Is Tor even effective for browsing anonymous, if i use it without additional VPN, or Proxy...

I bet the NSA does all the hard work and then lets the FBI boats about not being absolutely irrelevant yet out of pure pitty.

Unless you access the VPN exclusively through Tor, register on with a clean email account that you also only access through Tor and pay for it with buttcoins that can't be traced back to you, you might as well just attach your real name to every single packet you send through Tor.

No doubt. The NSA are really leaps and bounds beyond any other three letter agency when it comes to cyber security.

For real, these niggas don't play games. I wonder how many routers are being sold to the public...

Attached: Screenshot_2018-06-12-14-46-40.png (720x1280, 346K)

>ITT: Tech illiterate Jow Forums flood users left over who try to LARP as v-knowledgeable hackermen give poor advice to one of their own, whilst trying to emulate the Jow Forums of old.
Yes, it works, your data is encrypted and routed through nodes, like a proxy.
However, your ISP can see you Tor traffic, not the content, or the real end point, only the last node.
The only real issue is JavaScript (which you should have disabled) and traffic analysis, however, to do this they need both the entry and exit node, which is something along the lines of 1 in 2,000,000, so pretty unlikely.
As for VPN the encryption aspect isn't really the meat of it, it is about "noise", if you host your own, they only need access to the VPS, whereas if it is a public VPN, who loads of people use and doesn't keep logs, then you're mostly golden as there is so much "noise" from the other users.
Pro-tip: You can never be 100% anonymous, its just about how much data you leave behind and whether it is encrypted or not.
Remember, all encryption can be broken, it's just about how much effort or time it'd take.

>LARP
>Live Action Role Play
>on a turn-based Peruvian political poster-weaving forum

Pretty much this post.

>turn-based
You're golden boyo, that's the funniest way I've heard it described.
Fyi, n00b, if you want to have "secure" Buttcoin, tumble it before paying for your VPN from a public IP, the email isn't really the issue, but shouldn't be connected to you.

I remember reading an article about how they caught Dread Pirate Roberts. For months the FBI were chasing shit around trying all these stings to try and infiltrate his organisation. All it took was a joint agency conference and in four days the NSA supplied the FBI with the exact location and data centre of the server of The Silk Road. Shit's insane, they cut through TOR like butter in a weekend, shows that they have done it before.

All this means jack shit if the hardware is compromised either through 0-days or physical access and modification. Sad the CIA/NSA has to baby around the FBI so much it holds them back from doing their job.

Remember the iPhone thing?

It's effective enough if you assume that sites do not share IP addresses along with metadata and block ad providers and social network site addons.

God, does the FBI need to have their hand held for everything?

Just be careful what hardware you use.
If you're doing something illegal, get a Dell Chadpad and boot Tails from universal serbial bus complaient solid state drive electyronic media storage device.
Not hard, n000b.

>He doesn't understand Tor the post.
LOL Fucking n00bs

Oh, also spoof your MAC, Tails comes with the option anyway.

What about the router and wire taps all over your room? I think in the end if you're really trying to hide shit it's best to go underground and stick to burners and hope to god there isn't a drone tailing your ass.

Yeah, but the actual thing that got him caught was poor OPSEC.
*shrug*

Use a public hotspot, or hack wifi and use a directional antenna from a mile away.
DUUUUH
DOn't thug if you can't thug lyfe

Attached: shrug.jpg (384x313, 82K)

Wasn't it just Roberts being a moron and fucking up the configuration of the hidden service, allowing the NSA to probe for the server's real IP?

Part of it, yeah.

To many Jow Forums fags on Jow Forums. Good and constructive info/dialogue is invited and thanked, but this trash is nasty.

Fuck of you fucking kike this isn't r/hugbox.

>do I need other mechanisms to become 100% anonymous
well, for once, I hope you're using disposable rubber gloves to cover your fingerprints?
Don't forget to mask your face too.
Because, if something goes wrong, you can be sure that no one will be able to prove that YOU were using this computer.

godspeed user; and remember it's summertime

Attached: lurp.png (652x518, 45K)

I must be a fucking bowling legend, I'm knocking these bitches down like ten-pin.

