Wednesday, August 12, 2009

Staying Anonymous on the Internet

I will begin by giving you an Overview of staying anonymous on the web, and then I will provide a HowTo do this yourself. I will also provide links and credits to whom they belong to from where I learned this which is several sources. I will cover Onion Routers, Tor, Spoofing (faking) your web browser's user agent. Note: None of this is illegal at all.

What I am about to explain works for several applications, but most commonly used for browsing the web (Firefox for example) and giving you much more anonymity than a proxy alone. First lets start with how proxies work. Your computer sends and receives information from and to a proxy server. The proxy then sends and receives your information to the destination, so the destination can only see the proxy, not where it came from (your computer). What is the problem with this? All the logs on the proxy show who you are and where you've been on the web, so all it takes is for that proxy server to be confiscated, and then the info can be retrieved from it if not using tough encryption with a strong password (otherwise brute force attempts will easily break the password). Note: For you non tech users who do not know the computer jargon I am using, I will provide the definitions of each in a new blog entry. The purpose of my blog is for learning, so knowing the jargon will help you when you understand not only my blog, but when you are reading on other websites as well. And the purpose of my blog is to contribute back to the Linux and Open Source community for all they've done freely for me and the community. Here's why the use of onion routers are far superior over using a proxy. The data sent and received must go through several routers, and each one only knows the information the last one gave it, and each time you use them, random different onion routers are used. But how do you use these onion routers? You must use an implementation known as Tor. I will go further into that in the howto section, so you see that onion routers work like proxies, but are far better advanced. Here are some visual diagrams with examples of how it works.

Credit for the above 4 pictures go to the Tor Project. It's open source and freely available and under a Creative Commons license. You can read there for more information.

Credit for that diagram goes to HANtwister at the English Wikipedia project and is under the gpl 1.2 license.

Spoofing your browser's user agent also hides more details. Visit this website for example. IP Chicken. Was it able to tell you a lot of information about your computer? You will spoofing your user-agent when it shows something else such as this example of my own.


Finally is the HowTo for setting this up. You will need Firefox. I haven't fully tested this in Windows, but I found some instructions that I believe do work.

HowTo User-Agent Spoofing

  1. If you don't already have Firefox. Get it! It's far superior over Internet Explorer and the only competitor that stands a chance against it in the future is Google Chrome.
  2. Install the User-Agent Switcher Add-On/Firefox Extension from here. Click on the "Add to Firefox" button and then follow the instructions about restarting Firefox. You should see a button that restarts Firefox after the Addon is installed.
  3. Now at the top of your Firefox window, click on Tools>Default User Agent, and pick any you like, such as the iPhone. Now when you browse the web, you should see pages displaying a little differently. This is so that they work good with an iPhone. I use a BlackBerry with Opera Mini to Browse the internet from my Phone. To be sure this has worked, go visit www.ipchicken.com again and see if your correct information shows up or if it says you are using an iPhone. IP Chicken is not the only site that can see your personal information. Nearly every webserver (hosting a website) stores logs that your personal information will show up in.
Howto Tor and Onion Routers using Firefox

  1. Again, you need an addon for Firefox called torbutton, so now, the same as before, install this addon.
  2. This next step depends on whether you are running Linux or Windows. For Linux, if you are using a debian based distro such as Ubuntu, use Synaptic Package Manager to install privoxy. Then hit alt f2 and enter the following in the run dialog box without the quotes 'gksu /usr/sbin/privoxy. Next, in Firefox, push the tor button where it shows in red "Tor Disabled". Now it should be green saying "Tor Enabled". Now attempt to browse the web. If you get any messages, read carefully what it says, and follow the directions. If you are using any other Linux Distro, then I assume you are a more advanced user and do not need to be walked through the steps of installing privoxy. For Windows, you can get privoxy here. You may want to be on the safe side and do the full installation of the three items since I haven't tested this myself and just enable tor the same as I gave for the Linux instructions.
  3. Troubleshooting: If you have any problems, refer to the FAQ (Frequently Asked Questions) at the Tor Project
Don't browse public wifi and web w/real MAC

