Awhile ago I wrote a post on Tor for Tiger, but since it's outdated it's time to update. In fact, I plan to follow this post with more privacy tips, including how to encrypt your email in Mail.app and TenFourBird. But for this post the focus will be on Tor.
Unless you've been under a rock, you know the NSA is collecting it all and seeking to keep permanent records of all your internet activity (cringe). While not alarming to most individuals in an immediate sense, just the awareness of all this cataloguing can have a chilling effect on how we think and act and can stifle a lot of the creativity and risk-taking that make a free society thrive. Unless you think East Germany was a model of creativity and innovation. Okay, they did use creative methods to win Olympic gold medals, but my larger point stands.
And it's not just the NSA. Many governments take a stalker's interest in what you're doing on the internet, and there are times when we need to protect ourselves. Case in point: bloggers. If you have something to say but are afraid of getting arrested (or sued), Tor will help you stay anonymous by running your traffic through proxies and masking your real identity, i.e. your IP address.
Normally the Tor Project recommends users download their browser bundle, which is the current Firefox ESR specially configured with Tor, but since they're no longer compiled for PowerPC, that puts us in a bit of a jam. Fortunately you don't need the bundle. You can just install Tor and configure your browser manually. On OS X you can install Tor with Tigerbrew or MacPorts. On Linux, just use apt-get or aptitude to install it.
For OS X, you start up Tor by entering
torin the terminal (you can also set it as a launch daemon on startup, though I've read tor has trouble regaining connections after OS X wakes from sleep). It'll give you a bunch of output messages as it establishes a connection, and once that's done, you can go to TenFourFox's Preferences-->Advanced-->Network and click the Settings button next to "Configure how TenFourFox connects to the internet". Select "Manual proxy configuration" (remember, to switch back click "Use system proxy settings") and for "SOCKS Host" enter 127.0.0.1 and 9050 for the port. Also, where it says "No Proxy for:" enter "localhost, 127.0.0.1".
Now you should be ready to browse anonymously, so go to https://check.torproject.org and it should say in bright green, "Congratulations. Your browser is configured to use Tor."
On Linux, Tor automatically runs as a daemon after install, so you don't need to start it up in a terminal, but the TenFourFox instructions above apply to Iceweasel.
Also, you can set up OS X's Network Preferences to use Tor as a system-wide proxy for other applications by following steps 3 & 4 here, but I'm not sure how secure that is if the software we're talking about is no longer supported. You can torify TenFourBird by using the TorBirdy add-on instead.
Last thing I'll mention, if you don't want to use Tor all the time but want all your searches anonymous, one option is DuckDuckGo, but if you like Google better, there's Startpage. It gives you the same search results as Google, but it's done through a proxy so Google has no idea who you are. The plugin for your TenFourFox search bar is here, and many more search plugins are found here.
UPDATE: Apparently with the above TenFourFox/Iceweasel configuration, there is the threat of DNS leaks. The warning message is this:
[warn] Your application (using socks5 to port 443) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more information, please see https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS.
This can be corrected in TenFourFox and Iceweasel by going into about:config and changing
network.proxy.socks_remote_dnsto "true." This will force dns requests through the proxy and the warning will disappear. You could alternately install Privoxy and set it to use Socks4A like the warning recommends. This will protect you in applications other than your browser as well.
Incidentally, to avoid having to change all these preferences between Tor and non-Tor sessions, you can create a second profile in TenFourFox for just your Tor preferences/add-ons. I experienced a bug in the GUI Profile Manager, so I created a new profile in the command line with this:
/Applications/TenFourFox7450.app/Contents/MacOS/firefox-bin -CreateProfile Tor
where Tor is the name of my new profile, and TenFourFox7450.app is the name of the app in my Applications folder (yours may be different depending on your processor type). Now I have two profiles to choose from, default and Tor. To choose which one at startup, enter in the command line:
to bring up the Profile Manager window. Uncheck the "Don't ask at startup" box and the Profile Manager will appear every time you startup TenFourFox allowing you to choose.
There weren't any bugs in Iceweasel's Profile Manager, which you can simply invoke with