The Ultimate Guide for Anonymous and Secure Internet Usage
Table of Contents:
1. Obtaining Tor Browser
2. Using and Testing Tor Browser for the first time
3. Securing Your Hard Drive
4. Setting up TrueCrypt, Encrypted Hidden Volumes
5. Testing TrueCrypt Volumes
6. Securing your Hard Disk
7. Temporarily Securing Your Disk, Shredding Free Space
8. Installing VirtualBox
9. Installing a Firewall
10. Firewall Configuration
11. Installing Ubuntu
12. Ubuntu Initial Setup
13. Installing Guest Additions
14. Installing IRC (Optional)
15. Installing Torchat (Optional)
16. Creating TOR-Only Internet Environment
17. General Daily Usage
By the time you are finished reading and implementing this guide, you will be able to securely and anonymously browse any website and to do so anonymously. No one not even your ISP or a government agent will be able to see what you are doing online. If privacy and anonymity is important to you, then you owe it to yourself to follow the instructions that are presented here.
In order to prepare this guide for you, I have used a computer that is running Windows Vista. This guide will work equally well for other versions of Windows. If you use a different operating system, you may need to have someone fluent in that operating system guide you through this process. However, most parts of the process are easily duplicated in other operating systems.
I have written this guide to be as newbie friendly as possible. Every step is fully detailed and explained. I have tried to keep instructions explicit as possible. This way, so long as you patiently follow each step, you will be just fine. In this guide from time to time you will be instructed to go to certain URLs to download files. You do NOT need TOR to get these files, and using TOR (while possible) will make these downloads very slow. This guide may appear overwhelming. Every single step is explained thoroughly and it is just a matter of following along until you are done. Once you are finished, you will have a very secure setup and it will be well worth the effort. Even though the guide appears huge, this whole process should take at the most a few hours. You can finish it in phases over the course of several days.
It is highly recommended that you close *ALL* applications running on your computer before starting.
1: Obtaining Tor Browser
The first step to becoming secure and anonymous online is to setup and install something called "TOR". "TOR" is short for Onion Router". The concepts behind TOR were first implemented by the United States Military, and these principles have been used to create an extremely secure mechanism for being anonymous online. In fact, millions of people world-wide use TOR to browse the internet and communicate anonymously.
TOR works by heavily encrypting your communications so that no observer can see what website you are really going to, and what information is really being sent. It all appears as a bunch of random characters to any observer. You simply use the TOR web browser just as you use any other web browser. TOR takes care of the rest.
However, TOR by itself is not enough. Even when using TOR, a user can be compromised in a number of ways. First, some websites can be set up to attempt to reveal someone's true IP address (their true identity) by tricking their web browser or other software to transmitting that information. For this reason, anyone who uses TOR will recommend that no one have javascript or flash turned on while browsing TOR. In this guide however, I will show you a much better solution.
The second issue is that of human error. Even if you have TOR installed, you may accidentally forget which browser to put in a link. You may also accidentally click on a link from another program, such as a chat program. That program might then load the link you clicked on into a non-TOR browser. When you are using TOR, you must be careful *constantly* that every link goes into the right browser, and that you do not accidentally click the wrong link.
So then, let's begin. Obtaining the TOR Browser is easy. Simply go to the following website: http://www.torproject.org
Once here, you may feel free to read more about what TOR is and how it works, or you may proceed to immediately download TOR.
Here is how to do so:
1. Click on "Download TOR", or "Download".
2. You will see text that says, "The Tor Browser Bundle contains everything you ned ... Just extract it and run. Learn more >>
3. Click on this "Learn more" link. for the "Tor Browser Bundle"
4. Assuming you are an English speaker, you would choose the top-most link "English (en-US)". Otherwise, pick the language best suited to you.
5. The file being saved will be named: tor-browser-1.3.18_en-US.exe
It is ok if the number is not exactly 1.3.18, there are new versions of Tor from time to time. At the time that this guide was written, 1.3.18 was most current. By the time you are reading this, a more current version of TOR may exist.
6. Run this file.
7. You will be prompted to extract this to a directory. By default, it will be set to C:\Users\You\Downloads\ This is perfectly ok. You can also choose a different directory if you wish.
8. Click "Extract"
That's it. TOR Browser is NOW installed. Time to test it out!
2 : Using and Testing Tor Browser for the first time
Now you have successfully downloaded and installed the Tor Web Browser Bundle. You are no doubt anxious to begin using it. First, click on the "start" menu icon, the icon in the lower left of your screen with the windows logo. On the top right will be a listing that says "You", "Documents", "Pictures", "Music"... "You" of course will be replaced by your user name. Click on "You", the top most link. This will open up your main user folder.
Now, locate the folder called "Downloads" and double click on it.
Now, inside the "Downloads" folder, double click on the folder called "Tor Browser".
Lastly, double click on the application: "Start Tor Browser"
When you do, you will see the Vidalia Control Panel appear, and you will observe as you connect to the TOR network. When this is complete, your web browser will open up and will automatically connect to the web address: check.torproject.org
This is to confirm that you are in fact using TOR. If you have followed this guide correctly, then you will see the following green text, or something similar:
"Congratulations. Your browser is configured to use Tor."
