如何在使用 Tor 匿名网络时保持真正匿名

原文链接:
http://blog.51cto.com/shayi1983/1844837

此篇文章是    http://shayi1983.blog.51cto.com/4681835/1569515   的补充,讲述一些

保持匿名(隐藏真实 IP 和物理地址)的小技巧,翻译自 Tor 的官网原文,下面给出中英字幕:


Want Tor to really work?

You need to change some of your habits, as some things won’t work exactly as you are used to.

Use the Tor Browser

Tor does not protect all of your computer’s Internet traffic when you run it. Tor only protects your 

applications that are properly configured to send their Internet traffic through Tor. To avoid 

problems with Tor configuration, we strongly recommend you use the Tor Browser. It is pre-configured 

to protect your privacy and anonymity[nnmti] on the web as long as you’re browsing with the 

Tor Browser itself. Almost any other web browser configuration is likely to be unsafe to use with Tor.

使用 Tor 浏览器

在你运行 Tor 时,它并不会保护所有你计算机上的英特网流量。Tor 只保护那些正确地配置成通过 Tor 来发送

它们英特网流量的应用程序。为了避免 Tor 相关的配置问题,我们强烈建议你使用 Tor 浏览器。它已预配置好,

只要你使用 Tor 浏览器在 web 上冲浪,就能够保护你的隐私和匿名。几乎所有其它的 web 浏览器配置使用 Tor 

的形式都是不安全的。

Don’t torrent over Tor

Torrent file-sharing applications have been observed to ignore proxy settings and make direct 

connections even when they are told to use Tor. Even if your torrent application connects only 

through Tor, you will often send out your real IP address in the tracker GET request, because that’s 

how torrents work. Not only do you deanonymize your torrent traffic and your other simultaneous 

[samltenis] Tor web traffic this way, you also slow down the entire Tor network for everyone 

else.

不要在 Tor 运行时,使用 torrent(一种基于 P2P 网络模型的协议及其变体)

Torrent 文件共享应用程序有忽略代理设置的迹象,而且即便将它们配置成使用 Tor ,它们也会与对等体直连。

甚至在你的 torrent 应用程序只能通过 Tor 连接时,在 tracker GET 请求中,往往也会发送你的真实 IP 地址,

因为这就是 torrent 的工作方式。如果这样使用 Tor ,不仅暴露了你的 torrent 流量和其它同一时间的 Tor web

流量,你还减慢了整个 Tor 网络的速度,其他人也会受到影响。

(https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea)

Don’t enable or install browser plugins

The Tor Browser will block browser plugins such as Flash, RealPlayer, Quicktime, and others: they can

be manipulated into revealing your IP address. Similarly, we do not recommend installing additional 

addons or plugins into the Tor Browser, as these may bypass Tor or otherwise harm your anonymity and 

privacy[pravsi].

不要启用或者安装浏览器插件

Tor 浏览器会阻止像是 Flash,RealPlayer,Quicktime,以及其它类型的插件:因为它们可以被操纵来揭露你的

真实 IP 地址。类似地,我们不建议在 Tor 浏览器中,安装额外的附加功能或插件,因为这样可能会绕过 Tor,

或以其它方式危害你的匿名和隐私。

Use HTTPS versions of websites

Tor will encrypt your traffic to and within the Tor network, but the encryption of your traffic to 

the final destination website depends upon on that website. To help ensure private encryption to 

websites, the Tor Browser includes HTTPS Everywhere to force the use of HTTPS encryption with major 

websites that support it. However, you should still watch the browser URL bar to ensure that 

websites you provide sensitive information to display a blue or green URL bar button, include 

https:// in the URL, and display the proper expected name for the website. Also see EFF’s 

interactive page explaining how Tor and HTTPS relate.

