How to protect privacy and security on the Internet?

Here is my personal experience, hoping to help you protect your privacy and advocate for anonymity!

First, let's talk about the most common and universal method of anonymity, which is to use a pseudonym when surfing the internet. It can be in English or Chinese, but it must not be related to your real name. Also, do not use the same account password on the internet and avoid using weak passwords, as this poses a significant security risk.

Internet Privacy Protection

Avoid downloading software randomly and granting excessive permissions to software. Also, avoid revealing important information related to work and personal life. Of course, being a mysterious person is not enough. We also need to use some tools and techniques to help us browse the internet anonymously.

1. Tor Browser#

There is not much to say about the Tor Browser. It is very secure. Another alternative is Brave, which can open a separate window that supports the Tor protocol.

When using the Tor Browser, there are generally three layers of proxies. If you use a VPN, there will be four layers of proxies. When accessing Tor domains, there are three layers of obfs4 protocol bridges, plus three layers of relay servers. If you enable a front-end proxy, there will be a total of seven layers.

Although it is safe to use in daily life, the speed is relatively slow. You can refer to my tutorial on Setting up a Tor Bridge on Debian/Ubuntu to build your own bridge. However, I do not recommend using the same bridge all the time. It is better to change it frequently. The bridge you build can be used as a backup.

Official bridge acquisition: https://bridges.torproject.org/bridges?transport=obfs4 After entering the verification code, you can obtain two bridges. Then, you can go to https://metrics.torproject.org/rs.html to view the relevant information of the bridges. Some bridges will indicate the bandwidth.

We use Tor to access clearnet websites, such as my blog: https://a8dog.com. If you still feel it is not secure and can tolerate the slow speed of accessing the dark web, you can refer to my tutorial on Setting up a Dark Web Website or Reverse Proxy Using Baota to set up a reverse proxy for the clearnet.

We cannot visit only one website every time we go online. You can refer to my Hideipnetwork v2 Online Web Proxy. This program mainly has a reverse proxy function, but it is not limited to reverse proxying specific domains. After setting it up, bind a dark web domain and then access it. All content accessed within this dark web domain will be reverse proxied by the server and transmitted through Tor's seven layers of proxies.

If you only want to access specific websites through the dark web and do not understand the tutorial for setting up the reverse proxy mentioned above, I provide a new solution. According to my tutorial, you will install Baota. The directory for creating a Baota reverse proxy will be found at /www/server/panel/vhost/nginx/proxy/. Find your reverse proxy file (ending with .conf) and copy the path. Modify and save the following code as a .sh file.


# File path

# Display menu options
echo "Please select an operation:"
echo "1. Proxy Website 1"
echo "2. Proxy Website 2"
echo "3. Proxy Website 3"
echo "4. Proxy Website 4"
read -p "Please enter the option number: " choice

# Check user input and update proxy_pass
if [ "$choice" = "1" ]; then
elif [ "$choice" = "2" ]; then
elif [ "$choice" = "3" ]; then
elif [ "$choice" = "4" ]; then
    echo "Invalid option"
    exit 1

# Replace the value of proxy_pass
sed -i "s|proxy_pass .*;|proxy_pass $new_proxy_pass;|" "$conf_file"

echo "Updated proxy_pass to: $new_proxy_pass" in $conf_file

# Notify Nginx to reload the configuration
nginx -s reload

Upload the created .sh file to the /root directory of the Linux server, for example, tordl.sh. Then, link to the server and execute chmod +x tordl.sh. If you want to use the script, execute ./tordl.sh.


You may be familiar with terms like phishing, tracking, and email tracking. This is because emails can transmit files and embed HTML code, which makes it easy to be tracked if you do not have a secure email.

ProtonMail focuses on security and anonymity, both during registration and receiving emails. It also has a dark web address: https://account.protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion

Let's take a simple tracking method as an example. I embed an image file in an email. As long as someone opens the email, I can view browser models, IP addresses, and other information through website logs. Currently, most email services have a feature that displays externally linked files through reverse proxies. When I tested it using Google, it showed the browser model. Perhaps there are other methods to prevent Google from proxying image files, but I haven't tested them.

What I mainly care about is being able to access it using the Tor Browser.

VPN and Shadowsocks (SS)#

Shadowsocks, V2ray, and Trojan are services that provide dedicated bypassing nodes, while VPNs generally provide dedicated VPN protocols such as PPTP, SSPT, OpenVPN, and Wire Guard VPN. The applications of the two are completely different.

The nodes provided by bypassing services are specifically designed for bypassing, while VPNs are not. VPN protocols are not specifically designed for bypassing but focus on encryption. Therefore, VPNs are not as good as bypassing nodes in terms of dealing with blocking and traffic diversion. VPNs can only be used with their own software, while bypassing services generally use third-party clients such as Clash, V2rayN, Quantumult X, Surge, and Surfboard. You can use multiple bypassing nodes at the same time and specify different nodes for different websites. They have good traffic diversion rules. Using bypassing nodes does not affect the access to domestic websites, and you can keep them on all the time. However, after using a VPN, you need to turn it off, otherwise, it will affect the speed of accessing domestic websites.

Which one is safer, bypassing services or VPNs? Analyzing from the protocols, VPNs are undoubtedly safer. However, regardless of security, it is useless if there is no connectivity. Due to the obvious characteristics of VPN protocols, it is difficult to connect to overseas VPN servers in China, so even if they are secure, they are useless. In addition to using SS/SSR/V2ray/Trojan and other dedicated protocols, bypassing services can effectively bypass blocking. They also provide optimized routes, such as transit tunnels, IPLC, IEPL lines, etc., which have better connectivity. Although their security is not as good as VPNs, they are encrypted with TLS and are sufficient for daily security needs. Since most websites have enabled HTTPS, the security of VPNs has been exaggerated. In other words, even if ISPs know which website we are accessing, they do not know which page of the website or the specific content of the page.

Suggestions for Website Owners#

Whether it is connecting to a server or a remote Windows jump server, I recommend using Next Terminal Jump Server System. I believe that everyone will enable a proxy when going online. Connect to the jump server system through the proxy. The jump server can also add a relay server. Connect to the final server through the relay server.

What we need to pay attention to is that it is better for the jump server's server to have a different service provider and different account information from the main server.

When managing website content or logging into the control panel, you can also use the reverse proxy I mentioned earlier and access it through a dark web address. Cutting off access to the clearnet can not only protect yourself but also improve website security.

Next is about fund security. USDT payment has become mainstream, but some people still have some knowledge gaps in this area. Do not think that using USDT means that the destination of the funds cannot be traced. USDT is decentralized in wallets, and anyone could be the owner of a wallet. However, to cash out, it can only be done through centralized means. Usually, people may send the coins to an exchange, receive payment using a foreign account, and then transfer it to a domestic account. At this point, conducting C2C transactions means real-name authentication, making it easier to track. In recent years, there have been many cases of virtual currency crimes, and WJ will continue to iterate its technology. Once the coins enter the exchange, it is equivalent to showing your hand.

If we want to safely withdraw funds, we must master the techniques of mixing and laundering coins. In this regard, I recommend:

For cryptocurrency mixing and laundering, please chooseTelegram@A7_188

Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.