Leaving no trace in a digital world
Leaving No Trace In A Digital World
Purpose: To learn how to communicate safely, to protect your data and to obfuscate your identity and browsing history online and on your computer.
Because of it's use within the TOR project [1], we will focus soley on using Firefox. http://www.mozilla.org/en-US/firefox/new/
This assumes the use of Ubuntu [2]. Most of these plugins and programs can be accessed through the Ubuntu Software Center, Synaptic Package Manager or terminal, but I will provide links when possible. While we may be able to answer questions regarding Windows specific issues, this will not be included here.
Forms of snooping
Physical
- Writing passwords down
- Either don't do it or apply a basic, personal cryptography if you do
- A simplistic cryptography would be to make every letter and number the one above it and reverse capitalization so that the password HallB56 would become iBMMc67
- This is cryptography at it's simplest
- Either don't do it or apply a basic, personal cryptography if you do
- Using computers in view of others
- Privacy filters are polarized pieces of plastic that make it where it is only possible to see your screen if you are directly in front of it
- Not typing passwords or using sensitive sites that may reveal an identity in front of others
- Physical keyloggers [3]
- Checking the back of the machine if possible
- Using another keyboard (Roll-up)
- On-screen keyboard
DNS/OpenDNS
- Explanation of Domain Name System [4]
- DNS translates sites typed in as words (ie: freegeek.org) into their actual IP addresses (ie: 67.23.3.45)
- Think of it as a phone book for the internet
- How it can be tracked through things like OpenDNS [5]
- Tor vs. Tor Browser Bundle (TBB) – DNS leaks [6]
- While it is possible for your traffic to be encrypted, without proper set-up, your DNS can go in "the clear" and reveal what sites your encrypted traffic is going to
- This is why the TBB is preferred over manually configuring TOR
Computer Software
- Malware or legitimate tracking software such as those used by companies or parents
- Spyware, virii and root kits
- Temporary files / Cookies / Browser History
- Instructions for clearing Firefox
- Tools -> Clear Recent History -> Time Range To Clear : Everything -> Check all for most privacy
- Not useful against keyloggers and malware
- Instructions for clearing Firefox
- Private Browsing mode
- Instructions for Private Browsing mode in Firefox
- Tools -> Start Private Browsing
- Not useful against keyloggers and malware
- Instructions for Private Browsing mode in Firefox
- Universal privacy setting in Ubuntu (Ubuntu 12.04)
- Deleting histories globally
- Setting applications and types of applications to not log
- Turning logging off globally
- Bleachbit
- Description: BleachBit frees disk space and guards privacy by freeing your cache, deleting cookies, clearing Internet history, shredding temporary files, deleting logs, and discarding junk. It wipes clean 90 applications. Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Free and open source
- http://bleachbit.sourceforge.net/ OR in the terminal type:
sudo apt-get install -y bleachbit
Route of Communications
- Router Logs (Router is #1 in traceroute example)
- VPN – Virtual Private Network [7]
- Privoxy/Hamachi/Proxy Switchy home VPN - http://lifehacker.com/5763170/how-to-secure-and-encrypt-your-web-browsing-on-public-networks-with-hamachi-and-privoxy
- Paid and free VPNs
- VPN – Virtual Private Network [7]
- Traceroute Example to show all points your traffic goes through
traceroute to google.com (173.194.33.14), 30 hops max, 60 byte packets 1 192.168.0.1 (192.168.0.1) 3.016 ms 3.133 ms 6.081 ms 2 ptld-dsl-gw05-197.ptld.qwest.net (207.225.8x.1xx) 48.721 ms 52.120 ms 52.231 ms 3 ptld-agw1.inet.qwest.net (207.225.85.33) 54.018 ms 55.723 ms 56.663 ms 4 sea-edge-12.inet.qwest.net (67.14.41.26) 63.015 ms 67.598 ms 67.408 ms 5 65.122.121.66 (65.122.121.66) 121.780 ms 122.806 ms 124.521 ms 6 66.249.94.212 (66.249.94.212) 71.735 ms 46.955 ms 49.166 ms 7 209.85.253.24 (209.85.253.24) 49.250 ms 51.107 ms 51.987 ms 8 sea09s01-in-f14.1e100.net (173.194.33.14) 53.532 ms 55.166 ms 56.442 ms
- ISP - your internet provider (#2-4 in traceroute example)
- Backbones - infrastructure provided by large telecoms that most traffic goes through (#5-7 in traceroute example)
- End Site - the web page,etc that you are visiting (#8 in traceroute example)
- Government
- Your traffic could be logged, recorded or inspected at any point
Neutral Online Identity
You should keep a public identity and at least one private identity. For the public identity, it should be things you want traced back to you. It could be linked to your real name so friends can find you. If you have a business you definitely want people to be able to find you. You want to keep everything you wish to keep private contained within private accounts that can never be linked to your public accounts or real identity in any way.
