Tor Project Software

The Tor Project (.onion) is a U.S. 501‍(c)‍(3) social-good non-profit organiza­tion. They main­tain a num­ber of soft­ware pro­jects de­sign­ed around a con­cept known as onion routing. The soft­ware fun­da­men­tal to their mis­sion is tor, an acro­nym of ‘the onion router.’

Desktop: Tor Browser (.onion)

If you use Apple’s iOS or Google’s Android, you should most def­in­ite­ly use Orbot as often as you can. When you can’t, you should use Charles Proxy.

Google Android: Orbot, Tor Browser (.onion)

Apple iOS: Orbot, Onion Browser

Once you have Tor Browser instal­led, view this page again and you can see a web­page circa 2005 describ­ing Onion Routing by one of its in­ven­tors, Paul Syverson: view over Tor or view using DNS.

XK72’s Charles Proxy for iOS

Charles Proxy for Apple’s iOS sup­ports old­er iOS ver­sions than Orbot. So if you can’t run Orbot because your Apple hard­ware won’t run the ver­sion of iOS re­quired, you should def­inite­ly see if you can run Charles Proxy.

Think of Charles Proxy as an app act­ing as a VPN run­ning on your device (mobile phone, tablet, computer). But instead of your traffic going to a VPN out on the Inter­net, which then makes re­quests on your behalf, Charles Proxy brings that VPN to your local device, forc­ing all net­work con­nec­tions through it, so you have a bit of a record of the com­puters your device con­nect­ed to since the OS alone doesn’t make it easy to see.

Charles Proxy giv­es you in­sight into where your apps are con­nect­ing to, and perhaps what they are doing, with­out telling you. And giv­ing you a place to start learn­ing what to block.

There is MUCH MORE to it than that. It’s a useful tool for de­vel­op­ing net­work appli­ca­tions, as the stated pur­pose for buy­ing it.

How­ever, it can also be used to block domains (and more) you don’t want to con­nect to.

Objective Development’s Little Snitch

Little Snitch has come a long way since 2003 when I first heard about it and bought it.

Little Snitch is a macOS app pro­vid­ing a user-friendly GUI to a fire­wall. Back in the “old days” it did the most useful of func­tions: let you block in­com­ing and out­go­ing con­nec­tions you wanted blocked, but also alert you to new sur­prises that might pop-up, before the net­work connection was established.

Any connections your computer made to domains, IP addres­ses, proto­cols, or ports which it was not pre­vious­ly allow­ing, Little Snitch would duti­ful­ly bring to your attention.

You were given the option to allow it or deny it, with miscellaneous gran­u­lar­ity. Your control of your computer was restored somewhat.

Since 2003, Little Snitch has grown up. Lots of great features have been added.

There are other personal-firewalls with pro­active alert­ing and GUIs but this is the only one I’ve tried so far.

OpenBSD’s OpenSSH

The OpenBSD Found­ation, a Canadian not-for-profit corp­ora­tion, co­ordi­nates the “support and further devel­opment, ad­vance­ment, and mainten­ance of free soft­ware based on the OpenBSD operat­ing system, includ­ing the operat­ing system itself and related free soft­ware pro­jects,” among them is OpenSSH.

OpenSSH is a suite of programs provid­ing numerous tools to protect your data as it travels over networks.

Chances are it’s on your computer now. But if not, they pub­lic­ly pub­lish the source code in a port­able dis­tri­bu­tion so it can be compiled for your operating system.

Do you have it and what version? 1) open your favorite tty terminal app then 2) at the com­mand line prompt   type ssh -‍V and 3) hit return.

The included ssh-‍keygen can be used to sign files; a puny few-hun­dred byte sig­na­ture file is created which can be used to crypto­graph­ical­ly verify the inte­grity of the file and the key that signed it.

I also en­cour­age you to down­load the of­fi­cial OpenBSD graphic for the 7.1 release featur­ing Puffy, a puffer­fish, the OpenBSD mascot surf­ing against the back­drop of Mount Fuji.

Invert the colors, do some work, and you’re on your way to having a low-light version.