I had a couple of discussions in the last weeks with various people about anonymity and privacy on the internet. Since TOR is a tool to maintain privacy it deserves some words how avoid user-errors you could make while using TOR. Interestingly those errors are not only of technical, but also of human/social nature.
I’d like to point out a few Do’s and Don’ts and points you should keep in mind when using the TOR-network.
- Clear Private Data: Before and after using TOR flush your cache and delete all cookies. In Firefox you just need to press “CTRL+SHIFT+Del” or go to “Tools -> Clear Private Data”.
- Call up links manually: If you visit a website where you find a link which you want to access with TOR, copy the link and insert it manually into the address-bar; this prevents a referer to be send to the host you want to visit. Again: Copy link; Clear Private Data; enable TOR; open new Tab; insert link.
- Configure SOCKS correctly: If you use Firefox and a SOCKS-connection, be sure to set Firefox’s variable
true– if you forget that you’re leaking the name of the server you want to connect to to the DNS-system.
- Close all tabs before proceeding: If you’re using Switchproxy and enable TOR, be sure that all Tabs are closed; all tabs get reloaded, and if session-ids were encoded in the URL, the remote host got your new (TOR) IP-address.
- Never send personal data: Do never ever enter any personal data into any website while using TOR. TOR’s intention is to hide your identity, so never enter private information. You can do that during normal surfing withotu TOR.
- Never send usernames/passwords: Never ever enter any usernames or password trough non-SSL connections. The TOR-exit-node could sniff on his network-interface and grab the username/password pair.
- Don’t trust TOR fully: Do not forget that the TOR-network is run by volunteers and that there’s absolutely no guarantee that one or more nodes could be compromised. Do not totally rely on TOR if it could endanger your or others life or property.
If you have any questions or suggestions, you’re welcome to use the comment-function.
This work is licensed under a Creative Commons Attribution 2.5 License.