet is a hard thing to come by. At times like these, Tor comes out as a boon for people.

 

It is simply a browser that provides you anonymity by routing your network through many different relays on its Tor network. Your identity is protected since your connection to an end node is made through an intricate network of relays. However, the degree to which Tor helps you out depends on the way you use it. We provide you with some Don’ts while using Tor.

Not Updating regularly

Tor is a free software, and like all software, it has some bugs and glitches which are resolved regularly via updates. Moreover, Tor is just a browser that works on top of your operating system, so if your OS itself is compromised then Tor won’t do you any good. Therefore, it is quite essential that you regularly update your Tor client as well as your operating system.

Using with Windows

Windows is the most used operating system in the world, and with Windows 10, despite its security and privacy issues, the number of users has increased even further.

However, using Tor on top of Windows is not a good practice, since Windows is full of security flaws that allow hackers to gain leverage over a user’s system and thereafter his sensitive data. It’s no use using Tor to hide your identity when Windows OS can cause your sensitive files to be hacked.

Using Google as a search engine

Google uses a lot of tools like Google analytics to build a complete profile of people who use it. Although it helps in providing people better search results and overall experience, it involves recording a lot of personal data like name, location, etc. If you are using Tor to hide your identity, then using Google on top of that is a waste of Tor. It’s like hitting the gym and then eating a double cheese pizza right after coming out. So, do not use Google while using Tor. Search engines like DuckDuckGo do not track your location or record your search results so give it a try.

Keeping Java enabled

JavaScript, Adobe Flash, etc. are powerful browser languages that can be used by hackers and spies to gain access to your system. These languages use virtual machines and run via user accounts so they have a lot of permissions which can be used to share your personal data online. So even if you are using Tor to hide your identity, keeping these enabled will do you no good.

P2P

Sorry, but no torrenting on Tor. BitTorrent and other P2P clients provide information like your IP address to the peers and end nodes, so if you use P2P while using Tor then again it is a canceling out factor. Anyone in the peer pool can see your IP address and thus your identity is compromised.

End Note

Tor is a free software to provide people anonymity on the internet. However, it is merely a traffic router. It cannot, for instance, encrypt all your files and your entire internet connection.

Therefore, the onus is on the users to use it to good effect so that they may reap the benefits of using Tor properly and succeed in their aim of remaining anonymous on the internet. This article highlights just some of the ”don’ts” while using Tor. We would advise you to do some more homework to identify other such issues with using Tor.

 

Article source

[Cerberus]

In combo with a good vpn and some disabling in windows, TOR is great.    There is no one tool solution to privacy, its combination of many tools and even then there is only so much the end user can do.  Just do your best to increase anonymity as much as possible.  Governments can still get through but other companies will not.  You have to keep in mind who made the internet. 

[SURbit]

For Just a browser I used for a number of years.

 

https://www.ixquick.com/

 

 

Privacy Policy:

In short: Ixquick does not collect or share personal information. We don't track or profile you.

 

The longer version: Ixquick is strongly committed to protecting the privacy of its user community and is dedicated
to ensure that your search information cannot be linked back to you.
This privacy policy details the - very limited and non-personal - information Ixquick.com
("Ixquick") may gather and our disclosure policy.

 

Operator:

Ixquick.com is owned and operated by

Surfboard Holding BV, Postbus 1079, 3700 BB Zeist The Netherlands.

Representative for the Privacy Policy is Robert E.G. Beens.

 

What is “Personal Information:

Information is regarded as personal when it tells something about a human being who is or

can be (uniquely) identified.
This definition stems from European law, which applies to Ixquick, and is intentionally broad

in order to provide a high level of privacy protection.

This means, for example, that not just names and e-mail addresses can be personal information, but also numbers or

other identifiers, such as your IP-address, to the extent that they link other information to

a specific human being.

 

IP Addresses:

The IP address that is associated with your search will NOT be recorded or shared.
In order to prevent the unpleasant possibility that anything you ever search for online could

be traced back to you via your IP-address, we do not record or share the IP address of any

of our visitors.

The only exception is for “abusive” (automated) queriers that rapidly submit more queries to

Ixquick in a short time than any normal human possibly would.

 

Data Collection:

We don't collect any personal information about our visitors.
This is a first and very important condition to safeguard your privacy.

