Attention Guest: Please make sure that you are using a unique password to login to MESO. If you have used your MESO password on another website, change it immediately. You should NEVER share the same login credentials on multiple websites.

How a portable travel router can put TOR web-surfing security in your pocket

Discussion in 'Security, Privacy & Anonymity' started by pumpingiron22, Nov 16, 2014.

  1. pumpingiron22

    pumpingiron22 Member AnabolicLab.com Supporter

    How a portable travel router can put TOR web-surfing security in your pocket
    Ian Paul @ianpaul

    Aug 15, 2014 8:43 AM
    e-mail
    print

    Most of the stories coming out the Black Hat and Def Con security conferences highlight the latest crop of horrendous security flaws discovered by hackers. But it's not all doom and gloom. There were also presentations from developers actively trying to make digital security better for all.

    Consider the privacy-protecting travel router defined by the Personal Onion Router to Assure Liberty (PORTAL) project. It aims to protect personal privacy with little effort—at least once you're up and running.

    Currently a DIY project that's really only appropriate for power users, PORTAL uses a travel router with modified firmware that anonymizes all Internet traffic by connecting to The Onion Router (TOR) network.

    PORTAL was originally created two years ago by a well known security researcher who goes by the online handle The Grugq. In recent months, however, the Grugq has teamed up with two other contributors: Ryan Lackey, security engineer at CloudFlare; Marc Rogers, principal security researcher for Lookout Security.

    Together the trio are refining the original code to make PORTAL more accessible to users and they plan to add more advanced functionality for power users in the future. Lackey and Rogers discussed the PORTAL project at Def Con 22. You can check out the presentation slide deck here.

    Lackey told PCWorld they are hoping to sell travel routers with the software pre-installed to interested users, but for now the team doesn't plan on turning a profit or launching a business.

    "The main goal is to get the devices out there," Lackey said. "So we're open to various options to cover the costs. Selling them is probably the easiest, though."

    The group also hopes to have a more useful tool like a one-click installer ready by the end of the year for people who already have a travel router they can modify, Lackey said.
    Security in your pocket
    tp link tlmr3040 100266048 large

    The TP-Link TL-MR3040 is supported by the PORTAL project.

    Travel routers are pocket-sized battery-powered and/or wall pluggable devices that can connect either to a wireless broadband network or a local Wi-Fi network. The router then functions just like a home router, connecting multiple devices to the Internet at one time.

    The idea of making a travel router do all the work of connecting to TOR gives user devices an added boost of security. By isolating all the TOR connections to a separate device that can be nearly always on, you reduce the chance of forgetting to connect via TOR to maintain anonymity. The router also doesn't contain any of your personal information, reducing the chance of exposing personally identifiable data online.

    Even if you're not a criminal or political dissident, there are many reasons to keep your Internet surfing habits as private as possible. For example, you may object to the data-gathering activities of the National Security Agency and other intelligence groups just on principle. The downside of using TOR, however, is that it can slow down your browsing speeds (although TOR speeds have improved in recent years).

    There are many projects trying to help users stay anonymous online, mostly by using the TOR network. These include PogoPlug Safeplug and the Onion Pi that turns a Raspberry Pi mini computer into a TOR router.

    The difference with PORTAL is it takes advantage of of TOR's pluggable transports API. Despite being relatively anonymous, online monitors can identify which traffic is TOR traffic and which is not. Pluggable transports can help mask TOR traffic so that it looks like non-descript Internet activity.

    While PORTAL is an interesting project, right now it requires users to know how to flash a portable router's firmware. The instructions for getting started also assume a higher level of knowledge than most users have. Nevertheless, if you want to try your hand at PORTAL, you can find all the details, including recommended router models, on GitHub.

    If you do give PORTAL or just plain old TOR a try, remember that your Internet traffic can be exposed once you exit TOR to connect to a website. You can avoid this by forcing your PC to connect to websites using https encryption whenever possible with browser add-ons such as HTTPS Everywhere.
    http://www.pcworld.com/article/2465...-tor-web-surfing-security-in-your-pocket.html
     
  2. pumpingiron22

    pumpingiron22 Member AnabolicLab.com Supporter

    .
     
