/ TOR, TAILS, VPN and anonimity

This topic has been archived, and won't accept reply postings.
Lurking Dave - on 14 Sep 2016
So just wondered what the UKC techxperts use to make their on-line presence a bit less transparent?

Cheers
LD
KevinD - on 14 Sep 2016
In reply to Lurking Dave:

who are you hiding from and why?
Gives a rather different choice of tools. Personally I just tend to use stuff to kill ad tracking and nothing more.
4
Lurking Dave - on 14 Sep 2016
In reply to KevinD:

Bit of this, bit of that...

Plus heading to a country with, er, restrictive access to the net, good chance to test a few things 😀

Cheers
LD
KevinD - on 14 Sep 2016
In reply to Lurking Dave:

Tor is probably the most sneaky of the lot although it has some vulnerabilities. Its also slow when used properly since it has to bounce around. It is blocked to a greater or lesser extent in some countries.
TAILS. means your computer is kept clean. So handy if you are concerned about that being attacked directly. Also has tor installed so its easy to use.
VPNs. Vary massively and generally cost. Depending on who you go with security can be so so. Depends on if they have nuke the logs approach.

So ultra pranoid go for TAILS.
Probably for some semi sneaky browsing i would just go a basic vpn route.
If you are paranoid enough to use tor make sure your browser is fully locked down eg noscript etc.
Lurking Dave - on 14 Sep 2016
In reply to KevinD:

Thanks, this I knew (but too many don't so I appreciate the share!) I was trying to get a feel to how much other people use....

LD
KevinD - on 14 Sep 2016
In reply to Lurking Dave:

I suspect the ultra paranoid wouldnt be admitting to it.
For me I get enough from just locked down browser. I did debate vpn but couldnt come up with a solid justification. If May pushes through some of her more nutty ideas I might get it just on principle.
One thing worth bearing in mind if you go to a more restrictive country is the use of some of these options might in itself draw unwanted attention. For example Tor plays cat and mouse with the great firewall and I am not sure who is currently winning.
wintertree - on 14 Sep 2016
In reply to Lurking Dave:

> So just wondered what the UKC techxperts use to make their on-line presence a bit less transparent?

Somebody else's computer...
humptydumpty - on 14 Sep 2016
In reply to Lurking Dave:

Never use sites without HTTPS, especially if you're logging in, creating content etc. E.g. ...UKC!
remus - on 14 Sep 2016
In reply to Lurking Dave:

> Plus heading to a country with, er, restrictive access to the net, good chance to test a few things 😀

Worth doing a bit of country specific research.

China for e.g. have periodic crackdowns on tor entry nodes and VPNs, so itd be a shame to splash some cash on a vpn only to get to your country of choice and find you cant connect.
Ben Sharp - on 15 Sep 2016
In reply to Lurking Dave:
> "... a bit less transparent?"

Tails is probably your best choice and the above is not really an option...i.e. you either have something to hide and you aim for anonymity or you leave gaps where you could be traced back. Your ISP can probably see that you're using Tor or Tails so using it half heartedly could make you less anonymous as it highlights you've got something to hide. Also using Tor on a laptop you've had a few years with xyz programmes and plugins running you're unaware of is a sure fire way to undermine any security that Tor offers and unless you're geeky enough to know 100% your pc is clean you'd be better off with a live distro or a locked down fresh version of Windows you know is clean.

VPN's are only as secure as their end point, if you pay for it there's a payment trail leading from you to them and if you don't then how likely is it that they aren't selling your data on. How do you know they aren't selling your data anyway or that they're just about to be raided by their government for piracy? If you want to access a site that's blocked in your country or access content only available in specific regions then great but there are issues with using VPNs as a means of hiding your identity.

Also avoid BT, sky and the other big players. If you google around there are small independent ISP's that don't data gather to the extent of others and say they do the minimum legally required by the government to keep records and snoop on you. Virgin are supposed to be one of the better larger companies. You loose speed with smaller companies though, but then if you're using Tor or going through a VPN then you've probably got plenty time on your hands to wait for things to load.

A slightly easier but I'm sure totally illegal way to hide what you're doing is to log on to someone elses wireless network which is just a little bit of googling away. You would have to remove the possibility of your device being identified as well.

(written sitting on my fibre BT connection with zero security...but then I don't have anything to hide)
Post edited at 08:02
1
ex0 - on 15 Sep 2016
In reply to Lurking Dave:

I use a VPN as standard (mullvad - zero logs and very good speeds) and only TAILS+TOR for onions.

Make sure you turn off JS if you're using TOR!
ex0 - on 15 Sep 2016
In reply to Ben Sharp:

> VPN's are only as secure as their end point, if you pay for it there's a payment trail leading from you to them and if you don't then how likely is it that they aren't selling your data on. How do you know they aren't selling your data anyway or that they're just about to be raided by their government for piracy? If you want to access a site that's blocked in your country or access content only available in specific regions then great but there are issues with using VPNs as a means of hiding your identity.

I think this is a bit misleading. There's plenty of good VPNs out there who are known to log nothing and some even share their configs openly so you can see for yourself. In a business where reputation is EVERYTHING there's no reason for an end point to lie about what it logs. It doesn't benefit them to keep logs either.

As for paying them, many allow payment via bitcoin or cash by snail mail etc. Buying a prepaid gift visa also grants relative anonymity when buying a sub.

As for your ISP knowing you're encrypting/tunneling your traffic, so what? The point is this stops them from being able to log what you're doing. They can log packets all they want as long as they can't be resolved to anything (or at least without like, country-level cooperation). When you're using a VPN you're obviously under the same IP as all their other subscribers as well so it's not like any single click can be narrowed down to a single subscriber even if there was some sort of reason to snoop on an individual.

VPNs are a very good way to hide what you're doing. Paired with a correctly configured TOR enabled browser you can make yourself as anonymous as it's possible to be. That combo has defeated governments in the past and presents virtually zero ways to identify a user unless due to user error unrelated to the actual technology being used (like logging into your group's twitter account before turning on your vpn, looking at you Sabu).
ads.ukclimbing.com
Timmd on 21 Sep 2016
In reply to ex0:

I'm glad you posted to correct him, because the dislike didn't indicate what might not be quite right with his post.

This topic has been archived, and won't accept reply postings.