March 04, 2008 by sharky
When it comes to the Internet, no matter how overt and honest people are, we don’t want our privacy to be invaded. While President Bush may defend domestic eavesdropping, it doesn’t mean you should. Things have gone from bad to worse - why, we can’t even send an email without worrying about it being intercepted. Every site we visit, every facebook or hotmail login, every search in a browser - it’s all recorded, logged and saved in giant datastore farms, surreptitiously laying-in-wait for that one day where it’s all dragged out and thrown back in our faces. It’s anyone’s guess who’ll be granted access to this datamine down the road.
An exact copy of all Internet traffic that flowed through critical AT&T cables — e-mails, documents, pictures, Web browsing, voice-over-Internet phone conversations, everything — was being diverted to equipment inside the secret room,” - Mark Klein, a 20-year veteran for AT&T, referring to the sixth floor (secret room) in which the U.S. Government & NSA have unconditional access. According to Mr. Klein, there are 15 - 20 more buildings just like it across America, set up the same way. This is just the tip of the iceberg - there aren’t many whistleblowers like Klein that “leak” sensitive information such as this.
Whilst there’s not much one can do about Big Brother™ and his Orwellian cohorts from videotaping you at the local convenience store, or taking pictures of your licence plate at every street corner, or even RFIDing your next born - the least we can do is not let it happen to us in our own living room.
Here are a few tips for total anonymity within the Internet.
Hiding your Identity when Web Surfing
Without question, this is the singlemost important aspect to online security. Every website you visit, every link you click - it’s all potentially available to Big Brother. Sure, the websites that you’re surfing can be collecting sensitive data about you and your computer, but the concern doesn’t stop with them. Your ISP is likely keeping a copy of the sites you’ve been visiting as well, right down to the exact pages viewed.
What you can do:
— ANONYMOUS WEB PROXY (CGI PROXY) - Fire up your favorite browser and visit a CGI proxy website. Not even your ISP will know where you’ve been surfing! While not the quickest solution, it works in a pinch if you need to access that blocked site from work. Not recommended as a permanent solution to anonymous surfing.
- http://anonymouse.org - One of the better ones of the bunch. You can even send anonymous email and post to newsgroups with this site!
— PROXY SERVERS: - You’ll have to change a couple of settings in the browser, but you’ll be able to switch it on or off. Some anonymous software uses pre-ordained lists of available proxy servers.
— USE A FREE VPN SERVICE:For ‘tunneling over’ an existing network (connection). Some stand-alone anonymous browsers use VPNs, as in the case of SSL Explorer.
Anonymous Web Searching
The AOL Searchlogs fiasco is just one high-profile example of what can be done with your sensitive search data. The Electronic Frontier Foundation has written a great article on what you can do to protect your search privacy.
Want to simply block Google from logging your searches? Try scroogle.org. Or use one of the proxy tips from above; it achieves the same goal.
Anonymous Chat / IM
When used conventionally, Instant Messaging (IM) software isn’t exactly anonymous. Even if you use a proxy, the recipient could always be “saving” the entire two-way conversation regardless of the safeguards you’ve employed at your end. Even if you totally trust the other person, a “leak” could expose the whole thing from their side - if they aren’t using any anonymous/encryption methods.
What you BOTH need to do:
— A simple solution is that you each run a proxy server through the IM software, although this won’t solve the “saved conversation” dilemma. Data/files are not encrypted in this manner. The software “GhostSurf” works in a similar manner, although it’s not free.
— PREFERRED: You’ll both be better off using a F2F network that employs some sort of encryption scheme to the mix:
- Alliance P2P/F2F - Excellent F2F solution! Share files effortlessly among other users in your “list”.
- RetroShare - Has all the features of Windows Messenger / AIM etc. with SSL-encrypted topography.
It goes without saying that everyone in your F2F “network” needs to be running identical software for this to work.
Sending Anonymous email
Oh, does this ever have its potentials! Did you ever get ripped off by a “movie download” site only to find out they gave you a link to www.limewire.com? Why not give them a piece of your mind - over and over and over again.
What you can do:
— GuerrillaMail.com - For free, you get a valid working email address for 15 minutes. Then it’s gone. You can read and reply to emails that are sent to the temporary email address within the given time frame. At last check, attachments didn’t work.
