Difference between revisions of "Leaving no trace in a digital world"
m (→Leaving No Trace In A Digital World: grammar) |
|||
(10 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
+ | {{migrated}} | ||
+ | [https://docs.google.com/document/d/1OtB29oDyaXT1Dp3iKLU6RPe059Ftcy3BzxT9GiMpnJU/edit?usp=sharing Link] | ||
+ | |||
==Leaving No Trace In A Digital World== | ==Leaving No Trace In A Digital World== | ||
Purpose: Learn how to communicate safely, to protect your data and to 'cover your tracks' by obfuscating your identity and browsing history, online and on your computer. | Purpose: Learn how to communicate safely, to protect your data and to 'cover your tracks' by obfuscating your identity and browsing history, online and on your computer. | ||
− | Because of its use within the TOR project [https://www.torproject.org/], we will focus | + | Because of its use within the TOR project [https://www.torproject.org/], we will focus solely on using Firefox. |
http://www.mozilla.org/en-US/firefox/new/ | http://www.mozilla.org/en-US/firefox/new/ | ||
Line 40: | Line 43: | ||
** Instructions for clearing Firefox | ** Instructions for clearing Firefox | ||
*** Tools -> Clear Recent History -> Time Range To Clear : Everything -> Check all for most privacy | *** Tools -> Clear Recent History -> Time Range To Clear : Everything -> Check all for most privacy | ||
+ | *** Add Firefox extensions ('plugins') for greater privacy | ||
** Not useful against keyloggers and malware | ** Not useful against keyloggers and malware | ||
* Private Browsing mode | * Private Browsing mode | ||
Line 72: | Line 76: | ||
* Backbones - infrastructure provided by large telecoms that most traffic goes through (#5-7 in traceroute example) | * Backbones - infrastructure provided by large telecoms that most traffic goes through (#5-7 in traceroute example) | ||
* End Site - the web page,etc that you are visiting (#8 in traceroute example) | * End Site - the web page,etc that you are visiting (#8 in traceroute example) | ||
− | * Government | + | * Government - M$/NSA makes it easier to hack you [http://j.mp/MSeasiertheft] “Purposeful backdoors in security products - another revelation from leaked security agency documents - benefit all hackers. If firms have allowed for weaknesses in their product sets, they don’t just open up holes for agents to exploit, but criminals too. Organised crime groups are pumping money into hunting for such vulnerabilities, placing the everyday user at ever greater risk.” |
+ | |||
* Your traffic could be logged, recorded or inspected at any point | * Your traffic could be logged, recorded or inspected at any point | ||
− | |||
===Firewalling Online Identities=== | ===Firewalling Online Identities=== | ||
Line 118: | Line 122: | ||
** If a person is able to watch both the traffic coming out of your computer and the traffic arriving at the end site simultaneously, they can use statistical analysis to guess what traffic is yours. This is theoretical. | ** If a person is able to watch both the traffic coming out of your computer and the traffic arriving at the end site simultaneously, they can use statistical analysis to guess what traffic is yours. This is theoretical. | ||
− | The Tor Browser Bundle (Portable TOR) is a version of TOR bundled with | + | The Tor Browser Bundle (Portable TOR) is a version of TOR bundled with Vidalia and Firefox configured with the Tor Browser Button, HTTPS Everywhere and NoScript. It is used on an as-needed basis without installation. It comes configured for pretty good anonymity out of the box – https://www.torproject.org/projects/torbrowser.html.en |
* There is a possibility that adding more add-ons than listed here could compromise your anonymity | * There is a possibility that adding more add-ons than listed here could compromise your anonymity | ||
* The changes to this installation are persistant | * The changes to this installation are persistant | ||
* TBB Firefox vs. regular Firefox | * TBB Firefox vs. regular Firefox | ||
− | ** Both can be running at the same time, one through your regular connection and one through the TOR network. Look for the Torbutton to avoid confusing the two | + | ** Both can be running at the same time, one through your regular connection and one through the TOR network. Look for the Torbutton to avoid confusing the two. |
− | |||
===TAILS=== | ===TAILS=== | ||
− | TAILS is an amnesiac LiveCD/USB that writes nothing to the hard drive. It contains TOR, Pidgin, encryption tools and more - https://tails.boum.org/index.en.html | + | TAILS is an amnesiac LiveCD/USB that writes nothing to the hard drive. It is far safer than just TOR or the Tor Browser Bundle. It contains TOR, Pidgin, encryption tools and more - https://tails.boum.org/index.en.html |