If personal information isn’t collected, it can’t be stolen, demanded, leaked or exposed.

 

In fact, the only information we do record is an aggregate total of how many searches are

performed on our website each day

(a measure of overall traffic), and, some other strictly non-personal statistics.

Such statistics may include the number of times our service is accessed by a type of

operating system, a type of browser, a language, etc.—or a combination thereof.

 

We only count the numbers and are in no way able to know what your specific

operating system, browser, language settings, etc may be, because we do not record that

information.

 

When you use Ixquick, we do not record your IP address, we do not record the browser

connected with your search (Internet Explorer, Safari, Firefox, Chrome etc.), the computer

platform (Windows, Mac, Linux, etc.) connected with your search, and we do not record

your search words or phrases themselves.

 

This zero personal data collection policy protects your privacy, since your IP address,

browser, and platform information can be combined with other data to uniquely identify your

computer, your location, or you.

Please note that search queries may convey personal information

(think of someone entering their own name and/or social security number).

Although we do not record your search queries, all queries are submitted to Google

anonymously, as this is required to receive search results.

 

Cookies:

Ixquick does not use tracking or identifying cookies.

Preferences:
Cookies are small pieces of data that are sent and saved to your computer's hard drive

when visiting sites.

Ixquick uses only one anonymous cookie called "preferences".

This cookie is to remember the search preferences you saved for your next visit.

It expires after not visiting Ixquick for 90 days.

You can choose to accept or refuse cookies by changing the settings of your browser.

It should be noted, however, that your Ixquick.com preferences will not work properly

if your cookies are turned off.

It is possible to accept cookies from selected sites only.

You can periodically delete cookies from your computer's hard drive, clearing out all

historical data that may have been saved from your previous web surfing.

If you delete cookies and return to a website, there is no cookie to recognize you by.

To promote a cookie-free internet, Ixquick has a URL generator which eradicates the

need for setting a cookie. It remembers your settings in a privacy friendly manner.

It can be found at the bottom of the SETTINGS page.

 

Email Addresses:

Ixquick will not sell or disclose your contact information to any third parties.
When you send comments, questions, suggestions, or feedback to Ixquick via email or

through our support center, and include an email address and/or contact information,

Ixquick may use this information to respond to you.

 

By submitting feedback you also allow us to detect which browser and operating system

you are using, information that will exclusively be used for helping to better understand

and solve any reported issues better.

Ixquick will not sell or disclose your contact information to any third parties.

We may, however, very occasionally send emails to our users regarding Ixquick company

information.

This service is opt-in and includes the option to unsubscribe.

 

External Links:

After clicking on a search result, you leave the protection offered by Ixquick, unless you

use our unique proxy function to protect your identity.
Please note that this privacy policy applies only to the Ixquick.com website. Ixquick is a

search engine, and an advertising publisher, so you will find various links on our site, I

ncluding but not limited to search results and sponsored results.

 

These sites are owned and maintained by independent companies, over which Ixquick

has no control, and who are not covered by this privacy policy.

Ixquick is not liable or responsible for the content of these sites, or their collection and

use of information.

 

Ixquick prevents the leakage of your search terms to third parties by using the so

called POST method by default instead of the GET method, which is used by many other

search providers.

The POST method keeps your search terms out of the logs of webmasters of sites that

you reach from our results.

Search terms tell a lot about what you are thinking, which is why this is a privacy issue.

With the POST method Ixquick uses, your search terms are stripped off.

This can cause "Web page has expired" messages and prevents from creating shortcuts

of results-pages but is preferred from a privacy perspective.

 

To create shortcuts you can use the "Bookmark this search" button on the right of the

results page.

Alternatively you can switch off "Use POST vs. GET" completely in ‘SETTINGS’.

 

Ixquick also offers a proxy function that allows the users to see the information on

external sites without disclosing their IP address to these sites.

Further information on this great privacy tool can be found here.

 

To fully protect our users from the privacy risks of the Facebook and Twitter social

media plugins, we have implemented a two-step approach to show these icons on our site.

 

Information Sharing:

Ixquick does not share personal information with any third party, including its

provider(s) of regular or sponsored search results.
When you perform a search on Ixquick, the search phrase must be sent to the

provider(s) of the search results, so that they can be generated and presented to

you on the Ixquick website.