Why don't you go back to Jow Forumskikebox?

Attached: flexlyfe.jpg (867x1390, 106K)

>he doesn't spoof his MAC so he can't just throw it in the dumpster and walk away
n00000b

>As for VPN the encryption aspect isn't really the meat
You are fucking retarded, one of the main reasons to use a Tor -> VPN is to protect yourself from bad exit nodes

>Not just using incognito mode

Pleb

Everyone knows that MACs are backdoored.
Apple monitors everything.

Why do you care so much about being anonymous? Are you doing something illegal, user?

1) Install and run Tails on bootable USB Drive.
2) Enable no-script.
3) Disable JavaScript.
4) Never transmit any personable identifiable information
5) ???

All hidden services that have ever been compromised were due to poor OPSEC and JavaScript exploits. Once a hidden service becomes popular, it becomes increasingly difficult to secure and protect classified information as the more people that are involved the more opportunities for mistakes. Look at SilkRoad, the founder literally left steps for the FBI to find him easily. Keep your shit tight.

>using MAC instead of thinkpad

Him also using his personal email address to ask for help on stackoverflow and to shill his website on forums didn't help either...

I'm pretty sure the implication (of OP) was about pure usage, ie: EITHER Tor or VPN
Either way, a bad exit node isn't really an issue, without a bad entry node.

Ofc, ofc.

>got the joke, but still needs to autism correct you
en.wikipedia.org/wiki/MAC_address

>tfw people boast about how much they care about user privacy but probably have an NSA agent jerking off in one of their datacenters to every girls nude pics.
I envy him.

Attached: 1517879319661_0.jpg (920x922, 91K)

What a retard.

He probably started using drugs himself which the biggest no-no for any drug dealer.

Just actually read the OP, you're right, the implication is Tor and VPN.
In which case, I'd go with VPN->Tor, to protect from a suspicious ISP.
ALTHOUGH, you don't even need to worry about that if you're doing something naughty, you just use public WiFi with an antenna so you aren't near the area.

>tripping on LSD whilst trying to sysadmin
Mhm, I wonder what went wrong.

As in, Tails+MAC Spoof -> antenna -> Tor over public hotspot or hacked cafe wifi -> VPS -> attack vector

VPNs are not needed whatsoever, the protocol of TOR itself encrypts data. All a VPN does is hide the fact you are using TOR from your ISP, which is unneeded. Thousands of people use TOR.

Does anything even leak PC's MAC?
I don't think so

Wow, what took you so long agent smith?

I mean, they can still see Tor traffic, which might (will) make them suspicious.

>I don't read the information linked to me
en.wikipedia.org/wiki/MAC_address#Spying

>t. an uninformed retard
He was just idiot who doxxed himself through stackoverflow.
also google what is correlation

It never was tor

So, does it?

Attached: Miley+Cyrus+Bangerz+Record+Release+Signing+aTXDEebynBpx.jpg (751x1024, 229K)

Tell that to the harvard kid who sent a bomb threat through Tor and was caught because all exit nodes' IPs are public and because he was the only one using Tor in the dorms at the time the threat was sent.

>Remember, all encryption can be broken, it's just about how much effort or time it'd take.
Technically true but not really, thats why the nsa puts backdoors in everything, because they dont have the billions of years to break things like aes 128

That is true, but they could also see that you use TOR through public/private VPNs if they so do desire. All VPNs to my knowledge are required to store this data even if they are advertised as private.

>Operating poor OPSEC, he deserved it.

>Technically true but not really
>What does technically mean again?
>because they dont have the billions of years to break things like aes 128
So it CAN be broken in billions of years, well then, I guess it can TECHNICALLY be broken.
Fucking idiot.

quantum computer can break any encryption in minutes.