  3. bdg77

    bdg77 Member

    I can't seem to find my copy of tor with aurora browser. Is it easy to aquire or should I be concernced about using a particular version or build. If it's open source then could there be fake versions out there?
     
  4. pumpingiron22

    pumpingiron22 Member AnabolicLab.com Supporter

    You should always get the newest update when they come out. Just go to the tor site.
     
    MindlessWork likes this.
  5. bdg77

    bdg77 Member

    Will do, Thanks.
     
  6. bdg77

    bdg77 Member

    I noticed something weird. When I login to forum with other browsers I don't see sponsors. Login with tor and I see sponsor links. Don't get it?
     
  7. MindlessWork

    MindlessWork Member AnabolicLab.com Supporter

    Best place to go for getting a copy of the latest Tor and getting Tor from other sites may be risky
     
  8. Millard Baker

    Millard Baker Member

    It's all the ad-blocking extension that you've installed on your other browsers --> https://thinksteroids.com/community/threads/pure-vpn-worth-it.134363525/#post-1240180

    TOR browser has 'no script' extension too. It is off by default. You should change this and 'forbid permissions globally' as default and permit only as needed.
     
    MindlessWork likes this.
  9. MindlessWork

    MindlessWork Member AnabolicLab.com Supporter

    NoScript is also another great extension that goes well with Adblock Plus. However it is truly not a good idea to have more than one script/adblocker installed as it could cause the issues @bdg77 mentioned. Lastly, keep the number of extensions installed to a minimum to ensure the browser performs well.
     
    Millard Baker and pumpingiron22 like this.
  10. bdg77

    bdg77 Member

    Ok, that makes sense. I thought No Script and Adblock plus were only working in firefox. I would allow scripts for this site, so adblock may have been the culprit. It seemed to be the same for internet explorer and I don't think I had those add-ons installed there. I don't know if they carry over or if it might be my internet security software. Either way tor works great. I was thinking, whoa we don't have sponsors anymore, for a while. Then after using tor, I was like they're back!
    I think I may have one too many add-ons in firefox. That better privacy one was been messing with me, bluring my info and wanting to use master passwords. That one's gotta go. Download them all and flash-got are pretty awesome you can download anything. You tube vids. Shockwaves. Whole pages of thumbnails can be downloaded as the full picture or vid. Firefox is rad. I'm liking chrome less and less.
     
    Last edited: Mar 20, 2015
  11. MindlessWork

    MindlessWork Member AnabolicLab.com Supporter

    you could add exceptions to whitelist this site in adblock too
     
    pumpingiron22 likes this.
  12. bdg77

    bdg77 Member

    Good idea, it was weird. All the sudden about a month ago, all but the first sponsored link just disappeared. No boxes where links should be, nothing. Must have been an update that did it cause I've had the same add-in's installed for like a year. My internet security updated around that time also. Not just a periodic update but the whole look changed. No script and ad block are constantly upgrading too. Computers and software are changing so much it's hard to keep up. I don't really the direction tech is going. Cell phones are getting too damn big. I don't like tablets. The whole idea of cloud drives seems stupid to me. Why would you want to back your stuff on the net, god knows where, so who knows can access it. I'd rather pay $60 for a 2TB usb drive and keep my stuff safe than pay for a 20GB cloud drive. And the way windows just assumes that more than one person is going to use a pc and that I would want the computers using my router to share stuff or communicate with each other. They have it backwards. Nobody but me touches my computer and I've never had a situation where I wanted to network computers. I want them like completely isolated islands. It seems like every time I get a new computer I have to fight with windows to not do a bunch of crap I don't want it do. I guess I just have to get comfy with linux cause windows 8 is the worst OS ever. This is what happens when you don't have competition. Windows can be as terrible as it wants. Doesn't matter it's already on your new computer unless you want to waste a bunch of money building a custom system that will be a dinosaur in 3-4 years. Then there's apple, not for me. The best piece of advice I can give someone is screw wi-fi unless it's absolutely necessary. If you can get a cat5 to your other systems by running cable underhouse,attic,walls,etc. Do it. It's worth the effort and will save you so much time and b.s. in the long run. You just plug it in and it works, 100Mb/s, no security issues. If the device has ethernet than that's what I want to use. I've kind of been wanting a roku box for a while now. But I have to get the Roku 3 that costs around $100 cuz it's the only one with ethernet port. I don't even want to screw with wi-fi streaming. And I have a gigabit router and 60Mb/s internet connect. It doesn't matter though, people are going to buy what they are told is good. Apple watches, gimme a break, so gay.
     