Now you can use this web browser the same as any other. You can go to any website you wish, and neither your ISP or anyone else will be able to see where you are going, or what you are doing. However, there are still issues that need to be resolved, so
don't begin browsing just yet.
Important Safety Note
If you fill out a form containing your email address, your name, or any other sensitive information while using the TOR browser, be aware that sometimes it is possible for an observer to see that information. When using TOR, use it to access websites and
content that you are *not* connected to via your real identity or any username or nick name which links to your real identity. Let TOR be for anonymous browsing solely. Do your online banking, or any other activities involving your real identity using your normal web browser.
3 : Securing Your Hard Drive
Being able to browse anonymously is one thing. However, you may choose to download and save sensitive content or material to your computer which you wish to keep private. This may include reading sensitive documents, viewing pictures, or storing any kind of sensitive data.
If you save *anything* to your computer's harddrive, then it is possible for someone who has confiscated your computer to determine what it was you saved. This is often true even if you delete the content. For example, suppose I use the Tor Browser and I navigate to a website containing a sensitive document that I wish to read. If I saved that document somewhere on my harddrive, then it is possible for someone else to find it. If I *delete* that document, it may still be possible for someone to undelete it.
Further, even if I never save it to my harddrive but I simply look at it using my word processing software, it may still be saved ina number of ways including:
1. Often programs keep records of filenames. The filename alone is often enough to incriminate someone.
2. Often programs keep parts of the content viewed saved for various reasons, such as for searching. This can include random excerpts of text, thumbnails of images, and more. Often this "partial" data is more than enough to prove what the original data was. Often the "partial" data is itself incriminating.
3. Sometimes, especially if you are running low on system memory, your operating system may choose to use your hard-disk as a temporary RAM. This is known as "SWAP". Normally, whenever you turn off your computer, whatever was in RAM is deleted. However, the data that goes to your SWAP may persist and it may be possible for someone to see what content you had open in your programs if that information is saved in RAM.
Generally speaking, you *must* have a plan to secure any content that is saved to your hard disk. Therefore, this guide would be incomplete if we did not thoroughly address this. First, there are two kinds of such content:
1. Deliberately saved content.
2. Inadvertently saved content.
Deliberately saved content refers to content that you have chosen to save on your harddisk so that you can access this content later. We will address how to do this later in the guide.
Inadvertently saved content refers to content that is saved by programs you use, or your operating system. You have no way to even know what this content might be. Therefore, this is the most dangerous. You may browse and find a dozen sensitive documents, utterly delete them, and some program may have saved the file names and excerpts of the data. This will render your previous efforts futile.
Content that is inadvertently saved to your harddisk comes in two flavors:
1. Content that is saved to your SWAP space.
2. Content that is saved by applications running on your computer, including your operating system.
The surest way to prevent content from writing to your SWAP space is to disable your SWAP space altogether. This may result in your computer running a bit slower than normal, and may mean that you cannot use ram intensive games and applications during the time your SWAP is disabled.
Therefore, if you use this method, simply turn back on the SWAP when you want to use those ram intensive applications. Also, you may choose not to take this step.
Here is how to disable your swap space if you are using Windows 7:
*This step is recommended for advanced users only. If you are not comfortable doing this, you may safely skip this step.*
Instructions are less verbose than usual, as these steps are intended for advanced users only. If you do not fully understand these instructions, skip this step.
1. From Control Panel, go to "System and Security".
2. Click on "System", and then choose "Advanced system settings" in the left-most menu.
3. Under the "Advanced" tab, under "Performance", click "Settings".
4. Under this "Advanced" tab, under "Virtual Memory", click "Change"
5. Uncheck "Automatically manage paging file sizes for all drives"
6. Select "No paging file"
7. Save, reboot, and follow these same first 5 steps to confirm that "No paging file" is still selected. This means that you have successfully disabled your swap. This means that *nothing* from RAM will be inadvertently saved to your harddrive.
To resume using SWAP again, simply click "Automatically manage paging file size for all drives." You can switch between these two modes as you desire.
Generally speaking, your computer will run fine without a swap file, provided you have enough RAM.
END OF ADVANCED INSTRUCTIONS
The next issue we need to address is how to prevent applications and/or your operating system from saving content inadvertently that you do not want saved. For this, we are going to set up a "Virtual Machine".
A "Virtual Machine" is like a computer inside of your computer. Everything you do inside the Virtual Machine (vm for short) will be fully contained within itself and no one will be able to see what the vm has been doing. Ideally, you want *ALL* of your sensitive computer usage of any kind, TOR or NON TOR, to take place within a vm. In this way, you can keep everything private that you wish while still using your computer fully and getting the most out of it.
Don't be afraid of this sounds complicated. This guide will take you through every step slowly and methodically. Before we can set up a vm however, we need to take another step.
4 : Setting up TrueCrypt, Encrypted Hidden Volumes
If you save anything on your computer, it is likely that you do not want just anyone to be able to see what you have saved. You want a way to protect that information so that you can access it, and absolutely no one else except those you trust. Therefore, it makes sense to set up a system which protects your information and safeguards it against prying eyes.
The best such system for this is called "True Crypt". "True Crypt" is an encryption software program which allows you to store many files and directories inside of a single file on your harddrive. Further, this file is encrypted and no one can actually see what you have saved there unless they know your password.
This sounds extremely high tech, but it is actually very easy to set up. We are going to do so, right now:
1. Go to http://www.truecrypt.org/downloads (or go to http://www.truecrypt.org, and click on "Downloads")
2. Under "Latest Stable Version", under "Windows 7/Vista/XP/2000", click "Download"
3. The file will be called "True Crypt Setup 7.0a.exe" or something similar. Run this file.
4. If prompted that a program needs your permission to continue, click "Continue".
5. Check "I accept and agree to be bound by these license terms"
6. Click "Accept"
7. Ensure that "Install" is selected, and click "Next"
8. click "Install"
9. You will see a dialog stating "TrueCrypt has been successfully installed." Click "Ok"
10. Click "No" when asked if you wish to view the tutorial/user's guide.
11. Click "Finish"
At this point, TrueCrypt is now installed. Now we will set up truecrypt so that we can begin using it to store sensitive information.
1. Click the "Windows Logo"/"Start" button on the lower left corner of your screen.
2. Click "All Programs"
3. Click "TrueCrypt"
4. Click the "TrueCrypt" application
And now we can begin:
1. click the button "Create Volume"
2. Ensuring that "Create an encrypted file container" is selected, click "Next"
3. Select "Hidden TrueCrypt volume" and click "Next".
4. Ensuring that "Normal mode" is selected, click "Next"
5. Click on "Select File"
Note which directory you are in on your computer. Look at the top of the dialog that has opened and you will see the path you are in, most likely the home directory for your username. An input box is provided with a flashing cursor asking you to type in a file name. Here, you will type in the following filename:
random.txt
You may of course replace random.txt with anything you like. This file is going to be created and will be used to store many other files inside. Do NOT use a filename for a file that already exists. The idea here is that you are creating an entirely new file.
It is also recommended though not required that you "hide" this file somewhere less obvious. If it is in your home directory, then someone who has access to your computer may find it easier. You can also choose to put this file on any other media, it doesn't have to be your hard disk. You could for example save your truecrypt file to a usb flash drive, an sd card, or some other media. It is up to you.
6. Once you have typed in the file name, click "Save"
7. Make sure "Never save history" is checked.
8. Click "Next"
9. On the "Outer Volume" screen, click "Next" again.
10. The default Encryption Algorithm and Hash Algorithm are fine. Click "Next"
11. Choose a file size.
In order to benefit the most from this guide, you should have at least 10 gigabytes of free disk space. If not, then it is worth it for you to purchase some form of media (such as a removable harddrive, a large sd card, etc.) in order to proceed. TrueCrypt can be used on all forms of digital media not just your hard disk. If you choose to proceed without obtaining at least ten gigabytes of disk space, then select a size that you are comfortable with (such as 100 MB).
Ideally, you want to choose enough space to work with. I recommend 20 GB at least. Remember that if you do need more space later, you can always create additional TrueCrypt volumes using exactly these same steps.
12. Now you are prompted for a password.
Read This Section Carefully
The password you choose here is a decoy password. That means, this is the password you would give to someone under duress. Suppose that someone suspects that you were accessing sensitive information and they threaten to beat you or worse if you do not reveal the password. THIS is the password that you give to them. When you give someone this password, it will be nearly impossible for them to prove that it is not the RIGHT password. Further, they cannot even know that there is a second password.
Here are some tips for your password:
A. Choose a password you will NEVER forget. It may be ten years from now that you need it. Make it simple, like your birthday repeated three times.
B. Make sure it seems reasonable, that it appears to be a real password. If the password is something stupid like "123" then they may not believe you.
C. Remember that this is a password that you would give to someone if forced. It is *NOT* your actual password.
D. Do not make this password too similar to what you plan to really use. You do not want someone to guess your main password from this one.
And with all of this in mind, choose your password. When you have typed it in twice, click "Next".
13. "Large Files", here you are asked whether or not you plan to store files larger than 4 GIGABYTES. Choose "No" and click "Next"
14. "Outer Volume Format", here you will notice some random numbers and letters next to where it says "Random Pool". Go ahead and move your mouse around for a bit. This will increase the randomness and give you better encryption. After about ten seconds of this, click "Format".
15. Depending on the file size you selected, it will take some time to finish formatting.
"What is happening?"
TrueCrypt is creating the file you asked it to, such as "random.txt". It is building a file system contained entirely within that one file. This file system can be used to store files, directories, and more. Further, it is encrypting this file system in such a way that without the right password it will be impossible for anyone to access it. To *anyone* other than you, this file will appear to be just a mess of random characters. No one will even know that it is a truecrypt volume.
16. "Outer Volume Contents", click on the button called, "Open Outer Volume"
An empty folder has opened up. This is empty because you have yet to put any files into your truecrypt volume.
Do Not Put Any Sensitive Content Here
This is the "Decoy". This is what someone would see if you gave them the password you used in the previous step. This is NOT where you are going to store your sensitive data. If you have been forced into a situation where you had to reveal your password to some individual, then that individual will see whatever is in this folder. You need to have data in this folder that appears to be sensitive enough to be protected by truecrypt in order to fool them. Here are some important tips to keep in mind:
A. Do NOT use porn. Adult models can sometimes appear to be underaged, and this can cause you to incriminate yourself unintentionally.
B. Do NOT use drawings/renderings/writings of porn. In many jurisdictions, these are just as illegal as photographs.
C. Good choices for what to put here include: backups of documents, emails, financial documents, etc.
D. Once you have placed files into this folder, *NEVER* place any more files in the future. Doing so may damage your hidden content.
Generally, you want to store innocent data where some individual looking at it would find no cause against you, and yet at the same time they would understand why you used TrueCrypt to secure that data.
Now, go ahead and find files and store them in this folder. Be sure that you leave at least ten gigabytes free. The more the better.
When you are all done copying files into this folder, close the folder by clicking the "x" in the top right corner.
17. click "Next"
18. If prompted that "A program needs your permission to continue", click "Continue"
19. "Hidden Volume", click "Next"
20. The default encryption and hash algorithms are fine, click "Next"
21. "Hidden Volume Size", the maximum available space is indicated in bold below the text box. Round down to the nearest full unit. For example, if 19.97 GB is available, select 19 GB. If 12.0 GB are available, select 11 GB.
22. If a warning dialog comes up, asking "Are you sure you wish to continue", select "Yes"
23. "Hidden Volume Password"
Important Read This
Here you are going to select the REAL password. This is the password you will NEVER reveal to ANYONE else under any circumstances. Only you will know it. No one will be able to figure it out or even know that there is a second password. Be aware that an individual intent on obtaining your sensitive information may lie to you and claim to be able to figure this out. They cannot.
It is HIGHLY recommended that you choose a 64 character password here. If it is difficult to remember a 64 character password, choose an 8 character password and simply repeat it 8 times. A date naturally has exactly 8 numbers, and a significant date in your life repeated 8 times would do just fine.
24. Type in your password twice, and click "Next"
25. "Large Files", select "Yes" and click "Next".
26. "Hidden Volume Format", as before move your mouse around for about ten seconds randomly, and tehn click "Format".
27. If prompted "A program needs your permission to continue", select "Continue"
28. A dialog will come up telling you that the hidden TrueCrypt volume has been successfully created. Click "Ok"
29. Click "Exit"
Congratulations! You have just set up an encrypted file container on your hard drive. Anything you store here will be inaccessible to anyone except you. Further, you have protected this content with TWO passwords. One that you will give to someone under threat, and one that only you will know. Keep your real password well protected and never write it down or give it to anyone else for any reason.
Now, we should test BOTH passwords.
5. Testing TrueCrypt Volumes
Once you have completed the above section, you will be back at TrueCrypt. Go ahead and follow these steps to test the volumes you have made.
1. Click "Select File..."
2. Locate the file you created in the last section, most likely called "random.txt" or something similar. Remember that even though there is both an outer and a hidden volume, both volumes are contained in a single file. There are not two files, only one.
3. Click "Open"
4. Choose a drive letter that you are not using (anything past M is probably just fine). Click on that, For example click on "O:" to highlight it.
5. Click "Mount"
6. Now you are prompted for a password. Read the below carefully:
The password you provide here will determine WHICH volume is mounted to the drive letter you specified. If you type in your decoy password, then O:\ will show all the files and directories you copied that you would reveal if forced. If you type in your real password, then O:\ will show the files and directories that you never intend anyone to see.
7. After successfully typing in your password, you will see additional detail to the right of the drive letter, including the full path to the file you selected as well as the kind of volume it is (for example, hidden).
8. Right click on your "Windows Logo"/"Start Menu" icon, and scroll down to the bottom where you can see your different drive letters. You will see the drive letter you selected, for example: "Local Disk (O:)". Click on that.
9. If you selected your decoy password, you will see all the files and folders that you moved there during the installation phase. If you selected the real password, you will see whatever files and directories you have placed so far into the hidden volume, if any. If you selected your hidden volume password, you may now begin moving any sensitive information you wish. Be aware that simply moving it from your main hard disk is not enough. We will discuss how to ensure deleted data is actually deleted later in the guide.
"What is happening?"
When you select a file and mount it to a drive, you are telling your computer that you have a new drive with files and folders on it. It is the same thing as if you had plugged in a usb flash drive, a removable harddrive, or an sd card into your computer. TrueCrypt causes your computer to think that there is an entirely new disk drive on your computer. You can use this disk drive just as if it *was* actually a usb flash drive. You can copy files to it, directories, and use it just as you would use a usb flash drive.
When you are done, simply close all open windows/folders/applications that are using your truecrypt drive letter, and then click "Dismount" from within TrueCrypt while you have the drive letter highlighted. This will once again hide all of this data, accessible only by re-mounting it with the correct password.
Table of Contents:
1. Obtaining Tor Browser
2. Using and Testing Tor Browser for the first time
3. Securing Your Hard Drive
4. Setting up TrueCrypt, Encrypted Hidden Volumes
5. Testing TrueCrypt Volumes
6. Securing your Hard Disk
7. Temporarily Securing Your Disk, Shredding Free Space
8. Installing VirtualBox
9. Installing a Firewall
10. Firewall Configuration
11. Installing Ubuntu
12. Ubuntu Initial Setup
13. Installing Guest Additions
14. Installing IRC (Optional)
15. Installing Torchat (Optional)
16. Creating TOR-Only Internet Environment
17. General Daily Usage
By the time you are finished reading and implementing this guide, you will be able to securely and anonymously browse any website and to do so anonymously. No one not even your ISP or a government agent will be able to see what you are doing online. If privacy and anonymity is important to you, then you owe it to yourself to follow the instructions that are presented here.
In order to prepare this guide for you, I have used a computer that is running Windows Vista. This guide will work equally well for other versions of Windows. If you use a different operating system, you may need to have someone fluent in that operating system guide you through this process. However, most parts of the process are easily duplicated in other operating systems.
I have written this guide to be as newbie friendly as possible. Every step is fully detailed and explained. I have tried to keep instructions explicit as possible. This way, so long as you patiently follow each step, you will be just fine. In this guide from time to time you will be instructed to go to certain URLs to download files. You do NOT need TOR to get these files, and using TOR (while possible) will make these downloads very slow. This guide may appear overwhelming. Every single step is explained thoroughly and it is just a matter of following along until you are done. Once you are finished, you will have a very secure setup and it will be well worth the effort. Even though the guide appears huge, this whole process should take at the most a few hours. You can finish it in phases over the course of several days.
It is highly recommended that you close *ALL* applications running on your computer before starting.
1: Obtaining Tor Browser
The first step to becoming secure and anonymous online is to setup and install something called "TOR". "TOR" is short for Onion Router". The concepts behind TOR were first implemented by the United States Military, and these principles have been used to create an extremely secure mechanism for being anonymous online. In fact, millions of people world-wide use TOR to browse the internet and communicate anonymously.
TOR works by heavily encrypting your communications so that no observer can see what website you are really going to, and what information is really being sent. It all appears as a bunch of random characters to any observer. You simply use the TOR web browser just as you use any other web browser. TOR takes care of the rest.
However, TOR by itself is not enough. Even when using TOR, a user can be compromised in a number of ways. First, some websites can be set up to attempt to reveal someone's true IP address (their true identity) by tricking their web browser or other software to transmitting that information. For this reason, anyone who uses TOR will recommend that no one have javascript or flash turned on while browsing TOR. In this guide however, I will show you a much better solution.
The second issue is that of human error. Even if you have TOR installed, you may accidentally forget which browser to put in a link. You may also accidentally click on a link from another program, such as a chat program. That program might then load the link you clicked on into a non-TOR browser. When you are using TOR, you must be careful *constantly* that every link goes into the right browser, and that you do not accidentally click the wrong link.
So then, let's begin. Obtaining the TOR Browser is easy. Simply go to the following website: http://www.torproject.org
Once here, you may feel free to read more about what TOR is and how it works, or you may proceed to immediately download TOR.
Here is how to do so:
1. Click on "Download TOR", or "Download".
2. You will see text that says, "The Tor Browser Bundle contains everything you ned ... Just extract it and run. Learn more >>
3. Click on this "Learn more" link. for the "Tor Browser Bundle"
4. Assuming you are an English speaker, you would choose the top-most link "English (en-US)". Otherwise, pick the language best suited to you.
5. The file being saved will be named: tor-browser-1.3.18_en-US.exe
It is ok if the number is not exactly 1.3.18, there are new versions of Tor from time to time. At the time that this guide was written, 1.3.18 was most current. By the time you are reading this, a more current version of TOR may exist.
6. Run this file.
7. You will be prompted to extract this to a directory. By default, it will be set to C:\Users\You\Downloads\ This is perfectly ok. You can also choose a different directory if you wish.
8. Click "Extract"
That's it. TOR Browser is NOW installed. Time to test it out!
2 : Using and Testing Tor Browser for the first time
Now you have successfully downloaded and installed the Tor Web Browser Bundle. You are no doubt anxious to begin using it. First, click on the "start" menu icon, the icon in the lower left of your screen with the windows logo. On the top right will be a listing that says "You", "Documents", "Pictures", "Music"... "You" of course will be replaced by your user name. Click on "You", the top most link. This will open up your main user folder.
Now, locate the folder called "Downloads" and double click on it.
Now, inside the "Downloads" folder, double click on the folder called "Tor Browser".
Lastly, double click on the application: "Start Tor Browser"
When you do, you will see the Vidalia Control Panel appear, and you will observe as you connect to the TOR network. When this is complete, your web browser will open up and will automatically connect to the web address: check.torproject.org
This is to confirm that you are in fact using TOR. If you have followed this guide correctly, then you will see the following green text, or something similar:
"Congratulations. Your browser is configured to use Tor."
Now you can use this web browser the same as any other. You can go to any website you wish, and neither your ISP or anyone else will be able to see where you are going, or what you are doing. However, there are still issues that need to be resolved, so
don't begin browsing just yet.
