How to secure your computer and surf fully Anonymous BLACK-HAT STYLE

This is a guide with which even a total noob can get high class security for his system and complete anonymity online. But its not only for noobs, it contains a lot of tips most people will find pretty helpfull. It is explained so detailed even the biggest noobs can do it^^ :

The Ultimate Guide for Anonymous and Secure Internet Usage v1.0.1

Table of Contents: 1. btaining Tor Browser !. "sing and Testing Tor Browser for the first time #. $ecuring %our &ard 'rive (. $etting up True)rypt, *ncrypted &idden +olumes ,. Testing True)rypt +olumes -. $ecuring your &ard 'is. /. Temporarily $ecuring %our 'is., $hredding 0ree $pace 1. Installing +irtualBox 2. Installing a 0irewall 13. 0irewall )onfiguration 11. Installing "buntu 1!. "buntu Initial $etup 1#. Installing 4uest 5dditions 1(. Installing I6) 7 ptional8 1,. Installing Torchat 7 ptional8 1-. )reating T 69 nly Internet *nvironment 1/. 4eneral 'aily "sage

By the time you are finished reading and implementing this guide, you will be able to securely and anonymously browse any website and to do so anonymously. :o one not even your I$; or a government agent will be able to see what you are doing online. If privacy and anonymity is important to you, then you owe it to yourself to follow the instructions that are presented here. In order to prepare this guide for you, I have used a computer that is running <indows +ista. This guide will wor. e=ually well for other versions of <indows. If you use a different operating system, you may need to have someone fluent in that operating system guide you through this process. &owever, most parts of the process are easily duplicated in other operating systems. I have written this guide to be as newbie friendly as possible. *very step is fully detailed and explained. I have tried to .eep instructions explicit as possible. This way, so long as you patiently follow each step, you will be >ust fine. In this guide from time to time you will be instructed to go to certain "6?s to download files. %ou do : T need T 6 to get these files, and using T 6 7while possible8 will ma.e these downloads very slow. This guide may appear overwhelming. *very single step is explained thoroughly and it is >ust a matter of following along until you are done. nce you are finished, you will have a very secure setup and it will be well worth the effort. *ven though the guide appears huge, this whole process should ta.e at the most a few hours. %ou can finish it in phases over the course of several days. It is highly recommended that you close @5??@ applications running on your computer before starting. : A $hare by Baster;irateC

1 : !btaining Tor "ro#ser

The first step to becoming secure and anonymous online is to setup and install something called DT 6E. DT 6E is short for DThe nion 6outerE. The concepts behind T 6 were first implemented by the "nited $tates Bilitary, and these principles have been used to create an extremely secure mechanism for being anonymous online. In fact, millions of people world9 wide use T 6 to browse the internet and communicate anonymously. T 6 wor.s by heavily encrypting your communications so that no observer can see what website you are really going to, and what information is really being sent. It all appears as a bunch of random characters to any observer. %ou simply use the T 6 web browser >ust as you use any other web browser. T 6 ta.es care of the rest. &owever, T 6 by itself is not enough. *ven when using T 6, a user can be compromised in a number of ways. 0irst, some websites can be set up to attempt to reveal someoneFs true I; address 7their true identity8 by tric.ing their web browser or other software to transmitting that information. 0or this reason, anyone who uses T 6 will recommend that no one have >avascript or flash turned on while browsing T 6. In this guide however, I will show you a much better solution. The second issue is that of human error. *ven if you have T 6 installed, you may accidentally forget which browser to put in a lin.. %ou may also accidentally clic. on a lin. from another program, such as a chat program. That program might then load the lin. you clic.ed on into a non9T 6 browser. <hen you are using T 6, you must be careful @constantly@ that every lin. goes into the right browser, and that you do not accidentally clic. the wrong lin.. $o then, letFs begin. btaining the T 6 Browser is easy. $imply go to the following website: http:GGwww.torpro>ect.org nce here, you may feel free to read more about what T 6 is and how it wor.s, or you may proceed to immediately download T 6. $ere is ho# to do so: 1. )lic. on D'ownload T 6E, or D'ownloadE. !. %ou will see text that says, DThe Tor Browser Bundle contains everything you ned H Iust extract it and run. ?earn more JJ #. )lic. on this D?earn moreE lin.. for the DTor Browser BundleE (. 5ssuming you are an *nglish spea.er, you would choose the top9most lin. D*nglish 7en9"$8E. therwise, pic. the language best suited to you. ,. The file being saved will be named: tor9browser91.#.11Ken9"$.exe It is o. if the number is not exactly 1.#.11, there are new versions of Tor from time to time. 5t the time that this guidewas written, 1.#.11 was most current. By the time you are reading this, a more current version of T 6 may exist. -. 6un this file. /. %ou will be prompted to extract this to a directory. By default, it will be set to ):"sers%ou'ownloads This is perfectly o.. %ou can also choose a different directory if you wish. 1. )lic. D*xtractE ThatFs it. T 6 Browser is : < installed. Time to test it outL

% : Using and Testing Tor "ro#ser for the first time

:ow you have successfully downloaded and installed the Tor <eb Browser Bundle. %ou are no doubt anxious to begin using it. 0irst, clic. on the DstartE menu icon, the icon in the lower left of your screen with the windows logo. n the top right will be a listing that says D%ouE, D'ocumentsE, D;icturesE, DBusicEH D%ouE of course will be replaced by your user name. )lic. on D%ouE, the top most lin.. This will open up your main user folder. :ow, locate the folder called D'ownloadsE and double clic. on it. :ow, inside the D'ownloadsE folder, double clic. on the folder called DTor BrowserE. ?astly, double clic. on the application: D$tart Tor BrowserE <hen you do, you will see the +idalia )ontrol ;anel appear, and you will observe as you connect to the T 6 networ.. <hen this is complete, your web browser will open up and will automatically connect to the web address: chec..torpro>ect.org This is to confirm that you are in fact using T 6. If you have followed this guide correctly, then you will see the following

green text, or something similar: D)ongratulations. %our browser is configured to use Tor.E :ow you can use this web browser the same as any other. %ou can go to any website you wish, and neither your I$; or anyone else will be able to see where you are going, or what you are doing. &owever, there are still issues that need to be resolved, so donFt begin browsing >ust yet. ************************************* ***** IMPORTANT SAFETY NOTE ***** ************************************* If you fill out a form containing your email address, your name, or any other sensitive information while using the T 6 browser, be aware that sometimes it is possible for an observer to see that information. <hen using T 6, use it to access websites and content that you are @not@ connected to via your real identity or any username or nic. name which lin.s to your real identity. ?et T 6 be for anonymous browsing solely. 'o your online ban.ing, or any other activities involving your real identity using your normal web browser. ************************************

& : Securing 'our $ard (rive

Being able to browse anonymously is one thing. &owever, you may choose to download and save sensitive content or material to your computer which you wish to .eep private. This may include reading sensitive documents, viewing pictures, or storing any .ind of sensitive data. If you save @anything@ to your computerFs harddrive, then it is possible for someone who has confiscated your computer to determine what it was you saved. This is often true even if you delete the content. 0or example, suppose I use the Tor Browser and I navigate to a website containing a sensitive document that I wish to read. If I saved that document somewhere on my harddrive, then it is possible for someone else to find it. If I @delete@ that document, it may still be possible for someone to undelete it. 0urther, even if I never save it to my harddrive but I simply loo. at it using my word processing software, it may still be saved in a number of ways including: 1. ften programs .eep records of filenames. The filename alone is often enough to incriminate someone. !. ften programs .eep parts of the content viewed saved for various reasons, such as for searching. This can include random excerpts of text, thumbnails of images, and more. ften this DpartialE data is more than enough to prove what the original data was. ften the DpartialE data is itself incriminating. #. $ometimes, especially if you are running low on system memory, your operating system may choose to use your hard9 dis. as a temporary 65B. This is .nown as D$<5;E. :ormally, whenever you turn off your computer, whatever was in 65B is deleted. &owever, the data that goes to your $<5; may persist and it may be possible for someone to see what content you had open in your programs if that information is saved in 65B. 4enerally spea.ing, you @must@ have a plan to secure any content that is saved to your hard dis.. Therefore, this guide would be incomplete if we did not thoroughly address this. 0irst, there are two .inds of such content: 1. 'eliberately saved content. !. Inadvertently saved content. 'eliberately saved content refers to content that you have chosen to save on your harddis. so that you can access this content later. <e will address how to do this later in the guide. Inadvertently saved content refers to content that is saved by programs you use, or your operating system. %ou have no way to even .now what this content might be. Therefore, this is the most dangerous. %ou may browse and find a doMen sensitive documents, utterly delete them, and some program may have saved the file names and excerpts of the data. This will render your previous efforts futile. )ontent that is inadvertently saved to your harddis. comes in two flavors: 1. )ontent that is saved to your $<5; space. !. )ontent that is saved by applications running on your computer, including your operating system.

