Porteus

In the general thread on security:
http://forum.porteus.org/viewtopic.php?f=113&t=2358
I came up to get some advice on the Tor package, and refferred to some hyperlinks on the topic:
Tor (anonymity network)
https://www.torproject.org/projects/torbrowser.html.en
https://www.torproject.org/

I found the slackware binary package on pkgs.org:
http://pkgs.org/slackware-13.37/slacker ... /download/

tor - tor (The onion router)
Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.

To work properly the time on your linux box has to be set properly, you can use slaxmax procedure:
http://forum.porteus.org/viewtopic.php? ... 32#p17532

the command timeconfig. I set hardware clock to localtime and timezone to America/Sao Paulo. This edits the file /etc/localtime.
And I created a module for this.

Good paper on tor. It comes bundled with firefox:
http://www.pcworld.com/article/2686467/ ... ously.html

As I am looking for some more information on the software, I would appreciate the comments of those that have some experience with using the package.

In TOR, there is 2 types of servers.

1) The TOR transit node:
This type of server is designed for transmitting information between many countries and make harder the look up of the information's origin. This type of server is highly popular as it is generally make any risks for his owner because there is no information in clear that go in/out from this server. That's just a bridge between one TOR server and another.

2) The TOR exit node:
This type of server is less popular but without this one, we would be happy to access Internet. All information that go in this server from another TOR node are directly sent to Internet in clear. This type of server is not so popular due to danger it may causes for its owner. When you are accessing to a website like porteus.org, your request to sent to our server through this 'tor exit node' and not the 'tor transit node". We'll see the 'tor exit node' ip address and not your.

Tor seems to work ok on Porteus. I installed and tested it (version 0.2.3.25).

Here is how to do it for Porteus: As root download it from torproject.org (linux version), it is a tar.gz file, already compiled. Unpack it and move it to rootcopy/home/guest and do chown -R tor-browser_you-LAN and chgrp -R tor-browser_your-LAN.

Now log out from root and login as guest; then you must set your clock that UTC is correct. I have to increase 4 hours to get Universal Time Coordinated in Santo Domingo. If you don't do it Tor will not start!

Now go to /home/guest/tor-browser_en-US/ and doubleclick on star-tor-browser; the Vidalia Control Panel appears and takes some time to browse the world-wide-tor-network. After that you can browse the net with firefox, chrome or whatever with a simulated identity that you can change from control panel as desired.



Using tor I connected to porteus and took a snapshot of my simulated location (middle of the US); but I am on the Caribbean!

Many things won't work as security measure (youtube!)

Using Tor protects you against a common form of Internet surveillance known as "traffic analysis." Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests. This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are. For example, if you're travelling abroad and you connect to your employer's computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.

How about that!

Cheers!

So your citation is really an incentive to use the tor browser!

For those who are not afraid of running Porteus as root, there is a hack for it: Open the start script and search the word "root"; comment out from the if to the fi all four lines. Save the file; click on it and you are using the tor-network as root.

Enjoy!

Keep in mind that Tor is not as totally anon as you might think. You need to exit the Tor network at some exit node. In some cases this could be a government or even malicious exit relay and your movements could still be tracked. As usual, always use https where possible when accessing email or anything sensitive. Security through obscurity is never the best option, but it's better than nothing.

Privacy............no comment......look here:

http://en.wikipedia.org/wiki/Local_shared_object

http://en.wikipedia.org/wiki/Device_fingerprint

http://en.wikipedia.org/wiki/Javascript scroll down to "Use in web pages / Security"

http://en.wikipedia.org/wiki/Internet_privacy

............. .............

With tor you are advised not to have any app or extension at all, this means no flashplayer, no javascript, no nothing. You have to stick to https addresses. That is why the tor webbrowser based on firefox10 is said to be a better option.

An article in pcworld about tor webbrowser (for your wread):
http://securitywatch.pcmag.com/security ... does-it-do

Flash player could be replaced by html5, according to tor manual:
Comparison of HTML5 and Flash

However, the more I read your reference on privacy, the more I have the impression that I am already spied by Big Brother. The only solution, back to reading on hacktivism, here is a french title:
http://www.hentati.tn/Amaelle%20Guiton_Hackers.pdf
and there you find two titles in english:
https://www.google.ca/url?sa=t&rct=j&q= ... 9tUIzYb_ZQ
http://www.fraw.org.uk/files/hacktivism ... tivism.pdf

Book review:
http://projects.chass.utoronto.ca/semio ... tivism.pdf

And here is a bibliography of both hacktivists and antihactivists:
http://www.fraw.org.uk/files/hacktivism/index.shtml

@francois

Don't panic,
it's just information for anyone ,so you can think twice
what you do on the internet and what better not.

about the Book:
Unfortunately, up to now I could not find any translation.
--------------------------------------------------------------------------------
Note, the following is just personal thinking, not facts.
I think:
Each government collects as much information as possible about their population
and store them in a huge Database.But no one will take a look at it,
until you become a "person of interest"

The advertising industry, which track us, is annoying,
but we will never get rid of them.
On the other Hand, would there be the Internet as we know it,
without their financial power?

I am not scared at all. You could hardly be a citizen as good as I am.

Though I do not like the idea that someone can look into my computer underpants.

The best thing I find is that with every login you get a new IP. Right now, Tor says: "Your IP address appears to be: 5.135.54.64".

If they (spy-watchers) decide to send me spam based on my apparent IP in one hour, the spam post will be sent back with a note that could not be delivered. I gotcha!!

I will use to see if the spam mail will get less... 8)

Updated my post citing two english publication on hacktivism.

P2P and illegal copy of material. Your internet provider is looking at what you download:
http://lifehacker.com/371653/caught-dow ... alnow-what

See tor button on chrome and firefox as ways to protect your privacy, when using p2p:
http://lifehacker.com/372633/protect-yo ... ownloading

ENCRYPTION,ENCRYPTION,ENCRYPTION,

always bear in mind, at the Tor exit nodes is plain text, and everyone
( three-letter-agencies ) can own some exit nodes.

@francois
Thanks for the updated links, reading some will put back a smile on my face.

I am using TOR now with a german IP, look at this:



Schön, nicht wahr?

And now I got a russian IP, look at that:



From Russia, with love!