  1. First, install macchanger. Use Synaptic or sudo apt-get install macchanger
  2. Figure out which device Linux is uses for your internet. Common ones for wired is eth0 and eth1. For wireless, common ones are wlan0, and ath0. Check with the ifconfig command which device has been assigned an ip or even better, use this route -n | tail -n 1 | awk '{print $8}'
  3. Okay, now you know if it is wlan0 or eth0 or something totally different. Add it to your bootup script to fake your MAC address each time you boot (MAC is like an ip address). do gksu gedit, and add the following on an empty line right before the exit 0 line macchanger -A wlan0 (Substitute wlan0 with your device.)
  4. Enable the /etc/rc.local bootscript file to run on system startup sudo update-rc.d local defaults 80

11 comments:

  1. so what about opera on tor? love it too much i have been thinking about setting up a tor router eventually found your blog on sat lug also...good stuff

    ReplyDelete
  2. Thanks for the compliments. I use Google software and Opera Mini on my Blackberry, and its far better than the default applications. Let me do some research first, so I can provide you with good information. Also feel free to subscribe on the left under followers.

    ReplyDelete
  3. Ok, so I did some research. The results were amazing. OperaTor was written everywhere, worked with privoxy and then I read it's for Windows only right now. I will keep checking for you, but please do me a favor and sign up as one the of the followers on this blog.

    ReplyDelete
  4. Operator is reported to work under Wine. Give it a shot.

    ReplyDelete
  5. This comment has been removed by a blog administrator.

    ReplyDelete
  6. I didn't remove your comment??? Google or FreeNope do this? Anyways, I updated this blog entry to include:

    Don't browse public wifi and web w/real MAC

    It's a guide to spoofing (faking) your MAC address, and having it automated.

    ReplyDelete
  7. I am reposting your comment because I don't know who deleted it yet.

    ivangotoy has left a new comment on your post "Staying Anonymous on the Internet":

    I liked all the things about the Onion Router already said. I will add some things:
    1. latest tor source code is move to git repo:
    http://git.torproject.net/
    2. Opera browser is known to have bug in its proxy settings that might compromise anonymity for users especially visiting a site which admin knows how to exploit that opera bug...
    3. Using tor is fine , running tor NON exit node is fine , probably running a tor bridge relay is fine too , but my dream was to have a tor exit node - and i got banned from freenode.net irc network. Why? - freenode restrict tor users access to their network - due to abuse cases which are known to stem from tor users. They've set up 2 ways for tor users to enter freenode.
    But what actually is going on: the first so called tor public irc server of freenode is blocked too - they do not mention it on their website but advertise it as being functional. And method 2 remains - sending publick keys , irc nickname and password at freenode email might help u enter FREEnode.net :)
    So ... if u run a tor relay or want to enter freenode from tor - u got pretty much ... censored by FREEnode.
    What is more - freenode try to be as open as possible to the world and somehow they act against that - censoring tor access to their service - what a Free node or - free? nope :) Tor is not illegal but on freenode it is not welcome - not anymore.
    One more thing about that kind of banning policy - it is a baaad example - baaaad , cause if more internet places start using that type of ... "censorship" - tor or anything resembling it might be rendered to completely useless state. Freenode has proven quality of service. Probably they are right banning tor users but .... what happens when a first day tor user gets banned for having done nothing wrong - he may be turned away from tor (if stupid enough) or just forgets about freenode (and its policy followers). Either way - nothing positive is contributed for anyone. Cheers, keep torifying the apps :)



    Posted by ivangotoy to Advanced Linux Technology at August 26, 2009 2:07 PM

    ReplyDelete
  8. On my blog, we have Freedom of Speech!

    ReplyDelete
  9. "Opera known to have bug in its proxy settings that might compromise anonymity for users..."

    Do you have a reference for this? Because the only thing similar I can find on google is from 2001 - 8 years ago! There is nothing on secunia or anywhere else. Are you sure this bug still exists? Opera claimed to fix all security bugs in their backlog in 2007. I have seen this same alleged issue thrown about concerning Opera somewhere else, again with no reference. Where is the reference for this?

    ReplyDelete
  10. I'm still waiting for someone to substantiate this bug with Opera and Tor with a decent link.

    ReplyDelete
  11. "Anonymous said...

    I'm still waiting for someone to substantiate this bug with Opera and Tor with a decent link."

    It is very not advisable to do that. Read my discussion on a mailing list with very intelligent professors, engineers, developers, hackers, etc.

    http://xcssa.org/pipermail/xcssa/2009-August/006217.html

    ReplyDelete