Using Tor in Order to Surf Anonymously

Hi everybody

I have just created a simple script used to prevent all outgoing packets from
bypassing TOR. It launchs TOR from a special user account and uses
Iptables to forbid all other users to access network. I hope this will
help you make sure no data will be accidently sent unencrypted.

This is a Linux version. I will try to make the same tool for Windows,
but it will take long time - I am much more skilled in Linux programming.

Alpha version is here:
Download from Deposit Files

Attention!

An important bug has just been found in TOR.
Everyone who use it please upgrade to Tor 0.2.1.22 or 0.2.2.7-alpha.
Read more: Blogs | The Tor Blog

Improving the TOR network

I think this would be a good opportunity to point out that everybody in non-censored countries also has to do their bit to support censor-free communication by providing enough TOR exit nodes.

I'm considering a little "media campaign", trying to drum up support in the students and expatriates communities to install TOR to help free communication. Please think about what you can do.

As for all the other programmes mentioned above - I don't and I advise you not to trust them! They are usually closed-source, and their creators have connections to US or other secret services. Need I say more?

anTon

I hear none of this stuff including the free VPN has helped the people inside Iran since they can't get it to work.

mentely Crucial

https://metrics.torproject.org/user...end=2011-02-16&country=ir&dpi=72#direct-users

The software was adjusted to deal with this. Bridges running the latest version of Tor are still needed, especially when the firewall is adjusted.

manage your identities and hacktivities

there's a few alternative systems that address
a number of different ideas ranging from simple
proxies that do a good job of bypassing censoring,
proxy rerouting and crypting data, but a poor job at
countering traffic analysis and at browser identity
protection, to the sophisticated projects like FreeNet
who view information in a totally different way but
have a high learning curve and low adoption rate.

both these strategies and most of the gamut in
between however don't address the real issue.
the bigger problem is to use existing protocols like
the http web, but to guarrantee anonymity.
now eveything on the web requires an identity,
and any kind of prolonged interaction with others
demand reputation capital, ie a virtual identity,
or pseudonym.

This means that everything on the communications
stack, up from the browser application down to the
routing of ip frames must be managed to crypt data,
avoid identity leaks, and obscure routing & location.

TOR attempts to do this. it succeeds quite well.

to wit, the only prior system specifically designed to
do this was Zero Knowledge System's Freedom.NET,
which I worked on. the project is now defunct, but
most of its good ideas, like multi-hop proxy clouds,
encapsulated encryption, traffic padding and routing,
multi protocol support, were ported to the TOR project.
some parts like pseudonym management were not, but
TOR improved the concept greatly by decentralizing
it, going peer to peer instead of relying on the trust
of a central party and single point of failure, and
by thus making every client a potential routing node.
it also innovated muchly with exit hop management
and private entry hop bridges. two features which
have been key in political censorship and crackdown
situations like iran and the arab revolts.

much kudos to TOR.

so the beauty of TOR is that it is designed specifically
for protecting your web identity, and thus is bundled
with a tightly integrated suite of user-friendly tools
that provide anonymous or rather pseudonymous
access on existing protocols at all layers of the
communications stack.

you can use pidgin for IRC. you can browse and use
webmail with FireFox. you can add GPG for encryption.

plus the tor bundled firefox tries to protect you from
tracking cookies and images and identity leaking plugins.

obviously it can't stop you from being stupid like
tagging friends' images on faceboook, etc. in TOR
this part, the identity management, has been left
as a caveat to you the user.

the lesson is a pseudonymous identity must be kept
anonymous at all times. learn to compartmentalize
your identities and hacktivities.

Naive bunch you are!

Do you honestly expect ordinary Iranians to really understand what the heck you guys are talking about - as I've already said on another thread you would need to have a comms qualification to follow what you guys are on about! You are supposed to be intelligent guys but it seems you are really naive!

No, proxies do not work in Iran - the IRI filtering system is far more intelligent than you think and it virtually blocks all the proxies instanlty - well, I have never managed to bypass filtered sites using a proxy anyway. It's far too elementry for the filtering package that IRI uses.

"Naive"? I think you have it backwards.

Naivety would be to assume that a "dumbed down" approach to anonymity won't be broken by the government. I understand the desire for simple solutions, but it'd be far worse to give people a false sense of security. Yes, Tor can be complex and difficult to set up, but Iranians are smarter than you think and I trust that the ones who are motivated enough, can achieve it.

bridge : 117.202.184.159:443 ADE4272A5C808D78953C3166D1B2E804F50CDCF7

Use TOR and HTTPS
https://www.eff.org/pages/tor-and-https