The surest way to prevent content from writing to your $<5; space is to disable your $<5; space altogether. This may result in your computer running a bit slower than normal, and may mean that you cannot use ram intensive games and applications during the time your $<5; is disabled. Therefore, if you use this method, simply turn bac. on the $<5; when you want to use those ram intensive applications. 5lso, you may choose not to ta.e this step. 1 N &ere is how to disable your swap space if you are using <indows /: @@@ 5'+5:)*' I:$T6")TI :$ B*? <. $OI; T&I$ I0 % " 56* : +I)* 6 ":) B0 6T5B?* <IT& T&I$ ;*65TI : @@@ @This step is recommended for advanced users only. If you are not comfortable doing this, you may safely s.ip this step.@ Instructions are less verbose than usual, as these steps are intended for advanced users only. If you do not fully understand these instructions, s.ip this step. 1. !. #. (. ,. -. /. 0rom )ontrol ;anel, go to D$ystem and $ecurityE. )lic. on D$ystemE, and then choose D5dvanced system settingsE in the left9most menu. "nder the D5dvancedE tab, under D;erformanceE, clic. D$ettingsE. "nder this D5dvancedE tab, under D+irtual BemoryE, clic. D)hangeE. "nchec. D5utomatically manage paging file siMes for all drivesE. $elect D:o paging fileE. $ave, reboot, and follow these same first , steps to confirm that D:o paging fileE is still selected. This means that you have successfully disabled your swap. This means that @nothing@ from 65B will be inadvertently saved to your harddrive.

To resume using $<5; again, simply clic. D5utomatically manage paging file siMe for all drives.E %ou can switch between these two modes as you desire. 4enerally spea.ing, your computer will run fine without a swap file, provided you have enough 65B. @@@ *:' 0 5'+5:)*' I:$T6")TI :$ @@@ The next issue we need to address is how to prevent applications andGor your operating system from saving content inadvertently that you do not want saved. 0or this, we are going to set up a D+irtual BachineE. 5 D+irtual BachineE is li.e a computer inside of your computer. *verything you do inside the +irtual Bachine 7vm for short8 will be fully contained within itself and no one will be able to see what the vm has been doing. Ideally, you want @5??@ of your sensitive computer usage of any .ind, T 6 or : : T 6, to ta.e place within a vm. In this way, you can .eep everything private that you wish while still using your computer fully and getting the most out of it. 'onFt be afraid of this sounds complicated. This guide will ta.e you through every step slowly and methodically. Before we can set up a vm however, we need to ta.e another step.

) : Setting u* TrueCry*t+ ,ncry*ted $idden -olumes

If you save anything on your computer, it is li.ely that you do not want >ust anyone to be able to see what you have saved. %ou want a way to protect that information so that you can access it, and absolutely no one else except those you trust. Therefore, it ma.es sense to set up a system which protects your information and safeguards it against prying eyes. The best such system for this is called DTrue )ryptE. DTrue )ryptE is an encryption software program which allows you to store many files and directories inside of a single file on your harddrive. 0urther, this file is encrypted and no one can actually see what you have saved there unless they .now your password. This sounds extremely high tech, but it is actually very easy to set up. <e are going to do so, right now: 1. 4o to http:GGwww.truecrypt.orgGdownloads 7or go to http:GGwww.truecrypt.org and clic. on D'ownloadsE8 !. "nder D?atest $table +ersionE, under D<indows /G+istaGP;G!333Q, clic. D'ownloadE

#. The file will be called DTrue )rypt $etup /.3a.exeE or something similar. 6un this file. (. If prompted that a program needs your permission to continue, clic. D)ontinueE. ,. )hec. DI accept and agree to be bound by these license termsE -. )lic. D5cceptE /. *nsure that DInstallE is selected, and clic. D:extE 1. clic. DInstallE 2. %ou will see a dialog stating DTrue)rypt has been successfully installed.E )lic. D .E 13. )lic. D:oE when as.ed if you wish to view the tutorialGuserFs guide. 11. )lic. D0inishE 5t this point, True)rypt is now installed. :ow we will set up truecrypt so that we can begin using it to store sensitive information. 1. )lic. the D<indows ?ogoEGE$tartE button on the lower left corner of your screen. !. )lic. D5ll ;rogramsE #. )lic. DTrue)ryptE (. )lic. the DTrue)ryptE application 5nd now we can begin: 1. clic. the button D)reate +olumeE !. *nsuring that D)reate an encrypted file containerE is selected, clic. D:extE #. $elect D&idden True)rypt volumeE and clic. D:extE. (. *nsuring that D:ormal modeE is selected, clic. D:extE ,. )lic. on D$elect 0ileE :ote which directory you are in on your computer. ?oo. at the top of the dialog that has opened and you will see the path you are in, most li.ely the home directory for your username. 5n input box is provided with a flashing cursor as.ing you to type in a file name. &ere, you will type in the following filename: random.txt %ou may of course replace random.txt with anything you li.e. This file is going to be created and will be used to store many other files inside. 'o : T use a filename for a file that already exists. The idea here is that you are creating an entirely new file. It is also recommended though not re=uired that you DhideE this file somewhere less obvious. If it is in your home directory, then someone who has access to your computer may find it easier. %ou can also choose to put this file on any other media, it doesnFt have to be your hard dis.. %ou could for example save your truecrypt file to a usb flash drive, an sd card, or some other media. It is up to you. -. nce you have typed in the file name, clic. D$aveE /. Ba.e sure D:ever save historyE is chec.ed. 1. )lic. D:extE 2. n the D uter +olumeE screen, clic. D:extE again. 13. The default *ncryption 5lgorithm and &ash 5lgorithm are fine. )lic. D:extE 11. )hoose a file siMe. In order to benefit the most from this guide, you should have at least 13 gigabytes of free dis. space. If not, then it is worth it for you to purchase some form of media 7such as a removable harddrive, a large sd card, etc.8 in order to proceed. True)rypt can be used on all forms of digital media not >ust your hard dis.. If you choose to proceed without obtaining at least ten gigabytes of dis. space, then select a siMe that you are comfortable with 7such as 133 BB8. Ideally, you want to choose enough space to wor. with. I recommend !3 4B at least. 6emember that if you do need more space later, you can always create additional True)rypt volumes using exactly these same steps. 1!. :ow you are prompted for a password. T&I$ I$ +*6% IB; 6T5:T. 6*5' T&I$ )56*0"??% @@@ 6*5' T&I$ $*)TI : )56*0"??% @@@ @@@ The password you choose here is a decoy password. That means, this is the password you would give to someone under duress. $uppose that someone suspects @@@ that you were accessing sensitive information and they threaten to beat you or worse if you do not reveal the password. T&I$ is the password that you @@@ give to them. <hen you give someone

this password, it will be nearly impossible for them to prove that it is not the 6I4&T password. 0urther, they cannot @@@ even .now that there is a second password. &ere are some tips for your password: 5. )hoose a password you will :*+*6 forget. It may be ten years from now that you need it. Ba.e it simple, li.e your birthday repeated three times. B. Ba.e sure it seems reasonable, that it appears to be a real password. If the password is something stupid li.e D1!#Q then they may not believe you. ). 6emember that this is a password that you would give to someone if forced. It is @: T@ your actual password. '. 'o not ma.e this password too similar to what you plan to really use. %ou do not want someone to guess your main password from this one. 5nd with all of this in mind, choose your password. <hen you have typed it in twice, clic. D:extE. 1#. D?arge 0ilesE, here you are as.ed whether or not you plan to store files larger than ( 4I45B%T*$. )hoose D:oE and clic. D:extE 1(. D uter +olume 0ormatE, here you will notice some random numbers and letters next to where it says D6andom ;oolE. 4o ahead and move your mouse around for a bit. This will increase the randomness and give you better encryption. 5fter about ten seconds of this, clic. D0ormatE. 1,. 'epending on the file siMe you selected, it will ta.e some time to finish formatting. D<hat is happeningRE True)rypt is creating the file you as.ed it to, such as Drandom.txtE. It is building a file system contained entirely within that one file. This file system can be used to store files, directories, and more. 0urther, it is encrypting this file system in such a way that without the right password it will be impossible for anyone to access it. To @anyone@ other than you, this file will appear to be >ust a mess of random characters. :o one will even .now that it is a truecrypt volume. 1-. D uter +olume )ontentsE, clic. on the button called, D pen uter +olumeE 5n empty folder has opened up. This is empty because you have yet to put any files into your truecrypt volume. @@@ @@@ ' : T ;"T 5:% $*:$ITI+* ) :T*:T &*6* @@@ @@@ This is the D'ecoyE. This is what someone would see if you gave them the password you used in the previous step. This is : T where you are going to store your sensitive data. If you have been forced into a situation where you had to reveal your password to some individual, then that individual will see whatever is in this folder. %ou need to have data in this folder that appears to be sensitive enough to be protected by truecrypt in order to fool them. &ere are some important tips to .eep in mind: 5. 'o : T use porn. 5dult models can sometimes appear to be underaged, and this can cause you to incriminate yourself unintentionally. B. 'o : T use drawingsGrenderings Gwritings of porn. In many >urisdictions, these are >ust as illegal as photographs. ). 4ood choices for what to put here include: bac.ups of documents, emails, financial documents, etc. '. nce you have placed files into this folder, @:*+*6@ place any more files in the future. 'oing so may damage your hidden content. 4enerally, you want to store innocent data where some individual loo.ing at it would find no cause against you, and yet at the same time they would understand why you used True)rypt to secure that data. :ow, go ahead and find files and store them in this folder. Be sure that you leave at least ten gigabytes free. The more the better. <hen you are all done copying files into this folder, close the folder by clic.ing the DxE in the top right corner. 1/. clic. D:extE 11. If prompted that D5 program needs your permission to continueE, clic. D)ontinueE 12. D&idden +olumeE, clic. D:extE !3. The default encryption and hash algorithms are fine, clic. D:extE !1. D&idden +olume $iMeE, the maximum available space is indicated in bold below the text box. 6ound down to the nearest full unit. 0or example, if 12.2/ 4B is available, select 12 4B. If 1!.3 4B are available, select 11 4B. !!. If a warning dialog comes up, as.ing D5re you sure you wish to continueE, select D%esE !#. D&idden +olume ;asswordE @@@ IB; 6T5:T 6*5' T&I$ @@@

