Author

Topic: How to browse multiple websites anonymously? (Read 708 times)

full member
Activity: 196
Merit: 101
sr. member
Activity: 280
Merit: 250
Man aren't you paranoia? Using Tor and VPN is good enough.

Also you used the example of going to one server then visit Facebook.

Rule no. 1
of using tor, never use tor for sites which you will login with your credential.

You can also switch identity in tor, so you can switch that if you go to another site which  you don't need to log into.
sr. member
Activity: 434
Merit: 250
In Hashrate We Trust!
How to be completely Anonymous online
http://www.slashgeek.net/2012/06/15/how-to-be-completely-anonymous-online/

Many sites you visit, for example cnn.com, have buttons that connects to facebook, every time you visit that site facebook is knowing it.
And if fb knows it, big brother and his cousins knows it.

You can see how you are tracked with Lightbeam for Firefox:
https://www.mozilla.org/en-US/lightbeam/

sr. member
Activity: 434
Merit: 250
In Hashrate We Trust!
How about this solution:

Requirement
-You wish to have N identities that cannot be connected to each other by analyzing IP-numbers.
-You want to be anonymous online to protect your real identity from your ISP and from the websites you visit.
-You accept the risk of being revealed by NSA since you are not doing anything illegal.

Solution
You buy N*2 VPN providers and pays with bitcoin from N*2 wallets (mixed bitcoins)

You use N physical PC's, one for each identity

In this example we want three identities, which needs three PCs, six VPN providers and six bitcoin wallets:

Identity "Donald"
BTC1 -> VPN1
BTC2 -> VPN2
PC 1 -> VPN1 -> Tails/Tor -> VPN2  -> www

Identity "Goofy"
BTC3 -> VPN3
BTC4 -> VPN4
PC 2 -> VPN3 -> Tails/Tor -> VPN4 -> www

Identity "Mickey"
BTC5 -> VPN5
BTC6 -> VPN6
PC 3 -> VPN5 -> Tails/Tor -> VPN6 -> www
member
Activity: 86
Merit: 10
To make the disadvatages of your vm-tor-host-vpn
super easy to understand:

lets say bob is the head of a big gouverment agency that monitors all the internet traffic and owns most of the TOR nodes.

alice uses your setup to buy 2 boxes of anti-bob stickers from some random guy on the internet.

her traffic leaves a Tor node that is owned by bob (in plaintext!). (now she is fucked)

bob does some packet analysis on his tor nodes and probably tracks the Tor route to a VPN node owned by someone else.

bob says that alice is a thread to bobs security and forces the vpn provider to tell him who alice is.

bob kills alice.
member
Activity: 86
Merit: 10
If you want privacy you want no one to read the contens you send / recieve.
then you want VPN

If you want anonymity you want no one to track the contents you send / recieve ( even if they cant read it )
then you want Tor

If you use both at the same time it depends on how you chain them

1)

You -> Tor -> VPN

tunnel vpn through Tor

will only work with VPN in TCP mode.
if the VPN becomes compromised, you are stil anonymous,
If you visit multiple websites with this setup your public ip is the VPN's IP your visits can not be connected to a single user.
From my point of view best mehtod, if the vpn provider doesnt know who you are.

2) tunnel Tor through VPN provider

like your VM-thing scenario.

also worst scenario.

Problem is the VPN provider knows that you use tor.
VPN now knows your real IP and identity, if someone would control the VPN and a certain amount of Tor exit nodes he could
easily track you back to your original IP ( even if he dosnt own about all the nodes in your Tor route. by watching packets, their size and their timing when they go through some nodes he can easily figure out who they belong to) and at the same time capture all your traffic in plaintext.
Also Tor dosn't route udp packes, they will just skip the tor network and exit at the vpn


The only setup that is really untraceable is a complicated chain of Tor, VPN and socks5 proxies
sr. member
Activity: 434
Merit: 250
In Hashrate We Trust!
Get a good VPN and thats it,

and understand Tor and VPN

VPN offers privacy

Tor offers anonymity
I use VPN, but I don't think it's enough if you want to maximize your privacy.