Important Safety Note
If you fill out a form containing your email address, your name, or any other sensitive information while using the TOR browser, be aware that sometimes it is possible for an observer to see that information. When using TOR, use it to access websites and
content that you are *not* connected to via your real identity or any username or nick name which links to your real identity. Let TOR be for anonymous browsing solely. Do your online banking, or any other activities involving your real identity using your normal web browser.
3 : Securing Your Hard Drive
Being able to browse anonymously is one thing. However, you may choose to download and save sensitive content or material to your computer which you wish to keep private. This may include reading sensitive documents, viewing pictures, or storing any kind of sensitive data.
If you save *anything* to your computer's harddrive, then it is possible for someone who has confiscated your computer to determine what it was you saved. This is often true even if you delete the content. For example, suppose I use the Tor Browser and I navigate to a website containing a sensitive document that I wish to read. If I saved that document somewhere on my harddrive, then it is possible for someone else to find it. If I *delete* that document, it may still be possible for someone to undelete it.
Further, even if I never save it to my harddrive but I simply look at it using my word processing software, it may still be saved ina number of ways including:
1. Often programs keep records of filenames. The filename alone is often enough to incriminate someone.
2. Often programs keep parts of the content viewed saved for various reasons, such as for searching. This can include random excerpts of text, thumbnails of images, and more. Often this "partial" data is more than enough to prove what the original data was. Often the "partial" data is itself incriminating.
3. Sometimes, especially if you are running low on system memory, your operating system may choose to use your hard-disk as a temporary RAM. This is known as "SWAP". Normally, whenever you turn off your computer, whatever was in RAM is deleted. However, the data that goes to your SWAP may persist and it may be possible for someone to see what content you had open in your programs if that information is saved in RAM.
Generally speaking, you *must* have a plan to secure any content that is saved to your hard disk. Therefore, this guide would be incomplete if we did not thoroughly address this. First, there are two kinds of such content:
1. Deliberately saved content.
2. Inadvertently saved content.
Deliberately saved content refers to content that you have chosen to save on your harddisk so that you can access this content later. We will address how to do this later in the guide.
Inadvertently saved content refers to content that is saved by programs you use, or your operating system. You have no way to even know what this content might be. Therefore, this is the most dangerous. You may browse and find a dozen sensitive documents, utterly delete them, and some program may have saved the file names and excerpts of the data. This will render your previous efforts futile.
Content that is inadvertently saved to your harddisk comes in two flavors:
1. Content that is saved to your SWAP space.
2. Content that is saved by applications running on your computer, including your operating system.
The surest way to prevent content from writing to your SWAP space is to disable your SWAP space altogether. This may result in your computer running a bit slower than normal, and may mean that you cannot use ram intensive games and applications during the time your SWAP is disabled.
Therefore, if you use this method, simply turn back on the SWAP when you want to use those ram intensive applications. Also, you may choose not to take this step.
Here is how to disable your swap space if you are using Windows 7:
*This step is recommended for advanced users only. If you are not comfortable doing this, you may safely skip this step.*
Instructions are less verbose than usual, as these steps are intended for advanced users only. If you do not fully understand these instructions, skip this step.
1. From Control Panel, go to "System and Security".
2. Click on "System", and then choose "Advanced system settings" in the left-most menu.
3. Under the "Advanced" tab, under "Performance", click "Settings".
4. Under this "Advanced" tab, under "Virtual Memory", click "Change"
5. Uncheck "Automatically manage paging file sizes for all drives"
6. Select "No paging file"
7. Save, reboot, and follow these same first 5 steps to confirm that "No paging file" is still selected. This means that you have successfully disabled your swap. This means that *nothing* from RAM will be inadvertently saved to your harddrive.
To resume using SWAP again, simply click "Automatically manage paging file size for all drives." You can switch between these two modes as you desire.
Generally speaking, your computer will run fine without a swap file, provided you have enough RAM.
END OF ADVANCED INSTRUCTIONS
The next issue we need to address is how to prevent applications and/or your operating system from saving content inadvertently that you do not want saved. For this, we are going to set up a "Virtual Machine".
A "Virtual Machine" is like a computer inside of your computer. Everything you do inside the Virtual Machine (vm for short) will be fully contained within itself and no one will be able to see what the vm has been doing. Ideally, you want *ALL* of your sensitive computer usage of any kind, TOR or NON TOR, to take place within a vm. In this way, you can keep everything private that you wish while still using your computer fully and getting the most out of it.
Don't be afraid of this sounds complicated. This guide will take you through every step slowly and methodically. Before we can set up a vm however, we need to take another step.
4 : Setting up TrueCrypt, Encrypted Hidden Volumes
If you save anything on your computer, it is likely that you do not want just anyone to be able to see what you have saved. You want a way to protect that information so that you can access it, and absolutely no one else except those you trust. Therefore, it makes sense to set up a system which protects your information and safeguards it against prying eyes.
The best such system for this is called "True Crypt". "True Crypt" is an encryption software program which allows you to store many files and directories inside of a single file on your harddrive. Further, this file is encrypted and no one can actually see what you have saved there unless they know your password.