How does the exit node get his IP address? I thought that the exit node would get the IP address of the previous node encrypting information to it.

Youre implying that encryption is somehow a weak point when its probably the strongest part of this whole equation and the least likely to fail to snooping

A fully generalizing quantum computer, yes, but we don't have those yet and wont for quite a long time (if ever).
Again, Jow Forums friend, don't speak unless you know what you're speaking about.
Also, there is something called post-quantum cryptography.

>quantum computer
>works in theory, not in application

Decades away and even then you can double the key size to delay it another decade. And that can stall until you have quantum encryption

Well, Mullvad stipulate that they keep NO logs and VPN companies who stipulate that they keep no logs have been pressed before by letter agencies and have given up nothing, citing that they: "have nothing".
Also, the only reason I say that is because they could fingerprint the amount of data sent (or received).
So say a suspicious ISP logs your session and they see you've sent: 150 bytes (I'm only using this an example).
Now, in this session you hacked some company and a letter agency is after you.
They cease the VPS you used to stage the attack, which is trivial.
They see it received 100 bytes of data.
Now, they can probably figure out what method(s) you used to pull his hack off and emulate it through Tor to a VPS and see that this adds 50 bytes at the start of the chain.
Then can now ask any ISPs whether they've logged any Tor traffic that sent 150 bytes of data.
There'll probably be a couple of these, so all they need to use now is quantitative analysis.
Whereas if you use a VPN, which companies use too, they'll be less likely to correlate it.

If anything, I said the exact opposite, re-read the original post.

>they don't have those yet
except they do
It's just hidden from public

>*cease = seize
I keep typoing this, ffs.

Not his IP address, the IP address of the exit node itself.

The IPs Tor exit nodes are publicly available, so when the police saw that the thread was sent from Tor exit node IP they just went and checked if anyone was using Tor within the college at the time it was sent and it turned out he was the only one doing so.

No, they don't, I had a friend who worked for a certain letter agency and he confirmed that they DO NOT have a fully generalizing quantum computer.

The exit node can do a man in the middle attack and inject some bad HTML or JavaScript and own you.

This is why I only us the tor browser off a read only boot disk and through a encrhpted proxy.

The agencies operate thousands of tor nodes monitoring the encrypted routing of traffic and such.

Ah, I see.

Is this sarcastic, or?

>he doesn't disable scripts

No, you gave a reasonably good argument for using them.

Thanks for clarifying, I have Asperger's you see.
Fyi, I scared myself when thinking about this method of traffic analysis. :(

No. Internet is not anonymous anymore since 20 years ago.

>traffic analysis, however, to do this they need both the entry and exit node
This is only half true. It can also be done with someone owning the entry node /and/ the site your visting, and then comparing traffic that way. Also, I vaugely heard that owning just 1% of all total nodes can allow you to carry out traffic correlation attacks, however I can't source this.

True, that's an interesting take on it.
Although I find the 1% figure dubious, but it certainly adds a vector.
Also another good reason to use a non-logging VPN.

No I am not

>he does not understand Tor bundle has hardened Firefox

>A friend would risk his well being to reveal sekrets of top spying agency
larping faggot
They do have.
Triple letter agencies must be at least a decade ahead of public to make everyone """secure"""

No, they don't and if they did use it, they would have to reveal the method, you idiot.
You know, like how when they found a method for deanonymizing people on Tor, but had to drop the case because the judge demanded that they reveal the method to decide legality.
Then again, I wouldn't expect a Jow Forums fool Plebbitor to actually engage their brain above conspiracy theories.
Point being, they don't have and if they did, they could only use it once before having to reveal the method to make any use of it.
Also, he's now in prison because he literally went insane.

>believing mentally ill friend
And you're calling me a brainlet...

Of course they have quantum computers. And no one is deanonymizing anyone on tor.
Agencies just use baits and correlation. If they knew that maybe methods they got info weren't good enough or most likely all they had was correlation; and that's not enough for the judge.

Stop larping m8. You have no friends, probably it's you who is mentally ill.