− | |||
===Suggested Firefox Plugins=== | ===Suggested Firefox Plugins=== | ||
Line 173: | Line 175: | ||
** http://www.truecrypt.org/downloads | ** http://www.truecrypt.org/downloads | ||
** http://linuxandfriends.com/2010/02/03/how-to-truecrypt-setup-on-ubuntu-linux/ | ** http://linuxandfriends.com/2010/02/03/how-to-truecrypt-setup-on-ubuntu-linux/ | ||
− | * Going through customs – outer encryption vs. inner hidden encryption - plausible deniability | + | * [http://j.mp/borderinspection Going through customs] – outer encryption vs. inner hidden encryption - plausible deniability |
Erasing Files | Erasing Files | ||
Line 183: | Line 185: | ||
* http://www.cotse.com/proxycheck2.htm | * http://www.cotse.com/proxycheck2.htm | ||
− | Steganography | + | [https://en.wikipedia.org/wiki/Steganography Steganography]: Concealing data within an object. http://www.strangehorizons.com/2001/20011008/steganography.shtml http://www.garykessler.net/library/steganography.html |
https://ixquick.com/ | https://ixquick.com/ |
Latest revision as of 15:32, 8 August 2014
This page has been migrated to a document on Free Geek's Google Drive. Information remaining behind may no longer be relevant. MIGRATOR: When you have tagged this page as migrated, (Link to new page immediately below.) |
Leaving No Trace In A Digital World
Purpose: Learn how to communicate safely, to protect your data and to 'cover your tracks' by obfuscating your identity and browsing history, online and on your computer.
Because of its use within the TOR project [1], we will focus solely on using Firefox. http://www.mozilla.org/en-US/firefox/new/
This assumes the use of an Ubuntu [2] operating system. Most of these plugins and programs can be accessed through the Ubuntu Software Center, Synaptic Package Manager or terminal, but links will be provided when practical. While we may be able to answer questions regarding Windows-specific issues, this will not be included here.
Forms of snooping and how to counter each
Physical
- Writing passwords down
- Either don't do it or apply a basic, personal cryptography if you do
- A simplistic cryptography would be to make every letter and number the one above it and reverse capitalization so that the password HallB56 would become iBMMc67
- This is cryptography at its simplest
- Either don't do it or apply a basic, personal cryptography if you do
- Using computers in view of others
- Privacy filters are polarized pieces of plastic that make it where it is only possible to see your screen if you are directly in front of it
- Don't type passwords or using sensitive sites that may reveal an identity in front of others
- Physical keyloggers [3]
- Checking the back of the machine if possible
- Using another keyboard (Roll-up)
- On-screen keyboard
DNS/OpenDNS
- Explain the Domain Name System [4] and its exposure of your web use:
- DNS translates sites typed in as words (ie: freegeek.org) into their actual IP addresses (ie: 67.23.3.45)
- Think of it as a phone book for the internet
- How it can be tracked through things like OpenDNS [5]
- Tor vs. Tor Browser Bundle (TBB) – DNS leaks [6]
- While it is possible for your traffic to be encrypted, without proper set-up, your DNS can go in "the clear" and reveal what sites your encrypted traffic is going to
- This is why the TBB is preferred over manually configuring TOR
Computer Software
- Malware or legitimate tracking software such as those used by companies or parents
- Spyware, viruses and root kits
- Temporary files / Cookies / Browser History
- Instructions for clearing Firefox
- Tools -> Clear Recent History -> Time Range To Clear : Everything -> Check all for most privacy
- Add Firefox extensions ('plugins') for greater privacy
- Not useful against keyloggers and malware
- Instructions for clearing Firefox
- Private Browsing mode
- Instructions for Private Browsing mode in Firefox
- Tools -> Start Private Browsing
- Not useful against keyloggers and malware
- Instructions for Private Browsing mode in Firefox
- Universal privacy setting in Ubuntu (Ubuntu 12.04)
- Deleting histories globally
- Setting applications and types of applications to not log
- Turning logging off globally
- Bleachbit
- Description: BleachBit frees disk space and guards privacy by freeing your cache, deleting cookies, clearing Internet history, shredding temporary files, deleting logs, and discarding junk. It wipes clean 90 applications. Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Free and open source
- http://bleachbit.sourceforge.net/ OR in the terminal type:
sudo apt-get install -y bleachbit
Route of Communications
- Router Logs (Router is #1 in traceroute example)
- VPN – Virtual Private Network [7]
- Privoxy/Hamachi/Proxy Switchy home VPN - http://lifehacker.com/5763170/how-to-secure-and-encrypt-your-web-browsing-on-public-networks-with-hamachi-and-privoxy
