Browse & Email Safely & Anonymously With TorBOX

Protecting Your Identity

A few years ago, I had a friend that built one of these VM systems himself. He could send out emails from an entirely different IP than England, and I was insanely jealous. I never really had a need to do anything like that, but still, it was cool.

Now, I’ve found myself with a legitimate need to make my traffic appear to come from some other country than the U.S., or at least some other location than the Northeast. With TorBOX, you don’t need those walk-on-water programming skills. All you need to do is install both the Gateway and the Workstation.  Just download both, and then use the “Import Appliance” tool in VirtualBox to load up the two VMs.

When you import, you’ll see all of the details of the pre-configured system. The developers advise not to reinitialize the MAC addresses. I don’t know why, just don’t do it.

Once you import both of them, you’ll see them show up in your list of Virtual Machines. First launch the TorBOX Gateway, and then launch the Workstation.

The beauty of this setup is that not only does it provide you with anonymity while browsing the Internet and sending out emails, but it also protect you from the snooping eyes of any spyware that may be installed on your PC for the purpose of tracking your online transmissions.

You see, the Gateway component of the setup operates within its own isolated network, connected only to the VM Workstation. When you access the Internet through this setup, it goes out to the Internet via the “Torified” connection, not through your “non-torified” connection.

If this seems confusing to you or you don’t know how Tor works, check out Jorge’s explanation, or Danny’s description of Tor. Both articles are great.

The bottom line is that, running this VM, not only do you get the anonymous safety of Tor, but you also get the additional protection of running your browsing within a self-contained VM machine, within which your host computer cannot play. That means any malware installed on your PC can’t play there either.

When you launch the gateway, all you’ll see is a bunch of text scrolling across the screen.

When it stops, you can then launch the Workstation. This is a Ubuntu based system that’s very bare bones. You may not see anything on the application bar depending on your color scheme. Just right click in the lower left corner, and you’ll see the menu system. As you can see, there are a few existing applications installed already – a simple media player, PDF reader, and text editor for example.

If you only want this for safe, anonymous web browsing, then you have everything you need right here. Just click on the “TorBrowser“, and the browser will launch within the VM.

The first thing I did was browse to with my host computer, and did so with the TorBrowser as well. In the image below, the top IP was the one using TorBrowser, while the lower one was the regular host IP.

Even better, the remote server did not think that my TorBOX traffic was coming from a proxy. For all intents and purposes, I’m a regular user, meaning that I can use regular online email services and even online forums that might block people that are using a proxy.

TorBrowser also has some nice additional security features. For example, clicking on the HTTPS icon at the upper right, you can enable HTTPS on all sites where possible. This is set to ON by default.

When you click the Tor icon, you’ll see all of the security settings that you can use to tighten or loosen the security  of your Internet browsing to your liking. Some things you can enable include blocking plugin use and isolating dynamic content.

Under the History tab, you can control how your browsing history is handled and protected. Explore through the Forms, Cache, Cookies and other tabs to see how you can tighten security in those areas as well.

What’s cool about this browser is that it offers such a tight level of security inside of an already-secure VM setup, and on an already “Torified” network that has you on the Internet under an assumed IP. You couldn’t ask for much better anonymity and security than this kind of setup.

After enabling and securing my VM setup, I then go a step further and access Hushmail to make contact with my correspondents around the world. Husmail adds yet one more level of security to the already stockpiled blockade that this existing setup now provides.

Beyond web browsing, you can also access the terminal console on the Workstation node.

Don’t forget, if you prefer working with an email client rather than webmail for your secure email setup, you can always download and install a Linux email client to your new Torified VM.

This setup isn’t perfect – no security setup really is. Someone, somewhere might be able to figure out a way to figure out who you are and where you are. But, if you’re using an ultra-secure setup by running TorBOX, you can at least rest assured that you’ve tried your hardest to isolate your sensitive communications and Internet traffic from prying eyes.

Have you ever used any Tor tools? Are you thinking of giving TorBOX a try? Share your own security setup in the comments section below, we’d love to hear how you protect your own ultra-sensitive communications over the Internet.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s