Difference between revisions of "Leaving no trace in a digital world"
GregTraylor (talk | contribs) (Created page with "==Leaving No Trace In A Digital World== Purpose: To learn how to communicate safely, to protect your data and to obfuscate your identity and browsing history online and on yo…") |
GregTraylor (talk | contribs) |
||
| Line 1: | Line 1: | ||
| + | NOTE: I should have this formatted by the end of the day 7/24 | ||
| + | |||
==Leaving No Trace In A Digital World== | ==Leaving No Trace In A Digital World== | ||
| Line 9: | Line 11: | ||
Physical | Physical | ||
1. Privacy screens | 1. Privacy screens | ||
| + | |||
2. Not typing passwords or using sensitive sites that may reveal an identity in front of others | 2. Not typing passwords or using sensitive sites that may reveal an identity in front of others | ||
| + | |||
3. Physical keyloggers | 3. Physical keyloggers | ||
| + | |||
1. Checking the back of the machine if possible | 1. Checking the back of the machine if possible | ||
| + | |||
2. Using another keyboard (Roll-up) | 2. Using another keyboard (Roll-up) | ||
| + | |||
3. On-screen keyboard | 3. On-screen keyboard | ||
DNS/OpenDNS | DNS/OpenDNS | ||
1. Explanation of Domain Name System | 1. Explanation of Domain Name System | ||
| + | |||
2. How it can be tracked through things like OpenDNS | 2. How it can be tracked through things like OpenDNS | ||
| + | |||
3. Tor vs. Tor Browser Bundle – DNS leaks | 3. Tor vs. Tor Browser Bundle – DNS leaks | ||
Computer Software | Computer Software | ||
1. Malware or legitimate tracking software | 1. Malware or legitimate tracking software | ||
| + | |||
1. Anti-spyware/root-kit/virus | 1. Anti-spyware/root-kit/virus | ||
| + | |||
2. Temporary files / Cookies / Browser History | 2. Temporary files / Cookies / Browser History | ||
| + | |||
1. Clearing in Windows | 1. Clearing in Windows | ||
| + | |||
2. Universal privacy setting in Ubuntu | 2. Universal privacy setting in Ubuntu | ||
Route of Communications | Route of Communications | ||
1. Router Logs | 1. Router Logs | ||
| + | |||
1. VPNs – Privoxy/Hamachi/Proxy Switchy | 1. VPNs – Privoxy/Hamachi/Proxy Switchy | ||
| + | |||
2. Traceroute Example | 2. Traceroute Example | ||
| + | |||
3. ISP | 3. ISP | ||
| + | |||
4. Backbones | 4. Backbones | ||
| + | |||
5. Government | 5. Government | ||
| + | |||
6. End Site | 6. End Site | ||
Neutral Online Identity | Neutral Online Identity | ||
1. Emails | 1. Emails | ||
| + | |||
2. User names | 2. User names | ||
| + | |||
3. Firewalling real vs. nom-de-guerre | 3. Firewalling real vs. nom-de-guerre | ||
| + | |||
1. Never use “real” connection for alternate identity | 1. Never use “real” connection for alternate identity | ||
| + | |||
4. What you write/release online | 4. What you write/release online | ||
| Line 47: | Line 70: | ||
Portable TOR is a program that runs without installation from USB or drive. It comes configured for pretty good anonymity out of the box – https: //www.torproject.org/projects/torbrowser.html.en | Portable TOR is a program that runs without installation from USB or drive. It comes configured for pretty good anonymity out of the box – https: //www.torproject.org/projects/torbrowser.html.en | ||
| + | |||
1. Plugin caveat | 1. Plugin caveat | ||
| + | |||
2. TBB Firefox vs. regular Firefox | 2. TBB Firefox vs. regular Firefox | ||
| Line 58: | Line 83: | ||
===SUGGESTED PLUGINS=== | ===SUGGESTED PLUGINS=== | ||
1. Adblock plus - https://addons.mozilla.org/en-US/firefox/addon/adblock-plus – Blocking ads blocks some tracking | 1. Adblock plus - https://addons.mozilla.org/en-US/firefox/addon/adblock-plus – Blocking ads blocks some tracking | ||
| + | |||
1. Download EasyList and Fanboy's list. | 1. Download EasyList and Fanboy's list. | ||
| + | |||
2. Better Privacy - https://addons.mozilla.org/en-US/firefox/addon/betterprivacy – | 2. Better Privacy - https://addons.mozilla.org/en-US/firefox/addon/betterprivacy – | ||
| + | |||
1. Deletes LSOs (Flash Cookies). | 1. Deletes LSOs (Flash Cookies). | ||
| + | |||
2. Set to delete upon exit. | 2. Set to delete upon exit. | ||
| + | |||
3. Cookie Monster - https://addons.mozilla.org/en-US/firefox/.../cookie-monster - | 3. Cookie Monster - https://addons.mozilla.org/en-US/firefox/.../cookie-monster - | ||
| + | |||
1. Check all options but “Block All Cookies” and the ones about the dialog and icon. | 1. Check all options but “Block All Cookies” and the ones about the dialog and icon. | ||
| + | |||
4. Flash Block - https://addons.mozilla.org/en-US/firefox/addon/flashblock – Block ads/flash tracking | 4. Flash Block - https://addons.mozilla.org/en-US/firefox/addon/flashblock – Block ads/flash tracking | ||
