I was searching for an All-In-One Tutorial about how to setup your PC for surfing *.onion addresses via TOR and surfing Namecoin *.bit addresses that may point to *.onion or to regular web addresses or IP addresses.
Since I did not find such a tutorial, I collected all information, tried it out and wrote a tutorial myself. I am now sharing this tutorial:
TUTORIAL: Setting Up Your Linux PC for Browsing *.bit Domains and *.onion Domains
(How to Combine Namecoin and TOR Features for your Web Browser)
This tutorial has been created for Linux Ubuntu 14.04
(or more precisely: Linux Mint 17 with default Cinnamon Desktop)
in October 2014
But Windows users should find it useful as well, most parts are OS independent.
1. IntroductionTOR is a protocol and a software by which you can surf the web anonymously, and also other programs that access the internet, like Bitmessage, Bitcoin clients, chat programs etc. can access the internet anonymously via TOR. In terms of web browsing, you can surf normal websites, but you can also surf websites that are only available through TOR. These websites have the domain name
*.onion and have rather cryptically looking sequences before the ".onion", like e.g. "
http://3g2upl4pq6kufc4m.onion".
Namecoin is a cryptocoin that is working very similarly to Bitcoin, but it's main purpose is to register internet domain names in its ledger, the so-called blockchain, in a completely decentralized manner. These domain names have the domain name extension
*.bit and are used as "pointers" to the actual web site. A *.bit address can for example point to an IP address, to a normal web address, or to a TOR web address (*.onion).
The
combination of Namecoin and TOR is particularly useful. This way, a host of a website in the TOR network can register a meaningful *.bit domain which points to his *.onion web address. The web site's visitors only need to remember the *.bit domain name.
Summary overview:
------------------- ----------- ---------------
NAMECOIN Blockchain TOR Network Public Internet
------------------- ----------- ---------------
name1.bit ----------------> 3g2upl4pq6kufc4m.onion
name2.bit ---------------------------------------------> some-domain-name.com
name3.bit ---------------------------------------------> 123.45.678.90
To make use of these features and domain names, you as the end-user and web-surfer have to set-up a few things on your PC, and there might be different solutions how to achieve this.
This tutorial explains one such solution, probably the most common one. It will explain how to enhance the capabilities of your normal "everyday" firefox browser!
WARNING:Note that for highest security surfing via TOR e.g. under oppressive regimes, it is recommended to only use the "TOR Browser" but not your normal firefox browser. The reason is that your identity could leak from your browser's individual footprint, even when you surf via TOR. The dedicated "TOR Brower" on the other hand is configured for maximum security (albeit lacking many comfort features like cookies, JavaScript, flash, bookmarking capabilities or browsing history).
However, if you are not deeply worried about your privacy, e.g. if you just want some improved privacy to prevent your ISP from tracking your surfing behaviour, and if you live in a free country whose jurisdiction you generally trust, you may opt for using your "normal firefox" for TOR browsing. You can still install the more secure "TOR Browser" on top, for "mission critical" surfing.
2. OverviewThe following has to be installed:
Mandatory:
- Firefox
- Firefox Add-On "freespeechme v0.12" or later
- tor (or the "TOR-Browser", or both)
Optional (recommended):
- Firefox Add-On "Toggle Proxy 1.8" or later
- Firefox Add-On "QuickJava 2.0.4" or later
3. InstallationMandatory:
Optionally, you can also install these two firefox Add-Ons, they will improve your surfing experience and are therefore warmly recommended:
4. Configuration4.1 Configure FirefoxPreferences --> Advanced --> Network --> Connection - "Settings..." button --> Configure the following Manual Proxy:
- SOCKS Host = 127.0.0.1 (or "localhost")
- Port = 9050 (or 9150 when you want to use the TOR Browser's Proxy service instead of the background "tor" service)
- [ x ] check the box for External DNS Server
- Press OK button
NOTE:
If you want to surf the normal web without TOR, and if you only want to surf TOR .onion addresses for those web sites that are translated from *.bit addresses, you do not need to make above changes, then it is sufficient to make the TOR proxy settings in the FreeSpeechMe Add-On as described below.
4.2 Configure Firefox "FreeSpeechMe" Add-OnPlace the Add-On's button to the menu bar, if not already there.
Then click the little "down-arrow" of that button and select "Options". Make the following settings:
- In the tab "Namecoin", ...
- ...For the question "What Namecoin software do you already have installed?" select "I don't have namecoind or nmcontrol;use the bundled version"
- ...Further below in the section "Choose the priority [...]", move the "Tor hidden Service (.onion)" just above the "cut-line" via the "Increase Priority" button.
- In the tab "Proxies", fill the Tor line with Host = 127.0.0.1 (this is your own PC, also called "localhost") and Port = 9050 (note: If you have NOT installed "tor" but only "TOR Browser", set Port = 9150 instead, to use the Proxy service of the TOR Browser rather than that of the tor service)
IMPORTANT:
The first time that firefox with freespeechme Add-On is active
it takes several hours to download the complete Namecoin blockchain which is the ledger of the registered *.bit domain names. This is currently
about 2 GByte in size and will be located at
/home/
/.convergence-namecoin/
FreeSpeechMe does NOT work before that process has finished, so give it some time, e.g. leave your PC on over night the first time.
