Privacy and Anonymity Course Using VMs, VPN, and Tor: Part 1
In this series of articles, we will explain how to achieve privacy and anonymity through compartmentalization and isolation, using multiple virtual machines (VMs) that access the internet via nested chains of VPNs and Tor. Please note that this is an advanced set of guides, so a complete setup will require at least several days of focused work.
Before implementing specific methods and techniques, we recommend that you create your own threat model to determine whether you need to complicate your security system. In short, building a threat model means analyzing at least three questions:
- What are you protecting?
- Who are you protecting it from?
- What could happen if you are compromised?
Key threats and corresponding countermeasures include:
- If you simply want to bypass internet censorship and limit the data your ISP can collect, you donβt need anything more complicated than a good VPN service (unless the consequences of being caught are severe).
- If you want to avoid commercial tracking and behavioral marketing, you donβt need the full setup described here.
- If you require a higher level of privacy and anonymity than browser extensions can provide, you might consider a basic setup that separates your activities using virtual machines and VPN services.
- Conversely, if a compromise could have serious consequences for you, then using the full setup is reasonable. The approaches described here are likely to protect you from untargeted surveillance by advanced organizations. For actors with limited resources, they may even protect against targeted surveillance.
While global organizations intercept almost all internet traffic, the approaches described here can protect against typical untargeted surveillance, given the need to correlate traffic through multiple VPN tunnels and Tor. However, it is unlikely that even the full system described here will protect you from targeted surveillance forever.
Using Tor
Tor regularly experiences heavy loads. The network attracts botnet owners, which causes (1) slower performance and (2) most major websites and services to block Tor traffic. Over the years, more and more new users connect to Tor, many of them bots that are part of botnets. Bots do not pose a direct threat to anonymity unless they act as relays. Otherwise, they could collude to deanonymize other Tor users.
We recommend periodically checking the Tor blog for updates and Tor metrics (number of users and relays).
Onion Market β a free peer-to-peer exchange on Telegram.