This sounds extremely high tech, but it is actually very easy to set up. We are going to do so, right now:
1. Go to http://www.truecrypt.org/downloads (or go to http://www.truecrypt.org, and click on "Downloads")
2. Under "Latest Stable Version", under "Windows 7/Vista/XP/2000", click "Download"
3. The file will be called "True Crypt Setup 7.0a.exe" or something similar. Run this file.
4. If prompted that a program needs your permission to continue, click "Continue".
5. Check "I accept and agree to be bound by these license terms"
6. Click "Accept"
7. Ensure that "Install" is selected, and click "Next"
8. click "Install"
9. You will see a dialog stating "TrueCrypt has been successfully installed." Click "Ok"
10. Click "No" when asked if you wish to view the tutorial/user's guide.
11. Click "Finish"
At this point, TrueCrypt is now installed. Now we will set up truecrypt so that we can begin using it to store sensitive information.
1. Click the "Windows Logo"/"Start" button on the lower left corner of your screen.
2. Click "All Programs"
3. Click "TrueCrypt"
4. Click the "TrueCrypt" application
And now we can begin:
1. click the button "Create Volume"
2. Ensuring that "Create an encrypted file container" is selected, click "Next"
3. Select "Hidden TrueCrypt volume" and click "Next".
4. Ensuring that "Normal mode" is selected, click "Next"
5. Click on "Select File"
Note which directory you are in on your computer. Look at the top of the dialog that has opened and you will see the path you are in, most likely the home directory for your username. An input box is provided with a flashing cursor asking you to type in a file name. Here, you will type in the following filename:
random.txt
You may of course replace random.txt with anything you like. This file is going to be created and will be used to store many other files inside. Do NOT use a filename for a file that already exists. The idea here is that you are creating an entirely new file.
It is also recommended though not required that you "hide" this file somewhere less obvious. If it is in your home directory, then someone who has access to your computer may find it easier. You can also choose to put this file on any other media, it doesn't have to be your hard disk. You could for example save your truecrypt file to a usb flash drive, an sd card, or some other media. It is up to you.
6. Once you have typed in the file name, click "Save"
7. Make sure "Never save history" is checked.
8. Click "Next"
9. On the "Outer Volume" screen, click "Next" again.
10. The default Encryption Algorithm and Hash Algorithm are fine. Click "Next"
11. Choose a file size.
In order to benefit the most from this guide, you should have at least 10 gigabytes of free disk space. If not, then it is worth it for you to purchase some form of media (such as a removable harddrive, a large sd card, etc.) in order to proceed. TrueCrypt can be used on all forms of digital media not just your hard disk. If you choose to proceed without obtaining at least ten gigabytes of disk space, then select a size that you are comfortable with (such as 100 MB).
Ideally, you want to choose enough space to work with. I recommend 20 GB at least. Remember that if you do need more space later, you can always create additional TrueCrypt volumes using exactly these same steps.
12. Now you are prompted for a password.
Read This Section Carefully
The password you choose here is a decoy password. That means, this is the password you would give to someone under duress. Suppose that someone suspects that you were accessing sensitive information and they threaten to beat you or worse if you do not reveal the password. THIS is the password that you give to them. When you give someone this password, it will be nearly impossible for them to prove that it is not the RIGHT password. Further, they cannot even know that there is a second password.
Here are some tips for your password:
A. Choose a password you will NEVER forget. It may be ten years from now that you need it. Make it simple, like your birthday repeated three times.
B. Make sure it seems reasonable, that it appears to be a real password. If the password is something stupid like "123" then they may not believe you.
C. Remember that this is a password that you would give to someone if forced. It is *NOT* your actual password.
D. Do not make this password too similar to what you plan to really use. You do not want someone to guess your main password from this one.
And with all of this in mind, choose your password. When you have typed it in twice, click "Next".
13. "Large Files", here you are asked whether or not you plan to store files larger than 4 GIGABYTES. Choose "No" and click "Next"
14. "Outer Volume Format", here you will notice some random numbers and letters next to where it says "Random Pool". Go ahead and move your mouse around for a bit. This will increase the randomness and give you better encryption. After about ten seconds of this, click "Format".
15. Depending on the file size you selected, it will take some time to finish formatting.
"What is happening?"
TrueCrypt is creating the file you asked it to, such as "random.txt". It is building a file system contained entirely within that one file. This file system can be used to store files, directories, and more. Further, it is encrypting this file system in such a way that without the right password it will be impossible for anyone to access it. To *anyone* other than you, this file will appear to be just a mess of random characters. No one will even know that it is a truecrypt volume.
16. "Outer Volume Contents", click on the button called, "Open Outer Volume"
An empty folder has opened up. This is empty because you have yet to put any files into your truecrypt volume.
Do Not Put Any Sensitive Content Here
This is the "Decoy". This is what someone would see if you gave them the password you used in the previous step. This is NOT where you are going to store your sensitive data. If you have been forced into a situation where you had to reveal your password to some individual, then that individual will see whatever is in this folder. You need to have data in this folder that appears to be sensitive enough to be protected by truecrypt in order to fool them. Here are some important tips to keep in mind:
A. Do NOT use porn. Adult models can sometimes appear to be underaged, and this can cause you to incriminate yourself unintentionally.
