NoGoolag
4.52K subscribers
13K photos
6.79K videos
582 files
14K links
Download Telegram
Tor Browser

Private browsing without tracking, surveillance, or censorship

https://www.torproject.org

If the link above is censored in your country try:

https://tor.eff.org/
https://tor.stalkr.net/
https://sela.io/mirrors/torproject.org/
https://mirror.freedif.org/TorProject/

if these links are all blocked too:
Step 1: Send a request to GetTor (gettor@torproject.org) specifying your operating system (and your locale). Ex: "windows es"

Step 2: GetTor will send you back a reply with links to download Tor Browser from our supported providers.

FAQ:
https://support.torproject.org

Documentation:
https://2019.www.torproject.org/docs/documentation.html.en

An attempt to document commonly believed misconceptions about Tor
https://github.com/epidemics-scepticism/writing/blob/master/misconception.md

Download

https://www.torproject.org/download

📱 Android

https://www.torproject.org/download/#android

Google Playstore
https://play.google.com/store/apps/details?id=org.torproject.torbrowser_alpha

Fdroid status:
https://gitlab.com/fdroid/fdroiddata/merge_requests/4676
https://trac.torproject.org/projects/tor/ticket/27539

On Guardian Project F-Droid repo
https://f-droid.org/app/org.torproject.torbrowser_alpha

💻 PC (*nix):

Don't use the packaged version of your distro, it may be old and it installs as any other binary, meaning there could be a greater data leak if someone has physical access to your pc.

If the executable file doesn't work, open a terminal in the same directory as the .desktop file and type chmod +x start-tor-browser.desktop

-> use obfs4 bridges if your country throttles/blocks Tor
-> if your country has DPI try the meek-azure bridge
-> if meek-azure is broken (you're in xinjiang etc) meek-amazon sometimes works
-> otherwise if you're in xinjiang you're doomed


📡 @NoGoolag 📡 @Libreware
#tor #browser
Obscurix: Linux Live System for privacy, security and anonymity

#Obscurix is a new open source #Live operating system based on #Arch #Linux. Obscurix attaches great importance to your #privacy, #security and #anonymity on the net. The live operating system routes all your traffic quite securely through the #Tor# network and also supports many other networks like #I2P and #Freenet.

Privacy, Security and Anonymity
To get it straight up front: Obscurix does not want to be a Linux operating system for pentesters. Even if you mainly want to play games on your computer, you better find something else. Obscurix is simply a secure and easy to use live operating system. In addition, the developers have done a lot to make it resistant against various forms of tracking and #surveillance. As a user you don't have to configure much, which makes it easy to get started.

One of the big differences between this and other Linux operating systems is the special focus on privacy, security and anonymity. Therefore Obscurix is not an operating system that you should install on your hard disk. As a pure live operating system it runs only in the memory of your computer. During shutdown the #OS automatically deletes all digital "traces" that third parties could otherwise evaluate later.

Continue on:
https://tarnkappe.info/obscurix-linux-live-system-fuer-privatsphaere-sicherheit-und-anonymitaet/

👉🏼 Obscurix:
https://obscurix.github.io/

👉🏼 ObscurixOS TG support group:
https://t.me/Obscurix_OS

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
InviZible Pro

Telegram channel: @InviZiblePro

Telegram group: @InviZiblePro_Group

Wiki: https://github.com/Gedsh/InviZible/wiki

Download: https://github.com/Gedsh/InviZible/releases

invizible.net

InviZible Pro is an open-source android application. It can protect your internet privacy and security with well-known solutions such as DNSCrypt, Tor and Purple I2P which are used as modules. You can use them all together or activate only one or two at once. InviZible app combines its potential in the best way to achieve comfortable and secure use of the internet.

All application features can be used with root access which gives full control over your android device and power for InviZible to protect your information.

