psychexplorer can you please explain how to do what you are talking about ...... in a way that even i can understand.......  ?

Cool Thanx .

Alternatively, if you do not want to install VirtualBox, or VMWare, and then install an OS as a guest system - you can do this.

Create a C & D partition. Install dual Windows, or dual Linux, or Windows on C & Linux on D.

Install Tor, or the Vidalia bundle, plus something like polipo, on the D partition Operation System, configuring it as appropriate.

Then follow psychexplorer post on the IE & Firefox browsers ONLY on the D partition OS = virtual OS.

Surf the Internet in Guest account D partition Operation System, with ALL Java, Active X, Flash, and other scripting disabled to protect yourself from drive-by website malware infection, and this blocks any scripts from running in your browsers that will harvest your IP, OS, and other info.

D partition Operation System can be fully encrypted with Truecrypt.

Once D partition Operation System is fully configured and working, Ghost image it to CD/DVD.

Have a wiping batch file written on the C partition Operation System, so you can wipe all of D, when you boot from the C partition Operation System if an emergency situation occurs.

Booting C partition Operation System, and reinstall Ghost image of D partition Operation System from CD/DVD.

Use D partition Operation System for Anonymity Online.

!@#$*((*&^%$#*PsychExplorer NO one EVER made it that simple for me, must've taken me, 6 months to work that out WITH HELP!!!

Very Good Stuff

thanx  Hyppy

I Agree Completely, GREAT IDEA!!! hint ..........on EVERY Leading PAGE of this Forum!!! certainly CANNOT Hurt

Alternatively, if you do not want to install VirtualBox, or VMWare, and then install an OS as a guest system - you can do this.

Create a C & D partition. Install dual Windows, or dual Linux, or Windows on C & Linux on D.

Install Tor, or the Vidalia bundle, plus something like polipo, on the D partition Operation System, configuring it as appropriate.

Then follow psychexplorer post on the IE & Firefox browsers ONLY on the D partition OS = virtual OS.

Surf the Internet in Guest account D partition Operation System, with ALL Java, Active X, Flash, and other scripting disabled to protect yourself from drive-by website malware infection, and this blocks any scripts from running in your browsers that will harvest your IP, OS, and other info.

D partition Operation System can be fully encrypted with Truecrypt.

Once D partition Operation System is fully configured and working, Ghost image it to CD/DVD.

Have a wiping batch file written on the C partition Operation System, so you can wipe all of D, when you boot from the C partition Operation System if an emergency situation occurs.

Booting C partition Operation System, and reinstall Ghost image of D partition Operation System from CD/DVD.

Use D partition Operation System for Anonymity Online.

The biggest problem with this approach for newbies (or the skilled, alike) is that it does not isolate Tor/Vidalia/polipo from the web browser. One key feature of the VM setup is that Tor cannot leak out via the usual Internet connection because of complete OS separation between it and something allowed to access the Internet. While a single system setup could be done with some gnarly firewall rules, the chance for a mistake, forgetfullness, or some up/down mayhem is too risky. Point an Internet-barred browser at another machine running Tor, and the isolation makes almost every conceivably likely worry go away.

The VM approach uses two systems booted at once.

There is a possibility for malware on the host OS to spread to the guest OS. This fear is overblown, for three reasons:

1. The host OS could come into contact with generic malware during normal usage. This malware is designed for general purpose cybercrime against 99.99% of the population. It is not going to jump into a VM, suck out all the private info, jump back into the host OS (the guest can't access the Internet, remember?), then send that information off to the authorities. The malware doesn't work for the authorities, it works for (generally) foreign gangsters more interested in automatically grepping through reams of data for email addresses and login credentials. Malware is so broadly written it won't even recognize the value of your drug bookmarks and saved chem papers.

2. Most people are already doing their clandestine stuff on a host OS. The VM is a step up in security, even if it isn't perfect.

3. Attacks on your clandestine fully-Torred persona can't be perpetrated against a host OS the men in black have yet to identify.

As for malware hitting the guest OS, that is highly unlikely as follows:

1. The guest OS is used for nothing other than limited web browsing and reading PDFs. The guest OS is not exposed to nearly as many vectors.

2. The guest OS knows Tor as it only connection to the world. As long as Tor remains anonymous and untraceable so too does the guest (with very crazy and implausible exceptions that normal people need not worry about).