使用 HTTPS 站点

你连接到 Tor 网络的流量,以及在 Tor 网络中传输的流量都是加密的,但是你的流量到最终目标站点是否加密,则取决于该

站点。(亦即,Tor 不提供“端点到端点”的加密服务)

为助于确保到站点的私有加密,Tor 浏览器包含 HTTPS Everywhere ,强制对支持 HTTPS 的主要站点使用

加密。然而,你仍应监视浏览器 URL 栏,确保你将提供敏感信息的站点显示一个蓝色或绿色的 URL 栏按钮,包含

了 https:// ,并且显示了该站点正确预期的名称。

https://www.eff.org/pages/tor-and-https 解释了 Tor 与 HTTPS 如何协作。

Don’t open documents downloaded through Tor while online

The Tor Browser will warn you before automatically opening documents that are handled by external 

applications. DO NOT IGNORE THIS WARNING. You should be very careful when downloading documents via 

Tor (especially DOC and PDF files, unless you use the PDF viewer that’s built into Tor Browser) as 

these documents can contain Internet resources that will be downloaded outside of Tor by the 

application that opens them. This will reveal your non-Tor IP address. If you must work with DOC 

and/or PDF files, we strongly recommend either using a disconnected computer, downloading the free 

VirtualBox and using it with a virtual machine p_w_picpath with networking disabled, or using Tails. 

Under no circumstances[‘s:kmstnsz] is it safe to use BitTorrent and Tor together, however.

不要通过 Tor 在线打开文档下载

Tor 浏览器会在由外部应用程序处理的文档自动打开前,向你发出警告。不要忽略此一警告。当通过 Tor 下载

文档时,你应该非常小心谨慎(尤其是微软的 DOC 和 Adobe 的 PDF 文件,除非你使用 Tor 浏览器内置的 PDF 

阅读器),因为打开这些文件的应用程序可能会下载其中包含的英特网资源,而该下载不会通过 Tor 中继代理。

这样就会揭示出你的真实 IP 地址。如果你需要用到 DOC 和/或 PDF 文件,我们强烈建议你,要么使用一个断网

的计算机,或者下载免费的 VirtualBox 虚拟机软件,然后在一个禁用网络连接的虚拟机映像中打开文档(这也是

查看恶意 PDF 文档的好办法),要么使用 Tails。(https://tails.boum.org/)Tails 是一个 Live OS,其产生

的所有英特网流量都通过 Tor 网路,因此能够保持完全匿名,规避审查( IP 过滤等),以及源物理地址追踪。

在任何情况下,Tails 都是 BitTorrent 与 Tor 一起安全使用的好办法。

Use bridges and/or find company

Tor tries to prevent attackers from learning what destination websites you connect to. However, by 

default, it does not prevent somebody watching your Internet traffic from learning that you’re using

Tor. If this matters to you, you can reduce this risk by configuring Tor to use a Tor bridge relay 

rather than connecting directly to the public Tor network. Ultimately the best protection is a 

social approach: the more Tor users there are near you and the more diverse[dav:rs] their 

interests, the less dangerous it will be that you are one of them. Convince[knvns] 

other people to use Tor, too!

使用桥接和/或寻找公司

Tor 试图阻止***者得知你连接到的目标站点。(链路监听只能得到你与进入 Tor 网络中的第一跳节点通信:Tor 网络的入口节点;类似地,目标站点上的访问日志记录只会显示 Tor 网络中的最后一跳节点 IP:Tor 网络的出口节点

然而,默认情况下,它并不阻止某人监视你的英特网流量(从而

得知你正使用 Tor)。你可以通过配置 Tor 来使用一个 Tor 桥接中继

(https://www.torproject.org/docs/bridges.html.en),而不是直连到公共的 Tor 网络,来降低

此一风险。归根结底,最好的保护是社会学方法:你附近的 Tor 用户越多,并且他们的兴趣越多样化,那么你的

危险就越小。说服其它人也使用 Tor 吧!



转载于:https://blog.51cto.com/shayi1983/1844837