I've noticed a lot of new members
in this group. I figured it would be good to make a post with some good
security tips. Feel free to comment if you think I may have gotten
something wrong, or you have a better solution.
I will balance security with convenience here, since not everyone can afford a secure setup, but most people can. Therefore, I will err on the side of "secure." When using Tor for any reason, legal or otherwise, there are some important things to keep in mind.
1. Do not give out any personal information for any reason.
2. Do not use the same emails or passwords while using Tor. Keep everything completely separate.
3. Do not use Windows. If you have a computer, install Linux on it. If you're too lazy or have a Mac, use Whonix with Virtualbox, or live boot Tails.
4. Always use Tor Bridges. If you don't, your ISP will know you're using Tor (and so will government agencies that analyze the network).
5. Always use a VPN. Choose a provider that does not log. I would advise against free VPN services. Many VPN providers allow anonymous payment in bitcoins and other cryptocurrencies, as well as gift cards.
6. Don't open files downloaded from Tor unless you are offline or inside a virtual machine.
7. Communicate using PGP as often as possible.
8. Disable Javascript when possible.
If you want to be a "badass hacker," you'll want to at least cover the basics and secure your own system. I've included some links below. Have fun.
Links
Whonix: https://www.whonix.org
Tails: https://tails.boum.org
Virtualbox: https://www.virtualbox.org
Tor Bridges: https://bridges.torproject.org/ more info: https://www.torproject.org/docs/bridges
Recommended VPN provider: https://airvpn.org/
NSA spying: https://www.eff.org/nsa-spying
PGP tutorials
Linux: https://www.deepdotweb.com/2015/02/17/basic-guide-pgp-linux/
Windows: https://www.deepdotweb.com/2013/11/11/pgp-tutorial-for-newbs-gpg4win/
I will balance security with convenience here, since not everyone can afford a secure setup, but most people can. Therefore, I will err on the side of "secure." When using Tor for any reason, legal or otherwise, there are some important things to keep in mind.
1. Do not give out any personal information for any reason.
2. Do not use the same emails or passwords while using Tor. Keep everything completely separate.
3. Do not use Windows. If you have a computer, install Linux on it. If you're too lazy or have a Mac, use Whonix with Virtualbox, or live boot Tails.
4. Always use Tor Bridges. If you don't, your ISP will know you're using Tor (and so will government agencies that analyze the network).
5. Always use a VPN. Choose a provider that does not log. I would advise against free VPN services. Many VPN providers allow anonymous payment in bitcoins and other cryptocurrencies, as well as gift cards.
6. Don't open files downloaded from Tor unless you are offline or inside a virtual machine.
7. Communicate using PGP as often as possible.
8. Disable Javascript when possible.
If you want to be a "badass hacker," you'll want to at least cover the basics and secure your own system. I've included some links below. Have fun.
Links
Whonix: https://www.whonix.org
Tails: https://tails.boum.org
Virtualbox: https://www.virtualbox.org
Tor Bridges: https://bridges.torproject.org/ more info: https://www.torproject.org/docs/bridges
Recommended VPN provider: https://airvpn.org/
NSA spying: https://www.eff.org/nsa-spying
PGP tutorials
Linux: https://www.deepdotweb.com/2015/02/17/basic-guide-pgp-linux/
Windows: https://www.deepdotweb.com/2013/11/11/pgp-tutorial-for-newbs-gpg4win/
Comments
Post a Comment