 

Some results pages on Ixquick include a small number of clearly labeled sponsored

links to generate revenue and cover operational costs.

Those links are retrieved from platforms such as Google Adwords.

Because we don’t profile you, the ads are not individually tailored to users.

In order to enable the prevention of click fraud, some non-identifying system information

is transmitted to the sponsored results provider(s).

 

We never share your IP address or other data that would uniquely identify you.

No tracking cookies are used, so there is no cookie information to be shared.

 

Governmental Requests:

Ixquick is headquartered in The Netherlands, Europe.

Because we don't store any personal information to begin with, Ixquick is unlikely to

receive any requests by governments to hand over data about our users.

In the seventeen years we've been in business, we have never received any such request.

 

If we ever do receive a request from Dutch judicial authorities to hand over certain

information, we will have our lawyers check the validity of the request and determine

whether we are obliged to comply.

We will not comply with such requests unless we are convinced that the request is

legally valid and we believe that it is undeniably our legal obligation to comply.

We will not comply with requests from any authorities other than Dutch authorities.

If we receive a request from any foreign government, we will refuse to comply and

will instead instruct the requestor to place a formal request to the Dutch authorities for

mutual assistance.

 

Ixquick will never cooperate with any voluntary surveillance programs.

Under the strong laws that protect the right to privacy in Europe, European governments

cannot legally force service providers like Ixquick to implement a blanket-spying program

on their users.

 

Underage Children:

We believe that protecting children's privacy online is very important.

Note that we do not collect any personal data about our users at all.

As a consequence Ixquick does not request, collect, or share personal information from

persons who are underage.

 

The Right to be Forgotten:

Subject to certain conditions, citizens in the EU are given the right to request the

deletion of their personal data when they are inaccurate, inadequate, or irrelevant or

no longer relevant. More information can be found here.

 

Your Privacy, Our Future:

We strongly believe that we have the legal right to safeguard the privacy of our users by

encrypting and not collecting their personal information, and to keep doing so.

Given the strong protection of the right to privacy in Europe, European governments

cannot legally start forcing service providers like us to implement a blanket spying program

on their users.

If that ever changed, we would fight this to the end.

 

Privacy
It's not just our Policy - it's our Mission!

[SURbit]

2 hours ago, Cerberus said:

In combo with a good vpn and some disabling in windows, TOR is great.    There is no one tool solution to privacy, its combination of many tools and even then there is only so much the end user can do.  Just do your best to increase anonymity as much as possible.  Governments can still get through but other companies will not.  You have to keep in mind who made the internet. 

 

Could you be so kind to elaborate some here, give links to such information to help others.

What methods you use and what one needs to disable in Windows.

I use Maxa Cookie Manager for such of cookies and clean History and Cache.

[Ray]

Is it safe to use Tor on online banking? What browser do you suggest? thanks in advance guys

[SURbit]

33 minutes ago, Ray said:

Is it safe to use Tor on online banking? What browser do you suggest? thanks in advance guys

 

I can't say about Tor but, Kaspersky in KIS has Safe Money feature to use in banking and online purchases.

I'd almost imagine that any anti-Keylogger app would help also.

 

Both of these are found on nsane.

http://www.nsaneforums.com/search/?type=all&q=kaspersky+KIS

http://www.nsaneforums.com/topic/253688-keyscrambler-3820/#comment-994567

[Ray]

59 minutes ago, SURbit said:

 

I can't say about Tor but, Kaspersky in KIS has Safe Money feature to use in banking and online purchases.

I'd almost imagine that any anti-Keylogger app would help also.

awesome I would try those apps

[SURbit]

38 minutes ago, Ray said:

awesome I would try those apps

 

That's one of the features of the site to share information, ask for help or an understanding to knowledge.

 

But Please don't in the open nsane forms ever ask for this-

1. One is, never to request any serial, crack, keygen or any such stuff in the open forms, if such things is posted already, then use it if you want, 

 

 But any type of REQUEST BY YOU in the OPEN FORUMS for Paid Material is NOT ALLOWED as per the Community Guidelines.

 

Alright though:  PM's to Members or found in a SHARECODE is perfectly fine.

