| Outlined below are the basic tools for anonymity while browsing on the Internet or posting to Newsgroups. For detailed information, links to sites that either have the tools needed or discuss these tools in more depth are provided. |
| Definitions: |
| Tools: Software used to take advantage of services. |
| Services: Networks, NSPs, Proxies, or anything that requires someone else to do something for you. |
| Tools |
|
Torpark (renamed xB-Browser)
xB-Browser
Tor
PuTTy
SocksChain
Remailers
Jack B. Nymble
Quicksilver
Mixminion Message Sender
|
| I. Web Anonymity
Anonymous access to websites requires the use of an anonymous proxy, a remote computer that substitutes its IP address for your IP address as well as software/browser that will read/parse the web pages you view without leaking your personal information to a malicious website. |
|
How information is leaked.
Every time you access the net, information
specific to your computer goes with your connection, and each web
page, email and any other contact will give the recipient your
computer's address. That is how the net functions so that
information you request can find its way back to your
computer. The address is your IP address (Internet Protocol)
and there is no other computer with the same number. |
| Torpark |
|
This is a self contained program that includes TOR (see links below) and reads web pages (based on Mozilla Firefox). It is simple to use, requires no installation, and does not leave any registry entries written by the program and no files in the system directories. It comes pre-configured so that there are as few leaks as possible (e.g. Java, JavaScript, etc.). It is also free. |
|
http://www.torrify.com.nyud.net:8080/ |
| http://www.torrify.com/ |
| [ Top ] |
| xB-Browser |
|
This is the replacement for TorPark. The site is primarily commercial, but the program is still free despite the notice on the left about a "Free Trial". |
|
http://xerobank.com/xB_browser.html/ |
| [ Top ] |
| TOR |
| Tor is a program AND a network of
freestanding computers that act as a three chain anonymous encrypted
proxy. Everything is encrypted from your computer to the last
tor node. For accessing the net, you can use Vidalia TOR with a
browser. Since configuring IE for TOR is laborious and difficult to
reverse, it is best to use another browser dedicated to
anonymity. Mozilla Firefox is the browser of choice, but others
may work as well. Configure your browser to use the following
"proxy" after you have TOR running: 127.0.0.1 port 8080. Turn
off scripts, Java, cookies and other types of html behavior that
would tend to identify you. |
| Overview: |
|
http://tor.eff.org/overview.html.en |
| Download: |
|
http://tor.eff.org/download.html.en |
| [ Top ] |
| PuTTY |
| This is a free program that is a one hop encrypting program that allows one to use a commercial SSH tunnel provider (e.g.Cotse.net or privacy.li, perhaps some others). By itself, it's useless. You must have an account with a paid service to use this program. |
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
(I recommend using the Windows
Installer.)
Additional information about configuring PuTTy for
Cotse.net can be found here . |
| [ Top ] |
| SocksChain |
| This program is currently commercial (purchased) and will take a list of proxies and allow the user to "chain" through them - connect to proxy 1, which connects to proxy 2, which connects to proxy 3 which connects to the destination. Freely available proxy lists are available, but there are some major caveats: The use of such proxies is sometimes illegal; These "free" proxies are under no obligation not to log or turn you in (in fact, if they discover their services are being used illegally, they may well do that); The services
could be "honey pots"; the type of proxy may not be anonymous. Many such proxies are "transparent" and provide the barest minimum of protection; They tend to be slow and unreliable, and disappear frequently. In essence, this type of anonymous access is a disappearing art. Sockscap is useful to make programs use this chain of proxies, although a connection from your browser to 127.0.0.1, using the port specified in the program, will also
function. |
| [ Top ] |
| II. Usenet posting |
| A: Remailers |
| A remailer is a computer that uses a program to forward mail from your computer through as many other computers as you wish to the destination. Each computer strips all
identifying information and sends the message along. It can be used for email (see below), but for Usenet posting the final "destination" would be a mail2news gateway. Detailed explanations are not possible here, but the programs that can be used to send the messages have instructions for email and posting. |
| [ Top ] |
| Jack B. Nymble |
| This is the old standby - a 16 bit program that is somewhat outdated by itself. It doesn't do SMTP authentication, and it can only use PGP versions up to less than 7.0.
It is difficult to configure, and has many pages of configuration Windows, but when it works, it's beautiful. Panta-rhei has an updated version that will do SMTP authentication: http://www.panta-rhei.eu.org/ Go to the downloads area. |
| [ Top ] |
| Quicksilver |
This is a newer program that will use all current (as of 30Jan2007) versions of PGP and do SMTP authentication. There is copious information, and some templates, but the actual use requires some potential changes in the templates. Also, the URL's for the remailer statistics are out of date. Support is still available as is the program from http://quicksilvermail.net/.