— https://www.anonymousspeech.com - For free, you can create an account and start sending secure email around the world! Even supports file attachments up to 15MB (perfect for songs, or tiny Pr0n clips!).
— http://anonymouse.org/anonemail.html - With anonymouse, you can send email without revealing your identity. Another site that does the same thing is http://secret101.com.
Blog Anonymously
These days, setting up an anonymous blog is as easy as creating a new hotmail account. The two major sites that come to mind are www.wordpress.com and www.blogger.com. Both will allow you to create a blog (in minutes) using a “fake” gmail or hotmail address. This isn’t a “true” anonymous solution - your real IP address is still being used to upload information to that blogsite, and that could arguably be traced back to your real ISP account.
Other Options:
If that’s not quite enough security for you, perhaps these solutions will fit the occasion. Four “darknets” come to mind that offer free blogging (although your audience is going to be limited to only those inside the darknet).
- — the “Tor hidden services” (.onion sites).
- — Syndie (http://syndie.i2p.net/) for the I2P community.
- — Flogs (free sites for blogging) in Freenet.
- — Even anoNet has its own blogging support.
Want your own anonymous website / blog with a little more freedom? Try our next tip:
Anonymous Domain & Webhosting Solutions
Looking to set up a website but never have it traced back to you? There aren’t many domain / webhosting companies that offer true anonymous Internet alternatives - in fact, we could only find one - but they do it well. Katz offers offers high security, no-exposure hosting solutions. Since you are paying for it anonymously (and they don’t ask you for personal info) it would be feasibly impossible for them to “rat you out”.
— http://www.katzglobal.com/hosting/anonymous-domains.html
The Katz Global Anonymous Domain Trust™ keeps your Whois Database information anonymous and allows you to host your website and do business online in a total anonymous environment. Here’s the Katz description:
We keep you 100% anonymous because:
- #1. We never ask for any of your personal information.
- #2. We can never give it out to third parties.
- #3. We can facilitate anonymous payment methods.
- #4. We can provide Offshore Whois / Registrant Details.
We strongly recommend that you opt for an offshore domain.
OUR NOTES:
Don’t be fooled by Web Hosting companies that promise an “anonymous domain name”. In fact, all they offer is that you won’t be listed in the WHOIS (i.e. “private Whois protection”). While this removes you from prying eyes, your account to that web domain/registrar is not anonymous, and your real identity is still connected to that domain/website. At least Katzglobal provides a service where they never knew your true identity in the first place, and thus cannot provide information to authorities which they don’t have.
All-in-One Anonymity
Something that’s worth taking a look at are LiveCDs. A LiveCD is a computer operating system that is executed upon boot, without installation to a hard drive. Self-contained and ready-to-go, there are a few in particular that are privy to anonymity.
Incognito
Incognito is a LiveCD that provides software to use various Internet technologies while keeping the user anonymous. It is based primarily on Tor while including supporting applications. The target use case is that of using a public computer, such as in a library, securely. This CD may also be copied to a USB drive to provide persisted user settings. The intended user base are those who would like to perform standard Internet communications such as WWW, email, IRC, IM, etc., while being confident that their anonymity is not compromised.
USAGE: Fairly simple - download Incognito, and burn the *.ISO to a blank CD. Place it in a computer (i.e. yours) and boot from it. SETUP is easy to follow and self-explanitory.
Anonymity Anywhere / ROCKate
Check out anonymityanywhere.com for other anonymous LiveCD options. “Anonymity Anywhere” is another Tor-based option; ROCKate is based on the ROCKate Linux distribution.
Miscellany
http://www.pgp.com - PGP uses cryptography between data sent between two parties - particularly handy for email. Email encryption wraps a secure layer around messages and attachments, making them unreadable by anyone except their intended recipients. Other applications of PGP include archived files (.ZIP, .RAR), encryption of personal data (file and disk security), IM solutions, file and storage security.
http://www.truecrypt.org - TrueCrypt is a free, open-source on-the-fly disk and file encryption solution. You’ll be able to encrypt your entire hard drive, so that when the Feds kick down your door, there won’t be much to look at.
http://numbr.com - numbr is an auto-expiring, FREE anonymous phone number that forwards incoming call to your home or mobile phone. Callers do not see your home or mobile numbers. You’ll be able to give that chick in the bar your phone number without worrying about wifey finding out. Presently the site is not accepting new “members” but look for a re-launch.