- Basic
- Maintaining a separate email account for privacy
- Maintaining non-repeating usernames
- Firewalling your real vs. private identities
- Never refer to your private email or usernames from your public email or usernames and vice versa
- Never refer to you other private accounts from another private account
- Never release any real-world identifying information from private accounts such as phone number, address, name, etc.
- Advanced - all the basic steps plus:
- Create all emails and private user accounts through TOR, from open wireless connections, etc
- Rotate connections or the appearance of different connections
- This can be accomplished by clicking "New Identity" in Vidalia
- Never have any of these emails or accounts tied to any non-public IP, non-proxied or non-TOR IP address (home, work or friend's internet connections)
Tor Browser Bundle
TOR is a second-generation form of the 'onion routing' concept which was originally developed by the US Navy. Your traffic is routed through multiple computers at different places on the globe. Each computers only know the last computer that sent it traffic, not the whole route, making backtracking impossible. https://www.torproject.org/about/overview.html.en
- CAVEATS:
- Your traffic is encrypted from your computer, through the route of computers until the very last computer in the chain. That computer decrypts your traffic to send it to it's destination. This would make it possible for someone running a rogue TOR node to see your traffic at this point. HTTPS, VPNs or other encryption should be used within TOR for the ultimate protection.
- If a person is able to watch both the traffic coming out of your computer and the traffic arriving at the end site simultaneously, they can use statistical analysis to guess what traffic is yours. This is theoretical.
The Tor Browser Bundle (Portable TOR) is a version of TOR bundled with vidalia and firefox configured with the Tor Browser Button, HTTPS Everywhere and NoScript. It is used on an as-needed basis without installation. It comes configured for pretty good anonymity out of the box – https://www.torproject.org/projects/torbrowser.html.en
- There is a possibility that adding more add-ons than listed here could compromise your anonymity
- The changes to this installation are persistant
- TBB Firefox vs. regular Firefox
- Both can be running at the same time, one through your regular connection and one through the TOR network. Look for the Torbutton to avoid confusing the two
TAILS
TAILS is an amnesiac LiveCD/USB that writes nothing to the hard drive. It contains TOR, Pidgin, encryption tools and more - https://tails.boum.org/index.en.html
Suggested Firefox Plugins
- Adblock plus - https://addons.mozilla.org/en-US/firefox/addon/adblock-plus – Blocking ads blocks some tracking
- Download EasyList and Fanboy's list.
- Better Privacy - https://addons.mozilla.org/en-US/firefox/addon/betterprivacy –
- Deletes LSOs (Flash Cookies).
- Set to delete upon exit.
- Cookie Monster - https://addons.mozilla.org/en-US/firefox/.../cookie-monster -
- Check all options but “Block All Cookies” and the ones about the dialog and icon.
- Flash Block - https://addons.mozilla.org/en-US/firefox/addon/flashblock – Block ads/flash tracking
- Enable and choose to block Silverlight as well
- RefControl - https://addons.mozilla.org/en-US/firefox/addon/refcontrol – Changes referrer on website headers
- Choose “Forge” for sites not listed
- HTTPS Everywhere - https://www.eff.org/https-everywhere/ - Included in TBB and TAILS.
- Make sure it is enabled and never turn this off
- Noscript - https://addons.mozilla.org/en-US/firefox/addon/noscript – Included in TBB
- Choose to Forbid Scripts Globally
- TORButton - https://www.torproject.org/torbutton – Included in TBB and TAILS.
- Too many features to list ( https://www.torproject.org/torbutton/torbutton-options.html.en )
- Refer to TBB settings and choose more if wanted (suggested) but do not uncheck anything they've selected there.
- CAVEAT: Any extraneous applications may be able to track you
Email Encryption
Thunderbird
GPG
Enigmail plugin
Miscellaneous
Pidgin – IM/IRC/Skype – On TAILS with OTR
- OTR plugin - http://www.cypherpunks.ca/otr/
- End to end encryption for chats
- Pidgin TOR set-up
- Accounts → Choose account → Proxy Tab → Use “Tor/Privacy (SOCKS5)” → Set host to 127.0.0.1 and port to 9050
Disk Encryption
- Ubuntu encryption on install - $HOME
- LUKS - https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS
- gdecrypt as GUI
- Truecrypt
- Going through customs – outer encryption vs. inner hidden encryption - plausible deniability
Erasing Files
- Why they are not erased
- secure-delete - http://superuser.com/questions/19326/how-to-wipe-free-disk-space-in-linux/19377#19377
Environment Checks
Steganography
Ixquick.com – non-logging search engine