>And you're calling me a brainlet...
He wasn't mentally ill at that point in time, he got mentally ill because he failed a psychological evaluation so they blacklisted him.
>Of course they have quantum computers
Do you even know what a fully generalizing quantum computer is?
>And no one is deanonymizing anyone on tor.
Literally JavaScript can, you moron.
In fact, traffic analysis between an entry and exit node can, you moron.
>Agencies just use baits and correlation
Partly, but this is entirely a moot point.
>If they knew that maybe methods they got info weren't good enough or most likely all they had was correlation; and that's not enough for the judge.
Literal bullshit.
>Stop larping m8. You have no friends, probably it's you who is mentally ill.
Friend, you don't even know what you're talking about, I wouldn't start before I humiliate you in your only social setting.
Incidentally:
>lmgtfy.com/?q=FBI drop Tor case
Now, I'll wait for you to pull more shit out of your ass and act like you know what you're talking about.

>he wasn't mentally ill
>I swear! I'm psychologist and I would have diagnosed him with retardation!
>he wasn't!
I think you both are.

>that 30yo boomer who tells lies to pretend being relevant
so funny

Attached: 1490895536882.gif (320x384, 2.23M)

>I think you both are.
He has Asperger's syndrome, which made him unstable, but the agency he worked for has a hiring policy for autistic people because of their drive and visualization abilities.
>so funny
Do you know what is funny? You know you've lost the argument (because you posted no points to refute, because you have none) and so start attempting to insult me.
Pretty amusing.
So, when're you going to stop being a child and find a different thread?

>believing anything Asperger's has to say
omg, this is gold...

>you lost!
No, sweetie, I discarded your posts the moment you said your friend has mental illness.

Any tips for browsing lolifox's /lg/ onion site? Now that the clearnet site is down i wanna browse the onion one but idk...

>omg, this is gold...
It's pretty common in analytical roles, but you'd know that if you weren't some retarded Jow Forums tween.
>No, sweetie, I discarded your posts the moment you said your friend has mental illness.
Well considering your point faltered a full post BEFORE I fully mentioned that, in fact, it was only partially mentioned at the end of post, I think you're just being salty and disingenuous.
Point being, your argument is rubbish and your claims about the viability of QC in the modern era is laughable.
Sure, we have QC, but they're primitive, even in research universities who focus nearly all of their time and resources on revolutionizing the technology.
Please just stop, it's rather sad.

>burgerstan is hiring mentally ill people
hahahaha
>he literally went insane
What could that mean...
If you follow my post just after your's you mentioned here you'll see that I immediately assumed your friend has mental illness.
No one with right mind just goes insane.

Your post contains no information, only empty words.
So, instead of replying in a cogent manner:
>hahahaha
2u2

>this thread
why are so many of you so retarded? We've gone over the silk road story and every other bust literally hundreds of times, the Tor network itself has never been broken. It always comes down to OPSEC every single time.

But yet, there's going to be more threads in the future trying to discredit the network. fuck off

Actually, there is 1 fault, that being entry and exit node traffic correlation.
But it is very unlikely to occur to someone.

Hidden service traffic doesn't even go through exit nodes. I don't know why you'd try using Tor to access clearnet sites unless you like looking at captchas you can't solve or blank pages.

What about a compromised hidden service redirecting traffic into the clearnet?

whos this qt?

yes, there are many attacks that would theoretically work, but none have been used in an actual bust (that we know of).

I've been using Tor daily on my home network for >2 years now for privacy. Once you get used to it, it's quite nice for browsing Jow Forums, reading news, and just general web browsing. For blocked pages, I use a web proxy to browse the site which bypasses it.

That wouldn't do anything if it's literally just redirecting Tor traffic. There was a CP bust where FBI took over a site, embedded either flash or javascript into a picture or PDF (I can't remember the details), and it then phoned the actual IP address to an FBI server when opened.

My wife's girlfriend.

That's what I was doing when I realised that you have mental illness.