Protecting ourselves before connecting to Tor (OPSEC)

So, i've been thinking lately, that if deanonymizing tor is possible, albeit expensive, difficult, and time consuming...and sql injection and bad sanitation for input ends up revealing hidden services, perhaps standard connecting to tor, even with the anti-fiveeyes config to block exit nodes (some) isn't sufficient.

I've read about vps/vpn services that offer "BULLETPROOF ANONYMOUS TOR GUARD CONNECTIONS" (see torguard.net or something of the like) however, i'm curious how effective it is, just like sites like hidemyass and cyberghost, if they have my billing info or log my connection ip's for NSA whenever they come knocking, it is only useful for like....hackers i guess? typically I use putty's plink and ssh tunnel through a shell not associated with me, but I was curious if there are any reputable, or at least properly secure companies offering up services like torguard.net claims to have, and how effective would that really be....connecting directly to tor, and hosting hidden services on tor, without nginx or some form of proxy redirect for the httpd, seems to be getting more and more insecure....

ADMINS LEARN TO SANITIZE INPUT TOO PLEASE :P

Thoughts, theories, ideas, trolling, all welcome :P...well not trolling :(


Comments


[2 Points] dingdingbading:

wardriving, your already breaking the law. with kali linux and a long rang wifi card that can push packets, like an alfa. You can write a script with aircrack to break WEP in a couple minutes. but who uses WEP? In the US Verizon fios by default and older people/non tech people don't change it. there are tons of networks around where there are no people or cameras waiting to be used!


[2 Points] rootdefcon:

a) use a VPN or VPS that has nothing to do with US/UK/EUR. preferably someone that really hates the US e.g. Russia, Malaysia, parts of South America.

b) pay in bitcoins

c) chain several VPNs together

d) use someone else's wifi / computer / router (how you get access to it is another matter).

Generally I wouldn't go near any VPN commerical provider based in the UK / US / EU (unless you were using it as 1 hop in a chain, or just using it for shit like posting to reddit).


[2 Points] sapiophile:

See my comment about this here: https://www.reddit.com/r/DarkNetMarkets/comments/2lkvf0/wired_article_full_scope_of_onymous_revealed/clw60m7?context=3

TL;DR: A VPN is not really helpful for someone who may be the subject of an LE investigation.


[1 Points] None:

.