&ere you are going to select the 6*5? password. This is the password you will :*+*6 reveal to 5:% :* else under any circumstances. nly you will .now it. :o one will be able to figure it out or even .now that there is a second password. Be aware that an individual intent on obtaining your sensitive information may lie to you and claim to be able to figure this out. They cannot. It is &I4&?% recommended that you choose a -( character password here. If it is difficult to remember a -( character password, choose an 1 character password and simply repeat it 1 times. 5 date naturally has exactly 1 numbers, and a significant date in your life repeated 1 times would do >ust fine. !(. Type in your password twice, and clic. D:extE !,. D?arge 0ilesE, select D%esE and clic. D:extE. !-. D&idden +olume 0ormatE, as before move your mouse around for about ten seconds randomly, and tehn clic. D0ormatE. !/. If prompted D5 program needs your permission to continueE, select D)ontinueE !1. 5 dialog will come up telling you that the hidden True)rypt volume has been successfully created. )lic. D .E !2. )lic. D*xitE )ongratulationsL %ou have >ust set up an encrypted file container on your hard drive. 5nything you store here will be inaccessible to anyone except you. 0urther, you have protected this content with T< passwords. ne that you will give to someone under threat, and one that only you will .now. Oeep your real password well protected and never write it down or give it to anyone else for any reason. :ow, we should test B T& passwords.

.. Testing TrueCry*t -olumes

nce you have completed the above section, you will be bac. at True)rypt. 4o ahead and follow these steps to test the volumes you have made. 1. )lic. D$elect 0ileHE !. ?ocate the file you created in the last section, most li.ely called Drandom.txtE or something similar. 6emember that even though there is both an outer and a hidden volume, both volumes are contained in a single file. There are not two files, only one. #. )lic. D penE (. )hoose a drive letter that you are not using 7anything past B is probably >ust fine8. )lic. on that, 0or example clic. on D :E to highlight it. ,. )lic. DBountE -. :ow you are prompted for a password. 6ead the below carefully: The password you provide here will determine <&I)& volume is mounted to the drive letter you specified. If you type in your decoy password, then : will show all the files and directories you copied that you would reveal if forced. If you type in your real password, then : will show the files and directories that you never intend anyone to see. /. 5fter successfully typing in your password, you will see additional detail to the right of the drive letter, including the full path to the file you selected as well as the .ind of volume it is 7for example, hidden8. 1. 6ight clic. on your D<indows ?ogoEGE$tart BenuE icon, and scroll down to the bottom where you can see your different drive letters. %ou will see the drive letter you selected, for example: D?ocal 'is. 7 :8E. )lic. on that. 2. If you selected your decoy password, you will see all the files and folders that you moved there during the installation phase. If you selected the real password, you will see whatever files and directories you have placed so far into the hidden volume, if any. If you selected your hidden volume password, you may now begin moving any sensitive information you wish. Be aware that simply moving it from your main hard dis. is not enough. <e will discuss how to ensure deleted data is actually deleted later in the guide. D<hat is happeningRE <hen you select a file and mount it to a drive, you are telling your computer that you have a new drive with files and folders on it. It is the same thing as if you had plugged in a usb flash drive, a removable harddrive, or an sd card into your computer. True)rypt causes your computer to thin. that there is an

entirely new dis. drive on your computer. %ou can use this dis. drive >ust as if it @was@ actually a usb flash drive. %ou can copy files to it, directories, and use it >ust as you would use a usb flash drive. <hen you are done, simply close all open windowsGfoldersGapplications that are using your truecrypt drive letter, and then clic. D'ismountE from within True)rypt while you have the drive letter highlighted. This will once again hide all of this data, accessible only by re9mounting it with the correct password. @@@ +*6% IB; 6T5:T $50*T% I:0 6B5TI : @@@ <hen a true crypt hidden volume is mounted, someone who has access to your computer can access anything that is inside that hidden volume. If for example you left your computer running while a truecrypt volume was mounted, then if someone gained access to your computer they would be able to see everything you have in that volume. Therefore: @@@ 5?<5%$ 6*B*BB*6 T 'I$B ":T 5:% T6"*)6%;T + ?"B* ) :T5I:I:4 5:% $*:$ITI+* I:0 6B5TI : <&*: % " 56* : T "$I:4 % "6 ) B;"T*6 @@@ %ou can tell that it is dismounted because the drive letter inside of DTrue)ryptESs control panel will appear the same as all of the other drive letters, with no information to the right of the drive letter. %ou should practice Bounting and 'ismounting a few times with both passwords to ma.e sure you understand this process. nce you have copied filesGfolders into the hidden volume, do @: T@ touch the files or folders in the outer volume anymore. 6emember that both volumes occupy the same single file, and therefore changing the outer volume can damage the hidden volume. nce you have copied filesGfolders into the outer volume during the installation process, that is the last time you should do so. 0rom that point forward, use :?% the hidden volume. The outer volume exists only as a decoy if you need it.

/. Securing your (is0

This is an involved step which many people may not be able to do right away. If you cannot do this step immediately, then see section /. 5t this point you should understand how to create and use True)rypt hidden volumes in order to safeguard any sensitive information. Therefore, you should @: T@ .eep any such sensitive information on your hard dis.. 5t this stage, there are two possibilities: 1. %ou have never had any sensitive information on your hard dis.. In this case, read this section but you can certainly s.ip it. !. "p until now, you have stored sensitive information on your hard dis.. If so, then you B"$T read this section. If you have ever used this computer to access sensitive information, then all of the security and precautions in the world are totally useless and futile because all someone has to do is access what is left of that sensitive information. I cannot stress this enough. %ou can have the most secure True)rypt volumes, use T 6, and be the safest most secure user in the world. If you have not made sure that @5??@ remnants of any sensitive information are "TT*6?% 6*B +*' from your hard dis., then all of that effort is totally pointless. %ou B"$T ta.e these actions to safeguard your hard dis., or otherwise you might as well throw away this guide and follow none of the advice herein. 0irst, I understand that it is troublesome to have to re9format a computer, to bac. everything up, and reinstall everything. &owever, if you have ever had sensitive information on your machine, that is what you have to do. Ta.e the following steps: 1. btain a removable harddrive or usb flash drive large enough to store anything you need to save. !. $et up a truecrypt hidden volume on that harddrive big enough to hold all of that information. #. $et up the truecrypt outer volume as in the previous section. "se the previous section as a guide if you need to. (. Be sure you the hidden volume will have enough space to store all that you are bac.ing up. ,. )opy 5?? data you need to bac. upGsave into that hidden volume. @@@ IB; 6T5:T, 6*5' T&I$ @@@ If you have ever used this system to access sensitive information, then you must assume that the sensitive information or remnants of it can be @anywhere@ on your hard dis.. Therefore, you need to move @*+*6%T&I:4@ you intend to save into the hidden truecrypt container. %ou do not .now where sensitive data might be, so you are assuming it can be

anywhere. This way you still have 5?? of your data and you have lost nothing. 5 good analogy is toxic waste. %ou donFt .now which barrel might contain the toxic waste, so you treat @5??@ the barrels as potentially toxic. This is the surest way you can protect yourself. %ou might be saying, DI have family photos, music, movies that I would have to move to the hidden volume.E That is perfectly fine. 6emember that you can access that hidden volume >ust as if it was a drive letter. In fact, ideally, @5??@ of the content on your computer 7assuming you value your privacy8 should be protected anyways. %ou lose nothing by securing all of that data. -. nce you have copied everything you intend to copy. dismount your hidden volume, reboot your computer, and re9 mount your hidden volume to ma.e sure everything is there. /. :ow it is time to re9format your entire hard drive. 6e9install your operating system of choice 7such as <indows /8, and start with a clean slate. 1. nce you have reinstalled your operating system from scratch, follow sections one through five of this guide to reach this point, and then proceed.

