此篇文章是 http://shayi1983.blog.51cto.com/4681835/1569515 的补充,讲述一些
保持匿名(隐藏真实 IP 和物理地址)的小技巧,翻译自 Tor 的官网原文,下面给出中英字幕:
Want Tor to really work?
You need to change some of your habits, as some things won‘t work exactly as you are used to.
Use the Tor Browser
Tor does not protect all of your computer‘s Internet traffic when you run it. Tor only protects your
applications that are properly configured to send their Internet traffic through Tor. To avoid
problems with Tor configuration, we strongly recommend you use the Tor Browser. It is pre-configured
to protect your privacy and anonymity[nnmti] on the web as long as you‘re browsing with the
Tor Browser itself. Almost any other web browser configuration is likely to be unsafe to use with Tor.
使用 Tor 浏览器
在你运行 Tor 时,它并不会保护所有你计算机上的英特网流量。Tor 只保护那些正确地配置成通过 Tor 来发送
它们英特网流量的应用程序。为了避免 Tor 相关的配置问题,我们强烈建议你使用 Tor 浏览器。它已预配置好,
只要你使用 Tor 浏览器在 web 上冲浪,就能够保护你的隐私和匿名。几乎所有其它的 web 浏览器配置使用 Tor
的形式都是不安全的。
Don‘t torrent over Tor
Torrent file-sharing applications have been observed to ignore proxy settings and make direct
connections even when they are told to use Tor. Even if your torrent application connects only
through Tor, you will often send out your real IP address in the tracker GET request, because that‘s
how torrents work. Not only do you deanonymize your torrent traffic and your other simultaneous
[samltenis] Tor web traffic this way, you also slow down the entire Tor network for everyone
else.
不要在 Tor 运行时,使用 torrent(一种基于 P2P 网络模型的协议及其变体)
Torrent 文件共享应用程序有忽略代理设置的迹象,而且即便将它们配置成使用 Tor ,它们也会与对等体直连。
甚至在你的 torrent 应用程序只能通过 Tor 连接时,在 tracker GET 请求中,往往也会发送你的真实 IP 地址,
因为这就是 torrent 的工作方式。如果这样使用 Tor ,不仅暴露了你的 torrent 流量和其它同一时间的 Tor web
流量,你还减慢了整个 Tor 网络的速度,其他人也会受到影响。
(https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea)
Don‘t enable or install browser plugins
The Tor Browser will block browser plugins such as Flash, RealPlayer, Quicktime, and others: they can
be manipulated into revealing your IP address. Similarly, we do not recommend installing additional
addons or plugins into the Tor Browser, as these may bypass Tor or otherwise harm your anonymity and
privacy[pravsi].
不要启用或者安装浏览器插件
Tor 浏览器会阻止像是 Flash,RealPlayer,Quicktime,以及其它类型的插件:因为它们可以被操纵来揭露你的
真实 IP 地址。类似地,我们不建议在 Tor 浏览器中,安装额外的附加功能或插件,因为这样可能会绕过 Tor,
或以其它方式危害你的匿名和隐私。
Use HTTPS versions of websites
Tor will encrypt your traffic to and within the Tor network, but the encryption of your traffic to
the final destination website depends upon on that website. To help ensure private encryption to
websites, the Tor Browser includes HTTPS Everywhere to force the use of HTTPS encryption with major
websites that support it. However, you should still watch the browser URL bar to ensure that
websites you provide sensitive information to display a blue or green URL bar button, include
https:// in the URL, and display the proper expected name for the website. Also see EFF‘s
interactive page explaining how Tor and HTTPS relate.
使用 HTTPS 站点
Tor 会加密你的流量,当它在 Tor 网络中传输时也是如此,但是你的流量到最终目标站点是否加密,则取决于该
站点。为助于确保到站点的私有加密,Tor 浏览器包含 HTTPS Everywhere ,强制对支持 HTTPS 的主要站点使用
加密。然而,你仍应监视浏览器 URL 栏,确保你将提供敏感信息的站点显示一个蓝色或绿色的 URL 栏按钮,包含
了 https:// ,并且显示了该站点正确预期的名称。
https://www.eff.org/pages/tor-and-https 解释了 Tor 与 HTTPS 如何协作。
Don‘t open documents downloaded through Tor while online
The Tor Browser will warn you before automatically opening documents that are handled by external
applications. DO NOT IGNORE THIS WARNING. You should be very careful when downloading documents via
Tor (especially DOC and PDF files, unless you use the PDF viewer that‘s built into Tor Browser) as
these documents can contain Internet resources that will be downloaded outside of Tor by the
application that opens them. This will reveal your non-Tor IP address. If you must work with DOC
and/or PDF files, we strongly recommend either using a disconnected computer, downloading the free
VirtualBox and using it with a virtual machine image with networking disabled, or using Tails.
Under no circumstances[‘s:kmstnsz] is it safe to use BitTorrent and Tor together, however.
不要通过 Tor 在线打开文档下载
Tor 浏览器会在由外部应用程序处理的文档自动打开前,向你发出警告。不要忽略此一警告。当通过 Tor 下载
文档时,你应该非常小心谨慎(尤其是微软的 DOC 和 Adobe 的 PDF 文件,除非你使用 Tor 浏览器内置的 PDF
阅读器),因为打开这些文件的应用程序可能会下载其中包含的英特网资源,而该下载不会通过 Tor 中继代理。
这样就会揭示出你的真实 IP 地址。如果你需要用到 DOC 和/或 PDF 文件,我们强烈建议你,要么使用一个断网
的计算机,或者下载免费的 VirtualBox 虚拟机软件,然后在一个禁用网络连接的虚拟机映像中打开文档(这也是
查看恶意 PDF 文档的好办法),要么使用 Tails。(https://tails.boum.org/)Tails 是一个 Live OS,其产生
的所有英特网流量都通过 Tor 网路,因此能够保持完全匿名,规避审查( IP 过滤等),以及源物理地址追踪。
在任何情况下,Tails 都是 BitTorrent 与 Tor 一起安全使用的好办法。
Use bridges and/or find company
Tor tries to prevent attackers from learning what destination websites you connect to. However, by
default, it does not prevent somebody watching your Internet traffic from learning that you‘re using
Tor. If this matters to you, you can reduce this risk by configuring Tor to use a Tor bridge relay
rather than connecting directly to the public Tor network. Ultimately the best protection is a
social approach: the more Tor users there are near you and the more diverse[dav:rs] their
interests, the less dangerous it will be that you are one of them. Convince[knvns]
other people to use Tor, too!
使用桥接和/或寻找公司
Tor 试图阻止攻击者得知你连接到的目标站点。然而,默认情况下,它并不阻止某人监视你的英特网流量(从而
得知你正使用 Tor)。你可以通过配置 Tor 来使用一个 Tor 桥接中继
(https://www.torproject.org/docs/bridges.html.en),而不是直连到公共的 Tor 网络,来降低
此一风险。归根结底,最好的保护是社会学方法:你附近的 Tor 用户越多,并且他们的兴趣越多样化,那么你的
危险就越小。说服其它人也使用 Tor 吧!