 

Helpful Info. that was given to me Moderator DKT27 was the above and I've post this with other site info. from him here-

http://www.nsaneforums.com/topic/258877-a-basic-knowledge-of-rules-new-members/

[Reefa]

12 hours ago, Ray said:

Is it safe to use Tor on online banking? What browser do you suggest? thanks in advance guys

Simple answer is no Hell i Wouldn't even do that with a paid VPN..

 

As for a browser use firefox with StartPage or something similar..Steer clear of TOR if you don't no what you are doing..

 

 

[ken master]

 

 

http://www.srware.net/en/software_srware_iron.php

 

the browser I use iron for many years relying on anonymity but have never proven that you think?

[Cerberus]

Now days it isnt just about the browser you use but the OS and other apps you have installed that sends out info.  Take for instance win10, tor does no good stopping windows from sending info or any other app installed on your system.  It only protect in browser but apps, system file, etc dont use the browser but instead has direct access through the OS system thus tor does no good for stopping that info.  This is why I said use a combo to make more secure.  As far as hiding from the Governments, good luck with that.   They can find out anything over enough time.  Plus they have agreements with apps and OS's (like win10 and now other OS's because of updates they are including).  Better to use a unix based OS if worried about security.  That is my opinion which I base on the material I have read.  Plus, most companies only use windows for workstations, not their servers, ever wondered why?  lol  Windows is full of wholes, some on which they do on purpose.  You can't have a server that has personal data on it and use a OS that is like Swiss Cheese.  lol  Sorry M$ but its the truth.

 

Note:  Plus your ISP can still see everything you do because of NO encryption made within tor.  This is where a vpn that is good comes into play.  VPN's also route all data through their nodes (the good vpn's anyways) so they cant get your location because of the encryption that some vpn's now use.

[Reefa]

5 minutes ago, Cerberus said:

As far as hiding from the Governments, good luck with that

Yeah good luck with that one?

[CODYQX4]

Using Tor for your online finances is a good way to freak them out and get your account security locked.

 

I have these sites set to bypass my VPN, because when I was testing out VPNs I forgot to turn them off, and they wondered of Austrailian hackers might have gotten to me.

[SURbit]

2 hours ago, Cerberus said:

Now days it isnt just about the browser you use but the OS and other apps you have installed that sends out info. It only protect in browser but apps, system file, etc dont use the browser but instead has direct access through the OS system thus tor does no good for stopping that info. This is why I said use a combo to make more secure. Better to use a unix based OS if worried about security.  That is my opinion which I base on the material I have read. 

Note:  Plus your ISP can still see everything you do because of NO encryption made within tor.  This is where a vpn that is good comes into play. VPN's also route all data through their nodes (the good vpn's anyways) so they cant get your location because of the encryption that some vpn's now use.

 

@ Cerberus sounds reasonable.

1. Use a Unix based OS - like a Linux distro  ?

 

If one doesn't want to learn an new OS and stay with Windows / lets further this conversation with regards to Windows - OK.

I see that one can use "a good two-way Firewall, important for your internet security, as it allows you to monitor all network traffic entering and leaving your computer."

 

So within the Windows OS-

a. set your two-way firewall to block unwanted/unwarranted traffic.

b. use a quality VPN (paid subscription/tokens, bitcoins,) - (less info. kept on you the better / IP, logs, payments, even an email)

 

c. similar installed software to the functions of OS firewall or work in tandem, Internet security suite or an app as Glasswire.

Firewalls can continually pester you to make decisions about your network traffic, if you haven't blocked it already, but what about

programs within the OS or has gained a OS system level permission is someway?

Glasswire is said to be able to stop this circumventing by exposing all background traffic by presenting network information that makes it easy to understand what is going on, hence your in the know.

 

d. get a handle on DSN leaks

VPN's protect your id and one main method is by swapping your original IP address to a new one, Windows operating systems has a flaw as a ‘DNS leak’, essentially jeopardising the user’s IP location and thus - anonymity, this fault does not lie with the VPN providers, despite having routed your traffic via a different server, Windows operating systems (and occasionally Mac and Linux) have a tendency to continue contacting websites using your original DNS server and IP address. Some VPN's have gone to kill switches to aid in some relief to the user but, do they really work? I hate to find out the hard way, and after the facts.
One of the best resources for testing your device for DNS leaks is dnsleaktest.com.