1. Tem*orarily Securing 'our (is0+ Shredding 2ree S*ace

?i.e the previous section, this section applies :?% I0 there is some ris. that sensitive data has ever been stored or accessed on this computer. If you are 133T sure that sensitive information has never been accessed using this computer, then you can safely s.ip this and the previous step. If you are not prepared to ta.e the actions in the previous step yet, then you should follow the steps in this section until you can. &owever, you B"$T eventually ta.e the actions in step six above. 'o not assume you can findGdelete all sensitive content. ?ists of filenames, image thumbnails, random data, and more @56*@ sitting on your hard dis.. $omeone who .nows how to find it, <I??. That will render all of your other precautions totally futile. 5s soon as you can, follow the instructions in step six. Beanwhile, here is how you can temporarily safeguard yourself until you are able to follow those instructions. 1. 4o through your hard dis. folder by folder, deleting 7or moving to a truecrypt hidden volume8 any files that you believe are sensitiveGris.y. !. <hen you are totally sure that you have deleted all such files, go to the following "6?: http:GGwww.fileshredder.org #. $croll down and loo. for the button called D'ownload 0ile $hredderE U do : T clic. any other button, as the page may have ads on it that appear to be download lin.s. (. $ave the file. ,. 6un the file, most li.ely titled: fileKshredderKsetup.exe -. D<elcome to the 0ile $hredder $etup <iMardE, )lic. D:extE /. $elect DI accept the agreementE and clic. D:extE 1. It will choose where to install it, clic. D:extE 2. )lic. D:extE again when prompted for the $tart Benu folder. 13. D$elect 5dditional Tas.sE, )lic. D:extE again 11. )lic. DInstallE 1!. *nsuring that D?aunch 0ile $hredderE is chec.ed, clic. D0inishE 1#. %ou should now notice that D0ile $hredderE is running. %ou should see the program in your tas. bar. )lic. on it to bring up the control panel if it is not up already. 1(. n the left is a lin. that says D$hred 0ree 'is. $paceE, clic. it. 1,. )hoose the drive letter for your hard dis., typically ):, as well as any other drives you wish to shred the free space. 1-. under D$elect $ecure 5lgorithmE, select D$ecure *rasing 5lgorithm with / passesE and clic. D:extE 1/. )lic. D$tartE

This will ta.e some time to finish. nce you have finished shredding your free dis. space, it will be impossible or nearly impossible for someone to find one of your deleted files and piece it bac. together to see what it once was. &owever, this is : T enough. Oeep in mind that there may still be records of the filenames that were deleted, partial data from those files, image thumbnails, and more that may be enough to incriminate you. This is only a temporary step you have ta.en, and you absolutely must ta.e the actions in step - above in order to be truly safe.

3. Installing -irtual"o4
5nd now we get to the fun part. <e are going to create a secure environment for you to browse the internet and communicate in a way that is totally anonymous and untraceable. %ou will have a setup that is so secure as to be virtually impossible to brea.. 1. 0irst, go to the following "6?: http:GGwww.virtualbox.org !. $elect D'ownloadsE in the menu on the left. #. "nder D+irtualBox platform pac.agesE is D+irtualBox (.3.( for <indows &ostsE, next to that is Dx1-Gamd-(Q. )lic. that. (. $ave the file. It should be titled similar to: D+irtualBox9(.3.(9/3119<in.exe ,. 6un the file. -. D<elcome to the racle +BH $etup <iMardE, )lic. D:extE /. clic. D:extE 1. )lic. D:extE 2. D<arning: :etwor. InterfacesE, clic. D%esE but be aware that your internet connection will be temporarily reset for a few seconds. 13. )lic. DInstallE 11. 5 dialog saying D5 program needs your permission to continueE may appear, clic. D)ontinueE. 1!. ne or more dialogs as.ing if you want to install Ddevice softwareE may come up, select DInstallE each time. 1#. ptionally chec. the box D5lways trust software from racle )orporation.E 1(. D racle +BH installation is completeE, )lic. D0inishE ensuring that D$tart racle +B after installationE is chec.ed. :ow we have the software we need in order to set up and run virtual machines. n your tas. bar to the far right, you should notice +irtualBox running. )lic. on the D+irtualBoxE icon if needed in order to bring the +irtualBox control panel into view. :ow it is time to set up a virtual machine. 0or this, we need to obtain two files. perating systems, such as windows, are typically installed using a cd or dvd. %ou put the cd or dvd into your computer, you boot it up, and you follow the instructions in order to install the operating system. +irtual machines wor. similarly. Before we can use a virtual machine, we have to install an operating system on it. &owever, we are @: T@ going to use <indowsL <e are going to use ?inux. 'o not be afraid if you have no experience using ?inux. I assure you that this will prove to be painless. <e actually need two different linux operating systems in order to have a secure system. Before we go through the steps of setting this up, I want to describe to you what we are doing. 6emember earlier in the guide I explained that one of the downsides to using Tor Browser from your main computer is that you might accidentally put a lin. into a non9Tor browser. The problem with your computer right now is that you can access tor sites, or non9tor sites e=ually well. That means that you have to be extremely careful to ensure that you are using Tor. 5n analogy would be to say that you are typing on a .eyboard with red and green .eys. %ou have to be careful to only hit the green .eys. If you accidentally hit a red .ey, then you could compromise your security and anonymity. That is @not@ a good position to be in. The purpose of setting up a virtual machine is to ma.e certain that you cannot accidentally reveal your identity or compromise your security.

The computer you are using now has two ways of accessing the internet: T 6, and :on9T 6. The virtualmachine we are setting up however will only be able to access the internet using T 6. :o other way period. That means that no matter what you do, no matter how hard you try, you will : T be able to accidentally access any website except through T 6. This @guarantees@ that whatever you do on that virtual machine is going to be through T 6. $o how do we achieve thisR There are a number of ways to do so. The method presented in this guide is not the only good way, however I do believe that it is both easy to set up and also friendly to users who may not have a great deal of 65B. 0irst, we are going to set up two different virtual machines. ne of them will exist for the sole purpose of ma.ing sure that the other one does not accidentally connect to the internet except through T 6. This virtual machine re=uires very little. %ou will not be using it for anything. It will simply act as a gate.eeper to ensure that the other +irtual Bachine is safe. The second virtual machine will be what you use for internet browsing, chatting, etc. This virtual machine will be configured in such a way that it can only use T 6 and nothing else. The way we will achieve this is to force this second virtual machine to go through the first virtual machine for all internet connections. 'o not worry if this seems complicated. 5s with the rest of this guide, I am going to wal. you through step by step exactly what to do. 0irst, we have to obtain the operating systems we will need. In this case, we are going to use D'amn $mall ?inuxE 7yes that is itFs real name8 for the firewall and we are going to use D"buntuE for the main system. The advantage to using D'amn $mall ?inuxE is that we only need #! BB of ram and no dis. sapce to have an effective firewall. ?etFs set up the firewall first:

5. Installing a 2ire#all
1. 0irst, go to the following "6?: http:GGwww.damnsmalllinux.org 7three lFs8 !. $croll down until you see a lin. that says D'ownloadE #. "nder D)urrent 0ull Birror ?istE, clic. any that wor.. $ome may not wor. at any given time. If one doesnFt wor., simply hit bac. on your browser and try another one. (. 5t the time of this guide, the following url wor.ed: ftp:GGftp.is.co.MaGlinuxGdistributionsGdamnsmallGcurrentG ,. 4o to the DcurrentE directory if not already in it. -. )lic. on the file called: dsl9(.(.13.iso U If you cannot find this file, choose the file closet to it. 5 higher version number is fine. The file will probably be about ,3 BB /. The file should ta.e about ,913 minutes to download based on your connection. 7I0 T&* 5B +* $T*;$ < 6O*' 0 6 % ", $OI; T&I$ BI:I9$*)TI :8 7If you had trouble with the above steps, read this mini9section8 7<ith mirrors, it is often the case that a particular mirror site doesnFt wor.. 5t the time of this writing, several mirrors wor.ed. I am providing detailed instructions for each mirror.8 75bove I have already provided instructions for the mirror8 ftp:GGftp.is.co.Ma BI66 6: http:GGgd.tuwien.ac.atGopsysGlinuxGdamnsmall 74o to this "6?, and under D$ubdirectoriesE clic. on DcurrentE8 if available, select the file called Dcurrent.isoE 7provided the file is at least (2 BB in siMe8 If not, then choose the closest file to dsl9(.(.13.iso, a higher version V is fine. BI66 6: http:GGftp.belnet.beGpac.agesGdamnsmalllinuxG 7go to DcurrentE directory, obtain either Dcurrent.isoE 7if (2 BB or higher8 or find file closest to Ddsl9(.(.13.isoE8 BI66 6: http:GGftp.heanet.ieGmirrorsGdamnsmalllinux.orgG 7go to DcurrentE directory, obtain either Dcurrent.isoE 7if (2 BB or higher8 or find file closest to Ddsl9(.(.13.isoE8 5t this point, you should have the file either Dcurrent.isoE or Ddsl9(.(.13.isoE 7or something similar8 fully downloaded and saved into your 'ownloads directory. :ow, go ahead and open up +irtualBox again, most li.ely by clic.ing it on the tas. bar. 1. )lic. D:ewE at the top left, an icon that resembles a many9pointed round star. 2. D<elcome to the :ew +irtual Bachine <iMardE, clic. D:extE 13. D+B :ame and $ TypeE: "nder D:ameE type in: 0irewall 11. 0or perating $ystem, choose D?inuxE