- Paid and free VPNs
- VPN – Virtual Private Network [7]
- Traceroute Example to show all points your traffic goes through
traceroute to google.com (173.194.33.14), 30 hops max, 60 byte packets 1 192.168.0.1 (192.168.0.1) 3.016 ms 3.133 ms 6.081 ms 2 ptld-dsl-gw05-197.ptld.qwest.net (207.225.8x.1xx) 48.721 ms 52.120 ms 52.231 ms 3 ptld-agw1.inet.qwest.net (207.225.85.33) 54.018 ms 55.723 ms 56.663 ms 4 sea-edge-12.inet.qwest.net (67.14.41.26) 63.015 ms 67.598 ms 67.408 ms 5 65.122.121.66 (65.122.121.66) 121.780 ms 122.806 ms 124.521 ms 6 66.249.94.212 (66.249.94.212) 71.735 ms 46.955 ms 49.166 ms 7 209.85.253.24 (209.85.253.24) 49.250 ms 51.107 ms 51.987 ms 8 sea09s01-in-f14.1e100.net (173.194.33.14) 53.532 ms 55.166 ms 56.442 ms
- ISP - your internet provider (#2-4 in traceroute example)
- Backbones - infrastructure provided by large telecoms that most traffic goes through (#5-7 in traceroute example)
- End Site - the web page,etc that you are visiting (#8 in traceroute example)
- Government - M$/NSA makes it easier to hack you [8] “Purposeful backdoors in security products - another revelation from leaked security agency documents - benefit all hackers. If firms have allowed for weaknesses in their product sets, they don’t just open up holes for agents to exploit, but criminals too. Organised crime groups are pumping money into hunting for such vulnerabilities, placing the everyday user at ever greater risk.”
- Your traffic could be logged, recorded or inspected at any point
Firewalling Online Identities
You should keep a public identity and at least one private identity. For the public identity, it should be things you want traced back to you. It could be linked to your real name so friends can find you. If you have a business you definitely want people to be able to find you. You want to keep everything you wish to keep private contained within private accounts that can never be linked to your public accounts or real identity in any way.
The basic and advanced principles of firewalling your identities are to prevent someone from linking information together about you from different sources on the web and tying your real and pseudo identities together or information you don't want out there. Here is a linking scenario.
- You have a business called Example Business, Inc.
- The attacker Googles Example Business, Inc. and finds your company web page
- On your company web page you have a link to your business blog which is hosted on the Wordpress site at ebincaltaccount.wordpress.com
- The attacker Googles ebincaltaccount
- 5 years ago, you made an arrangement to sell something through a forum and publicly posted your phone number using ebincaltaccount as a username
- Googling the phone number brings up a name and address
- Searching for your name brings up personal blog posts about your family. Your facebook is not locked down so the attacker can see everything there. This is also linked to another email
- Searching for that address brings up a listing on a site that logs your IP address
- Running a whois on that IP address shows the attacker that it is static
- A WHOIS [9] is a way of finding out information about an IP address or domain name
- A dynamic IP addresses change from time to time and static addresses stay the same. A static address would be particularly interesting to an attacker as you would have had that same address for a while (which means it could be linked back to you) and that you have that address now (meaning they can attack that address and they know they are attacking your personal network)
- Searching for that IP address returns other blog posts that link to another username
- Searching for that username shows up some things you would like to never have linked back to your real identity (use your imagination)
- The attacker now has your real name, address, phone number, web address, IP of your personal computer, family member's names, friend's names, multiple email addresses, multiple usernames and information you would like not to be known, etc. This all could be used against you in many forms.
Linking starts with what is known and branches out in all directions with each new piece of information that can be linked back to the original information and subsequent discoveries.
- Basic
- Maintaining a separate email account for privacy
- Maintaining non-repeating usernames
- Firewalling your real vs. private identities
- Never refer to your private email or usernames from your public email or usernames and vice versa
- Never refer to you other private accounts from another private account
- Never release any real-world identifying information from private accounts such as phone number, address, name, etc.
