Treat yourself to an easier experience with higher level evasion and less technical jargon with this simple guide. Tor browser is mistakenly assumed to be the only way to access Tor. We’re going to give you a brief overview of your other choices, with different use cases.
Whonix is “Debian” Linux run in 2 Virtual Machines (VMs) to contain malware and force all traffic through Tor:
You -> Workstation VM -> Gateway VM -> Internet
a. Easy to use apps! No special proxy configuration is required for apps, since it’s the outside gateway VM doing the proxy and NOT the VM you’re working in. So it’s just like regular Linux.
b. Live mode lets you test software and wipe it after
c. You get different Tor paths (called circuits) for each app.
a. Slower than Tor Browser due to needing TWO virtual machines. This means each virtual machine can’t have all your RAM and CPUs, it has to be split.
b. Glitchy keyboard with Cloak, may have to restart VM
c. The more private methods are harder to setup.
What kind of VM?
Oracle VirtualBox is easy to setup, but the copy-paste extension pack isn’t open source. Oracle is an NSA contractor and so this is a risk.
On the other hand, the more private virtual machine, called QEMU KVM, is a pain in the ass to setup with Whonix. There is a third alternative called Qubes, but you need a lot of knowledge and great PC.
a. Tails is designed to be run on a USB stick so it can isolate and dispose of whatever you’re doing. This provides strong isolation.
b. Unlike any other operating system, you can optionally run Tails with no sudo admin password. Meaning NOBODY can install software or do much. This is the gold standard of security.
c. You can have some things in persistent memory. So only SOME things are saved, but not others. For example you can keep 1 program’s files in persistence, but not another.
d. Tails only uses 9 GB of storage in a VM. So you can have lots of KVM burners for different tasks if you want.
While as if you had multiple Whonix VMs, you’d quickly run out of storage.
a. If you have newer software that’s NOT in the main Debian package manager, then you have to reinstall it everytime. This is not that big a deal though, because you can keep the related files in the right persistence folder, so it’s only 1 command. Now if you got a lot of software, that’s a pain in the ass. However if you have a lot of knowledge, it could be scripted.
b. Tails has a steeper learning curve than Whonix, since you have to learn how to use the persistent storage for programs as well as the commands to route traffic through Tor.
Technical Note: Tails is directly going through Tor, so you have to manually type the word “torsocks” before launching each program to match this proxy. While as Whonix does all routing for you, because the Tor routing is going on in that 2nd external gateway VM. Programs on Whonix don’t “know” they are going through Tor, just like the analogy of a VPN router. The computer doesn’t “know” the external router VPN IP isn’t your real IP.
And by the way, if you combine Whonix & a VPN router, that’s TWO external IPs to break out of.
Parrot has “AnonSurf” mode which gives you system-wide Tor like a VPN. Keep in mind, Parrot is designed for security-minded engineers/programmers, and NOT for the “illegal” darkweb. By default it uses SELinux, which assumes you trust the NSA just because it’s open source.
a. Parrot lets you easily change exit IPs for the whole system at once, which is kind of cool for changing identities for a single program, like say I got 2 email accounts on the same server. But keep in mind that Parrot doesn’t change circuits for each program like Whonix or Tails. This means Parrot’s Tor is less private, but you don’t have to run 2 VMs like Whonix or USB-memory like Tails. So Parrot is going to be faster.
b. Parrot makes security easy with a graphical interface for permissions.
a. Huge red flag annoyance that the “real” Tor Browser is not properly setup for the system-wide AnonSurf, meaning you’d have to use something else like vanilla firefox to do websites and Tor apps at the same time. This is real bad for browser fingerprinting. Remember, Parrot isn’t for the darkweb.
b. Parrot’s package manager is poorly managed, in that they have newer versions of software, but older dependencies for it. So when you install software not included by default, it might break on you.
a. KaliTorify is a command line tool to do system-wide Tor like a VPN. It’s similar to Parrot but just a command. Both Parrot and KaliTorify use IPtables, which is just a firewall program.
b. KaliTorify is very convienient since it’s just a command.
a. It’s easy to make a mistake and forget to run it or think it’s on and leak shit.
b. No extra security beyond just Tor.
OpenWRT is a router operating system, that can be configured to push it all through Tor.
a. Can be used to mask Tor use by putting a VPN on your phone or PC. So Tor Router -> VPN phone. This is useful for creating anonymous Telegram accounts using VoIP burners I taught you about before.
Con: Very slow compared to other methods. The RAM in a router isn’t able to match PC speeds.
Orbot or InviZiblePro
This is Tor for cellphones. Be careful with this, because it’s NOT giving you new circuits for each app like Whonix or Tails. So let’s say you got Telegram with your real KYC number and an anonymous Signal burner. That Tor exit node is seeing you pull from Signal and Telegram at the same time, and if that’s a malicious government node, you’re not as “anonymous” as you think.
Either toggle different mobile profiles, never use KYC numbers, or use a firewall app. Graphene has one under each app’s settings, or Calyx has an awesome system-wide one.
Do you want help setting any of this up? Advice on opsec or what to avoid? Don’t get burned with random idiots giving you bad advice, and save yourself headache and time. At $30/hr, it’s so low you’d probably lose more trying to debug it on your own. We’re just a DM away.