1!. 0or D+ersionE, choose: D ther ?inuxE 1#. )lic. D:extE 1(. DBemoryE, select D#! BBE and clic. :ext 1,. D+irtual &ard 'is.E, "nchec. DBoot &ard 'is.E and clic. D:extE 1-. If a <arning dialog appears, clic. D)ontinueE 1/. )lic. D0inishE 11. :ow you will notice D0irewall, ;owered ffE visible in your +irtualBox control panel. Ba.e sure it is highlighted 7it should be8 and then right clic. it, and select D$ettingsE. 12. $elect D:etwor.E in the menu to the left. !3. )lic. on the D5dapter !Q tab. !1. )hec. D*nable :etwor. 5dapterE and next to where it says D5ttached toE, select DInternal :etwor.E from the pulldown menu. !!. )lic. D .E at the bottom. !#. nce again, right clic. D0irewall, ;owered ffE and select D$tartE !(. )hec. D'o not show this message againE and clic. D .E. This is >ust letting you .now that the D6I4&T )T6? O*%E on your .eyboard is the DcontrolE .ey for this virtual machine. !,. D<elcome to the 0irst 6un <iMardE, clic. D:extE !-. D$elect Installation BediaE, under DBedia $ourceE is a pull down menu. To the immediate right of that pull down menu is an icon with a folder. )lic. that folder icon. !/. ?ocate Dcurrent.isoE or Ddsl9(.(.13.isoE 7or the similar file name8 that you downloaded. <hen located, clic. D penE. It is li.ely in the D'ownloadsE directory of your home folder. !1. )lic. D:extE !2. )lic. D0inishE :ow the virtual machine will start to boot up. $imply waitH 7This may ta.e up to , minutes.8 #3. ne or more new dialogs may come up saying D+irtualBox InformationE, >ust clic. D'o not show this message againE and clic. D .E 5fter a few minutes, the booting will finish and you will be loo.ing at the des.top for your firewall virtual machine. To the right of the window you will see some stats that loo. something li.e this: "p: 3 .Gs N 'own: 3 .Gs ;rocesses: 12 );" "sage: 13T 65B "sage: 1-.!BBG!1.1BB etc. )ongratulationsL %ou now have a firewall running. :ow we will set up this firewall to protect you so that you can safely use T 6 from your main virtual machine.

10. 2ire#all Configuration

5t this stage you should be loo.ing at the des.top for D'$?E 7'amn $mall ?inux8. I need to tal. about the mouse first. This particular virtual machine as well as your main operating system 7windows8 both want control of your mouse. Both cannot have control of your mouse at the same time however. Therefore, you have to choose whether the mouse will be used by your virtual machine, or by <indows. <hen you clic. into your virtual machine, it has the effect of passing control of the mouse to the virtual machine. That means you cannot move your mouse cursor past the boundaries of that virtual machine. In order to give mouse control bac. to windows, enabling you to move your mouse cursor anywhere, simply press the right ctrl .ey on your .eyboard. That is to say, you have two ctrl .eys. ne on the left of your .eyboard, and one on the right. ;ress the ctrl .ey that is on the right of your .eyboard. This will give mouse control bac. to windows. ;ractice this a bit. ;ractice clic.ing into the window, moving the mouse cursor around, pressing right ctrl, and moving the windows mouse cursor around. 4et the feel of it. %ou should see a window that loo.s something li.e a web browser, with some text in it including words such as D4etting $tarted with '$?E. 0irst, close that window. 7If your mouse is not wor.ing, read this mini9section.8

70irst, clic. inside the window that your virtual machine is running in8. :ow try moving your mouse cursor. If you do not see the mouse cursor moving around, then press 76I4&T )T6? W I8. :ow move your mouse cursor again. If you notice that you are moving your DmainE mouse cursor over the window, but you do not see the D'$?E blac. mouse cursor moving, then clic. again into that window. If you do this a few times, you should notice that the mouse begins to wor.. %ou may have to press 6I4&T )T6?WI a couple of times to get the mouse to wor.. 1. nce the mouse is wor.ing inside of your virtual machine, go ahead and close the window entitled D4etting $tarted with '$?E 7If you cannot see the full virtual machine window, for example because your screen resolution is set so that some of the window goes too low, read this mini9section8. 70irst, press 6I4&T )T6?WI until you have your main windows white mouse cursor bac.8. :ow, clic. on DBachineE in the menu at the top of the window. 7$elect D$witch to $cale BodeE8 7 )lic. D$witchE8 7:ow you will have converted your firewall window to a smaller siMe, and you will be able to resiMe it. %ou may need to press Dright ctrlE to get a windows mouse cursor 7which you will need in order to resiMe this window8. :ow simply resiMe it to the siMe that wor.s for you, and then clic. into the window to be able to use the blac. mouse cursor inside the virtual machine. I recommend you maximiMe this window to ma.e sure you can read everything clearly. !. 6ight clic. anywhere on the des.top, go to $ystem 7a red folder8, go to 'aemons, ssh, and start. #. 6ight clic. again anywhere on the des.top, go to P$hells 9J 6oot 5ccess 9J Transparent (. :ow you have a window that you can type in. Type exactly as shown below into this window, and hit enter: passwd nce you type this and hit enter, it will as. you for a password. This is a password for full access to the firewall. Ba.e it at least 1 characters in siMe. @@@ IB; 6T5:T: 'o not forget your firewall password. %ou will need it later in the guide. @@@ <hen you have successfully changed your password, it will say D;assword changed.E ,. :ow type exactly as shown below, into the same window: ifconfig eth1 13.3.#.1 -. It will not say anything after you hit enter, it will >ust return you bac. to the prompt. :ow our firewall server is ready. <e want to save this state so that we can get bac. to it easy in the future. ;ress 6I4&T )T6?W$ /. :ow you will be loo.ing at a window that says DTa.e $napshot of +irtual BachineE. Iust clic. D .E 1. :ow, letFs test this out to confirm it wor.s as we expect. 4o ahead and close the virtual machine by clic.ing the DPE in the top right corner. 5 menu will come up. $elect E;ower off the machineE and clic. o.. 'o : T chec. the box called D6estore current snapshotE. 5nd now you should be once again at the +irtualBox manager. %ou will see D0irewall 7$hapshot 18, ;owered ffE 2. Ba.e sure that D0irewall 7$napshot 18, ;owered ffE is selected. 5t the top right of your +irtualBox Banager is a button that says: D$napshots 718E. )lic. it. 13. )lic. on D$napshot 1Q, the top9most selection. This will highlight it. 11. :ow right clic. it, and clic. on D6estore $napshotE 1!. 5 dialog box will come up as.ing if you are sure, clic. D6estoreE 1#. :ow clic. the D$tartE button at the top with the large green arrow. 1(. 5ny dialog boxes that come up with a chec. box saying D'o not show this information againE, simply chec. the chec.9 box, and clic. o.. 'o not worry about any of those. 6emember, if you do not have immediate control of the mouse inside the virtual machine, simply press 6)T6?WI 7press right ctrl and DIE at the same time8 and clic. into it until you have mouse control. :ow your firewall is good to go. 5ny time you need it, >ust go to the +irtualBox Banager and follow steps 2 through 1(

above. %ou do not have to go through the whole setup process again at any time in the future. %our firewall is ready.

11. Installing Ubuntu

:ow we are going to set up the main machine that you will be using T 6 with. 1. 0irst, go to this "6?: http:GGwww.ubuntu.com !. )lic. on the lin. D'ownload "buntuE #. )lic. D$tart 'ownloadE 7This download should ta.e 1391, minutes8 (. The filename is going to be similar to: ubuntu913.139des.top9i#1-.iso :ow we waitH <hile you are waiting for the file to download, go ahead and ma.e sure that your Dhidden volumeE is mounted in True)rypt to a particular drive letter. 0or example, : %ou will need that for the next step. ,. 6eturn to your D+irtualBox BanagerE. It doesnFt matter if the firewall is running or not. -. )lic. D:ewE 7the blue round star9icon in the top left8 again. /. D<elcome to the :ew +irtualBachine <iMardE, clic. D:extE 1. D+B :ame and $ TypeE, under D:ameE, type D;rimaryE 2. :ext to D perating $ystemE, select D?inuxE 13. :ext to D+ersionE, select D"buntuE and )lic. D:extE 11. DBemoryE, by default it selects ,1! BB. This is fine. !,- BB is the BI:IB"B. The more memory you allocate, the better the virtual machine will function. )lic. D:extE 1!. D+irtual &ard 'is.E, Ba.e sure DBoot &ard 'is.E is chec.ed. Ba.e sure D)reate new hard dis.E is selected. )lic. D:extE 1#. D<elcome to the )reate :ew +irtual 'is. <iMardE, clic. D:extE 1(. D&ard 'is. $torage TypeE, select D0ixed9siMe storageE and clic. D:extE 1,. D+irtual 'is. ?ocation and $iMeE, to the right of the text box containing D;rimaryE is a folder icon. )lic. the folder icon. 1-. :ow we have to select a file for the new hard dis. image file. n the bottom of this dialog it says DBrowse 0oldersE, clic. on that. 1/. :ow clic. on D)omputerE in the menu to the left. 11. $croll to where you see the drive letter you mounted, and double clic. on it. *x: ?ocal 'is. 7 :8 12. :ow clic. D$aveE !3. By default 1.33 4B are selected. That is fine. If you have enough space on your hidden volume, increase this to 13 4B. therwise, 1 is fine. !1. "nder D?ocationE, it should say :;rimary.vdi where : is replaced by whatever drive letter you mounted your True)rypt hidden volume to. !!. )lic. D:extE, then clic. D0inishE :ow we wait for +irtualBox to create the hard drive we as.ed for. This may ta.e a few minutes. Oeep in mind this entire virtual machine as well as any of its contents are going to reside within the hidden truecrypt container. This ensures extra security. !#. <hen this is done, you will see a D$ummaryE window. )lic. D0inishE. !(. :ow, right clic. on D;rimary, ;owered ffE in your D+irtualBox BanagerE, and clic. D$tartE !,. 5gain we are at the D0irst 6un <iMardE, clic. D:extE

