Difference between revisions of "Leaving no trace in a digital world"
Jump to navigation
Jump to search
GregTraylor (talk | contribs) |
GregTraylor (talk | contribs) |
||
| Line 63: | Line 63: | ||
* Government | * Government | ||
| − | Neutral Online Identity | + | ==Neutral Online Identity== |
| − | * | + | * Basic |
| − | * | + | ** Maintaining a separate email account for privacy |
| − | * Firewalling real vs. | + | ** Maintaining non-repeating usernames |
| − | ** Never | + | ** Firewalling your real vs. private identities |
| − | * | + | *** Never refer to your private email or usernames from your public email or usernames and vice versa |
| + | *** Never refer to you other private accounts from another private account | ||
| + | *** Never release any real-world identifying information from private accounts such as phone number, address, name, etc. | ||
| + | * Advanced - all the basic steps plus: | ||
| + | ** Create all emails and private user accounts through TOR, from open wireless connections, etc | ||
| + | ** Rotate connections or the appearance of different connections | ||
| + | *** This can be accomplished by clicking "New Identity" in Vidalia | ||
| + | ** Never have any of these emails or accounts tied to any non-public IP, non-proxied or non-TOR IP address (home, work or friend's internet connections) | ||
Revision as of 11:15, 25 July 2012
Leaving No Trace In A Digital World
Purpose: To learn how to communicate safely, to protect your data and to obfuscate your identity and browsing history online and on your computer.
Because of it's use within the TOR project, we will focus soley on using Firefox.
This assumes the use of Ubuntu. Most of these plugins and programs can be accessed through the Ubuntu Software Center, Synaptic Package Manager or terminal, but I will provide links when possible. While we may be able to answer questions regarding Windows specific issues, this will not be included here.
Forms of snooping
Physical
- Writing passwords down
- Using computers in view of others
- Privacy filters are polarized pieces of plastic that make it where it is only possible to see your screen if you are directly in front of it
- Not typing passwords or using sensitive sites that may reveal an identity in front of others
- Physical keyloggers
- Checking the back of the machine if possible
- Using another keyboard (Roll-up)
- On-screen keyboard
DNS/OpenDNS
- Explanation of Domain Name System
- DNS translates sites typed in as words (ie: freegeek.org) into their actual IP addresses (ie: 67.23.3.45)
- Think of it as a phone book for the internet
- How it can be tracked through things like OpenDNS
- Tor vs. Tor Browser Bundle (TBB) – DNS leaks
- While it is possible for your traffic to be encrypted, without proper set-up, your DNS can go in "the clear" and reveal what sites your encrypted traffic is going to
- This is why the TBB is preferred over manually configuring TOR
Computer Software
- Malware or legitimate tracking software
- Spyware, virii and root kits
- Temporary files / Cookies / Browser History
- Instructions for clearing Firefox
- Tools -> Clear Recent History -> Time Range To Clear : Everything -> Check all for most privacy
- Instructions for clearing Firefox
- Private Browsing mode
- Universal privacy setting in Ubuntu (Ubuntu 12.04)
- Deleting histories globally
- Setting applications and types of applications to not log
- Bleachbit
- Description and download/installation instructions
Route of Communications
- Router Logs (Router is #1 in traceroute example)
- VPNs – Virtual Private Networks
- Privoxy/Hamachi/Proxy Switchy home VPN - http://lifehacker.com/5763170/how-to-secure-and-encrypt-your-web-browsing-on-public-networks-with-hamachi-and-privoxy
- Paid and free VPNs
- VPNs – Virtual Private Networks
- Traceroute Example to show all points your traffic goes through
traceroute to google.com (173.194.33.14), 30 hops max, 60 byte packets 1 192.168.0.1 (192.168.0.1) 3.016 ms 3.133 ms 6.081 ms 2 ptld-dsl-gw05-197.ptld.qwest.net (207.225.8x.1xx) 48.721 ms 52.120 ms 52.231 ms 3 ptld-agw1.inet.qwest.net (207.225.85.33) 54.018 ms 55.723 ms 56.663 ms 4 sea-edge-12.inet.qwest.net (67.14.41.26) 63.015 ms 67.598 ms 67.408 ms 5 65.122.121.66 (65.122.121.66) 121.780 ms 122.806 ms 124.521 ms 6 66.249.94.212 (66.249.94.212) 71.735 ms 46.955 ms 49.166 ms 7 209.85.253.24 (209.85.253.24) 49.250 ms 51.107 ms 51.987 ms 8 sea09s01-in-f14.1e100.net (173.194.33.14) 53.532 ms 55.166 ms 56.442 ms
- ISP - your internet provider (#2-4 in traceroute example)
- Backbones - infrastructure provided by large telecoms that most traffic goes through (#5-7 in traceroute example)
- End Site - the web page,etc that you are visiting (#8 in traceroute example)
- Government
Neutral Online Identity
- Basic
- Maintaining a separate email account for privacy
- Maintaining non-repeating usernames
- Firewalling your real vs. private identities
- Never refer to your private email or usernames from your public email or usernames and vice versa
- Never refer to you other private accounts from another private account
- Never release any real-world identifying information from private accounts such as phone number, address, name, etc.
