Whonix vs. Tails vs. Linux

[iluvbitcoins]

Hey guys, I just bought a new laptop and I'm thinking of making it completely anonymous

Like 100%, encrypting it with a 30 char password so no mofo can break into it

And using an OS + VPN so my info can't be revealed anywhere on the internet

I'm wondering which OS would be the best?

I'v heard good things about Whonix and Tails, but I'm wondering can I install usual files on it?

I need to be able to use bluestacks on the OS, skype probably and that's mostly it

I'd also like to be able to run a VPN, since I heard that TOR IP can be broken trough?

I'm not really too much savy about this things, that's why I'm asking about it

If you have any tips on anonymity I'll welcome your advice

[1714573013]

1714573013

[1714573013]

1714573013

[No Checks, Czechs Welcome]

Tails is just another Linux distribution right?



Anyway the best operating system doesn't exist. It's a matter of preference. Unless it's bloody windows that shit is shit. Although I do use it for posting when gaming 

[Nikinger]

Some applications are internally very complex, like browsers, and thus complex applications are notorious prone to serious security bugs, if exploited, the malware could simply turn off the anonymization. This is why I think that's a very bad idea to run the application which is subject to be anonymized on the same machine which is responsible for maintaining the anonymity.

I suggest you to use virtual machines at least, use physical machines if you fear facing an exploit which is capable to break out of the virtual machine.
Box #1 is responsible for the routing&anonymity only.
Box #2 is for non-anonymous stuff only (online banking, pizza service).
Box #3 is for anonymous stuff only.

[Wonka]

Hey guys, I just bought a new laptop and I'm thinking of making it completely anonymous

Like 100%, encrypting it with a 30 char password so no mofo can break into it

How are you going to remember a 30-character password? I think there's a good chance you would forget that then you'd be screwed.

[Welsh]

How are you going to remember a 30-character password? I think there's a good chance you would forget that then you'd be screwed.

There's certainly techniques available for the inital remembering stage. I've remembered long passphrases and private keys over the years. Although, the private keys are not redudant has I've moved onto new addresses.

If he wants to make his life easier though, he could just use a password manager like keepass.

[iluvbitcoins]

Hey guys, I just bought a new laptop and I'm thinking of making it completely anonymous

Like 100%, encrypting it with a 30 char password so no mofo can break into it

How are you going to remember a 30-character password? I think there's a good chance you would forget that then you'd be screwed.

I already have it memorized
It actually has over 30 charachters but I won't say how much exactly

Some applications are internally very complex, like browsers, and thus complex applications are notorious prone to serious security bugs, if exploited, the malware could simply turn off the anonymization. This is why I think that's a very bad idea to run the application which is subject to be anonymized on the same machine which is responsible for maintaining the anonymity.

I suggest you to use virtual machines at least, use physical machines if you fear facing an exploit which is capable to break out of the virtual machine.
Box #1 is responsible for the routing&anonymity only.
Box #2 is for non-anonymous stuff only (online banking, pizza service).
Box #3 is for anonymous stuff only.

doesn't their OS have an integrated browser?

[Nikinger]

doesn't their OS have an integrated browser?

If you like to, of course because Linux is flexible but this isn't the point. It's more about separation by relocating a critical component (which is reponsible for the anonymization) away from your potentially vulnerable working environment where your browser runs.
If any application (which includes your browser) inside your anonymized working environment misbehaves or breaks, you will stay safe and anonymous if you delegate the task of anonymization to another machine. Without separation, a broken application could also break the anonymization.

[iluvbitcoins]

And how exactly do I do this?

[Nikinger]

And how exactly do I do this?

I think the best and easiest for you is to start with is Virtual Box and Whonix for use in virtual machines (Gateway and Workstation). You can use VPN on the host computer and NAT your virtualized Whonix gateway over VPN. I haven't tested it but it's a good start and should work (I can't get too deep in detail because I use another customized solution).

After you got a bit familiar, don't stop being curious how this whole thing works. Read on: iptables, compiling sources, handling packages, configuring routes and network interfaces, proper up and down script handling, configuring and running VPN and Tor clients. The more you understand the more you control the tech.

Keep in mind, anonymity is more than just a piece of software, anonymity is a concept where you have to think about it. As an example, as soon as you log in to an account which is linked to your full name, using Tor can do harmful things.

Some thumb of rules and hints:

• You shouldn't use anonymization when using online banking or doing things which are linked with your full name (e.g. pizza services) because your identity is known anyways.
• Don't use the same (virtual) system for anonymous and non-anonymous activities because of potential finger printing techniques.
• When using nick handles in the internet: you can't anonymize a nick handle, you only can deanonymize a nick handle. If you think your anonymous nick handle is accidentally compromised and linked with your full name in any way, abandon it which includes abandoning all email addresses and messenger accounts you used with the handle.

[Buffer Overflow]

If you use a VPN you have to trust them, because they know which sites you will be visiting.

Guarantee there's a few NSA VPN honeypots around.

[iluvbitcoins]

If you use a VPN you have to trust them, because they know which sites you will be visiting.

Guarantee there's a few NSA VPN honeypots around.

I was thinking of using a VPN and Tor in the same time

How would that work?

[Buffer Overflow]

If you use a VPN you have to trust them, because they know which sites you will be visiting.

Guarantee there's a few NSA VPN honeypots around.

I was thinking of using a VPN and Tor in the same time

How would that work?

Slow.

[iluvbitcoins]

Hahah

Yeah

But it WOULD work, right?

And my VPN provider wouldn't be aware of the websites I visit?

[Buffer Overflow]

Hahah

Yeah

But it WOULD work, right?

And my VPN provider wouldn't be aware of the websites I visit?

I guess it would work. But there so many ways to can inadvertently leak your IP. You need to disable Flash, JavaScript and browser plugins for a start.
Torrent downloading will also announce your IP into the swarm, so also avoid those.

Best to just use TailsOS where everything is already setup for you.

[iluvbitcoins]

So using bluestacks and skype is impossible if I want a 100% anonymous environment?

Yes, I was thinking of just booting tails for it..
But I need bluestacks

[newflesh]

So using bluestacks and skype is impossible if I want a 100% anonymous environment?

Yes, I was thinking of just booting tails for it..
But I need bluestacks

I'd avoid Skype completely, Tails has Pidgin if you want to send instant messages or you could install something like jitsi (https://jitsi.org/) but you would have to keep reinstalling it unless it's in stored in the persistent volume.

[iluvbitcoins]

Skype is a necessity, is their any way to just minimize its downsides?
Reinstalling every time won't be an issue

Does it matter that I have a dynamic IP instead of a static one?

[Lauda]

Skype is a necessity, is their any way to just minimize its downsides?
Reinstalling every time won't be an issue

Does it matter that I have a dynamic IP instead of a static one?

Do not install Skype. All that effort that you would go through would be in vain.
I'm not saying that you're going to do something illegal, but if you do you could get caught just because of Skype. Skype could have all sorts of backdoors built into it.

[iluvbitcoins]

I'm not doing anything illegal, I'm just exploring anonymity and ecryption
What about bluestacks?
So jitsi is cool to use?

[Mehek]

linux