Browse & Email Safely & Anonymously With TorBOX

Ryan Dube 12-09-2012

Browse & Email Safely & Anonymously With TorBOX onlinesecurityBefore two years ago, I never thought that I’d have a need to block my identity while I was using the Internet. Seriously, I though that anonymous use of the Internet was only for hackers, criminals, and in general people that were up to no good.


In reality, there are actually lots of legitimate reasons why you wouldn’t want identifying information attached to messages that you are sending to someone, or why you’d want to prevent people that are intercepting your traffic from determining the IP address, or computer location, that you’re browsing the Internet from.

Two years ago, I hired a guy that lives in China to perform boots-on-the-ground investigative journalism for me. It isn’t easy for journalists in China, with a government that cracks down hard on anyone that may be sending information about the Communist party or its activities outside of the country. This journalist was willing to accept the risks, but we both knew that we would have to put some protections in place.

Back in 2011, I wrote about one of the anonymous and encrypted email services we used called VaultletMail Exchange Secure & Encrypted Emails With VaultletSuite As I was working through writing applications for my site, I came across a reporter who was in a country with a very rigid dictatorship. I went out in search of a free solution that... Read More . For very sensitive emails, he would package it up into a file and then encrypt that file The 5 Best Ways To Easily & Quickly Encrypt Files Before Emailing Them [Windows] Earlier this year, I was faced with a situation where I had a writer working for me overseas in China, where we were both certain that all of our email communications were being monitored. I... Read More using one of a variety of tools.

But there was always the fear that the government would intercept it and figure out my identity, or worse – his. Once I picked up a second correspondent in Malaysia, I realized the need for protecting communications was critical. So I went out in search for an additional layer of protection, and discovered TorBOX.

Protecting Your Identity

A few years ago, I had a friend that built one of these VM systems himself. He could send out emails from an entirely different IP than England, and I was insanely jealous. I never really had a need to do anything like that, but still, it was cool.


Now, I’ve found myself with a legitimate need to make my traffic appear to come from some other country than the U.S., or at least some other location than the Northeast. With TorBOX, you don’t need those walk-on-water programming skills. All you need to do is install both the Gateway and the Workstation.  Just download both, and then use the “Import Appliance” tool in VirtualBox to load up the two VMs.

Browse & Email Safely & Anonymously With TorBOX torbox1

When you import, you’ll see all of the details of the pre-configured system. The developers advise not to reinitialize the MAC addresses. I don’t know why, just don’t do it.

Browse & Email Safely & Anonymously With TorBOX torbox2


Once you import both of them, you’ll see them show up in your list of Virtual Machines. First launch the TorBOX Gateway, and then launch the Workstation.

Browse & Email Safely & Anonymously With TorBOX torbox3

The beauty of this setup is that not only does it provide you with anonymity while browsing the Internet and sending out emails, but it also protect you from the snooping eyes of any spyware that may be installed on your PC for the purpose of tracking your online transmissions.

You see, the Gateway component of the setup operates within its own isolated network, connected only to the VM Workstation. When you access the Internet through this setup, it goes out to the Internet via the “Torified” connection, not through your “non-torified” connection.


If this seems confusing to you or you don’t know how Tor works, check out Jorge’s explanation Anonymous Internet Surfing with Tor Tor is a freely accessible network that allows Internet traffic to flow through it securely and anonymously. Read More , or Danny’s description of Tor How the Tor Project Can Help You Protect Your Own Online Privacy Privacy has been a constant issue with virtually all major sites that you visit today, especially those that handle personal information on a regular basis. However, while most security efforts are currently directed towards the... Read More . Both articles are great.

Browse & Email Safely & Anonymously With TorBOX torified

The bottom line is that, running this VM, not only do you get the anonymous safety of Tor, but you also get the additional protection of running your browsing within a self-contained VM machine, within which your host computer cannot play. That means any malware installed on your PC can’t play there either.

When you launch the gateway, all you’ll see is a bunch of text scrolling across the screen.


Browse & Email Safely & Anonymously With TorBOX torbox4

When it stops, you can then launch the Workstation. This is a Ubuntu based system that’s very bare bones. You may not see anything on the application bar depending on your color scheme. Just right click in the lower left corner, and you’ll see the menu system. As you can see, there are a few existing applications installed already – a simple media player, PDF reader, and text editor for example.

Browse & Email Safely & Anonymously With TorBOX torbox5

If you only want this for safe, anonymous web browsing, then you have everything you need right here. Just click on the “TorBrowser“, and the browser will launch within the VM.

Browse & Email Safely & Anonymously With TorBOX torbox6

The first thing I did was browse to with my host computer, and did so with the TorBrowser as well. In the image below, the top IP was the one using TorBrowser, while the lower one was the regular host IP.

Browse & Email Safely & Anonymously With TorBOX torbox7

Even better, the remote server did not think that my TorBOX traffic was coming from a proxy. For all intents and purposes, I’m a regular user, meaning that I can use regular online email services and even online forums that might block people that are using a proxy.

TorBrowser also has some nice additional security features. For example, clicking on the HTTPS icon at the upper right, you can enable HTTPS on all sites where possible. This is set to ON by default.