- Advanced - all the basic steps plus:
- Create all emails and private user accounts through TOR, from open wireless connections, etc
- Rotate connections or the appearance of different connections
- This can be accomplished by clicking "New Identity" in Vidalia
- Never have any of these emails or accounts tied to any non-public IP, non-proxied or non-TOR IP address (home, work or friend's internet connections)
Portable TOR
Portable TOR is a program that runs without installation from USB or drive. It comes configured for pretty good anonymity out of the box – https://www.torproject.org/projects/torbrowser.html.en
- Plugin caveat
- TBB Firefox vs. regular Firefox
TAILS
TAILS is an amnesiac LiveCD/USB that writes nothing to the hard drive. It contains TOR, Pidgin, encryption tools and more - https://tails.boum.org/index.en.html
Suggested Firefox Plugins
- Adblock plus - https://addons.mozilla.org/en-US/firefox/addon/adblock-plus – Blocking ads blocks some tracking
- Download EasyList and Fanboy's list.
- Better Privacy - https://addons.mozilla.org/en-US/firefox/addon/betterprivacy –
- Deletes LSOs (Flash Cookies).
- Set to delete upon exit.
- Cookie Monster - https://addons.mozilla.org/en-US/firefox/.../cookie-monster -
- Check all options but “Block All Cookies” and the ones about the dialog and icon.
- Flash Block - https://addons.mozilla.org/en-US/firefox/addon/flashblock – Block ads/flash tracking
- Enable and choose to block Silverlight as well
- RefControl - https://addons.mozilla.org/en-US/firefox/addon/refcontrol – Changes referrer on website headers
- Choose “Forge” for sites not listed
- HTTPS Everywhere - https://www.eff.org/https-everywhere/ - Included in TBB and TAILS.
- Make sure it is enabled and never turn this off
- Noscript - https://addons.mozilla.org/en-US/firefox/addon/noscript – Included in TBB
- Choose to Forbid Scripts Globally
- TORButton - https://www.torproject.org/torbutton – Included in TBB and TAILS.
- Too many features to list ( https://www.torproject.org/torbutton/torbutton-options.html.en )
- Refer to TBB settings and choose more if wanted (suggested) but do not uncheck anything they've selected there.
- CAVEAT: Any extraneous applications may be able to track you
Email Encryption
Thunderbird
GPG
Enigmail plugin
Miscellaneous
Pidgin – IM/IRC/Skype – On TAILS with OTR
- OTR plugin - http://www.cypherpunks.ca/otr/
- End to end encryption for chats
- Pidgin TOR set-up
- Accounts → Choose account → Proxy Tab → Use “Tor/Privacy (SOCKS5)” → Set host to 127.0.0.1 and port to 9050
Disk Encryption
- Ubuntu encryption on install - $HOME
- LUKS - https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS
- gdecrypt as GUI
- Truecrypt
- Going through customs – outer encryption vs. inner hidden encryption - plausible deniability
Erasing Files
- Why they are not erased
- secure-delete - http://superuser.com/questions/19326/how-to-wipe-free-disk-space-in-linux/19377#19377
Environment Checks
Steganography
Ixquick.com – non-logging search engine