Parrot version in use (if you are not aware of it, open terminal and type cat /etc/os-release | grep VERSION):
VERSION_ID=“5.3”
VERSION=“5.3 (Electro Ara)”
VERSION_CODENAME=ara
Logs/Terminal output (use pastebin or similar services):
Screenshots:
Hi Emil, So I typically use firefox over TOR for privacy with some extra browser security such as clearing my cookies/history after every use etc. There are other ways like VPN over TOR or just VPN but note that your browsing speed will be affected way more if you choose to use VPN and TOR so that is a choice you will have to make. but since its for soccer, then VPN or TOR would suffice.
Find the top VPN service providers or you can build yours: https://www.pcmag.com/picks/the-best-vpn-services … Personally I like TunnelVPN, ExpressVPN, and ProtonVPN
Hi Odin, I will try firefox over TOR for privacy with clearing my cookies / history after every use.
Another option to is to use 1.1.1.1 (dns)with warp. should work on amd64 builds of linux hides the IP address under cloudflare servers as long as warp is enabled.
yes that works too @crackmap. I was giving the route to browsing known and reputable sites!.
As for proton the web application is designed for privacy from registration so if you operate it under an alias that is not a very big issue but would be great if they fix that tho for those that operate it like a regular gmail. Not tested it offensively before.
For the security.cert_pinning. Typically I would use my NGFW or browser security (guardio) as another layer of defense. The underlying security mechanism of the browser security of NGFW would perform that and more under the hood. But you are very correct!.
What @crackmap is referring to is connecting to the legit server if you click on a link/type an address without fear of MITM attack. cloudflare will attempt to route you to a spoofed one if that is what you specified/clicked. Except maybe you are with the enterprise security version/something along that line then they can perform that level of inspection for you.
@CrackMap hummm… good to know.
MullBrowser if you use MullVad VPN or else the normal Tor Onion ones bro.
Also, for me AnonSurf works, no need then.
Also about VPN, all those presented there above keep data fyi… take MullVad and pay with Monero if you wanna be undetected in certain degree. On Host.
From what I’ve heard and seen most vpns do keep logs, IMO that’s a security breach in the first place. I’ll refrain from further comments as I’m also still going over the available choices and trying to find one suitable for myself
@SFC best kept open secret in the cyber realm… I am sure they are required to do that for legal reasons or otherwise. also, it just makes sense. If you want no-log VPN you can fork various VPN’s repositories, modify and host it yourself or build one yourself if extreme privacy is your thing. I did that myself for about two years, but truth be told in this age and time if you want to be found, YOU WILL BE FOUND. except you are someone not of interest really.
@err0r regardless, the VPN provider still has your original IP address. Do the Maths 
I see Kodachi Linux offers options to exclude TOR 5 eyes countries (Australia, USA, Canada, new Zealand, UK), 9 eyes (adds Denmark, France, Netherlands, Norway) & 14 eyes (added Belgium, Germany, Italy, Spain, Sweden). Most web sites list the benefits of Kodachi while one web site lists its flaws (presume the “pro” web sites just list what the developer stated without checking if they actually work as stated). Have tried it as live ISO (bit of a CPU hog). If it did work as alleged it would be fantastic but I suspect it doesn’t. I believe some 80% of TOR nodes are in western / 14 eyes countries so disabling them would no doubt make browsing extremely slow. However - I do like that option of being able to disable those countries in question if i want. Is there a way to do that in TOR or a possible addition to Anon Surf?
i know the more TOR nodes the better especially if they are in the 5 eyes countries as limiting TOR nodes to a few countries may be more noticeable, but a nice option to have if you want
also be interesting if others agree with this review
Kodachi Linux: A brief Security Review – /dev/urandom (bitsex.net)
thanks
Most VPN services require you to register, even as a ‘free’ tier customer, so they will always have logs of when you used the system, and from which IP you connected from. If you want to be unknown, then you cannot connect to any network at all is the plain truth.
Sure you can add a VPN and use Tor nodes to try and obfuscate yourself from a casual observer, but if you have done something serious enough that someone wants to find you badly enough, it can usually be done, it will just take a while to put all the pieces together.
If you just want basic anonymity, use your VPN or Tor and don’t worry about it too much, these services are more about encryption for your traffic really, so it can’t be ‘read’ if intercepted. If you want to avoid rate limiting for tools when pen testing, the same thing applies really, with VPN’s or Tor you can change nodes and number of hops on route, to do so, and so do more automated testing for example.
If you consider that the first step in network traffic is MAC address to MAC address, i.e. a unique to every device hardware ID, then using a random MAC and a public network you don’t own, such as a coffee shop, then route over Tor would give you the best option. Although even then you’d have to change coffee shop each time to make it impossible to find you.
I agree @Fred_Sheehan , you have to become a physical and digital nomad. If you have a static IP address from the beginning it makes it easier to trace from the VPN provider/Tor entry node. Even in coffee shops, you can be identified after about 3 different coffee shops visits, using physical location, IP address and time-frame analysis. It might take a while initially but possible with cooperation and a large budget.
The Intelligence Agencies can find almost anyone once you are on their radar. Tor is for privacy from the website owners/host, Internet providers, certain countries etc. The top IA can stitch the trail together across multiple boarders and jurisdiction regardless of the hops if they really want to go after you due to cooperation and limitless budget.
If you can blend in tor, the IA’s don’t deem you worthy of their effort or you are not causing enough trouble(LOL)… Don’t do that please
I have been telling people this for years, But personal security thanks to the modern idiom of social media is a thing long from the past, when answering similar questions to this on other fora, I usually finish with " the weakest part in any computer security system, sits cleanly between the seat back and the keypad"
thanks mate
I use parrot, anon surf & TOR.
just looked at Kodachi and thought it was interesting in its ideas - if it worked
That was a good review,I came across that distribution a few years ago, and after running it in a VM and seeing how many services it was running by default that were open to the internet, I went no further and deleted it.
Tails is a good choice if you want a ‘clean’ system every boot, that stores nothing on a host.
If you want a system that’s bullet proof but can be updated, qubes is good, as everything is isolated from everything else, makes it a pain sometimes when you have to ‘pipe it all together’, to do some work, but it also means a part of the system could theoretically be compromised and still not have access to the underlying system or other programs etc.
the qubes/whonix combo looks interesting, I shall have to try that in a VM and play with it!
tried qubes, haven’t been able to get it running on my pc, not on the “compatible” list but have seen a few YT vids that make some changes in BIOS so may look into that, also tried in a VM as have seen some youtube videos showing it can be done, haven’t succeeded yet, may need to tweak a few setting in the VM to get it to run.