| + | |||
1. Enable and choose to block Silverlight as well | 1. Enable and choose to block Silverlight as well | ||
| + | |||
5. RefControl - https://addons.mozilla.org/en-US/firefox/addon/refcontrol – Changes referrer on website headers | 5. RefControl - https://addons.mozilla.org/en-US/firefox/addon/refcontrol – Changes referrer on website headers | ||
| + | |||
1. Choose “Forge” for sites not listed | 1. Choose “Forge” for sites not listed | ||
| + | |||
6. HTTPS Everywhere - https://www.eff.org/https-everywhere/ - Included in TBB and TAILS. | 6. HTTPS Everywhere - https://www.eff.org/https-everywhere/ - Included in TBB and TAILS. | ||
| + | |||
1. Make sure it is enabled and never turn this off | 1. Make sure it is enabled and never turn this off | ||
| + | |||
7. Noscript - https://addons.mozilla.org/en-US/firefox/addon/noscript – Included in TBB | 7. Noscript - https://addons.mozilla.org/en-US/firefox/addon/noscript – Included in TBB | ||
| + | |||
1. Choose to Forbid Scripts Globally | 1. Choose to Forbid Scripts Globally | ||
| + | |||
8. TORButton - https://www.torproject.org/torbutton – Included in TBB and TAILS. | 8. TORButton - https://www.torproject.org/torbutton – Included in TBB and TAILS. | ||
| + | |||
1. Too many features to list ( https://www.torproject.org/torbutton/torbutton-options.html.en ) | 1. Too many features to list ( https://www.torproject.org/torbutton/torbutton-options.html.en ) | ||
| + | |||
2. Refer to TBB settings and choose more if wanted (suggested) but do not uncheck anything they've selected there. | 2. Refer to TBB settings and choose more if wanted (suggested) but do not uncheck anything they've selected there. | ||
| + | |||
9. CAVEAT: Any extraneous applications may be able to track you | 9. CAVEAT: Any extraneous applications may be able to track you | ||
| Line 81: | Line 124: | ||
Thunderbird | Thunderbird | ||
| + | |||
1. https://www.mozilla.org/en-US/thunderbird/ | 1. https://www.mozilla.org/en-US/thunderbird/ | ||
| + | |||
GPG | GPG | ||
| + | |||
1. http://www.gnupg.org/ | 1. http://www.gnupg.org/ | ||
| + | |||
Enigmail plugin | Enigmail plugin | ||
| + | |||
1. http://enigmail.mozdev.org/home/index.php.html | 1. http://enigmail.mozdev.org/home/index.php.html | ||
| Line 90: | Line 138: | ||
===MISCELLANEOUS=== | ===MISCELLANEOUS=== | ||
| − | Pidgin – IM/IRC/Skype – On TAILS with OTR | + | Pidgin – IM/IRC/Skype – On TAILS with OTR |
| + | |||
1. OTR plugin - http://www.cypherpunks.ca/otr/ | 1. OTR plugin - http://www.cypherpunks.ca/otr/ | ||
| + | |||
2. End to end encryption for chats | 2. End to end encryption for chats | ||
| + | |||
3. Pidgin TOR set-up | 3. Pidgin TOR set-up | ||
| + | |||
1. Accounts → Choose account → Proxy Tab → Use “Tor/Privacy (SOCKS5)” → Set host to 127.0.0.1 and port to 9050 | 1. Accounts → Choose account → Proxy Tab → Use “Tor/Privacy (SOCKS5)” → Set host to 127.0.0.1 and port to 9050 | ||
Disk Encryption | Disk Encryption | ||
1. Ubuntu encryption on install - $HOME | 1. Ubuntu encryption on install - $HOME | ||
| − | 2. LUKS - https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS | + | |
| + | 2. LUKS - https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS | ||
| + | |||
1. gdecrypt as GUI | 1. gdecrypt as GUI | ||
| + | |||
1. http://gdecrypt.pentabarf.de/screenshots.html | 1. http://gdecrypt.pentabarf.de/screenshots.html | ||
| + | |||
3. Truecrypt | 3. Truecrypt | ||
| + | |||
1. http://www.truecrypt.org/downloads | 1. http://www.truecrypt.org/downloads | ||
| + | |||
2. http://linuxandfriends.com/2010/02/03/how-to-truecrypt-setup-on-ubuntu-linux/ | 2. http://linuxandfriends.com/2010/02/03/how-to-truecrypt-setup-on-ubuntu-linux/ | ||
| + | |||
4. Going through customs – outer encryption vs. inner hidden encryption | 4. Going through customs – outer encryption vs. inner hidden encryption | ||
| + | |||
Erasing Files | Erasing Files | ||
1. Why they are not erased | 1. Why they are not erased | ||
| + | |||
2. secure-delete - http://superuser.com/questions/19326/how-to-wipe-free-disk-space-in-linux/19377#19377 | 2. secure-delete - http://superuser.com/questions/19326/how-to-wipe-free-disk-space-in-linux/19377#19377 | ||
Environment Checks | Environment Checks | ||
1. http://ip-check.info/?lang=en | 1. http://ip-check.info/?lang=en | ||
| + | |||
2. http://www.cotse.com/proxycheck2.htm | 2. http://www.cotse.com/proxycheck2.htm | ||
Revision as of 14:24, 24 July 2012
NOTE: I should have this formatted by the end of the day 7/24
Leaving No Trace In A Digital World
Purpose: To learn how to communicate safely, to protect your data and to obfuscate your identity and browsing history online and on your computer.
