The goal of this article is to provide a solution to use the internet anonymously in an easy and secure way. Anonymous as in no one but you must be able to tell that you are communication with a certain receiver (like browsing a website: No one must know that you are surfing that certain website). A way to use the internet anonymously is to use an internet connection that can not be tracked down to your person and a computer that has no information stored about you. Which means quite an effort every single time you want to use the internet anonymously. For an internet connection that can not be tracked down to your person, software like Tor has been developed to accomplish this also over a non-anonymous internet connection. Checking if the computer has no information stored about you, can not be handled by the Tor software and must be handled by the user! Currently there is one major problem if you want to use the internet anonymously: You really do have to understand the functioning of computer networks and the Tor software to a degree that is far away from being trivial – otherwise you might probably use the software in an insecure way. Let me give you some examples:

1. Install the Tor client to your Operating System and configure your browser to use the local TOR client through SOCKS-proxy functionality of Tor (or use extensions like Torbutton for Firefox to do that for you). While this is quite easy to accomplish, it has a major security drawback: If you use your everyday browser it has a lot of information stored about you and your browsing history and behavior which it might leak. Even if you use some other browser, you must turn of all plugins like Java or Flash and disable Javascript (or use a proxy like Privoxy to do that for you) so they can not leak information like which sites you visited or in which network or city you are, … But this breaks lots of websites nowadays. While this approach might be easy it is usable for browsers only and far from being "secure".
2. If you use the tsocks/torify approach which allows non SOCKS aware applications (e.g telnet, ssh, ftp etc) to use SOCKS without any modification, you can use most applications. But they might still leak information about the local system themselves. Besides there is the risk of just forgetting to type the “torify” in front of the command that should be executed. Which is definitely not what one wants to happen. So this approach is neither "easy" nor "secure".
3. The VM approach I already wrote about in an article earlier, puts the software you are using on the internet into an virtual machine (VM) which reduces the risk to leak information about you and the information within the VM. The drawback is that you have to configure a redirection with a packet filter or firewall on your host system and that you have to set up and configure a VM to use as an anonymous workstation. So this approach is still far from being "easy".

Which is why I want to discuss a new approach that is at least as secure as the last one above (#3) but additionally should be quite easy to use:

1. Install and start VirtualBox (at least version 4).
2. Download two virtual machine (VM) images: Tor gateway and Tor workstation
3. Start VirtualBox and import both VM images (File->Import Appliance)

To start using the internet anonymously you just have to start both VMs Tor gateway and Tor workstation. As soon as they they finished booting, you can use the anonymous internet access through the Tor workstation. If you want to stop using the internet anonymously, just power down both VMs. The task of routing traffic through the Tor network has been moved to the Tor gateway VM. So you do not have to modify your local system any more then installing Virtualbox and importing both VMs. You do have a preconfigured Tor workstation ready to use that boots within a minute and you can be sure to anonymously use the internet. The Tor gateway runs OpenWRT Linux using just about 8Mb of disk space and 32Mb of RAM. It boots in less then 3 seconds and transparently routes all traffic generated within the Tor gateway itself and every traffic coming on the virtual internal interface "tor" through the Tor network. You do not need to do anything but start when you want to use Tor and stop the VM when you finished. The Tor workstation runs Micro Core Linux using about 120Mb of disk space and 192Mb of RAM. It boots in less then a minute and has some browsers (Firefox, Chromium and Opera) and a terminal installed. It only stores information within a session. So if you shut it down and boot it again it does not have any information about the previous session. Of course you are not forced to use the Tor workstation. You can use any other VM (Linux, Windows, AmigaOS, just any TCP/IP capable Operating System). Just configure the network settings of the VM (in Virtualbox Settings->Network->Adapter attached to internal network "tor"). Please report, if you encounter any unwanted behavior or find any problems! Also do so if you have got any suggestions to improve the VMs or this approach as a whole. Side note: The content of the communication between you (Tor workstation VM) and any receiver (e.g. a website) is necessarily only encrypted within the Tor network. So if you open an unencrypted connection to any receiver the Tor exit node which in fact opens the connection to the receiver is able to see the content of the connection. So do not send any sensible information like passwords over unencrypted connections!