100% anonymity with TOR. Is this possible?


3 years ago
Well, in general the answer is YES, but you should always keep in mind these points:

1) On TOR exit-node all your traffic comes UNENCRYPTED. Also, it could be altered. So to use TOR securely, use only secure protocols with internal encryption. For example
HTTPS - secure, HTTP - not
SFTP - secure, FTP - not
SSH - secure, Telnet - not
and so on.

And sinse exit-node can pass fake SSL-certificate to you, avoid self-signed and other non-valid certificates (you'll usually get warning when trying to use one). Always check the signature.

2) Due to variety of different software exploits, unknown bugs, DNS leaking and other stuff, it is good option to use virtualization systems such as VirtualBox, VMWare, XEN and so on. Your guest OS should NOT know your real IP, it should NOT appear there in any way. So install TOR on host OS, not on guest. And route all traffic from Guest OS via TOR.

But still, even in your Guest OS, you should never use insecure protocols since unencrypted traffic can be easily viewed by the person who runs tor exit node. He will not get your real IP by this, but he can steal your login credentials, cookies or ftp-password. Maybe it will be a good point to disable insecure protocols completely by firewall settings of your guest OS. This does not improve security (sinse your guest os can run an exploit which turns firewall settings back), but this implicitly lets you not to send your data over insecure channels. Never! (And if exploit will send it's own - it's not your problem).



So the short answer is: Use HTTPS inside guest Virtual OS, check certificates, and block any other traffic from that guest OS. On host OS you can use Internet as usual - it will not be anonymous.

3 years ago
I personally dont believe this is possible.

At least they can reveal you by semantic analysis or accidental Flash leaks.

There is no 100% annonymity.

3 years ago
When your adversary is monitoring both the route between your computer and the entry node, and the route between the exit node and the website you visit, then they can do a traffic correlation leading to de-anonymization. You could use a VPN in a country which is not monitored by your adversary and create cover traffic to prevent this. Preferably use entry guards in the country where the VPN is located.

Semantic analysis can eb prevended, by delibratly insrting error, in to ur texts and using a different writing style. Flash leaks can be prevented by not activating JavaScript or firewalling the virtual machine properly.

However fingerprinting through Flash and JavaScript is still possible. E.g. by looking at the name of the CPU through a flash plugin. Maybe there aren't many users with the same CPU as you. Virtual Machines do not hide your CPU info by default. Whonix does this. JavaScript can read which fonts are installed on your system. Fingerprinting is best reduced by using the Tor Browser Bundle and anonymizing the hardware data of the virtual machine.

Have a look at step 6.7.4. in this tutorial if you want to understand how to anonymize the hardware data of VirtualBox.
viewtopic.php?f=2&t=18324#p18934

Reply

You are not logged in. Login or register to reply on this thread.