  13. pumpingiron22

    pumpingiron22 Member AnabolicLab.com Supporter

    You might want to try ubuntu. Runs of Linux. But has a more of a windows platform feel. I hate all the Windows update and im prettysure there in with the nsa infesting tons of pc's.
     
  14. pumpingiron22

    pumpingiron22 Member AnabolicLab.com Supporter

    Roku good. But check out kody. Formally know as xbmc. Down load the repos. And you will have everything you ever need.
     
  15. bdg77

    bdg77 Member

    Think thats what I'm gonna do. I've installed b4 on previous systems. Partitioning HD and having multiple OS. This time I'll just get new system (micro-tower with one vertical 5 1/4" dvd-rw drive. In the past I've had custom built systems that cost $2000. Now I have a $300 e-machine from wal-mart and it's the best system I've ever had. Not much room for expansion. I could spend $80 and double ram to 8gb, or use the pci-e slot where a video card could go to give me usb 3.0 port. But all in all it's perfectly fine. Don't use comp for gaming anymore. One day I realized my $200 console was better than an almost $2000 computer with vid card. That was the end of my interest in p.c. gaming. But anyway I remember Ubuntu being very user friendly and pretty easy to figure out. I'll see if I can find most recent version. Right now I like Win7 and would like to stick with it as long as possible.
     
  16. pumpingiron22

    pumpingiron22 Member AnabolicLab.com Supporter

    Lol I have a Atx tower.6 fans one huge fan. 8 bay drive. Asus board? black visher chip. Huge cpu fan sounds like a leaf blower. Cools down 30 c.R9 and r7 graphicscard. Monster cables basically all the bells and whistles. Have steam os. I had more fun building it. Than actually playing it. Its basically turned in to the families multimedia center now. Basically movies.
     
  17. bdg77

    bdg77 Member

    Sounds like you pushed the enlevope with that beast. Computers are like most things, you can take it as far as you want and the skys the limit. What's next liquid cooling system? I was thinking heck you really want to keep the thing cool. Buy a mini-fridge for wine or something and just have it running in there.
    No, but seriously I've been using tor occasionally. Sometimes when I want to go to a site I get this screen that wants to make sure I'm a person, like a captcha deal. It wants me to decypher the messed up text. Says leave a msg. And that's it I can't get to certain sites. At first I though it was just for a certain site. Now I notice it comes up randomly when I try to go to certain sites. Any idea what the deal is with this stupid screen. It doesn't let me go to certain sites. It says cloud something and captcha, but even if I answer it nothing happens. I think maybe those emails about the internet getting jacked were true. Obama's hijacking it, talking about running it like a public utility. I'm highly skepital about internet privacy no matter what you do. They way I see it the sneakier you try to be the more attention you bring.
    Ok I just tried to go to a sponsor link. The screen is called cloudflare and it says some bullshit about scanning my comp for malware and prove I'm not a bot. Doesn't matter what I do. Can't get past that screen. And I have very good antivirus program and have never had malware or virus on this system.
     
    Last edited: Mar 22, 2015
  18. bdg77

    bdg77 Member

    Could it be internet options are medium-high and not medium. I've tried tweaking settings but I can only the first sponsored link in any browser but tor. Tor shows four more under that. Freaking computers drive me nuts. I used to like playing with them, not so much anymore.
     
  19. bdg77

    bdg77 Member

    I have the solution. My comp is almost 3 years old. It's about time for another $300 walmart special. Problem fixed. I'm just going to wait a little longer and hope windows 9 is better. I can't be the only one that hates windows8. Could get a chrome book with googles OS. But google is getting really annoying trying to get you to use google +, google talk. I want nothing to do with any social crap on the net. This forum is as social as I get online.
     
  20. pumpingiron22

    pumpingiron22 Member AnabolicLab.com Supporter

    Captcha is because your are on tor. Tor uses relays and is constantly changes ip site think your a bot when it switches. So thats there way of defense. I know it annoying. You could always use cyber ghost if you just cruising the net and not on darknet.