!-. D$elect Installation BediaE, under DBedia $ourceE is a pull down menu. )lic. the Dfolder iconE to the immediate right of that pulldown menu. !/. ?ocate Dubuntu913.139des.top9i#1-Q 7or the similarly named file8 from your 'ownloads directory, or wherever you saved it. )lic. on it, and clic. D penE !1. )lic. D:extE !2. )lic. D0inishE :ow simply wait. %our "buntu virtual machine will be loading up. This may ta.e a few minutes. 'onFt worry if you see all .inds of strange messagesGtext. It is normal. 5fter a few minutes, you should start to see the "buntu des.top load. "nli.e your firewall, you will notice that you do not have to clic. the mouse inside the window. It automatically happens. This is going to be much easier than the D0irewallE step. nce everything has loaded, you will be loo.ing at a window that says DInstallE with a button that says DInstall "buntuE. If you cannot see everything, press 6)T6?W0 7to go full screen8. %ou can return to windowed mode by 6)T6?W0 again. 5ny dialogs can be closed, and you can chec. the box that says D'o not show me this again.E #3. )lic. DInstall "buntuE #1. )hec. D'ownload updates while installingE #!. )hec. DInstall this third9party softwareE. )lic. D0orwardE ##. *nsure D*rase and use entire dis.E is selected, and clic. D0orwardE. 6emember, this is : T tal.ing about your hard dis.. It is tal.ing about the 1913 gigabyte virtual dis.. #(. )lic. DInstall :owE #,. :ow you will be guided through a series of installation related screens. The first screen as.s you to select your timeMoneGtime. $elect your choice and clic. D0orwardE #-. :ow .eyboard layout, again select your choice and clic. 0orward. If you are unsure, leave it as is or clic. D0igure out .eyboard layoutE #/. D<ho are youRE 0or D%our nameE type in: mainuser #1. <hen you type in DmainuserE the other boxes will fill in automatically. :ow clic. in the text box next to D)hoose a passwordE. #2. 'o : T use the same password as the firewall. )ome up with a different password. (3. *nsure that D6e=uire my password to log inE as well as D*ncrypt my home folderE are selected and chec.ed and proceed. :ow simply wait until the installation is finished. The installation may ta.e a while, and it may appear to stall at some points. 5s long as the ubuntu mouse cursor shows an animation that is turning around in circles, the installation @is@ wor.ing. $imply wait until it is done. If after an hour or two the progress bar hasnFt moved at all, then go ahead and re9start the installation starting from step !( 7after closing the window and powering down the virtual machine8. 'epending on your computer, it could ta.e !9( hours. Bost li.ely, it will ta.e about an hour. nce finished, you will see a dialog that says DInstallation )ompleteE with a button that says D6eboot :owE. 'o : T press the D6eboot :owE button. )lose the SPF on this window, and ;ower 'own. (1. :ow, right clic. D;rimaryE and go to D$ettingsE. (!. )lic. on D$torageE in the left menu. Then clic. on the Dubuntu913.13H .isoE under where it says DI'* )ontrollerE (#. To the right it says D5ttributesE under that it says D)'G'+' 'rive : HE to the immediate right of that is a cd icon. )lic. it. ((. $elect D6emove dis. from virtual drive.E (,. )lic. D .E (-. :ow, ma.ing sure that D;rimaryE is highlighted, clic. the D$tartE button at the top with the large green arrow. :ow we wait for your newly installed "buntu machine to boot up. (/. 5fter a few minutes, you will see a dialog appear that says Dmainuser9+irtualBoxE. 4o ahead and clic. on DmainuserE

which has the Dperson iconE to the left of it. (1. :ow it will prompt you for your password. *nter the password you used in the installation process. (2. 5fter a minute or so, you should hear a nice login sound, and you should be fully logged into your virtualmachine. ,3. Oeep waiting, and a dialog will appear that says DInformation avialableE and D6ecord your encryption passphraseE )lic. on: D6un this action nowE ,1. Type in the same password you used to log in. 5fter that window closes, clic. D)loseE in the dialog box. )ongratulationsL %ou have now set up a virtual machine as well as a firewall to protect it. :ow we need to finish configuring the primary virtual machine.

1%. Ubuntu Initial Setu*

., now that we have installed "buntu, we need to set it up so that we can use it fully. This also means ma.ing sure we can see flash on websites such as youtube. 1. 0irst, we have to install any updates that are pending. 5t the bottom of your screen, you should notice where it says D"pdate BanagerE. )lic. on that. !. :ow, clic. on DInstall "pdatesE. If you did not see D"pdate BanagerE, then s.ip these two steps. #. 5ny time an administrative tas. is re=uired, you will need to type in your password. This is the same password you used to log in. :ow we wait, this is going to download any necessary security updates to ma.e certain we are using the most currentGsecure setup possible. This may re=uire downloading hundreds of megabytes. Iust go ahead and let it do that, and when everything is downloaded and updated, proceed to the next step. <hile you wait, "buntu may go into screensaver mode. If so, >ust move the mouse and it will as. you for your password. That will leave screensaver mode. If the updates are more than a hundred megabytes, it will ta.e =uite a while. It may ta.e up to !9# hours depending on your computer and internet connection. :onetheless, this step is critical. 'o not s.ip the updates. Besides ensuring that your setup will be secure, the updates also ensure that all of the applications are up to date and thus most li.ely to function correctly. Iust go ahead and watch a movie for a couple hours, and then return and chec. on it. 5fter all of the updates have been downloaded and installed, the D"pdate BanagerE window will now say D%our system is up9to9dateE at the top. 0urther, it will say: DThe computer needs to restart to finish installing updates.E. 4o ahead and press the SPF in the top right corner of the window, and choose S$end the shutdown signalE. If prompted, clic. D$hut 'ownE. nce it has fully shut down, the window will disappear and you will be bac. at the +irtualBox manager. 4o ahead and right clic. on D;rimaryE and clic. D$tartE. This will restart the virtual machine. If a virtual machine fails to shutdown after 13 minutes or so, then go ahead and close the window again by pressing the SPF but this time choose D;ower downE. If it still will not shut down, then +irtualBox may have crashed. If so, >ust follow these instructions: 7 0ollow the steps in this mini9section if a virtual machine fails to shutdown, or you need to completely closeGrestart +irtualBox8. 7 0irst, press D)trlW5ltW'eleteE, and then clic. DTas. BanagerE8. :ext, locate the process that is running that starts with D+irtualBoxE. 6ight clic. that process, and clic. D*nd ;rocess TreeE 7This should force the window to close8. 7:ow, restart +irtualBox by going to your start menu, 5ll ;rograms, racle +B +irtualBox +irtualB x8. :ow you will have the +irtualBox manager up again. To restart the "buntu machine, simply right clic. on D;rimaryE and clic. D$tartE. nce your ;rimary vm has rebooted, you will be again at the login screen. &ere as before, clic. on DmainuserE and then enter in your password. :ow your primary machine is fully up to date. 6emember, be patient. It may ta.e a few minutes before your virtual machine has fully booted. 0irst you will see the bac.ground image and a mouse cursor that can move around, next you should hear the login sound play, and finally you will see the menu at the top and bottom of your

virtual machine window. 'epending on the speed of your computer, this may ta.e 13 minutes or more. Iust be patient. 'onFt worry if your virtual machine appears to be running too slow, we will speed it up. :ow your +irtual Bachine is set up and ready for use.