There is a way to use InviZible basic functions without root in combination with those applications that are available to create own local VPN tunnel or use a proxy. Something like NetGuard firewall, personalDNSfilter DNS filter proxy, Firefox browser, Telegram messenger.

InviZible can be used to block ads, malicious sites, and prevent your tracking. Also, you can get access to all blocked Internet resources, Dark Net (onion sites) and Invisible Internet (i2p sites). InviZible helps keep your freedom.

InviZible application is very flexible and can be used by everyone with the default setting. This is usually enough to protect your basic privacy and security. But if you want ultimate protection - no problem. You can configure many useful options to protect yourself better and smarter.

InviZible is compatible with the AfWall+ firewall.


📡 @NoGoolag 📡 @Libreware
#invizible #dns #dnscypt #i2p #tor #privacy #android
Tor vs VPN | Which one should you use for Privacy, Anonymity & Security.

Ultimate comparison between Tor and Virtual Private Networks.

Watch it via:
👉🏼 YouTube
OR
👉🏼 Invidious
OR
👉🏼 BitChute

Get TOR: https://www.torproject.org


📡 @HowToBePrivateOnline
#tor #vpn
How to stop the onion denial (of service)

As you might have heard, some onion services have been experiencing issues with denial-of-service (DoS) attacks over the past few years.

The attacks exploit the inherent asymmetric nature of the onion service rendezvous protocol, and that makes it a hard problem to defend against. During the rendezvous protocol, an evil client can send a small message to the service while the service has to do lots of expensive work to react to it. This asymmetry opens the protocol to DoS attacks, and the anonymous nature of our network makes it extremely challenging to filter the good clients from the bad.

For the past two years, we've been providing more scaling options to onion service operators, supporting more agile circuit management and protecting the network and the service host from CPU exhaustion. While these don't fix the root problem, they provide a framework to onion service operators to build their own DoS detection and handling infrastructure.

Even though the toolbox of available defenses for onion service operators has grown, the threat of DoS attacks still looms large. And while there is still a bunch of smaller-scale improvements that could be done, we believe that this is not the kind of problem that a parameter tweak or small code change will make it disappear. The inherent nature of the problem makes us believe that we need to make fundamental changes to address it.

In this post, we would like to present you with two options that we believe can provide a long-term defense to the problem while maintaining the usability and security of onion services.

The intuition to keep in mind when considering these designs is that we need to be able to offer different notions of fairness. In today's onion services, each connection request is indistinguishable from all the other requests (it's an anonymity system after all), so the only available fairness strategy is to treat each request equally -- which means that somebody who makes more requests will inherently get more attention.

The alternatives we describe here use two principles to change the balance: (1) the client should have the option to include some new information in its request, which the onion service can use to more intelligently prioritize which requests it answers; and (2) rather than a static requirement in place at all times, we should let onion services scale the defenses based on current load, with the default being to answer everything.

👀 👉🏼 https://blog.torproject.org/stop-the-onion-denial

#tor #onion #DoS #attack
📡@cRyPtHoN_INFOSEC_DE
📡
@cRyPtHoN_INFOSEC_EN
📡
@BlackBox_Archiv
📡
@NoGoolag
Nonprofit Behind Tor Browser Asks for Corporate Sponsors to Help It Stay Afloat

After a round of layoffs in April, the Tor Project looks to corporate sponsors for financial help, but these benefactors will have no say in the group's decisions, it says.

After going through a round of layoffs, the nonprofit behind the privacy-enhancing Tor browser is looking to corporate sponsorships for an infusion of cash.

The Tor Project’s new membership program, announced today, allows the private sector to financially support the nonprofit’s work. In exchange, corporate sponsors can tout their association with the Tor Project, which is known for fighting for digital privacy and helping users bypass online censorship.

The first five sponsors are antivirus vendor Avast, search engine DuckDuckGo, secure OS provider Insurgo, Mullvad VPN, and cybersecurity company Team Cymru.