2. The guest OS is completely isolated from the Internet, enforced by its lack of a gateway, as well as the gateway's unwillingness to route for it. There are more esoteric ways for malware in the guest OS to punch out through the regular Internet, but these can easily be solved at the router with default deny policies, IP/MAC filtering, and a switch which drops MAC spoofed packets.

3. Don't count on malware jumping from guest OSes to host OSes. It has been done as a proof of concept, but that requires software flaws in the virtualization platform. For this attack to be of concern, the guest must first be infected (highly unlikely on any Linux, let alone Linux with a bit of AppArmor) with malware specifically targeted to punch out of a guest OS, compromise your host OS, then phone home to big brother. The guys who can do this are the highest echelon of organized cybercrime gangs, who don't care about your drug synthesis, and government spooks, to whom the very existence of such capabilities is worth more as a secret than would be handing off a petty bust to the narcos. Paranoia on this count starts getting into the range of TEMPEST fears or fears that the NSA already can run Shor's against RSA and cut through all quantum-weak asymmetric cryptography. If they could, just like the malware, they aren't going to blow that secret busting somebody for dope.


Above VMs in the security ladder are dedicated systems booting off of write-once, read only media bearing your handwriting, saving data only to a well-encrypted USB device, also using another system as a Tor gateway. The dedicated system is nice for those who can afford it.

Above that the risks fall firmly into the tinfoil hat realm. TEMPEST, hidden keyloggers, swapped BIOSes, RSA breaks, etc. All of this stuff can be completely ignored because either it only comes into play after they've found you (requiring either stupidity or a Tor break) or is too guarded of a technique to let out or waste on a dope bust.

The vast majority of the battle is practicing basic computer hygiene and isolating the clandestine system from normal Internet access. Beyond that, worry more about a burglar breaking into your lab and your neighbor calling the cops to report a guy crawling in the window, bad gear starting a fire and bringing out the trucks, a drug dog sniffing the tweakers next door and eventually catching a scent from your vapor spewing distillation of drug oils, your girlfirend, etc.

Whether you choose psychexplorer, or my version is all academic. The ONLY relevant importance is to TEST your Anonymity Online once you have configured it all correctly as per se.

With TCPView v3.04 http://technet.microsoft.com/en-au/sysinternals/bb897437 and a good ethernet sniffer, you can detect any "so called leaks" and create your own HTML with all known IP sniffing scripts and run that within your TOR browser.

Use these sites for starters...

http://www.auditmypc.com
http://www.lagado.com/proxy-test
http://whatismyipaddress.com/proxy-check

This site uses scripting to grab your IP and Current Date/Time from your PC. http://proxytesting.net/

A leak plugging strategy today may fail next week after the next browser update or the next bug/exploit becomes known.

If the browser is firewalled off completely at the application level then it still remains vulnerable to exploits, plugins, and helpers running in a different process or using more esoteric phone home methods.

The leaks become much more hazardous when identity persists either with cookies outliving one browser session or sites storing data linked to pseudonymous handles. Somebody who thinks they're being careful with the proxies will be royally fucked when a long lived tracking cookie (such as Google's) leaks from their drug-laden proxy browsing to their innocuous normal browsing. That can then go on to contaminate something such as a personal, real-life Gmail account, which will preserve the dodgy queries and embedded page trackers for damn near forever. Governments have infected suspects with malware through the Internet before, and with proxies what they are, it will become a more common technique as time progresses and law enforcement becomes more sophisticated. Worrying about an exploit in a PM or an email would have been crazy talk five years ago, but it already happens now, and particularly interesting targets which can't be unmasked with a subpoena will see more of it in the future.

The only way to achieve anonymity with confidence is to engineer the system so it remains deaf, dumb, and blind about where it is, who owns it, and where it can connect.

There is no universal test and there is no universal method for plugging all leaks at the application level. The only way to stop it is to kill the routing.

[VMware, OS]{TOR configured IE or Firefox via LAN} [TOR] <==TOR Network==> web site.

Since the browser is configured to connect via TOR, it's not totally deaf, dumb, and blind. Script, plugins, flash, allowed to run, can use the TOR networking to access the Internet.

Enough said! Good luck all.