I think the optimal solution is to have VPN in host PC, and run Tails(Tor) in virtual machines, one virtual machine per website you are going to visit, or restart the VM before you visit next website.
member
Activity: 86
Merit: 10
Get a good VPN and thats it,

and understand Tor and VPN

VPN offers privacy

Tor offers anonymity
hero member
Activity: 714
Merit: 500
NEED CRYPTO CODER? COIN DEVELOPER? PM US FOR HELP!
I personally  use hma pro vpn and so far its working good for me so I would suggest purchasing a good vpn or the best to be anonymous is root a webserver  surfing from the canal to canal and then when u done delet the logs from the server this way no one can ever trace u down cuz ur not using your ip your going through the server's ip and u have deleted the logs on the server so there will be nothing enjoy !!!
newbie
Activity: 56
Merit: 0
Wait. What about the anonimous settings in chrome? Isnt it safe?
sr. member
Activity: 434
Merit: 250
In Hashrate We Trust!
But by proxy using VPN of different gateway or Tor. This can not be trace still.

I don't see any problem.
Scenario: Satoshi visits p2p-forum to write a post, and also visits facebook with his real identity "John Doe" at the same time with the same TOR-session; he is now revealed by the logs showing the same IP and timestamp.

The problem arises IF:
-You use the same Tor-session browsing multiple websites
-The TOR exit-node collects data about you (they often do)
-You are not encrypting the data or adding a layer of VPN to your Tor-session
-The websites you visits share data with each other (government agencies collects that data)
sr. member
Activity: 280
Merit: 250
But by proxy using VPN of different gateway or Tor. This can not be trace still.

I don't see any problem.
sr. member
Activity: 434
Merit: 250
In Hashrate We Trust!
Quote
https://tails.boum.org/doc/about/warning/index.en.html#index8h1
Tails doesn't magically separate your different contextual identities

It is usually not advisable to use the same Tails session to perform two tasks or endorse two contextual identities that you really want to keep separate from another. For example hiding your location to check your email and publishing anonymously a document.

First, because Tor tends to reuse the same circuits, for example amongst a same browsing session. Since the exit node of a circuit knows both the destination server (and possibly the content of the communication if not encrypted) and the address of the previous relay it received the communication from, it makes it easier to correlate the several browsing requests as part of a same circuit and possibly made by a same user. If you are facing a global adversary as described above, it might then also be in position to do this correlation.

Second, in case of a security hole or a misuse in using Tails or one of its application, information about your session could be leaked. That could reveal that the same person was behind the various actions made during the session.

The solution to both threats is to shutdown and restart Tails every time you're using a new identity, if you really want to isolate them better.

Vidalia's "New Identity" button forces Tor to use new circuits but only for new connections: existing connections might stay open. Plus, apart from the Tor circuits, other kind of information can reveal your past activities, for example the cookies stored by your browser. So this feature of Vidalia is not a solution to really separate contextual identities. Shutdown and restart Tails instead.

Suggestion: Develop a web-browser that starts a new tor session in each new tab, and each tab runs in sand-box mode (has it's own memory and cookies that are not shared with other tabs)
sr. member
Activity: 434
Merit: 250
In Hashrate We Trust!
Normally you have 1:N relation between your IP-address and websites you visit; but if the websites share data, they can identify you.

If you instead have 1:1 relationship between your IP and websites you visit, it is impossible to identify you only by IP.
Site A will see you as IP 1.1.1.1; Site B sees you as 2.2.2.2 and so on...

The paranoid but inefficient solution: Running one virtual machine with Tails cd-rom per website, and NEVER reuse the same running VM to visit another website; either restart the VM or start a new one.

But is there any better way so I don't need to run multiple virtual machines?

If you don't know about Tails CD-rom: https://tails.boum.org/
Quote
Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:

    use the Internet anonymously and circumvent censorship;
    all connections to the Internet are forced to go through the Tor network;
    leave no trace on the computer you are using unless you ask it explicitly;
    use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.
Jump to: