WEBVTT 00:00.670 --> 00:01.150 Okay. 00:01.150 --> 00:08.020 So now that we understand that there is basically a network of devices connected to each other that 00:08.020 --> 00:12.280 we can use to improve our privacy and anonymity. 00:12.670 --> 00:16.960 The question is, how can we connect to this network and use it? 00:17.760 --> 00:20.220 Well, the answer is actually very simple. 00:20.220 --> 00:27.450 You can configure your computer regardless of what operating system it uses to route all traffic through 00:27.450 --> 00:28.530 the Tor network. 00:28.530 --> 00:35.970 And that way, hopefully everything will flow through the network, protecting your privacy and anonymity. 00:36.450 --> 00:43.140 Sadly, though, this is not always the case, as you probably have a lot of programs that I don't even 00:43.140 --> 00:51.420 know of that could leak information about you potentially revealing your location, your IP and more 00:51.420 --> 00:52.350 information. 00:53.130 --> 00:59.760 Not only that, but you could be running an unpatched version of Windows or Linux or even OS X. 01:00.210 --> 01:06.020 Also, your browser could leak information about you even if you think you properly configured it. 01:06.030 --> 01:06.990 Use Tor. 01:07.500 --> 01:14.940 Also, a lot of us use browser plugins and browser extensions, which also could potentially leak information. 01:15.120 --> 01:18.960 And finally, we have the exit node problem. 01:19.380 --> 01:25.410 In the previous lecture, I already mentioned that when you connect to Tor, all the data and green 01:25.410 --> 01:33.380 in here is sent encrypted and at any time none of the nodes know what websites you want to go to. 01:33.390 --> 01:39.770 They only know the address of the next node so they can forward the data to the next node. 01:39.780 --> 01:48.030 But as I mentioned, the red arrow in here means the data leaving in here will leave unencrypted unless 01:48.030 --> 01:49.770 https is used. 01:49.770 --> 01:57.690 So you'll have to go and manually install HTTPS everywhere to force data to be sent over https. 01:58.200 --> 02:01.110 Also we have this node right here. 02:01.110 --> 02:03.570 This is known as the exit node. 02:03.570 --> 02:12.420 And the problem here is anybody can actually configure a computer to work as a node in the Tor network. 02:12.420 --> 02:20.100 And if your computer is an exit node, you will be able to see this data leaving unencrypted. 02:20.670 --> 02:28.350 So you have to trust this person if you're really using the Tor network as they can potentially see 02:28.350 --> 02:29.820 everything you do. 02:30.090 --> 02:37.440 Now, like I said in the previous lecture, if the Target website uses https or if you're using a plugin 02:37.440 --> 02:45.270 that will force HTTPS connections, then this will be okay because the data will be encrypted by SSL 02:45.300 --> 02:50.160 because HTTPS encrypts the HTTP data, so you'll be fine. 02:50.160 --> 02:55.110 But this is again another step that you have to take and another plugin that you have to install on 02:55.110 --> 03:00.690 your browser in order to make sure that your data is fully encrypted along the whole way. 03:00.690 --> 03:07.470 And even if someone is able to see this data, such as the person running the exit node here, or if 03:07.470 --> 03:12.960 there is someone in here intercepting the connection, even if they capture the data, they will not 03:12.960 --> 03:16.290 be able to read it because it will be encrypted. 03:17.310 --> 03:24.120 So like I said, there's a lot of steps to do if you want to configure your computer to use the Tor 03:24.120 --> 03:24.900 network. 03:24.900 --> 03:30.900 And even if you do all of that, you could miss a tiny or a small detail that could potentially leak 03:30.900 --> 03:33.690 information and reveal your identity. 03:34.520 --> 03:42.640 Therefore a better solution is to either use the Tor browser and we'll talk about that in the next section. 03:42.650 --> 03:48.260 This is a web browser designed by the same people that run the Tor network. 03:48.770 --> 03:52.820 It routes all the data through the Tor network by default. 03:52.820 --> 04:00.050 It also has a lot of other features to prevent leaking your information and ensuring the data that you 04:00.050 --> 04:02.300 send is always encrypted. 04:03.320 --> 04:06.260 This is the simplest and a good solution. 04:06.290 --> 04:13.610 A better solution would be to use Thales, which is a Linux distro designed for anonymity and privacy, 04:13.850 --> 04:23.240 and the best solution would be using cubes OS with Unix gateway, which is an amazing operating system 04:23.240 --> 04:30.500 that is very, very secure and also can be configured to use TOR by default. 04:30.500 --> 04:34.520 Improving your security and anonymity and privacy. 04:35.520 --> 04:41.520 Now we will go over all of this in the next lectures, starting with the simplest and easiest, and 04:41.520 --> 04:45.540 will end with the more complex but the best approach.