Using Tor to anonymize your traffic with low cost hardware
Why Would You Do This?
By combining the low cost of a Raspberry Pi Zero W and the rather high anonymity of Tor, you can evade the pervasive surveillance that exists on the web today. My primary use case is watching YouTube videos; I want to watch whatever I want without the extensive tracking, analytics, and ads that accompany YouTube. With a Tor proxy and some software, I can watch YouTube without a Google account. I’m reasonably sure Google has no clue what videos I chose to watch. And that data is exactly what Google cares the most about.
Requirements
Hardware can scale depending on how much traffic you think your proxy will handle. I really don’t send much through, so I use a Raspberry Pi Zero W, but A Pi 3B+ with an Ethernet port would certainly improve performance. You’ll also need a micro SD card (a 32GB card is very adequate) and a power supply (I’m powering my Zero W with an iPhone cube, so my cost was $0.) Total cost was $18, $10 for the Pi Zero, $8 for the micro SD, and I had the USB cable and power supply.
Preparation
Flash your micro SD card with Raspbian Buster Lite and add a “ssh” file to the boot partition using touch or New > Text Document and name it “ssh” and removing the .txt extension.
To have you Pi automatically join your WiFi network, create a file called wpa_supplicant.conf
country=US # Your 2-digit country code
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
network={
ssid="YOUR_NETWORK_NAME"
psk="YOUR_PASSWORD"
key_mgmt=WPA-PSK
}
Install the micro SD card and boot your Pi. Find the IP on your LAN and SSH. Update Raspbian
sudo apt-get update && sudo apt-get upgrade
Installing Software
Start by installing Tor
sudo apt-get install tor
Configure Tor to be a proxy service. Backup the config file and then edit it.
sudo cp /etc/tor/torrc /etc/tor/torrc.backup
sudo nano /etc/tor/torrc
We need to make changes to the following lines. The SocksPorts should be the LAN IP address of the Pi.
SocksPort 192.168.1.100:9050
SocksPolicy accept 192.168.1.0/24
RunAsDaemon 1
DataDirectory /var/lib/tor
ControlPort 9051
CookieAuthentication 1
Install Nyx. Nyx is a command-line monitor for Tor. It’s use for monitoring your proxy performance and checking for any issues.
sudo apt-get install nyx
Change the permissions on the Tor cookie to allow Nyx to run without elevated privileges.
sudo chmod 755 /run/tor/control.authcookie
Add a config directory
cd .nyx
mkdir config
cd ~
Start nyx by typing “nyx
”. You should now have a terminal display of your Tor proxy. Use the left and right arrow keys to display more info.
Update: Cron jobs to make Tor run smooth
After living with my Tor proxy on a Pi Zero, I added the following Cron jobs to keep Tor running smoothly. Sometimes I noticed some performance issues with streaming video, and restarting the Tor service would resolve that.
To start, edit the crontab file.
sudo crontab -e
Add the following lines to crontab
0 4 * * * sudo service tor restart
5 4 * * * sudo chmod 755 /run/tor/control.authcookie
Save the file. Obviously adjust times to suit your needs.
Setting up Clients
Configure a browser to use your Pi as a proxy. If you have Firefox installed this is the easiest way, but there are Chrome plugins that allow you to use a proxy.
Test Tor routing by visiting https://check.torproject.org/
Install FreeTube. Binaries are located at https://freetubeapp.io/#download and the Github is located at https://github.com/FreeTubeApp/FreeTube
Export your YouTube subscriptions. Go to your YouTube Subscription Manager and scroll to the bottom of the page, and click “Export subscriptions” to save them as an XML file. In FreeTube, under Subscriptions Settings, use the file with the Import Subscriptions button to transfer your subscriptions.
Setup FreeTube to proxy Invidious API calls to Tor. Under Advanced settings, enter the IP address of the PI and the Tor proxy port, 9050. Click Test Proxy and Set “Use Tor / Proxy for API calls” to On.
FreeTube uses the Invidious API to grab and serve videos. Invidious scrapes the YouTube site which prevents the need for any official YouTube API. While YouTube can still see your video requests, it can no longer track you using cookies or JavaScript. Your subscriptions, history, and saved videos are stored locally on your computer and never sent out. The Tor proxy will anonymize IP data.
Be sure to set your Invidious instance. Onion sites are available via the Tor proxy and I recommend using them. There are usually at least two onion instances available.
As we check subscriptions and view videos, we can monitor what FreeTube is connecting to on the network. It’s only communicating with the Tor proxy.
The goal of anonymously watching YouTube videos has been achieved.
Final Thoughts
Is this the safest way to use Tor? Hell no. This is a specific use case for my threat model (evading Google surveillance.) I also use my Tor proxy for occasional web searches, but with my browser fingerprint being vastly different than the Tor Browser bundle, it de-anonymizes my traffic to a degree. If you are looking for a safe way to use Tor with a higher threat model, this is not the way. You’ll need to look into a quality VPN (however you quantify that), possibly dedicated hardware, a specialized platform like Tails or Whonix, and crypto currency. If you want to escape pervasive tracking and surveillance, this is a low barrier to entry and will do quite well. It is really nobody’s business what I want to watch on YouTube, and now I don’t need to worry about that, or advertisements, or cookies. And I can make an occasional quick web search on Tor with a modest level of anonymity.