Browse & Email Safely & Anonymously With TorBOX torbox8

When you click the Tor icon, you’ll see all of the security settings that you can use to tighten or loosen the security  of your Internet browsing to your liking. Some things you can enable include blocking plugin use and isolating dynamic content.

Browse & Email Safely & Anonymously With TorBOX torbox9

Under the History tab, you can control how your browsing history is handled and protected. Explore through the Forms, Cache, Cookies and other tabs to see how you can tighten security in those areas as well.

Browse & Email Safely & Anonymously With TorBOX torbox10

What’s cool about this browser is that it offers such a tight level of security inside of an already-secure VM setup, and on an already “Torified” network that has you on the Internet under an assumed IP. You couldn’t ask for much better anonymity and security than this kind of setup.

Browse & Email Safely & Anonymously With TorBOX torbox11

After enabling and securing my VM setup, I then go a step further and access Hushmail to make contact with my correspondents around the world. Husmail adds yet one more level of security to the already stockpiled blockade that this existing setup now provides.

Beyond web browsing, you can also access the terminal console on the Workstation node.

Browse & Email Safely & Anonymously With TorBOX torbox12

Don’t forget, if you prefer working with an email client rather than webmail for your secure email setup, you can always download and install a Linux email client Geary: A Quick And Simple Linux Email Client With Threaded Conversations When it comes to Linux email clients, Thunderbird and Evolution come to mind quickly. Both of these programs are great if you need advanced features. Both clients can feel heavy at times, however. Exploring their... Read More  to your new Torified VM.

This setup isn’t perfect – no security setup really is. Someone, somewhere might be able to figure out a way to figure out who you are and where you are. But, if you’re using an ultra-secure setup by running TorBOX, you can at least rest assured that you’ve tried your hardest to isolate your sensitive communications and Internet traffic from prying eyes.

Have you ever used any Tor tools? Are you thinking of giving TorBOX a try? Share your own security setup in the comments section below, we’d love to hear how you protect your own ultra-sensitive communications over the Internet.

Image Credits: Digital Binary Data Via Shutterstock

Related topics: Email Tips, Tor Network.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Tuaha Jawaid
    October 26, 2012 at 8:15 am

    I installed torbox but my internet is not working

  2. Zechariah Allison
    October 16, 2012 at 2:30 pm

    Im kind of new to the whole TOR thing but from my understanding yes you remain completely hidden unless you slip and put some sort of identifying information out there from that tor ip. however every time you connect another pipe you are exposed unless proper provisions are taken. the odd thing is do to the nature of the deep web many times the less securitys that are in place leads others to believe that you dont know what you are doing or that you have nothing important on there. when they see a heavily gaurded system many of those unwanteds begin the "challenge Excepted" mentallity and attempt to enter your system oddly enough. but from my experience Tor email works great and there are a few Tor chat programs.

  3. Fres
    September 15, 2012 at 5:12 pm

    Hi Ryan
    Thanks for the informative article.
    I was able to install it successfully and I was able to verify that my ip address is now from another location. But somehow based on the info I got from various ip locator sites, it showed that I was identifiably using Tor based on the ip information :

    ISP: Host Europe GmbH
    Organization: Chaos Computer Club e.V.
    Services: Confirmed proxy server
    Recently reported forum spam source. (104)

    Is this what's supposed to show ? Kindly let me know if I have to configure anything else. Thanks !

  4. GrrGrrr
    September 13, 2012 at 5:36 pm

    Thanks Ryan, this is something interesting to have.
    I checked the website & it says Requires VirtualBox. Do you know if it would work with VMware Player also?

    • Ryan Dube
      September 15, 2012 at 2:02 am

      I'm not certain. I used VirtualBox - but if VMware can import that file type, you should be all set. I'd say it can't hurt to give it a shot and see if the images work.

      • GrrGrrr
        September 16, 2012 at 5:28 pm

        VMware Player supports, but I got an error while trying to open the file.

  5. Jon Dough
    September 13, 2012 at 3:06 pm

    This looks much harder than the Linux distro called "The Amnesiac Incognito Live System" or TAILS. It is safer, I think, though.

    • Ryan Dube
      September 15, 2012 at 2:01 am

      Really? Is it just too many steps or overly complicated? It seemed fairly simple when I was running through it myself - and I typically avoid anything that is ultra-complicated to set up.

  6. Frederick Doe
    September 12, 2012 at 11:23 pm

    Hold on just a minute. This setup may protect you from a government trying to monitor you, but it also exposes you to whoever is at the other end of the digital pipe (right?). I would feel much safer using a VPN that I bought from a reputable company than a connection to who-knows-who in who-knows-where. Besides, if you were a government bent on monitoring citizens' communications, wouldn't you set up a bunch of TorBox servers and monitor those?

    • Tristan Phillips
      September 13, 2012 at 12:03 pm

      What makes you think a VPN is safer from the government? Do you think that reputable company won't do what the government tells it to do when push comes to shove?

      And do you determine what is a reputable VPN company? By their written policies (Which are worth the electrons they are printed on)?

      • Ryan Dube
        September 15, 2012 at 2:00 am

        That's a good point - I'm not sure there is any 100% secure solution out there. It does feel like running the Torbox with it's multiple layers of anonymity offers a bit of security. Add on top utilizing an anonymous email service and I'd say you're in a fairly safe zone.