1. https://tails.boum.org2.First things first, If you are running Tor Browser/Tails/Whonix/Vbox, you are in the right track! (For Tor users) The top left hand corner of the browser there is a little onion icon, click on that and click on 'Privacy and Security Settings' and ENSURE it's on HIGH. If you leave Javascript or any other vulnerable programming language enabled then frankly you deserve to get caught.
Now, we must perform a bit of surgery on the browser:
On the address bar type in 'about:config' and hit enter. You will get a warning about a warranty, it's fine, just click on the accept button they have out for ya and I promise we wont do anything crazy or destroy your browser so long as you follow these intructions (as you search for these things, you will notice that tor does indeed disable a few of these, not all)
First lets disable firefox's storage settings:
search -> set 'dom.storage.enabled' & 'browser.safebrowsing.malware.enabled' set to 'false'
Phew! that was a close one huh? Next lets Enable the DNS proxy bypass (Usually Auto-Enabled by Tor/disabled by other browsers)
Search -> set 'network.proxy.socks_remote_dns' set to 'True'
Now lets disable prefetching! (Prefetching allows the browser to get things you might view once again in the future and may be disastrous!)
search -> set 'network.prefetch-next' to 'False'
Disable Google's Blacklist (Really google? That sneaky? Disabled by Tor/Other browsers may not)
search -> set 'browser.safebrowsing.enabled' & 'browser.safebrowsing.malware.enabled' to 'False'
Disable referers (or that little redirection that can also prove to be malicious)
search -> set 'network.http.sendRefererHeader' to 'False'
Lets also disable pings here while we're at it
search -> set 'browser.send_pings' to 'False' & set 'browser.send_pings.require_same_host' to 'True'
Now disable suggestions (Disabled by Tor Browser/Not by Others)
search -> 'Browser.search.suggest.enabled' to 'False'
Disable Certificates (Optional -- Google (That's a joke don't google, use duckduckgo.com) this and see if its right for you, although if you are clever enough to know what's a danger and what is not online, then set to 2)
search -> set 'browser.ssl_override_behavior' to '2'
Now keywords-
search -> set 'keyword.enabled' to 'False'
Lastly, Disable Geolocation if it was not done so by Tor/Other Browsers
search -> set 'geo.enabled' to 'False'
Now go to your browser's application.ini in your browser's folder, open it, and find the following line:
'[Crash Reporter]Enabled1' and change the 1 to 0.
Hopefully this helps all of you out a bit.
P.S. If you are using TAILS you are going to need to reconfigure tor every time you use it (Since Tails removes all saved configuration and sweeps everything clean).
P.P.S For those who use say Tor with another browser (Does happen..), Then the addons Tor Browser has built-in are called
Noscript
&
HTTPS Everywhere.
Author: K7N3X
Source: intel exchange
Neznam oce li pomoc, ali eto.
