Tor
Links
Bridges
[Good] Bridges are Tor entry nodes not publicly available (therefore not easily blacklisted by ISPs). However, ISPs are still able to use Deep Packet Filtering to filter out Tor traffic, therefore we have Tor Pluggable Transports…
Transports
O/Ss
Tails: [Best] Tails with Pluggable Transport or Bridge
-
Boot
At Tails boot menu, go into Additional Settings
Select Network Connection
Choose 2nd option: Configure Tor bridge or local proxy
Click on “Add”
Then start Tails
Once booted into Tails choose “Configure” in Connection Settings Pop-up
Check “Tor is censored in my country”
Paste in your bridge information (with pluggable transport if you want) obtained previously and saved on USB stick.
Qubes
Get Qubes:
You can install on a USB stick. From the installation guide:
“Installing an operating system onto a USB drive can be a convenient and secure method of ensuring that your data is protected and remains portable. If you want to install Qubes
OS onto a USB drive, just select the USB device as the storage location for the
OS. Be advised that a minimum storage of 32
GB is required and that a fast USB 3.0 compatible drive is mandatory to achieve decent performance. Also, bear in mind that the installation process is likely to take longer than an installation on a internal storage disk.”
Requirements to run Qubes on a machine: In the BIOS settings…
Enable Virtualization (VT-x, VT-d / AMD-V, AMD-Vi)
Disable Secure Boot (optional, but recommended)
Set Boot to Legacy (optional, but recommended)
Boot from USB
Search Engines
These are Tor sites. You must use a Tor browser…
-
NotEvil: hss3uro2hsxfogfq.onion
Torch: xmh57jrzrnw6insl.onion
Ahmia: msydqstlz2kzerdg.onion
Entry Points
Anon ID
Create a Fake Anonymous Identity (create an identity for the DarkNet)
Make an ID, modify it so it is “yours” and use that same ID on the DarkNet.
Email
Temporary Accounts:
ProtonMail: This is a “hybrid” set-up: Encrypted (private) but not necessarily anonymous.
DarkNet Email Providers
IM
XMPP Servers (allows you to create an account):
With an account you can communicate with anyone else with an XMPP account.
Use Pigin:
In Pigin, Advanced Settings, change the XMPP service to the .onion server.
OTR (Off-The-Record) Plugin: end-to-end encryption.
File Management
File Sharing:
Remove/Clean MetaData: In Tails, right click and select “Clean Metadata”
-
Peer-to-Peer File Sharing (more secure, full control): OnionShare
File Removal: (delete and wipe) The following only works on hdd…
For a file: In Tails, right click file to delete and choose “Wipe.”
For a device: Clean all persistent available space on your Tails…
Open a file manager, right click in white space…
Choose: “Wipe available disk space” (choose options). Does NOT delete files.
File Removal on ssd/usb_stick: The only real way to erase data so it can not be retrieved…
Burn it. Destroy it. Microwave it. (Yes, you read that correctly.)
Securely wipe and format the entire device. In Tails…
Applications… Utilities… Disks… Select the device to wipe…
Click on the cogs icon by the partition graphic… choose “Format Partition”
Erase option: choose “Overwrite existing data with zeroes…”
Type: file system type, set to whatever type you want.
Device Encryption: The above wiping sequence for ssd/usb_stick can also be used to encrypt an entire device so that whatever you store in it will be encrypted.
Cryto-Currency
Functions on the same asymmetrical encryption idea as PGP
Your “wallet” has a key pair: one public and one private
You send money to a person's public key
You receive money via your public key and own it via your private key.
Bitcoin
Watch Zaid's explanation: link
REMEMBER: BitCoin is NOT ANONYMOUS. All transactions are public. Never send/receive
from an account you do not want to be linked to.
Blockchain includes: Sender address, Receiver address, Amount (ID#), etc.
If you need to “clean” Bitcoins and make them more anonymous, use tumblers.
Set Up:
Create a wallet (
Electrum comes pre-installed in Tails)
Use the “Seguit” option (newer, more secure)
Also: Tools… Preferences… check “Edit fees manually” (to see x-fer fee)
Create a second wallet using the “Legacy” option for ATMs
-
Deposit cash into ATM w/QR code to buy bitcoin w/ your legacy wallet
Where to buy Bitcoin:
-
-
-
To receive money (people pay you): send people your Receiving Address or QR Code
Tumbler / Mixer:
Monero (XMR)
Download it and check the hash: https://web.getmonero.org/downloads/
Info & How-To: https://moneroworld.com/
For Monero Daemon Settings:
Start a node automatically (downloads the entire blockchain, 25GB)
Connect to a remote node (in Tor network; access blockchain). Nodes:
Buy some Monero:
-
Find one that allows you to buy without verifying identity.
If there are none, find one… Monero is untracable regardless.
-
-
Exchange a current cryptocurrency with Monero:
Get some bitcoin via an ATM and then use it to buy Monero (very good option).
-
cash → atm → bitcoin → monero → or even back to bitcoin to anonymize bitcoin (called churning… send, receive, lather, rinse, repeat)
Monero Wallet Address:
CREATE A NEW ADDRESS FOR EACH TRANSACTION
Just click on “Create new address” and name it
This further enhances your privacy and anonymity
Investigations
Technical Investigation of a .onion site:
Check out the http headers
See what kinds of software they are running and their current version
Are there vulnerabilities in that version? is it old? exploits available?
Go to Shodan search engine (searches IoT - Internet of Things)
Enter the combo of software and versions to see what machines out there are running that particular combination and open to the Internet.
From the results, find out which serve up .onion sites.
Query the servers that host .onion sites and “ask” if they serve up your particular .onion site address. If you get a “yes,” bingo.
Learn:
Use a VM (or Tails) and get on the DarkNet
If VM: take a snapshot when it's set up like you want it
Then after use it, revert back (rollback) to your clean snapshot
Install ZeroNet, Tribler, I2P, et al
Experiment (by safely: use a machine and ID you only use for DarkNet)
Google: “Find me DarkNet markets”
Reddit: check out the subreddits…
-
-
-
Tor2Web (converts .onion URLs to open Internet URLs)