http://www.extremetech.com/extreme/2...ackers-toolkit
One of the interesting reveals at the end of Citizenfour, the recent Academy Award-winning documentary about Edward Snowden, was the thanks it gives to various security software programs. The information that Snowden leaked two years ago continues to reverberate today, and it kicked off renewed interest in data security, privacy, and anonymity. Based on the closing credits in the movie, we’ve put together a guide to some of the major security software programs and operating systems available. If you’ve wanted to take steps to secure your own information, but were uncertain where to start, this article should get you headed in the right direction.
Browser Security: Tor
The Tor Security Bundle is probably the best-known of the software products we’ll discuss today. The Tor browser is easy to install and set up; it’s based on Firefox 31.5.0, but as the program warns, simply using Tor isn’t enough to secure your Internet browsing. If you want to remain anonymous on the Tor network, you’ll need to also do the following:
No torrenting (at least, not unless you also have a VPN that supports torrenting, and have configured the torrent client of your choice appropriately).
Don’t install or enable browser plugins.
Use the HTTPS version of websites whenever possible.
Don’t download or open downloaded documents while online (more on how to avoid the security risks associated with this behavior later in this story).
If you want to hide the fact that you’re using Tor, in addition to hiding your Internet traffic, consider the use of bridge relays.
Configuring Tor is relatively easy. Once you’ve begun the installation process, you’ll be asked to choose whether you want to connect directly to Tor or through a bridge relay, as shown below:
Make your choice, and the system finishes installing what looks like a standard version of Firefox with a few custom scripts and configuration options.
One caveat about using Tor for anonymous browsing is that the performance isn’t going to be what you’re used to from a standard connection. Tor uses multiple levels of encryption to hide destination IPs, and routes the information randomly across its own network to defeat spying. This helps prevent certain kinds of packet tracking, but it also introduces some substantial performance penalties.
The fact that Tor routing is randomized makes it tricky to estimate the performance impact of using it, but we ran a series of webpage loading tests anyway. Treat these as a useful ballpark rather than the final word. Page caches were cleared before the load tests for both standard Firefox (36.0.1) and the Tor Browser’s version (31.5.0).
As you can see, load times for Tor are 3-4x higher than they are for other browsers. That’s the price you pay for anonymity.
Alternatives: There really aren’t any. VPNs can offer some of the same protections as Tor, but not as well or to the same degree.
Tails
Tails (The Amnesiac Incognito Live System) is a Linux distribution that takes Tor’s goal of anonymizing users and securing one’s own privacy, and implements it at the operating system level. Tails is designed to be run from a USB key, DVD, or SD card and boots independently from the computer’s installed operating system. All of the included software is designed to use Tor — and to improve on the security that Tor already offers.
One of the limitations of Tor is that it can’t encrypt communication as it leaves the Tor network and reaches the destination server. Tails is designed to encourage the use of strong encryption. Tails’ documentation explicitly states what the OS can and can’t do, and the distro ships with a number of security options enabled by default. Pidgin (an IM client) is pre-configured with OTR (off the record) messaging engaged. The OS image includes useful utilities like OpenOffice as well.
The goal of Tails is the same as Tor — it provides the user with Internet access while simultaneously making every effort to preserve the user’s anonymity and privacy. By using a Live key or disc, the OS avoids storing any data locally, and the included encryption suites offer an additional layer of security. Tails has won high marks for usability around the Web, particularly if you’re looking to access the Internet from an insecure Wi-Fi network.
Alternatives: Quite a few, depending on what you’re looking for. Some Linux distros emphasize running software inside a VM (or multiple VMs), some are designed to route traffic from one VM to another VM to further obfuscate system activity (Whonix), while others are built off Ubuntu as opposed to Debian. Lifehacker and Techradar have good comparison articles.