- Advanced - all the basic steps plus:
- Create all emails and private user accounts through TOR, from open wireless connections, etc
- Rotate connections or the appearance of different connections
- This can be accomplished by clicking "New Identity" in Vidalia
- Never have any of these emails or accounts tied to any non-public IP, non-proxied or non-TOR IP address (home, work or friend's internet connections)
Tor Browser Bundle
TOR is a second-generation form of the 'onion routing' concept which was originally developed by the US Navy. Your traffic is routed through multiple computers at different places on the globe. Each computers only know the last computer that sent it traffic, not the whole route, making backtracking impossible. https://www.torproject.org/about/overview.html.en
- CAVEATS:
- Your traffic is encrypted from your computer, through the route of computers until the very last computer in the chain. That computer decrypts your traffic to send it to it's destination. This would make it possible for someone running a rogue TOR node to see your traffic at this point. HTTPS, VPNs or other encryption should be used within TOR for the ultimate protection.
- If a person is able to watch both the traffic coming out of your computer and the traffic arriving at the end site simultaneously, they can use statistical analysis to guess what traffic is yours. This is theoretical.
The Tor Browser Bundle (Portable TOR) is a version of TOR bundled with Vidalia and Firefox configured with the Tor Browser Button, HTTPS Everywhere and NoScript. It is used on an as-needed basis without installation. It comes configured for pretty good anonymity out of the box – https://www.torproject.org/projects/torbrowser.html.en
- There is a possibility that adding more add-ons than listed here could compromise your anonymity
- The changes to this installation are persistant
- TBB Firefox vs. regular Firefox
- Both can be running at the same time, one through your regular connection and one through the TOR network. Look for the Torbutton to avoid confusing the two.
TAILS
TAILS is an amnesiac LiveCD/USB that writes nothing to the hard drive. It is far safer than just TOR or the Tor Browser Bundle. It contains TOR, Pidgin, encryption tools and more - https://tails.boum.org/index.en.html
Suggested Firefox Plugins
- Adblock plus - https://addons.mozilla.org/en-US/firefox/addon/adblock-plus – Blocking ads blocks some tracking
- Download EasyList and Fanboy's list.
- Better Privacy - https://addons.mozilla.org/en-US/firefox/addon/betterprivacy –
- Deletes LSOs (Flash Cookies).
- Set to delete upon exit.
- Cookie Monster - https://addons.mozilla.org/en-US/firefox/addon/cookie-monster -
- Check all options but “Block All Cookies” and the ones about the dialog and icon.
- Flash Block - https://addons.mozilla.org/en-US/firefox/addon/flashblock – Block ads/flash tracking
- Enable and choose to block Silverlight as well
- RefControl - https://addons.mozilla.org/en-US/firefox/addon/refcontrol – Changes referrer on website headers
- Choose “Forge” for sites not listed
- HTTPS Everywhere - https://www.eff.org/https-everywhere/ - Included in TAILS.
- Make sure it is enabled and never turn this off
- Noscript - https://addons.mozilla.org/en-US/firefox/addon/noscript
- Choose to Forbid Scripts Globally
- CAVEAT: Any extraneous applications may be able to track you
Email Encryption
Thunderbird
GPG
Enigmail plugin
Miscellaneous
Pidgin – IM/IRC/Skype – On TAILS with OTR
- OTR plugin - http://www.cypherpunks.ca/otr/
- End to end encryption for chats
- Pidgin TOR set-up
- Accounts → Choose account → Proxy Tab → Use “Tor/Privacy (SOCKS5)” → Set host to 127.0.0.1 and port to 9050
Disk Encryption
- Ubuntu encryption on install - $HOME
- LUKS - https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS
- gdecrypt as GUI
- Truecrypt
- Going through customs – outer encryption vs. inner hidden encryption - plausible deniability
Erasing Files
- Why they are not erased
- secure-delete - http://superuser.com/questions/19326/how-to-wipe-free-disk-space-in-linux/19377#19377
Environment Checks
Steganography: Concealing data within an object. http://www.strangehorizons.com/2001/20011008/steganography.shtml http://www.garykessler.net/library/steganography.html
- This is a search engine that does not log searches, IP addresses or anything else. They also use no cookies.
- They also offer an anonymous proxy connection on each search result [10]
- More information here - https://ixquick.com/eng/protect-privacy.html