Abbreviated
setup instructions can be found here. |
[ Top ]
Web
Posting
There are
occasionally web pages that allow one to post messages to
Usenet or to send email. The only one I am aware of at
the moment is: https://zerofreedom.homeip.net/cgi-bin/mixemail-user.cgi
It can send
directly or via a chain of remailers. You determine whether you want remailers (and how many) when writing your message. To be sure you are anonymous, use TOR or Torpark. |
| [ Top ] |
| Mixminion |
| Mixminion is a "type III" remailer system. It uses many of the same computers as type I and type II, but the program is different. You would need the mixminion program as well as the Mixminion Message Sender. Comes basically pre-configured except for some details such as directories and your choices. |
| http://peculiarplace.com/mixminion-message-sender/ |
| http://mixminion.net/dist/0.0.7.1/Mixminion-0.0.7.1.win32.zip |
| [ Top ] |
| B. Web Mail Posting |
Aside from the web service mentioned above (II, a, 3), you could use any anonymously set up web account and
one of the following TO: headers: |
mail2news-YYYYMMDD-alt.test@m2n.mixmin.net
mail2news_nospam-YYYYMMDD-alt.test@m2n.mixmin.net
mail2news-YYYYMMDD-alt.test=alt.testing.testing@m2n.mixmin.net
mail2news_nospam-YYYYMMDD-alt.test=alt.testing.testing@m2n.mixmin.net |
| Of course, substitute your group of choice for alt.test. |
C. Using a commercial account for
posting
If you need an anonymous commercial account, it should be
set up with an anonymous email address, fake information,
and access via puTTy, TOR or Torpark. Payment should be with either cash or money order send with fake return address (or none). Many commercial NSPs don't allow anonymous sign up. To connect your newsreader to the NSP via PuTTy or TOR, use a program called Sockscap or Freecap. |
| http://www.socks.permeo.com/cgi-bin/download.pl |
http://www.freecap.ru/eng/
(note,
better get Freecap while it's still free). |
| Configure Sockscap as follows: Files/Settings: 127.0.0.1 Port 9050 (for TOR) Socks5 Resolve all host names remotely. |
III. Email
All of
the programs above that use mail2news gateways for posting can also be used for anonymous email. To receive mail via the remailer network however requires a free nym account. Look at panta-rhei's web site or komite for examples of nym accounts. JBN and Quicksilver can be used to set these up. |
| http://www.panta-rhei.eu.org/ |
| help@nym.komite.net |
| Using any one of the proxy type programs mentioned above, you can create an anonymous email account with simple web based email services. The more complex the service, the less likely it is to be anonymous. Some web email services require Java or JavaScript, others may block tor. Hushmail has proprietary software that makes its own connections and delivers information to hushmail that you have no control over. Simpler is better. KISS. |
| Summary and additional caveats |
| To be anonymous does not require all of the above tools or services. They are all equally "anonymous" but some may be more vulnerable to attack than others. Single hop services (mainly commercial proxy providers) will always know who you are and what you connect to. Posting or emailing encrypted material keeps the information about the ultimate content private however, so consider using PGP for communication in addition to the above services. |
| Questions about the security and
reliability of the TOR network or remailer network have been
raised from time to time, but there has been no evidence of
any serious attempts to compromise the network with plants or
software changes (e.g. if LEA were to suddenly decide to open
hundreds of Tor nodes and change the software to allow logging
and direct any communications to LEA planted nodes).
|
New things will come, and some old things will go or change
dramatically. We will try to keep this site as
current as possible without presenting excessive information
about anonymous systems that have not passed the test of
time. For an example of things that are in development,
look here:
http://www.cs.cornell.edu/People/egs/herbivore/documentation.html
|
| There is currently no way to make a connection to any typical SMTP mail account anonymous. It is possible, using Quicksilver, to use tor to connect to an SMTP account provided for free by one of the remailers. Considering that the ultimate destination
and content is unknown to the remailer's SMTP server, it seems a bit like
overkill, but some people like overkill. |
| All of this information is covered in detail in Dr. Who's Security and Encryption FAQ as well as many other details
of personal security (disk encryption, password security,
algorithms, etc.). You can also do your own research.
alt.privacy.anon-server is a forum to discuss issues with TOR or the
remailer system, but beware that there are many that voice opinions
that are less than knowledgeable.
|
V. Other Privacy Related
Tools
a. PGP
b.
TrueCrypt
c. DriveCrypt and
DriveCrypt Plus Pack
Contact us
for
Questions or
Suggestions
|
bravenet.com