Hi, I use Firefox with HTTPS Everywhere and HTTPS Finder. I use minimum number of trusted add-ons with no history of passing on personal user data. I use startpage. I do not sign in to google services. I clear my cookies. I use a strong vpn service with a flexible paid plan. This is what I do when I want to surf the internet anonymously. So is this all I need? Am I OK? Please give any suggestion and advice to improve my anonymous experience. Best Wishes, ams963
If you dedicate a VM to anonymous surfing, you'll reduce chances of leaking information to or from your non-anonymous surfing etc. If it's important, you could avoid other potential leaks (network, shared folders, USB drives, etc).
I can do the second one that is avoid potential leaks by network, shared folders, usb drives, etc. But I do not know about a vm. Hmm...I've never used a vm before. I am not sure if I want to ever a vm either. I would have to use virtual box or vmware type software, allocate pc resources for the extra os in the vm like ram, hdd ,etc. And then I've to get an extra os for the vm- either buy a windows os(I'll already be using the win os in the real machine) or for linux. I then have to learn the linux os to get around once and if I go for linux. It would be a hassle don't you think? Will my anonymity be severely threatened if I do my anonymous surfing in the same os that is my real machine?
On Windows, VMware Player and an Ubuntu VM would probably be best. Ubuntu is quite user friendly, and Firefox is a featured app (can't miss it). Altogether, you'll need about 15GB storage. Ubuntu is happy with 1GB memory, and it'll run in 640MB.
Okay. I'll try that in a few days now that you are recommending it so much. Let's see how it goes. Thank you for improving my anonymity experience.
Please consider to read my thread at https://www.wilderssecurity.com/showthread.php?t=294518 Base connection > VPN A > VM VPN B + TOR All of the above connections must not have your purchase paper trail. Your base connection can be, you know, wifi connection. Make sure the VPN is free or promo full-featured.
Should I use TOR with my VPN just like Paulie said here? And do I need to setup a dedicated vm if I use TOR with my VPN?
Thank you. That is indeed an interesting solution. But I am against all that hassle and using a vm. You see I have 4 pcs. 3 of which I use for gaming and office projects. The 4th one is a win xp netbook with a ram 1gb. I occasionally surf the web using this one when I some time. This is an old machine and I want to spend as little money, effort and time as possible on this pc. I can use TOR with my VPN. But using a vm with an extra os and a second vpn are just too much of a hassle. Please help me with a rather easy, simple solution for anonymity specific to my situation described above.
"Installing" the VPN will probably be the hardest step. You install OpenVPN through the Ubuntu Software Center app. In a terminal, you copy the VPN credentials and config files to /etc/openvpn. Navigate (using cd) to the folder containing the VPN credentials and config files. Then type "sudo cp * /etc/openvpn/" and hit enter. Decide which route (config file) you want to use. The config files may be either foo.conf (Linux style) or foo.ovpn (Windows style). Start OpenVPN by typing "sudo openvpn 'foo.conf'".
The netbook with xp is the old one. I intend to use ubuntu next year as support for xp ends in 2 years. But I like xp and want to use it until next year. In the meantime I am going to use my vpn. So I guess the vm idea is just not for me. Do you think using TOR with my VPN would at least increase my provacy to some extent?
Yes. But the possibility of cross-session leaks remains. See recent discussion in tor-talk about Google Analytics.
Let's say that you're browsing with Tor. Maybe you install some malware that "phones home" later, when you're browsing without Tor. That's how Anonymous got 100+ visitors to onion sites featuring CP. Or maybe some website plants a cross-site evercookie, which it and other websites can see later. See -https://trac.torproject.org/projects/tor/query?keywords=~tbb-linkability
Have you or anyone been using Tor browser bundle sandboxed (with sandboxie)? Just wondering if this mitigates this problem or do you suggest a vm configured to "revert to snapshot"? Oh no you made me change my setup now
Okay now what if I don't use my vpn inside a vm or use my vpn with tor? I mean if I do what I mentioned in post #1 and don't use anything else in a xp sp3 system is it too much of a threat?
I have one question. Does a home user really need to go through this? I mean a VPN is understandable if one is connecting to a public WIFI, but if you are on your own network? No offense though, I'm just really curious.
I don't use TBB. Trying to isolate disparate activities on one computer is risky, I think. Even if it's a VM that you can revert. Using separate VMs is safer. Using separate machines, with no connectivity of any sort, is safer yet. For casual Tor, these days, I use TAILS in a VM connecting through VPNs running on pfSense VMs. If it matters, I use TAILS on an old laptop with no hard drive, connecting through VPNs (pfSense VM with LAN bridged to host eth1).
No you do not; an isolated browser going through a vpn is fine for web browsing. Keeping the browser isolated prevents evercookies from being dropped onto your hard drive and potential fingerprinting of your OS, computer clock, etc being used to create a profile of you which in most cases is used for targeted marketing. The idea behind the VPN over your own network is to encrypt communications over your ISP and to obfuscate your origin address with websites. If you are ok with websites potentially knowing details about your operating system, add-ons, fonts, time zone, evercookies etc you can keep the browser sandboxed on your primary hard drive. If you want to keep that information private, this is where a live CD or a VM would come into play. If you want to nuke everything from orbit just to make sure mirimir’s way is the best. You the user will have to weigh those concerns.