1&. Installing Guest Additions

In order to ensure that the +irtual Bachine runs smoothly as possible, we are going to install some additional software to the virtual machine. 1. 4o to the D'evicesE menu at the top of your virtual machine main window 7Bachine, 'evices, &elp8, and go to DInstall 4uest 5dditionsE !. 4o to the D;lacesE menu at the top of your virtual machine 75pplications, ;laces, $ystem8, and clic. on D+B P5''ITI :$K(.3.(K/311!Q 7the number may be different8. #. 5t the top this new window will be the text DThe media has been determined as D":IP softwareE. )lic. on D pen 5utorun ;romptE (. 5 new dialog may appear saying DThis medium contains software intended to be automatically started. <ould you li.e to run itRE )lic. D6unE ,. *nter your administrative password 7the one you use to log into "buntu8 and clic. D .E -. :ow the +irtualBox 4uest 5dditions installer will begin. This may ta.e some time, so >ust relax and wait. 'epending on your computer, this may ta.e #3 minutes or more. /. <hen this is finished, you will see the text D;ress 6eturn to close this window.E 4o ahead and do so. 1. nce that window has closed, go ahead and press the SPF to close the entire virtual machine window. $elect D$end the shutdown signalE and clic. D .E. 2. 5 dialog box will appear. )lic. on D$hut 'ownE, the top most option. 5t this stage it is a good idea to further optimise our virtual machine. <hen you initially installed it, you most li.ely selected either !,- BB or ,1! BB of 65B. If you have enough 65B to spare, then I highly recommend you increase that to at least 1 4B. &ere is how to do so: 1. 0irst, right clic. on D;rimary, ;owered offE and go to $ettings. !. $elect D$ystemE from the menu on the left. #. Increase the DBase BemoryE to either 13!( BB 71 4B8, or some higher value you are comfortable with. It is also a good idea to increase the video memory available to the virtual machine. (. $elect D'isplayE from the menu on the left, still inside of D$ettingsE ,. Increase the D+ideo BemoryE slider to the right as far as you are comfortable with. 0or example, 1!1 BB. -. )hec. the box D*nable #' 5ccelerationE. /. :ow clic. D .E at the bottom. 4o ahead and start up "buntu again by right clic.ing D;rimary, ;owered offE and clic.ing D$tartE <hen "buntu loads up, go ahead and log in as before using your password. :ow wait until "buntu is fully booted and the D5pplications ;laces $ystemE menu is visible. %ou will probably notice that your virtual machine loads up and runs faster than before. &ow well your virtual machine runs depends on how good your computer is. ;rimarily, 65B and processor speed are the most significant factors. If your computer is modern enough, you should be able to use websites with flash and even watch videos, such as on %ouTube, with no problem. If your computer is not as modern, you will still be able to browse websites but may not be able to watch videos. %ou should still be able to use most flash based websites however. @@@ IB; 6T5:T: 'o : T browse sensitive content %*T. 5t this stage, your virtual machine is not yet configured to use

T 6. @@@

1). Installing I6C 7!*tional8

@@@ This section is entirely optional. If you are not interested in installing I6), s.ip this section. @@@ To install I6) on your new virtual machine, follow these steps: 1. 4o to the D5pplicationsE menu, and go to D"buntu $oftware )enterE !. Type D.vircE in the search box field in the top right. #. <hen the results return, select the one called: DO'*9based next generation I6) clientE or DO+ IrcE. (. )lic. DInstallE ,. *nter your password when prompted. -. <hile it installs, you will notice a progress bar. This may ta.e a few minutes depending on the speed of your internet connection. /. nce it is finished installing, the progress bar will go away. 4o ahead and close the D"buntu $oftware )enterE. %ou are probably used to the closeG minG max buttons being on the top right, as is the case in <indows. %ou will find them in the top left instead. If you donFt li.e this, donFt worry. %ou can change it later. :ow, letFs go ahead and set up O+Irc. 6emember, you are : T truly anonymous yet. 1. )lic. on D5pplicationsE in the top menu. 2. 4o to DInternetE 13. )lic. on DO+IrcE 11. DO+Irc $etupE will appear. 4o ahead and clic. D:extE to begin. 1!. D$tore )onfiguration in 0olderE, clic. D:extE 1#. D;lease choose a :ic.nameE. %ou can leave this exactly as is, or you can choose a :ic. name then clic. D:extE. @@@ IB; 6T5:T 6*5' T&I$ @@@ 'o : T pic. a nic. name you have ever used before, or a nic. name that can help someone determine who you are. 5lso, do : T fill in any other details such as location, age, real name, etc. ?eave everything else as is. %ou are : T 5nonymous yet. 1(. :ow you are as.ed to pic. a theme, select D:o themeE then clic. D:extE 1,. :ow clic. D0inishE to leave the O+Irc $etup 1-. 5 new window will appear having a list of servers, clic. D)loseE :ow letFs connect to the D0reenodeE I6) networ.. By now, you may have many =uestions about how to use "buntu. The V"buntu chatroom on 0reenode is a great place to start, and where you can as. =uestions related to how to use "buntu and +irtualBox. ;lease remember, you are : T anonymous yet and anything you say can be matched to your I; address. Oeep the conversation related to technical help, or >ust learning "buntu. 'o : T discuss T 6. 'o : T discuss 5:% sensitive material. 6emember, this chatroom consists mostly of people who have set up "buntu for other reasons. Therefore, they will be able to help you configure it, and answer many =uestions about how "buntu wor.s. 1/. 5t the bottom right of O+Irc is a long text input box. )lic. inside that box. 11. Type, exactly as shown below, including the DGE character: Gserver irc.freenode.net ---/

12. This will connect you to the 0reenode I6) networ.. 5fter a few minutes, you will be connected and a dialog box will appear. !3. "nchec. the box that says D$how this window after connectingE, and then clic. D)loseE !1. :ow, in the same text box as you typed the Gserver command, type the following exactly as shown below, including the DGE and DVE characters: G>oin V"buntu !!. :ow you are in the V"buntu chatroom. 0eel free to discuss the "buntu operating system and as. =uestions related to how to use "buntu. 6emember: @@@ 'o : T discuss T 6 or sensitive material. %ou are : T anonymous. @@@ This is a good opportunity for you to learn how to set up "buntu to be the way you want as far as colors, layout, theme and so forth. <hen you have finished, simply close the DO+IrcE window.

1.. Installing Torchat 7o*tional8

@@@ This section is entirely optional. If you are not interested in installing Torchat, s.ip this section. @@@ Torchat is a program you can use to communicate securely and anonymously with other Torchat users. It is only useful if you already .now someone who is using it. If you do not .now someone using Torchat, then it is best to s.ip this section and come bac. to it in the future when you want to install Torchat. These instructions wor. for "buntu 13.13. 0irst, installing Torchat is a bit tric.y because "buntu does not include Tor by default in its repositories. Tor is a re=uirement for torchat, and therefore we have to first install Tor on "buntu. 'oing so is not too difficult. 1. 0irst, go to D5pplicationsE 9J D5ccessoriesE 9J DTerminalE. %ou will see a new window appear with a prompt that loo.s li.e this: mainuserXmainuser9+irtualBox:YZ !. :ow, type exactly as shown below, and hit enter: sudo bash #. 5fter entering your password, you will be at a new prompt which loo.s li.e this: rootXmainuser9+irtualBox:YV (. :ow, either type or copy9paste the below text into this window and then hit enter: echo Ddeb http:GGdeb.torpro>ect.orgGtorpro>ect.org experimental9lucid mainE [ sudo tee 9a GetcGaptGsources.list sudo apt9.ey adv N.eyserver .eyserver.ubuntu.com Nrecv9.eys 11-'''12 ,. 5fter you do this, you should see the following at the bottom of your window: gpg: Total number processed: 1 gpg: imported: 1 76$5: 18 -. :ow, we should be able to install tor. In this same window, type the following commands, one at a time: apt9get update apt9get install vidalia privoxy tor /. 7press % and enter when prompted8 :ow we need to obtain the Torchat installation file, follow these steps: 1. In firefox on "buntu, go to the following "6?: http:GGcode.google.comGpGtorchat 2. n the left under where it says D'ownloadsE 13. ne of the files listed will end in .deb, for example torchat93.2.2.deb. )lic. on that file name. 11. n the next page, again clic. on the file name. This should begin the file download. 1!. By default, "buntu wants to open this file using the D"buntu $oftware )enterE. This is correct.

:ow wait until the file finishes downloading, and then the D"buntu $oftware )enterE will appear. 0ollow these steps: 1. ;ress DInstallE !. Type in your password when prompted. 5fter a short wait, Torchat will be installed. To start Torchat, go to D5pplicationsE 9J DInternetE 9J DTorchat Instant BessengerE

1/. Creating T!69!nly Internet ,nvironment

"p until now, we have been using our +irtual Bachine to access the internet directly. This was necessary so that we could install updates, software, and get a feel for how to use "buntu. :ow it is time to force "buntu to connect to the internet using T 6 nly. 5t the end of this phase, your "buntu virtual machine will be usable as a secure and anonymous T 6 based browsing environment. It will be @impossible@ for you to access the internet except through T 6, and therefore you can rest assured that anything at all you do online through the "buntu virtual machine will be through T 6. 0irst, we need to shut down any running virtual machines. If D;rimaryE is running, clic. the SPF in the top right to close it. $elect D$end shutdown signalE and then select D$hut 'ownE when prompted. If D0irewallE is running, go ahead and close it in the same way, but choose D;ower offE. 5fter a minute or so, you should be bac. to your +irtualBox Banager, with neither virtual machine running. 1. 6ight clic. on D;rimary, ;owered ffE and go to D$ettingsE !. $elect D:etwor.E from the menu on the left. #. :ext to D5ttached toE is a pull down menu. 6ight now it is set to D:5TE. )hoose DInternal :etwor.E and clic. D .E (. )lic. D0irewallE to highlight it, and then clic. on D$napshots 718E in the top right. ,. 6ight clic. on D$napshot 1Q and then select D6estore $napshotE. $elect D6estoreE if prompted. -. 6ight clic. D0irewallE and clic. D$tartE :ow your 0irewall will be resumed exactly where it had been previously set up. The last command entered should still be visible. Before you proceed, ma.e sure that T 6 is running on your main <indows computer. If it is, you will see an D nionE icon visible in your tas. bar. )lic. on that icon and you should see the D+idalia )ontrol ;anelE. Ba.e sure that it says D)onnected to the T 6 :etwor.E. If so, you are ready to proceed. If not then please see section ! : D"sing and Testing Tor Browser for the first timeE to re9start T 6. nce T 6 is running, proceed. ?etFs restart "buntu: /. 6ight clic. D;rimaryE and clic. $tart. ?og in as normal. 1. 5fter fully logged in, open D0irefoxE by clic.ing the orange D0irefoxE logo at the top, next to D$ystemE. 2. Try to go to any website, such as http:GGwww.google.com. Try at least #9, different websites. %ou should not be able to connect to any of them. :ote: If you attempt to go to websites you have already been to using "buntu, they may appear to load because they are cached. 13. In 0irefox on "buntu, go to D*ditE and D;referencesE 11. )lic. on the D5dvancedE icon 1!. )lic. on the D:etwor.E tab 1#. "nder D)onnectionE it says D)onfigure how 0irefox connects to the internetE. To the right of that is a D$ettingsE button.