Back in April, the Tor Project cut 13 staffers, citing the economic impact from COVID-19, which left the organization with 22 employees.

https://www.pcmag.com/news/nonprofit-behind-tor-browser-asks-for-corporate-sponsors-to-help-it-stay

#Tor #Project
You are not anonymous on Tor - Last February, my Tor onion service came under a huge Tor-based distributed denial-of-service (DDoS) attack

I spent days analyzing the attack, developing mitigation options, and defending my server. (The
Tor service that I run for the Internet Archive was down for a few hours, but I managed to keep it up and running through most of the attack.)

While trying to find creative ways to keep the service up, I consulted a group of friends who are very active in the network incident response field. Some of these are the people who warn the world about new network attacks. Others are very experienced at tracking down denial-of-service attacks and their associated command-and-control (C&C) servers. I asked them if they could help me find the source of the attack. "Sure," they replied. They just needed my IP address.

I read off the address: "152 dot" and they repeated back "152 dot". "19 dot" "19 dot" and then they told me the rest of the network address. (I was stunned.) Tor is supposed to be anonymous. You're not supposed to know the IP address of a hidden service. But they knew. They had been watching the Tor-based DDoS. They had a list of the hidden service addresses that were being targeted by the attack. They just didn't know that this specific address was mine.

As it turns out, this is an open secret among the internet service community: You are not anonymous on Tor !!

💡 Threat Modeling

There are plenty of documents that cover how Tor triple-encrypts packets, selects a route using a guard, relay, and exit, and randomizes paths to mix up the network traffic. However, few documents cover the threat model. Who can see your traffic?

👀 👉🏼 https://www.hackerfactor.com/blog/index.php?/archives/896-Tor-0day-Finding-IP-Addresses.html

#tor #onion #service #zeroday #DDoS #attacks #anonymous #poc #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡
@cRyPtHoN_INFOSEC_EN
📡
@BlackBox_Archiv
📡
@NoGoolag
Forwarded from Privacy Matters 🛡️
How to use Whonix | TOR Tutorial Part 2

Whonix is the safest way to be online and surf the web. Learn how to be anonymous and private with Tor Tutorial Part 2.

📹 Watch it via:
YouTube || Invidious || BitChute

• Part 1 of TOR series: HERE

• Download Whonix: HERE

📡 @howtobeprivateonline
#TOR #Guide #Privacy #OS
The Tor Project - Nigeria may shut down the internet as #EndSARS protests continue

If our website is blocked, you can still download Tor Browser. Email gettor@torproject.org stating your operating system. GetTor will send links to download Tor Browser from our supported providers.

If your ISP or government is trying to block access to the Tor network, you can use a Tor bridge to circumvent censorship. If you already have Tor Browser installed on your computer, select 'Tor is censored in my country,' then click 'Request a bridge...

https://nitter.net/torproject/status/1316455841294217216?s=19

#nigeria #censorship #tor #download
📡@cRyPtHoN_INFOSEC_DE
📡
@cRyPtHoN_INFOSEC_EN
📡
@BlackBox_Archiv
📡
@NoGoolag
Forwarded from Privacy Matters 🛡️
Media is too big
VIEW IN TELEGRAM
How to use Tor on your phone

In this anonymity tutorial, you'll learn how to use Tor on your phone - both Tor Browser and Orbot on Android, and Onion Browser on iOS.

📹 Watch it via:
YouTube || Invidious

🌐 Get TOR for:
• Android via: Website || F-Droid || Play Store
• iOS via: Apple Store

📡 @howtobeprivateonline
#TOR #Privacy #Guide #Browser #VPN
This media is not supported in your browser
VIEW IN TELEGRAM
Nipe - An engine to make Tor Network your default gateway

Summary

The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It is used by a wide variety of people, companies and organizations, both for lawful activities and for other illicit purposes. Tor has been largely used by intelligence agencies, hacking groups, criminal activities and even ordinary users who care about their privacy in the digital world.