In the "Status" tab of the FreeSpeechMe options, the field "Output from namecoind" should look something like this:
{"version":37200,"balance":0,"blocks":202187,"timeoffset":-3,
"connections":8,"proxy":"","generate":false,"genproclimit":-1,
"difficulty":20963602995.997684,"hashespersec":0,"testnet":false,"keypoololdest":
1413601214,"keypoolsize":101,"paytxfee":0,"mininput":0.0001,"errors":""}
Only then the Add-On is operational to browse *.bit domains.
Moreover, every time you start firefox, the Add-On needs some time to download the latest part of the blockchain, so also then it may take some seconds or minutes until it is operational.
4.3 Configure the Two Further Firefox Add-Ons (optional, recommended)
For the two optional Add-Ons, add the corresponding buttons to your menu bar e.g. next to the address field (via right-click on the menu etc...):
Add-On "Toggle Proxy": There is only one button to select.
Via "Menu -> Extras -> Add-ons" go to the settings of "Toggle Proxy" Add-On and set as follows:
- Toggle One = Use System Proxy
- Toggle Two = Manual Proxy
- Click OK
Add-On "QuickJava": I recommend to select these two buttons:
- The "QJ" button for toggling JavaScript, Java and Flash
- The "C" button for toggling Cookies.
4.4 Configure TOR
Start "tor" from a terminal window or type "tor " after pressing Alt-F2.
For the future, you may want to put "tor" to the autostart group so you do not have to care about it every time you start your PC.
With Linux Mint 17 and its default "Cinnamon" desktop manager this can be found via
Menu -> "Startprogramme" (in case of the German language version )
There you click "Add" and just put tor (three small letters) in the "command" field and any descriptive text of your choice in the other fields.
5. Enjoy Surfing
Now test if everything works as desired:
5.1 Test 1: Check TOR
5.1.1 Toggle TOR On/Off
Use the button from the "Toggle Proxy" Add-On to toggle your proxy settings. This way you can switch between browsing normally, or browsing via TOR.
Surf to the following web-site to check if your are surfing "normally" or via TOR:
"https://check.torproject.org"
Hint:
The buttons from the "QuickJava" Add-On are convenient for easily (de)activating functions critical to security. Especially *.onion web sites might contain malicious material, so it could be wise to deactivate JavaScript and Flash, to avoid a website exploiting potential browser vulnerabilities.
You may also want to deactivate cookies sometimes.
Of course these buttons can also be used when surfing the "normal" web without TOR.
5.1.2 Check TOR *.onion Addresses
Go to a list of *.onion addresses, click them and see if it works.
You can find such a list e.g. here:
"http://thehiddenwiki.org"
Example link: "http://3g2upl4pq6kufc4m.onion" (DuckDuckGo Search Engine)
5.2 Test 2: Check Namecoin *.bit Addresses
One example address that should normaly work:
"https://dot-bit.bit"
A list of *.bit addresses that should work to the most part can be found for example here:
"http://www.meowbit.com/list-of-working-dot-bit-websites/"
Further addresses can be found here
"https://dotbit.me/" --> choose the "Surf .Bit" tab.
Note that quite a lot of *.bit addresses generally do not work, so try several different links before assuming that something is wrong with your computer's configuration.
If it does not work, ...
...make sure you have not accidently disabled the FreeSpeechMe Add-On via its menu button.
...make sure that the complete Namecoin blockchain was downloaded and the status is ok,
compare section 4.2 above --> "Status" tab of the FreeSpeechMe options.
6. Supplemental Info
- As said before, for the most secure surfing experience, use the dedicated "TOR Browser". This is a fork of firefox tweaked for most secure browsing via TOR without leaving a trace. The author of this tutorial has not yet checked whether it is possible to install the FreeSpeechMe Add-On into TOR Browser and whether it works there.
- You do not need to install "tor" (the service) if you have installed the TOR Browser. In that case, the TOR Browser can not only be used as an "all-in-one" standalone browser solution to browse the web via TOR, but it can also be used as a TOR proxy service by other programs. This means, as soon as you start the TOR Browser, a TOR proxy service is running in the background that can be used by other applications via SOCKS5 / IP 127.0.0.1, Port 9150. Such an "other application" can be e.g. the normal firefox browser, IRC chat clients or any other programs that access the internet and that can be configured to use a SOCKS5 proxy.
- If you install the Namecoin client (= Namecoin wallet) on the same PC, note that it does not currently work together with the FreeSpeechMe Add-On, which runs an own version of namecoind
(a future version of the freespeechme Add-On should be capable of reading the blockchain data from the standard Namecoin client, but currently this does not yet seem to work).
So, only run one at a time:
- If you want to run firefox with the freespeechme Add-On, first close your Namecoin wallet and wait ca. 10 seconds until that process has really terminated.
- If you want to run your Namecoin wallet, first close firefox and wait ca. 10 seconds until the namecoind process of freespeechme has really terminated.