 

By far the quickest and easiest way to prevent DNS leak is by using a VPN client with built-in DNS protection. Not many providers offer this, however services like PIA, VPNArea, PureVPN and TorGuard have long featured this function in their app preferences, then there are others VPN's that offer DNS protection to date, ExpressVPN, VPN.AC, LiquidVPN. 

 

I'm sure there is more to this than I've read up on and covered here, so Please do add to it (anyone) and thanks.

 

[free, and although limited in various ways, it includes much of the functionality found in the paid-for versions.]

https://www.glasswire.com/

 

 

[Cerberus]

Sorry but software based firewalls are a joke.  Why do you think businesses use hardware based firewalls?  If good vpn like I said above, you will have no leaks.  Easy to check though.  Sorry but again, I do not agree with you on sticking subject material only to windows.  All OS's have vulnerabilities but windows is the most popular thus more incidents.  More now days are switching to other OS's because of windows 10, the smart one's anyways.  lol  Not trying to argue with you but I am entitled to my opinion like you are as well.  To tell me to stick to windows OS's only for this discussion is very closed minded.  We have options with OS's now days. 

 

[zavana]

19 hours ago, Ray said:

Is it safe to use Tor on online banking? What browser do you suggest? thanks in advance guys

 

The intention of Tor is to mask the identity of it's users from their requests recipents, not securing the connections. It's best interests for you that the Bank security reject attempts from suspicious arbitrary locations
No reasons you would want to conceal your identity from your personal bank account unless you are under some sort of surveillance, laundering money, planning a scam, buying something that frown upon on...

Aside using Browsers to access, use the Bank's Mobile Banking Apps on secure connection/mobile data but never open-wifi.

[SURbit]

2 hours ago, Cerberus said:

Sorry but software based firewalls are a joke.  Why do you think businesses use hardware based firewalls?  If good vpn like I said above, you will have no leaks.  Easy to check though.  Sorry but again, I do not agree with you on sticking subject material only to windows.  All OS's have vulnerabilities but windows is the most popular thus more incidents.  More now days are switching to other OS's because of windows 10, the smart one's anyways.  lol  Not trying to argue with you but I am entitled to my opinion like you are as well.  To tell me to stick to windows OS's only for this discussion is very closed minded.  We have options with OS's now days. 

 

 

Your very much entitled to your opinions, I can learn from them, but, you missed the mark here- "To tell me to stick to windows OS's only for this discussion is very closed minded.""

 

If you look at the whole contexts of the sentence and meaning - then where did I say that? "lets" , "further" , "regards" , "OK"

the only thing I see that I could change in that whole sentence is " let me " instead of "let's further" . 

If you still think so, that is totally as far from the point I was going with as one could think, the point, beings so many of us (anywhere) are strapped with an OS by Windows I was adding content of possible means to help - hoping you'd be par with your help and insights of the related OS. 

 

If you (and I welcome you to) look over anything I've posted on the nsane forums you'll see this is not my nature to cause an argument, fight, or tell someone what they must do. I believe in " live and let live "; on another note I tried Win 10 but fell back to Win 8.1, I have paid for it and know it better to that what I'd seen from Win 10. I agree, Win OS's are the most popular and has been notorious for all kinds of flaws.

 

As such, why I want to keep with that topic in learned, gained knowledge of this thread and posts within, and help others in the same boat as I, what are we to do short of abandoning ship and moving on to a different OS altogether? Some don't have that luxury of time, knowledge, expense let alone springing for a hardware based firewall.

So I again, had hoped you to offer any knowledge that you'd cared to, heck I'm even open to other OS knowledge from you in any handle we can pull to break personal information from going in to the hands of others.

I will never treat you (or anyone else) as a child or pet and order you/them around. 

 

[SURbit]

On ‎1‎/‎17‎/‎2016 at 2:42 AM, Ray said:

Is it safe to use Tor on online banking? What browser do you suggest? thanks in advance guys

 

Ran across this claim "The tool was specifically built to add an extra layer of security to your system, in order to protect you whenever you shop on the Internet or perform online banking operations. It offers real-time PC protection against software exploits, drive-by downloads, crypto-ransomware, online fraud, and identity theft."

 

HitmanPro.Alert 3.1.1 Build 351

http://www.nsaneforums.com/topic/260189-hitmanproalert-311-build-351/#comment-1041224