There are lots of secret hacks for making the most of the Tor network as well as pitfalls to avoid. in our previous article What is TOR? Is TOR Completely Safe to Use? we covered approx all the information you needed to understand TOR network.
In this Essential dos and don’ts for Tor Network ( Detailed Guide) we are going to cover up, how to be smart and safe.
Essential dos and don’ts for Tor Network
Make sure Tor is kept up to date
Tor is much more secure than Chrome and Firefox but as with any piece of
software, it’s not impervious to attack.
For example, the network was targeted in 2013 by a Trojan called Chewbacca, which stole banking details; and in 2016, it was revealed that the FBI had used specially created malware called Torsploit to ‘deanonymise’ Tor users and track their real IP addresses.
There have also been cases of Tor exit nodes – the last relays that Tor traffic passes through before it reaches its destination – being used for malicious purposes rather than anonymous ones, and infecting users’ systems.
Fortunately, Tor usually addresses such threats and vulnerabilities very swiftly, which makes it essential to keep the browser up to date.
Every time you launch Tor, click the onion icon on the toolbar and choose ‘Check
for Tor Browser Update’ (Tor updates itself periodically, but checking manually ensures you’re using the latest version).
Additionally, if you’re using a service that involves sharing personal information, you should change Tor’s security level to High, as explained in our Workshop opposite.
Use Tor for torrenting
As a powerful privacy tool,Tor might seem like the perfect means of downloading and uploading files via BitTorrent and other peer-to-peer networks, but it absolutely is not!
Using a torrent client bypasses Tor’s protection and blows your anonymity by sending your real IP address to the torrent service and other ‘peers’. This allows them to identify you, the port you’re using for torrenting and even the data you’re sharing, if it isn’t encrypted.
They can then potentially target you with malware or even notify the relevant authorities (if you’re sharing copyrighted material).
Additionally, torrent traffic places a heavy strain on the Tor network and slows it down for others, so it’s selfish as well as careless.
For all these reasons, Tor says file-sharing is “widely unwanted” and exit nodes are configured to block torrent traffic by default.
Create a new identity when necessary
Tor does a great job of keeping you safe and anonymous, but you may still
encounter websites that raise alarm bells – indeed, Tor may warn you that
a site is trying to track you.
If you’re worried that your privacy has been compromised, click the onion icon on the toolbar and choose New Identity.
This will restart the Tor browser and reset your IP address, so you can carry on browsing as a fresh user.
Maximise the Tor window
Leave Tor browser windows at their default size because maximizing them
allows websites to determine the size of your monitor.
This might not sound too worrying on its own but when combined with other information, it may provide the extra information websites need to identify you.
Use a VPN alongside Tor
It’s important to remember that Tor is a proxy rather than a VPN, which means it only protects traffic routed through the Tor browser.
As we explained earlier, there are some risks to using the Tor network, especially when downloading torrent files and inadvertently connecting through a malicious exit node.
You can boost your privacy and security by using Tor in conjunction with a VPN, to ensure all your data is encrypted and no logs are kept of your activities.
Several VPNs offer features designed specifically for Tor users, including NordVPN – which lets you access servers pre-configured to redirect traffic through the Tor network.
Search the web using Google
Google isn’t known for respecting its users’ privacy, so to continue using it
in Tor (it’s one of the available options) is rather self-defeating.
Not only does Google still try to track you and record your searches (based on your exit node’s IP address) but when it finds you’re connecting in an ‘unusual’ manner, it gets very uppity about it.
Try searching with Google in Tor and you’ll continually get CAPTCHAs that ask you to prove you’re not a robot.
We recommend using either Tor’s default search engine DuckDuckGo, its ‘Onion’ variant or Startpage (which uses non-tracked Google results), all of which come preinstalled alongside Google.
Consider running a Tor relay
Tor relies on its loyal and ever-expanding community to provide the relays that create the circuits that deliver the anonymity it’s become (in)famous for. The more relays – or ‘nodes’ – there are running, the faster and more secure the Tor network will be.
If you become a regular Tor user, consider giving something back to the community by sharing your bandwidth and running your own relay.
You can either be a ‘middle relay’ – one of the two or more nodes that receive Tor traffic and then passes it on – or an ‘exit relay’.
Being a middle relay is much safer because if another user employs the Tor network to do something malicious or illegal, your IP address will not show up as the source of the traffic.
In contrast, an exit relay can be identified as that source, which means people who run exit relays may have to deal with complaints and even legal attention.
Therefore you shouldn’t host an exit node from your home PC and, if you’re sensible, not at all!
One further problem: you need to have a Linux computer running Debian or Ubuntu to host a reliable relay – see Tor’s instructions here.
In Windows, you need to run a Linux distro as a virtual machine and set up your relay from there. It’s a bit of a hassle, but at least it will keep your Tor traffic separate from the rest of your system.
It may sound obvious, but there’s no point using Tor to stay anonymous if
you sign up to a website using your real email address.
It’s like putting a paper bag over your head, then scrawling your name and address on it. A disposable email service such as MailDrop (maildrop.cc) or Nada (getnada.com), or the brilliant Fake Name Generator (www.fakenamegenerator.com) can be used to create a temporary address and/or identity for site registrations and keep your Tor persona separate from your standard web one.
Use Tor for anonymous email
You can use your favorite email services in Tor – although pesky Google
may ask you to verify your Gmail account – but the content of your
messages won’t be encrypted in transit.
Tor will of course disguise where you are, but unless you’re using a disposable email address (see above), anyone intercepting your messages will see your real address and, potentially, your name.
For total privacy and anonymity, you can use a Tor-enabled email service. Several of these have been closed down by law-enforcement agencies in recent years because they were linked to criminal activities, but using one is not illegal, nor does it place you under suspicion.
The best and most trustworthy option is ProtonMail (protonmail.com), an end-to-end encrypted-email provider, launched by the CERN research facility in 2013.
Earlier this year, ProtonMail introduced a Tor hidden service specifically to combat the censorship and surveillance of its users.
You can sign up for a free ProtonMail account
at protonirockerxow.onion, but this limits you to 500MB of storage and 150 messages per day; to get advanced features, you need the Plus plan for ¤4 (£3.70) per month.
Alternatively, you could try Bitmessage, a free Desktop client that lets you send and receive encrypted messages using Tor, and can be run from a USB stick. It offers both
standard (bitmessage.org) and Tor (bitmailendavkbec.onion) websites.
Go overboard with browser add-ons
Because Tor is based on Firefox, it’s possible to install your favorite
add-ons to customize it to your preference, which makes sense if you are planning to use Tor as your default browser. Don’t be tempted!
Even if extensions aren’t infected with malware (as some Chrome ones were recently found to be), they may seriously compromise your privacy.
Tor comes with two of the best protective add-ons preinstalled – NoScript and HTTPS Everywhere – and that’s really all you need if your reason for switching to the browser is
to be anonymous.
Also, bear in mind that browsing with Tor can be slower than Chrome or Firefox because of its roundabout way of connecting, so overloading it with add-ons will
further reduce your speed.
We are recommending Tor: How to Set Up Tor! #1 Guide On IP Address and TOR DARKNET BUNDLE (5 in 1) Master the ART OF INVISIBILITY (Bitcoins, Hacking, Kali Linux) ebook to our readers.