B. Do NOT use drawings/renderings/writings of porn. In many jurisdictions, these are just as illegal as photographs.
C. Good choices for what to put here include: backups of documents, emails, financial documents, etc.
D. Once you have placed files into this folder, *NEVER* place any more files in the future. Doing so may damage your hidden content.
Generally, you want to store innocent data where some individual looking at it would find no cause against you, and yet at the same time they would understand why you used TrueCrypt to secure that data.
Now, go ahead and find files and store them in this folder. Be sure that you leave at least ten gigabytes free. The more the better.
When you are all done copying files into this folder, close the folder by clicking the "x" in the top right corner.
17. click "Next"
18. If prompted that "A program needs your permission to continue", click "Continue"
19. "Hidden Volume", click "Next"
20. The default encryption and hash algorithms are fine, click "Next"
21. "Hidden Volume Size", the maximum available space is indicated in bold below the text box. Round down to the nearest full unit. For example, if 19.97 GB is available, select 19 GB. If 12.0 GB are available, select 11 GB.
22. If a warning dialog comes up, asking "Are you sure you wish to continue", select "Yes"
23. "Hidden Volume Password"
Important Read This
Here you are going to select the REAL password. This is the password you will NEVER reveal to ANYONE else under any circumstances. Only you will know it. No one will be able to figure it out or even know that there is a second password. Be aware that an individual intent on obtaining your sensitive information may lie to you and claim to be able to figure this out. They cannot.
It is HIGHLY recommended that you choose a 64 character password here. If it is difficult to remember a 64 character password, choose an 8 character password and simply repeat it 8 times. A date naturally has exactly 8 numbers, and a significant date in your life repeated 8 times would do just fine.
24. Type in your password twice, and click "Next"
25. "Large Files", select "Yes" and click "Next".
26. "Hidden Volume Format", as before move your mouse around for about ten seconds randomly, and tehn click "Format".
27. If prompted "A program needs your permission to continue", select "Continue"
28. A dialog will come up telling you that the hidden TrueCrypt volume has been successfully created. Click "Ok"
29. Click "Exit"
Congratulations! You have just set up an encrypted file container on your hard drive. Anything you store here will be inaccessible to anyone except you. Further, you have protected this content with TWO passwords. One that you will give to someone under threat, and one that only you will know. Keep your real password well protected and never write it down or give it to anyone else for any reason.
Now, we should test BOTH passwords.
5. Testing TrueCrypt Volumes
Once you have completed the above section, you will be back at TrueCrypt. Go ahead and follow these steps to test the volumes you have made.
1. Click "Select File..."
2. Locate the file you created in the last section, most likely called "random.txt" or something similar. Remember that even though there is both an outer and a hidden volume, both volumes are contained in a single file. There are not two files, only one.
3. Click "Open"
4. Choose a drive letter that you are not using (anything past M is probably just fine). Click on that, For example click on "O:" to highlight it.
5. Click "Mount"
6. Now you are prompted for a password. Read the below carefully:
The password you provide here will determine WHICH volume is mounted to the drive letter you specified. If you type in your decoy password, then O:\ will show all the files and directories you copied that you would reveal if forced. If you type in your real password, then O:\ will show the files and directories that you never intend anyone to see.
7. After successfully typing in your password, you will see additional detail to the right of the drive letter, including the full path to the file you selected as well as the kind of volume it is (for example, hidden).
8. Right click on your "Windows Logo"/"Start Menu" icon, and scroll down to the bottom where you can see your different drive letters. You will see the drive letter you selected, for example: "Local Disk (O:)". Click on that.
9. If you selected your decoy password, you will see all the files and folders that you moved there during the installation phase. If you selected the real password, you will see whatever files and directories you have placed so far into the hidden volume, if any. If you selected your hidden volume password, you may now begin moving any sensitive information you wish. Be aware that simply moving it from your main hard disk is not enough. We will discuss how to ensure deleted data is actually deleted later in the guide.
"What is happening?"
When you select a file and mount it to a drive, you are telling your computer that you have a new drive with files and folders on it. It is the same thing as if you had plugged in a usb flash drive, a removable harddrive, or an sd card into your computer. TrueCrypt causes your computer to think that there is an entirely new disk drive on your computer. You can use this disk drive just as if it *was* actually a usb flash drive. You can copy files to it, directories, and use it just as you would use a usb flash drive.
When you are done, simply close all open windows/folders/applications that are using your truecrypt drive letter, and then click "Dismount" from within TrueCrypt while you have the drive letter highlighted. This will once again hide all of this data, accessible only by re-mounting it with the correct password.
Top 5 Best Smart Watches
Ah yes, now I remember… Apple’s EarPods:
Sheesh.
Xiaomi Mi 4 vs Apple iPhone 6 (image: Ewan Spence)
For many, Xiaomi’s Mi 4 is the talismanic smartphone that is almost
invisible in the West. Xiaomi, often referred to with the moniker
‘China’s Apple’ is seen as the leading ‘clone’ company of Apple’s
iPhone. Now I’ve reviewed the Mi 4 here on Forbes, that labelling is out
of place. Yes there are similarities, but put any two modern
touchscreen smartphones next to each other and you will find areas of
commonality. You’ll also see the relative strengths and weaknesses of
the two handsets.