---

http://ask-leo.com/does_using_a_virtual_machine_keep_me_safer.html
http://ask-leo.com/does_a_sandbox_or_virtual_machine_help_protect_your_privacy.html

http://www.zdnet.co.uk/news/security-threats/2009/06/09/virtual-machine-exploit-lets-attackers-take-over-host-39661637/
http://www.techrepublic.com/blog/tech-news/serious-vulnerabilities-found-in-vmware/1220
http://www.vmware.com/support/policies/security_response.html

http://seclists.org/fulldisclosure/2011/Jun/60

 I think its a matter of "how much, until Enough? "

   For Most members, running one of the more commonly used Tor based systems, would probably be quite sufficient.

   There are Several Free versions of Tor mixing services around, and easily found .

new firefox sucks i think im just gonna get the old, tor does not work on it, an as crap is the tor button sounds, its the easiest thing we have, it just doesn't work in FF5

 Shake, try JonDoFox, its is a good Tor program,and runs on Firefox5, just make Sure All cookies,plugins etc MUST be "disabled" whilst using the program,

   It can also be configured to either shut down after exiting from search activity, or Staying 'on' so that It WILL BE Started, Every time you start Firefox.....It can be a bit of a puzzle at first, but keep at the settings on our computer, while "refering Back to, their "Anonymity Tester" and you'll eventually get it to 'Light Up' All  Green, giving you the A Ok!

     Good luck, its only flaw for me is that sometimes it slows my download speeds nothing very serious tho
                 
                       Cheers All
               
                                   Hyppy

Just to clarify Wizard's post, if you want to be extra secure, you should really be setting up a VM which is configured with access to a virtual network device that directs all traffic through tor.  That way even if the VM is compromised with a virus of some sort that "phones home" it will still only see your TOR address.  Not really sure how you set this up in windows?  Anyone know if its even possible?

The VM will automatically be set up with a virtual network adapter unless the host PC has multiple physical network interfaces. The virtual interface operates at layer two, behaving to the OS as if it were a physical local interface. Whether the interface is virtualized or not will have no impact on the security, excluding some potentially kooky driver exploits that just aren't prevalent in the real world.

I think you are thinking about a virtual adapter which is tunneled to a remote endpoint. Such a setup is a different matter entirely. The security of that approach comes from the tunnel, not the adapter's virtualization.

You could route Tor traffic over an oubound tunnel, or you could socksify the tunnel and exit it over Tor to a remote endpoint on the other side, provided there are no deanonymizing trails between that endpoint and the user.

A pre-Tor tunnel is a good idea for the extra paranoid. Routing Tor's traffic out over an encrypted tunnel will mask evidence of your usage of Tor to any party with a wiretap on your physical line.

For most people, obscuring their usage of Tor is all it is good for. The typical tunnel endpoints are VPN services. The services available to an unconnected user on a reasonable budget are not subpoena proof, so if something leaks past Tor but on an outbound VPN, the authorities need only send off a subpoena to the provider, just as they would do against the user's home IP.

The reason it has to happen this way is that Tor uses SOCKS, not a virtual adapter providing a layer two interface. To exit via Tor, traffic must speak SOCKS. Software such as OpenVPN can both speak the SOCKS needed to exit via Tor as well as convert that to a virtual interface to route traffic which isn't over SOCKS or leaks past the SOCKS.

The problem with that is the endpoint. If traffic goes host->tunnel->tunnel endpoint->Tor, then a leak still exits at the tunnel endpoint and will leave the user potentially vulnerable. If traffic goes host->tunnel->Tor->tunnel endpoint, then the user must be damn sure his tunnel endpoint maintains his anonymity. If he purchased a VPN service with something like Bitcoin while operating behind Tor, then he has succeeded. If he uses his debit card to subscribe to a proxy service from his home connection, then the Tor is a useless intermediary.

The reason isolating the VM's routing works so well is that any leaks, whether from software which fails to use SOCKS properly, or phone home malware will all end up blackholed by an unroutable setup. Those who follow my instructions will be using a VM which can't find the gateway as well as a gateway which refuses to route for the VM even if it starts guessing gateways in injected packets. The only way traffic from the VM can exit is by speaking SOCKS to the local Tor/Vidalia/polipo installation which is aware of the LAN gateway and whose traffic is accepted by the router.

The VM isolation kills leaky traffic at level two, which acts to prevents all leaks, as nothing can get out without speaking proper SOCKS to the local Tor installation.

You can set this up cross-platform by simply nixing the routing.

OpenVPN also works cross platform. The Windows client is quite easy to use with VPN services which provide the config files and certificates. The OpenVPN installer will add virtual interfaces and modify the Windows routing table as appropriate.