Not long back we discussed how you can access the nighttime alleys of the internet through Tor, only we largely left off on the role well-nigh keeping yourself safety. The subject is more relevant than e'er with Congress recently passing an subpoena to Rule 41 of the Federal Rules of Criminal Process, allowing law enforcement to target users of encryption, VPNs, Tor etc. for hacking and surveillance.

Of form, for every criminal using these technologies to temporarily shield themselves from justice, there's a police force-abiding journalist communicating with a crucial source. Given the new legislation, privacy advocates who programme to go along using encryption and anonymization software ought to double-down on their security.

Here's a cursory overview of tips and services for keeping yourself prophylactic while surfing the seedy underbelly of the web. And given the aforementioned principles apply, these recommendations can also serve as a general guide to anonymizing yourself in the normal (a.k.a. surface) web, too.

Get off your personal computer

Starting from the top, if y'all're serious almost the security of whatever it is yous're doing on the nighttime web, information technology'south worth running an entirely separate environment from your main computer and internet connection (we'll go to the second 1 presently).

Y'all accept two main choices for changing your operating organization environment: a virtual automobile or a Linux 'Live CD'. The former is convenient considering you tin can run a virtualized OS inside your principal active Os without changing hardware or rebooting (but download virtualization software and an ISO), while the latter is perhaps more than attractive for its portability.

Installing a Linux distro on a bootable USB drive volition let yous plug it into any computer you lot encounter to load upwardly your custom surroundings and your session is stored in the auto'southward random access memory which gets dumped when rebooted. Yous tin salve content to the USB drive and you could ever behave a laptop instead of seeking out random PCs.

Creating a bootable pollex bulldoze is equally simple as downloading the ISO of your preferred flavor of Linux (Tails, Kali or Mint are good choices for this project) and using a utility such every bit Rufus to install information technology on a USB bulldoze that's plugged in. Linux GUIs have improved to the point where you may get abroad without opening the terminal, just in the event that y'all must, here's a beginner's guide to the Linux command line.

Don't connect from your internet address

This is what Tor, VPNs and other such proxies are meant to help with, but depending on your level of paranoia, you may want to make your initial connection from a public Wi-Fi network or consider investing in a pay-as-you lot-go burner device with mobile data access and a swappable SIM. Here are the FTC's own tips on safely using public Wi-Fi.

Layering your location by starting at a random Wi-Fi hotspot then connecting to a VPN before loading Tor will profoundly increment your odds of anonymity.

Relying on Tor alone may exist a gamble given the efforts to deanonymize its users and the fact that some of its go out nodes are presumed to exist compromised, which is why information technology should simply be one tool in your toolbox. Using Tor correctly could make or break your success at anonymity so consider reading a full rundown on how it works if you aren't familiar.

Once on the dark net, you would defeat the purpose of all this proxying by logging into your usual accounts. It's wise to apply random throwaway names and to store the credentials locally with KeePass instead of an online account manager that could exist more easily compromised, at which point your all your throwaways might become a lot less random.

*Tip: Don't blindly click links. Hover over them and check the status bar at the bottom of your browser to see where you're going.

Encrypt your storage

Operating systems including most Linux distros and even Windows have native drive encryption at this indicate and if you're non using that so check out VeraCrypt, a fork of TrueCrypt that has go the defacto open up-source encryption software for securing drives and partitions, such equally the USB drive containing your alive Linux install or the directory where y'all proceed your virtual automobile.

Information technology goes without saying that storing your data locally on encrypted drives is infinitely safer than uploading information technology to the cloud, but it should also be mentioned that there are security-witting file hosts:

  • Mega: 50GB complimentary and paid options starting at ~$5/mo
  • Tresorit: A more secure Dropbox, 1TB for $30/mo
  • ExpireBox: Unencrypted merely supports files up to 150MB and motorcar-deletes them after two days

Use private search engines

If you're coming from Google, StartPage might exist the best culling as information technology fetches Google's results but interacts with the company's servers without logging your IP address or downloading tracking cookies. Conveniently, StartPage provides a proxy link adjacent to each search result, which not only improves your anonymity merely likewise helps avert some of the captchas yous'll run into on Tor.

Although information technology lacks an integrated proxy service, DuckDuckGo'south privacy policy is on par with StartPage'south and information technology offers a shorthand chosen 'bangs' to search unlike engines (!google YOUR QUERY for instance volition provide Google results -- there are thousands of bangs).

Searx.me also deserves to be mentioned for its features including integrated proxy and cache links next to your results likewise every bit tabbed searches for files, maps, videos, social media and more than.

Communicate securely

The EFF offers a great starting point for brushing up on the field of study of communicating with others securely, which includes an intro to PGP and a guide on setting it up. If you'd rather non jump through those hoops, there are communication platforms with firm privacy policies, integrated encryption and features that resemble familiar services:

Electronic mail

  • ProtonMail: Free accounts get 500MB of storage, plans start at €iv/mo for 5GB, a custom domain and five aliases.
  • Tutanota: Free users get 1GB of storage, €one/mo opens custom domains and aliases, €ii/mo expands to 10GB storage.
  • StartMail: Free 7-day trial, plans start at $59.95/yr ($4.99/mo) for 10GB of storage and 10 aliases w/ unlimited disposable aliases.

Image credit: Ricky Montalvo on flickr

IM

  • RetroShare: Software akin to Skype except it'southward decentralized and encrypted. Features include file-sharing, multi-user chat and video calls.
  • Jitsi: Rivals RetroShare in functionality but uses Off-the-Record (OTR) for encryption and touts extras such as back up for IRC, MSN etc.
  • Pidgin+OTR: A cleaner, more conventional multi-protocol IM client with support for OTR, but you'll have to download and install the plugin.
  • Bespeak: Open up Whisper Arrangement'due south solution for encrypted texting/VoIP and cocky-timed expiring letters on Android/iOS/Chrome app for PC.
  • Confide: Self-deleting text/voice messages, pics and docs with support for multiple recipients, terminate-to-end encryption and screenshot protection.
  • Lockify: A Chrome app to create expiring messages that tin can exist sent via link or QR code. The recipient verifies their identity past your chosen method.

As nosotros said in our Night Spider web 101 article, at that place'due south no such matter every bit being 100% bearding or secure and your biggest shortcoming is going to be human error, only you lot can still make it more difficult to track your identity by taking advantage of a few free services.