Disable Javascript. Enabling it makes you traceable. Run a Temporary profile in Firefox - otherwise cached images will make you traceable. Connect from your neighbors wifi (the further from your home the better, really) with a spoofed MAC address running from a write-locked USB live distro - this ensures you're protected from the unknown unknowns.
Or just use the Tor Browser - ideally with the High security setting. Other browsers don't have the same anti fingerprinting and first party isolation defenses.
Tor crypto guarantees an E2E connection to an entity possessing a key which matches the onion address which you sought to access. That's a benefit over DNS/TCP/BGP :-)
Its not secure. "Everyone" knows that. Everytime a drug market is taken down or a pedophile ring is busted, the investigators from FBI always claim it was some dubious mistake from the admin whic lead to it. But we all know they have discovered a vulnurability in the TOR protocol but won't disclose it.
Safe browsing guys
//edit: if you want extra security. Launch TOR from a remote desktop. And I am not talking about the ones you buy from known VPN providers like NordicVPN or amazon web services.
I guess I'm not everyone. I'd bet that the majority of the 'busts' are due to:
a) Infiltrating chats where people are more likely to share sensitive information / trust the people they're talking to
b) Poor configurations/ setups on either the client or server (client browser bundle has noscript, but it's not on the strictest settings, js is enabled iirc)
c) Exploitation of client or server due to out of date versions, things like that
Historically I think it's always fallen into one of these cases - and not just what the FBI etc say publicly but we've seen these exploits ITW. I wouldn't be surprised if the NSA and other agencies have the power to deanonymize TOR users but if it were trivial why is the majority of TOR traffic still going towards illegal content? Last I read (a paper a year ago) TOR is still primarily all about drugs, followed by child pornography (mostly drugs though iirc). If they can track all of these people by breaking TOR completely... why don't they?
Basically, he posted to stack Overflow using his own name and email address with code that was Silk Road was using. He quickly changed his username, but it was too late.
You don't need anything that isn't already publicly available: see every security bug reported on the mailing list, and reliable hop tracing via coordinated parties recording traffic (Tor's version of Bitcoin's 51% problem).
That said, it's still the most reliable limited-anonymity provider I know of.
> //edit: if you want extra security. Launch TOR from a remote desktop. And I am not talking about the ones you buy from known VPN providers like NordicVPN or amazon web services.
No, if you want extra security use Qubes OS with Whonix (it comes with it by default) for isolating the Tor process in a single VM and the browser in another - thereby prohibiting any leaks, unless an adversary has a VM escape RCE.
>But we all know they have discovered a vulnurability in the TOR protocol but won't disclose it.
Really? Perhaps you could explain how every single one of us found out it is true? Maybe every single one of us has a friend working in the NSA who was willing to tell us, even though he could go to jail for giving away such a secret?
[...]and they provide additional guarantees that readers are connected securely to our website.[...]