Have you installed a Kali distribution in your Macbook pro M1 chip ? I have some bad news for you: no Tor Browser !
You must have encountered a problem when trying to run the torbrowser either from having installed it from https://torproject.org or through apt install torbrowser-launcher. This anoying error may have popped up:
Tor Browser requires a CPU with SSE2 support. Exiting.
SSE2 stands for Streaming SIMD Extensions intrinsics (Intel). The sad part is that it's Intel and not Arm. So unless you alter Tor Browser's C source code and make it use arm neon intrinsic headers, it is unlikely you will be able to run the thing. (Here's a link for compilation instructions if you want to try that route, which I don't recommend unless you know C)
For our purpose, we are going to stay humble and use Tor through Firefox, follow along and you will be able to browse the Dark Web on your Macbook Pro M1 Kali install.
Step 1, install Tor:
sudo apt install tor
Next, edit /etc/tor/torrc:
sudo vim /etc/tor/torrc
Find the line below and uncomment it:
#ControlPort 9051
Now, find this line:
#CookieAuthentication 1
Make it look like this
CookieAuthentication 0
Finally, restart the tor service:
sudo /etc/init.d/tor restart
Check if things are properly set up. Find out your current ip:
curl https://ip.meow.ch/?plainText
and compare it to a "torified" curl (usual curl but through the tor network):
torirfy curl https://ip.meow.ch/?plainText 2>/dev/null
The redirect to /dev/null is used because torify generates a handful of warnings on some platforms.
You can now use any command anonymously through Tor by prepending torify.
When you want to re-generate a different IP (or Circuit in tor slang) you need to send a NEWNYM signal with:
echo -e 'AUTHENTICATE ""\r\nsignal NEWNYM\r\nQUIT' | nc 127.0.0.1 9051
Verify that the IP has changed by repeating the torified curl command above; is it different than before? Cool!
Increase anonymity with popular DNS servers
Instead of using your ISP DNS server, it is a good idea to use a very common DNS server (in a different country than yours), in order to further obfuscate you.
To see your current DNS resolution IP do:
cat /etc/resolv.conf
should output:
# Generated by NetorkManager
nameserver 192.168.64.1
nameserver fe89::1231::1231::asdf::3b64%eth0
This means that my DNS server is resolved by my router. We want to change this, to a big reputable DNS server. So let's first find a reputable DNS server with a search enging: "most reputable dns server", you will likely get:
CISCO OpenDNS 208.67.222.222 and 208.67.220.220;
Cloudflare 1.1. 1.1: 1.1. 1.1 and 1.0. 0.1;
#...
Let's use the first one. To do so let's edit /etc/dhcp/dhcpclient.conf:
sudo vi /etc/dhcp/dhcpclient.conf
Find this line:
#prepend domain-name-servers 127.0.0.1;
and turn it into:
prepend domain-name-servers 208.67.222.222,208.67.220.220;
Save the file and restart the resolvconf service.
First, make sure it is installed with:
sudo apt install resolvconf
systemctl enable resolvconf.service
systemctl start resolvconf.service
Check if by any chance the nameservers have been updated:
cat /etc/resolv.conf
# Dynamic Resolve.conf(5) file for ...
# ...
nameserver 208.67.222.222
nameserver 208.67.220.220
nameserver 192.168.3.1 # this may differ
If you do not see the new nameservers listed, try to:
-
restart
NetworkManagerin Debian >= 11 (network-managerfor Debian < 11):service NetworkManager restart -
restart
dhclient:sudo dhclient -r sudo dhclient -v
Once you see that cat /etc/resolv.conf lists our new DNS ip's that we added to /etc/dhcp/dhcpclient.conf, then it means you are safe.
Setting up Firefox to browse through the Tor network
To setup firefox to use a Proxy (Tor) follow these instructions.
Accessing .onion sites
Firefox blocks .onion sites by default. There is a flag you can toggle in order to allow .onion browsing.
In the url type: about:config, Accept the Risk and Continue then search for network.dns.blockDotOnion and toggle to false
DoH: maybe not good idea
To setup DNS over HTTPS Do this only if you know it increases your anonymity. I didn't know.