HOW SNOOPING CAN OCCUR
Physical 1. Privacy screens
2. Not typing passwords or using sensitive sites that may reveal an identity in front of others
3. Physical keyloggers
1. Checking the back of the machine if possible
2. Using another keyboard (Roll-up)
3. On-screen keyboard
DNS/OpenDNS 1. Explanation of Domain Name System
2. How it can be tracked through things like OpenDNS
3. Tor vs. Tor Browser Bundle – DNS leaks
Computer Software 1. Malware or legitimate tracking software
1. Anti-spyware/root-kit/virus
2. Temporary files / Cookies / Browser History
1. Clearing in Windows
2. Universal privacy setting in Ubuntu
Route of Communications 1. Router Logs
1. VPNs – Privoxy/Hamachi/Proxy Switchy
2. Traceroute Example
3. ISP
4. Backbones
5. Government
6. End Site
Neutral Online Identity 1. Emails
2. User names
3. Firewalling real vs. nom-de-guerre
1. Never use “real” connection for alternate identity
4. What you write/release online
PORTABLE TOR
Portable TOR is a program that runs without installation from USB or drive. It comes configured for pretty good anonymity out of the box – https: //www.torproject.org/projects/torbrowser.html.en
1. Plugin caveat
2. TBB Firefox vs. regular Firefox
TAILS
TAILS is an amnesiac LiveCD/USB that writes nothing to the hard drive. It contains TOR, Pidgin, encryption tools and more - https://tails.boum.org/index.en.html
SUGGESTED PLUGINS
1. Adblock plus - https://addons.mozilla.org/en-US/firefox/addon/adblock-plus – Blocking ads blocks some tracking
1. Download EasyList and Fanboy's list.
2. Better Privacy - https://addons.mozilla.org/en-US/firefox/addon/betterprivacy –
1. Deletes LSOs (Flash Cookies).
2. Set to delete upon exit.
3. Cookie Monster - https://addons.mozilla.org/en-US/firefox/.../cookie-monster -
1. Check all options but “Block All Cookies” and the ones about the dialog and icon.
4. Flash Block - https://addons.mozilla.org/en-US/firefox/addon/flashblock – Block ads/flash tracking
1. Enable and choose to block Silverlight as well
5. RefControl - https://addons.mozilla.org/en-US/firefox/addon/refcontrol – Changes referrer on website headers
1. Choose “Forge” for sites not listed
6. HTTPS Everywhere - https://www.eff.org/https-everywhere/ - Included in TBB and TAILS.
1. Make sure it is enabled and never turn this off
7. Noscript - https://addons.mozilla.org/en-US/firefox/addon/noscript – Included in TBB
1. Choose to Forbid Scripts Globally
8. TORButton - https://www.torproject.org/torbutton – Included in TBB and TAILS.
1. Too many features to list ( https://www.torproject.org/torbutton/torbutton-options.html.en )
2. Refer to TBB settings and choose more if wanted (suggested) but do not uncheck anything they've selected there.
9. CAVEAT: Any extraneous applications may be able to track you
EMAIL ENCRYPTION
Thunderbird
1. https://www.mozilla.org/en-US/thunderbird/
GPG
Enigmail plugin
1. http://enigmail.mozdev.org/home/index.php.html
MISCELLANEOUS
Pidgin – IM/IRC/Skype – On TAILS with OTR
1. OTR plugin - http://www.cypherpunks.ca/otr/
2. End to end encryption for chats
3. Pidgin TOR set-up
1. Accounts → Choose account → Proxy Tab → Use “Tor/Privacy (SOCKS5)” → Set host to 127.0.0.1 and port to 9050
Disk Encryption 1. Ubuntu encryption on install - $HOME
2. LUKS - https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS
1. gdecrypt as GUI
1. http://gdecrypt.pentabarf.de/screenshots.html
3. Truecrypt
1. http://www.truecrypt.org/downloads
2. http://linuxandfriends.com/2010/02/03/how-to-truecrypt-setup-on-ubuntu-linux/
4. Going through customs – outer encryption vs. inner hidden encryption
Erasing Files
1. Why they are not erased
2. secure-delete - http://superuser.com/questions/19326/how-to-wipe-free-disk-space-in-linux/19377#19377
Environment Checks 1. http://ip-check.info/?lang=en
2. http://www.cotse.com/proxycheck2.htm
Steganography
Ixquick.com – search