Nipe is an engine, developed in Perl, that aims on making the Tor network your default network gateway. Nipe can route the traffic from your machine to the Internet through Tor network, so you can surf the Internet having a more formidable stance on privacy and anonymity in cyberspace.

👀 👉🏼 Download and install:
https://github.com/htrgouvea/nipe#download-and-install

#nipe #tor #routing #privacy #anonymity #tool
📡@cRyPtHoN_INFOSEC_DE
📡
@cRyPtHoN_INFOSEC_EN
📡
@BlackBox_Archiv
📡
@NoGoolag
No, the Darknet is not the stronghold of all evil!

The anonymization service
Tor can be used for good and bad, a study examines what outweighs. However, this goes a long way wrong.

To obtain information about the usage patterns of the Tor network, scientists Eric Jardine (Virginia Tech/USA), Andrew Lindner (Skidmore College/USA) and Gareth Owenson (University of Portsmouth/UK) operated about 1 percent of the Tor entry nodes for about seven months between December 31, 2018, and August 18, 2019, and studied the connections that were made there.

👀 👉🏼 https://www.pnas.org/content/early/2020/11/24/2011893117

#tor #darknet #study #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡
@cRyPtHoN_INFOSEC_EN
📡
@BlackBox_Archiv
📡
@NoGoolag
A mysterious threat actor is running hundreds of malicious Tor relays

Security researcher claims to have identified threat actor running thousands of malicious servers.
Researchers claims the attacker may be trying to deanonymize and identify Tor users.
Evidence suggests the attacker, tracked as KAX17, is sophisticated and well-resourced.
The Tor Project has removed hundreds of KAX17 servers in October and November 2021.
Since at least 2017, a mysterious threat actor has run thousands of malicious servers in entry, middle, and exit positions of the Tor network in what a security researcher has described as an attempt to deanonymize Tor users.

Tracked as KAX17, the threat actor ran at its peak more than 900 malicious servers part of the Tor network, which typically tends to hover around a daily total of up to 9,000-10,000.

https://therecord.media/a-mysterious-threat-actor-is-running-hundreds-of-malicious-tor-relays/

#tor
We are experiencing a network-wide DDoS attempt impacting the performance of the Tor network, which includes both onion services and non-onion services traffic. We are currently investigating potential mitigations.

https://status.torproject.org/
#Tor #DDoS
Ahmia (https://ahmia.fi) is a clearnet search engine for Tor's hidden services. By providing a search engine for what many call the "deep web" or "dark net", Ahmia makes onion services accessible to a wide range of people, not just Tor network early adopters.

TorBot is an OSINT tool with the main objective is to collect open data from dark web and with the help of data mining algorithms, collect information and produce an interactive tree graph.

#Tor #DarkWeb #OSINT #tools

https://github.com/DedSecInside/TorBot
NoGoolag
Photo
Quiet

Encrypted p2p team chat with no servers, just Tor.

https://tryquiet.org/index.html

https://github.com/TryQuiet/quiet

Currently in developpement stage so be cautious of your data

Quiet is an alternative to team chat apps like Slack, Discord, and Element that does not require trusting a central server or running one's own. In Quiet, all data syncs directly between a team's devices over Tor with no server required.

No email or phone number required, Unlike #Slack, #Discord, #WhatsApp, #Telegram, and #Signal, no email or phone number is required to create or join a #community.

End-to-end encryption, All data is #encrypted end-to-end between member devices, using Tor.

Channels, Organize chats in Slack-like channels, so conversations don't get messy.

Images, Send and receive images, with copy/paste, drag & drop, and image previews.

Files, Send and receive files of unlimited size!

Notifications, Invite links, Keyboard controls, Desktop apps

Android, Quiet works on Android, and F-Droid support is on the way.

#E2E #Chat #Quiet #Tor