)lic. that button. 1(. $elect DBanual proxy configurationE 1,. :ext to both D&TT; ;roxyE and D$$? ;roxyE type in: 1!/.3.3.1 1-. $et the port to 1111 for both D&TT; ;roxyE and D$$? ;roxyE 1/. :ext to D$ )O$ &ostE type: 1!/.3.3.1 11. $et the port for D$ )O$ &ostE to 23,3 12. Ba.e sure that D$ )O$ v,Q is selected at the bottom. !3. )lic. D .E and then D)loseE :ow we have instructed 0irefox to use T 6. &owever, 0irefox cannot use T 6 yet. 6ight now, "buntu is completely unable to connect to the Internet. <e are going to change that. !1. 4o to D5pplicationsE 9J D5ccessoriesE 9J DTerminalE !!. Type in: sudo bash 7and hit enter8 !#. Type in your password if prompted. !(. Type in the following commands exactly as shown below 7or copy paste them8: ifconfig eth3 13.3.#.! GetcGinit.dGpolipo stop GetcGinit.dGtor stop GetcGinit.dGprivoxy stop 7:ote: the last three commands, those beginning with GetcG are only necessary if you installed Torchat8 :ow you have told your "buntu machine to >oin the same networ. that your 0irewall is on. :ow we can establish a tunnel for T 6 data to flow from our "buntu machine, through the 0irewall, into your <indows guest machine. <e need to establish two such tunnels. The first tunnel for port 23,3 data, and the second tunnel for port 1111 data. <hen these two tunnels are set up, it will be possible for you to use your "buntu machine to access any website using T 6. 0urther, it is still completely impossible for your "buntu machine to access the Internet in any other way. !,. %our terminal window should still be open. Type in the following command exactly as shown 7or copy paste it8: ssh 9: 9? 23,3:13.3.!.!:23,3 rootX13.3.#.1 !-. Type DyesE if prompted. <hen prompted for the password, give your 0irewall password. :ot your "buntu password. 5fter you hit enter, you will see the cursor go to a blan. line and nothing else happens. This simply means the connection you re=uested is active. If the connection were to stop for any reason, you would return to a command prompt. If you want to terminate the connection yourself, simply hit )T6?W). %ou can type in the same ssh command again if you need to re9 open the tunnel. !/. :ow we are going to open the second tunnel. In your terminal window, go to D0ileE and D pen TabE. This will open up a tab for a second terminal without affecting the first. !1. :ow, type exactly as shown below to open the second tunnel: ssh 9: 9? 1111:13.3.!.!:1111 rootX13.3.#.1 !2. 6eturn to 0irefox. 4o to the D0ileE menu and unchec. D<or. fflineE if it is chec.ed. #3. 4o to the "6?: http:GGchec..torpro>ect.org If you see the text: D)ongratulations. %our browser is configured to use TorE then you are all setL %our "buntu virtual machine is now : T connected to the internet in any way. &owever, you can browse any website using T 6, even %outube. %ou do not have to be afraid of >avascript or 0lash. 5ny files you save onto your virtual machine will automatically be saved in the encrypted truecrypt volume you set up earlier. In fact, everything the virtual machine does will be contained within that truecrypt volume. 0urther, even if someone somehow managed to remotely gain full root access to your "buntu machine 7absurdly unli.ely

to happen8, they would still not be able to see @anything@ about who you are, or what your real I; address is, or even that you are using a +irtual Bachine. To them, it would appear that the "buntu machine is your main computer. They would be totally unable to compromise your identity based on this alone. &owever, .eep the following in mind. If someone were to gain access to your "buntu machine, they < "?' be able to see anything you have used it for or any files you have saved. Therefore, I recommend for the sa.e of absolute security, do not store anything on your "buntu virtual machine that identifies you. This is >ust a precaution. It is virtually impossible that someone would manage to remotely gain access to your "buntu machine

11. General (aily Usage

Buch of this guide has involved detailed one9time setup processes. 0rom now on, all you have to do when you want to use T 6 from your "buntu virtual machine is to follow these steps. *very step listed is a step you have already done, so feel free to re9visit earlier sections if you need help. 1. $tart True)rypt, and mount your hidden volume which contains your virtual machine. !. $tart +irtualBox #. $tart TorBrowser Bundle. (. )lic. D0irewallE to highlight it, and then clic. on D$napshots 718E in the top right. ,. 6ight clic. on D$napshot 1Q and then select D6estore $napshotE. $elect D6estoreE if prompted. -. 6ight clic. D0irewallE and clic. D$tartE /. 6ight clic. D;rimaryE and clic. $tart. ?og in as normal. 1. 4o to D5pplicationsE 9J D5ccessoriesE 9J DTerminalE 2. Type in: sudo bash 7and hit enter8 13. Type in your password if prompted. 11. Type in the following commands exactly as shown below 7or copy paste them8: ifconfig eth3 13.3.#.! GetcGinit.dGpolipo stop GetcGinit.dGtor stop GetcGinit.dGprivoxy stop 7:ote: the last three commands, those beginning with GetcG are only necessary if you installed Torchat8 1!. %our terminal window should still be open. Type in the following command exactly as shown 7or copy paste it8: ssh 9: 9? 23,3:13.3.!.!:23,3 rootX13.3.#.1 1#. Type DyesE if prompted. <hen prompted for the password, give your 0irewall password. :ot your "buntu password. 1(. In your terminal window, go to D0ileE and D pen TabE. 1,. :ow, type exactly as shown below to open the second tunnel: ssh 9: 9? 1111:13.3.!.!:1111 rootX13.3.#.1 1-. 6eturn to 0irefox. 4o to the D0ileE menu and unchec. D<or. fflineE if it is chec.ed. 1/. 4o to the "6?: http:GGchec..torpro>ect.org If you see the text: D)ongratulations. %our browser is configured to use TorE then you are all setL *n>oyL ;hew, now i have it complete L I admit its =uite extensive, not to say enourmous, but its the best how9to on anonymity and other safety procedures i have found so far. It secures your sys blac.9hat style^^ : http:GGen.wi.ipedia.orgGwi.iGBlac.K&atKBriefings 7for those of you who dont .now blac. hat ^^8

%ou dont have to do all steps at once. %ou can do a little of it every time you have an hour or two to spare. I thin. for the whole procedure you will need roughly 191! hours. I thin. its written in a way everybody should be able to follow. If there are still steps unclear >ust as., i will see if i can help you. btw this is written for noobs, but the tips here are interesting for allmost everybody. ;.$.: nce you have installed T 6 you can get access to T 6 hidden services and other interesting deep9web pages. If you want some lin.s for your first steps into this hidden part of the internet >ust as. me. If there is a lot of re=uests i will write an extra thread with the most important websites in the deepweb. ne thing before you get started : most deepweb pages arent online !(G/. $o if you cant reach a certain website be patient and try again and again till you get access. 5nother thing : you will find websites that are pretty shoc.ing and disturbing. In 22.,T you will see beforehand what you find on those sites, so if you dont want to see certain things dont .lic. on the lin.s. :ow that you have a really secure system, you should .now what to do when the shit hits the fan and you are arrested or your home gets searched. $%our system, is secured in a way they cant brea., so the only thing that can incriminate you now is your testimony. These ! youtube videos are ! lectures on behaviour towards the police in such situations. ;art one is done by a criminal defense attorney, part ! by a very experienced police officer. They both tell you about the tric.s the police uses and how you should react : http:GGwww.youtube.comGwatchRfeature\playerKembedded]v\-wP.I(t/nuc http:GGwww.youtube.comGwatchRfeature\playerKembedded]v\31f^_<>'+O* `tl,dw : say nothing and as. for a lawyer, 5??<5%$ L %ou cannot improve your situation with anything you say 7this is counterintuitive, but the attorney here has in his whole carrer :*+*6 heared of single case where a suspect could help his case by tal.ing to the police, but he could name many cases where they made matters way worse8 but you can ma.e it a lot worse, so shut the hell up and wait for your lawyer. *ven him being a defense lawyer wouldnt tal. to the police under any circumstances. %ou can tell your story before court 5:' :*+*6, ":'*6 : )I6)"B$T5:)*$, B*0 6* T&5T L *ven the cop in lecture ! says :*+*6 T5?O T T&* ; ?I)* LLLLL V p$hit$orm : A $hare by Baster;irateC