[readmission]

Nesting an encrypted connection inside the traffic being routed through tor is what you would need to protect HTTP traffic from being manipulated and/or monitored by an exit node.

So instead of doing (you -> tor -> internet), do something like (you -> tor -> VPN -> internet). To be even safer do (you -> VPN -> tor ->VPN -> Internet) that way your ISP isn't aware of tor traffic and the exit node cannot manipulate requests.

Easiest way to accomplish that is with a VM. The host has a VPN connection, force route the VM through tor (with something like Tortilla) and install a VPN client on the VM as well. This requires you anonymously set up the VPN running in the VM so there is no connection back to you, of course.

[mandalar12]

The most difficult part in your setup is to make untraceable the VPN you run after going through Tor. The problem is: if you believe this VPN is safe / untraceable enough, why do you even use Tor in the first place ?

The problem is that you, at some point, pay the VPN, and that is very likely to be linked to your real identity somehow.

[readmission]

Paying for the VPN anonymously is possible with Bitcoin.

The reason you tunnel it all through tor is because you can't trust the VPN not to fold if the government subpoenas them. So if the data center hosting the VPN is subpoena all they can hand over are logs of tor exit nodes. If you didn't use tor, they would get your home IP and the jig is up.

[cmdrfred]

Or my configuration when I want to stay anonymous; Me->VPN->INTERNET->TOR. You have to have access to a corporate VPN though.