Tor protects your internet connection, but somethings will compromise your anonymity and privacy whilst using Tor:
- Don’t Download Torrents – P2P clients disclose details about each client to other peers & trackers in order to determine peering levels and file availability
- Don’t Use Google – or any of its products. Google’s extensive use of cookies and analytics tracking together with data aggregation means Goole will pretty much know who you are
- Don’t Enable Adobe Flash, Java or Javascript – These applications enable active code on sites that Tor cannot protect you against, storing cookies and content outside of the browsers runtime environment
- Don’t Use HTTP Sites – Tor protects your network traffic (as far as the exit node), after that an insecure website could expose login credentials and your identity
- Don’t Use Email – unless connecting to encrypted email services that you do not use ordinarily over open internet connections
- Don’t Open Random Files or Links – Malware infected files can still exfiltrate sensitive data from your device when using Tor. Same rule apply as always, be careful when opening unknown / suspicious files or links
- Don’t Enable Cookies – or remove them after each session. This is where you must determine why, how and where you use Tor.
- Don’t Use Phone Verification – Some websites may ask you to confirm your identity while using Tor because they can find their persistent or tracking cookies. Making this connection between your number and the information the site is detecting will remove any anonymity you had
- Don’t Connect To the Same Site With & Without Tor Simultaneously – An attack from a website, can drop connections and monitor connections as they reconnect and establish which IP address location belongs to specific Tor connections