[continued from previous message]   
      
   >Normally Tor switches frequently its path through the network. When   
   >you choose a permanent destination X, you give away this advantage,   
   >which may have serious repercussions for your anonymity.   
   >You -> Tor -> VPN/SSH   
   >You can also route VPN/SSH services through Tor. That hides and   
   >secures your Internet activity from Tor exit nodes. Although you are   
   >exposed to VPN/SSH exit nodes, you at least get to choose them. If   
   >you're using VPN/SSHs in this way, you'll want to pay for them   
   >anonymously (cash in the mail [beware of your fingerprint and printer   
   >fingerprint], Liberty Reserve, well-laundered Bitcoin, etc).   
   >However, you can't readily do this without using virtual machines. And   
   >you'll need to use TCP mode for the VPNs (to route through Tor). In   
   >our experience, establishing VPN connections through Tor is chancy,   
   >and requires much tweaking.   
   >Even if you pay for them anonymously, you're making a bottleneck where   
   >all your traffic goes -- the VPN/SSH can build a profile of everything   
   >you do, and over time that will probably be really dangerous.   
   >You -> Tor -> Proxy   
   >You can also route proxy connections through Tor. That does not hide   
   >and secure your Internet activity from Tor exit nodes because the   
   >connection between the exit node to the proxy is not encrypted, not   
   >one, but two parties may log and manipulate your clear traffic now. If   
   >you're using proxies in this way, you'll want to pay for them   
   >anonymously (cash in the mail [beware of your fingerprint and printer   
   >fingerprint], Liberty Reserve, well-laundered Bitcoin, etc) or use   
   >free proxies.   
   >One way to do that is proxychains. Another way would be to use a   
   >Transparent Proxy and then either proxify (set proxy settings) or   
   >socksify (use helper applications to force your application to use a   
   >proxy) the programs you want to chain inside your Transparent Proxy   
   >client machine.   
   >You -> X -> Tor -> X   
   >No research whether this is technically possible. Remember that this   
   >is likely a very poor plan because [#You-Tor-X you -> Tor -> X] is   
   >already a really poor plan.   
   >You -> your own (local) VPN server -> Tor   
   >This is different from above. You do not have to pay a VPN provider   
   >here as you host your own local VPN server. This won't protect you   
   >from your ISP of seeing you connect to Tor and this also won't   
   >protect you from spying Tor exit servers.   
   >This is done to enforce, that all your traffic routes through Tor   
   >without any leaks. Further read: TorVPN. If you want this, it may   
   >unnecessary to use VPN, a simple Tor-Gateway may be easier, for   
   >example Whonix.   
   >VPN/SSH Fingerprinting   
   >Using a VPN or SSH does not provide strong guarantees of hiding your   
   >the fact you are using Tor from your ISP. VPN's and SSH's are   
   >vulnerable to an attack called Website traffic fingerprinting ^1^. Very   
   >briefly, it's a passive eavesdropping attack, although the adversary   
   >only watches encrypted traffic from the VPN or SSH, the adversary can   
   >still guess what website is being visited, because all websites have   
   >specific traffic patterns. The content of the transmission is still   
   >hidden, but to which website one connects to isn't secret anymore.   
   >There are multiple research papers on that topic. ^2^ Once the premise   
   >is accepted, that VPN's and SSH's can leak which website one is   
   >visiting with a high accuracy, it's not difficult to imagine, that   
   >also encrypted Tor traffic hidden by a VPN's or SSH's could be   
   >classified. There are no research papers on that topic.   
   >What about Proxy Fingerprinting? It has been said above already, that   
   >connections to proxies are not encrypted, therefore this attack isn't   
   >even required against proxies, since proxies can not hide the fact,   
   >you're using Tor anyway.   
   >,, ^1^ See Tor Browser Design for a general definition and   
   >introduction into Website traffic fingerprinting.   
   >^2^ See slides for Touching from a Distance: Website Fingerprinting   
   >Attacks and Defenses. There is also a research paper from those   
   >authors. Unfortunately, it's not free. However, you can find free ones   
   >using search engines. Good search terms include "Website Fingerprinting   
   >VPN". You'll find multiple research papers on that topic.   
   [end quote]   
      
   for windows 10/11, recommend using tor browser with default settings   
   and duckduckgo for search . . . but for windows 7/8, recommend using   
   omnimix tor with another browser e.g. pale moon, kmeleon etc., since   
   tor browser will no longer be supported after 1 october (next month);   
      
   while most websites will open in tor browser, including "google.com",   
   some websites will not, so using the most current windows 11 firefox,   
   edge or other "mainstream" browser is recommended; test your browser:   
      
   (using Tor Browser 13.5.3)   
   https://duckduckgo.com/?q=browser+fingerprint+test   
   >...   
   >https://coveryourtracks.eff.org/   
   >Test your browser to see how well you are protected from tracking and   
   >fingerprinting:   
   >TEST YOUR BROWSER   
   >https://coveryourtracks.eff.org/kcarter?aat=1   
   >Test with a real tracking company ?   
   >Our tests indicate that you have strong protection against Web tracking.   
   >...   
   >How does tracking technology follow your trail around the web, even if   
   >you've taken protective measures? Cover Your Tracks shows you how trackers   
   >see your browser. It provides you with an overview of your browser's most   
   >unique and identifying characteristics.   
   >Only anonymous data will be collected through this site.   
   >Want to learn more about tracking? Read how it works with our guide:   
   >LEARN MORE ABOUT FINGERPRINTING   
   >https://coveryourtracks.eff.org/learn   
   >...   
   (cf. any browser using Omnimix' built-in Tor)   
   >Our tests indicate that you have strong protection against Web tracking.   
   >...   
   (cf. any browser not using Tor)   
   >Our tests indicate that you are not protected against tracking on the Web.   
   [end quote]   
      
   (using Tor Browser 13.5.3)   
   https://check.torproject.org/   
   >Congratulations. This browser is configured to use Tor.   
   >Your IP address appears to be: ###.###.###.###   
   >...   
   (cf. any browser using Omnimix' built-in Tor)   
   >Congratulations. This browser is configured to use Tor.   
   >Your IP address appears to be: ###.###.###.###   
   >However, it does not appear to be Tor Browser.   
   >Click here to go to the download page   
   >https://www.torproject.org/download/   
   >...   
   (cf. any browser not using Tor)   
   >Sorry. You are not using Tor.   
   >Your IP address appears to be: ###.###.###.###   
   [end quote]   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)