Survivalist Forum banner

Anonymity at all times on the internet?

9K views 64 replies 30 participants last post by  fsck 
#1 ·
I'm trying to find a way to browse things on the internet without anyone being able to find out what ive been doing. I realize that nothing is going to be 100% effective...but I want to put some solid measures between my electronic history and techy people that might be trying to find it for whatever reason. I don't want the government being able to easily look at all the stuff i look up on this site or all of the end of the world-esque stuff i look up and start forming conclusions about me, or an employer down the road thinking im some gun toting anarchist. Whatever the circumstance, I don't want people knowing my business.

I'm semi-techy. As in, I know computer specs, am up to date on web culture, can get basic projects and such done with the help of google, etc. But as far as programming goes, I don't know much past some basic html tags.

Right now (as of yesterday), I've started browsing the web through a portable version of google chrome on a flashdrive and running things through a proxy like hidemyass.com. What else/better things could I be doing to hide my actions? Also, using a proxy site is kindof a pain and definitely slows down page load times, is there a plugin i could get or an actual proxy program I could be using that just works in the background that I don't have to deal with and look at all the time?

Pardon the foil hat paranoia.
 
See less See more
#2 ·
#3 ·
Using an anonimizer like you're doing is one layer of protection,

another is using only wireless and "war driving", i.e. finding unencrypted open networks from which to connect.

Your MAC address can give you away, so you would have to avoid cameras, and remain physically undetectable as well.

If they can't find your laptop, they can't find you.
 
#5 ·
Your MAC address can give you away
It can give you away IF you have a network administrator who is watching who is connected, but it can't identify you specifically unless they notice the strange MAC address, then find you and your computer, and match the two up. Using TAILS or any other browsing Live CD from an open hotspot is about the best method there is, bar none. If you use a Live CD NO traces of the activity are left behind because the hard drive is never mounted or accessed by the operating system at all, you're running everything in RAM, which disappears once you shut down the OS and turn off the machine. Unless you've got a dedicated team of super geeks with some cryo gear to cool down the RAM chips to prevent the data from decaying and begin extraction immediately, you're in the clear. It's an awful lot of trouble to go through. It's good to know how to do it, but I can't imagine I'd ever need to.
 
#11 ·
I used to worry about Uncle Bug-Breath tracking me, but on 9/11 he got an object
lesson on who his REAL problem is, that even an idiot like him can't ignore. (Dawn
Breaks on Marble Head...).

That said... the MAC address is an interesting problem. It's generally hard-wired or
in firmware at the very least and would have to be spoofed at random and
*regularly* to effectively mask it. (And... for the ultra-paranoid... Did you know that
IPV6 *embeds* yourMAC address in the IP address? (Anus-clenching adventure...).)

Uncle Bug-Breath *does* track all that stuff, *especially* at wireless hot-spots where
Muhammad Abdul-Aziz al-Kaboomi hooks up to connect with the rest of his
sleeper cell. I suppose I should go figure out how to defeat all that stuff sometime.
Meanwhile, I'll put it on my "To-Do" list for after I get done overthrowing the
Government and reinstating the Constitution...
 
#15 ·
they're up to all kinds of stuff like browser fingerprinting, machine fingerprinting etc etc so unless youre using TAILS Live CD or JonDoFox Live CD its best to assume they know who you are. There are so many different ways they are able to narrow down who you are - installed fonts, e-tags in browser cache(see KISSmetrics and the evercookie), user-agent, your browser plug-ins (flash, java, etc) and extensions, on and on.

this link from EFF explains it well how they can narrow down who you are:

https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy


then there is geolocation - Google went all around the country sniffing and mapping all the wifi signals(your router) so if you have geolocation set to on in your browser(it is default on in Opera) and your wi-fi is on they may be able to get a pretty good fix on your physical location down to a street level. Same thing with mobile broadband, they able to triangulate from the cell tower locations apparently to see where you are.

these sites test your browser to see how much info its giving away to websites, very interesting:

http://panopticlick.eff.org/
http://ip-check.info/?lang=en
http://browserspy.dk/
https://labs.isecpartners.com/breadcrumbs/breadcrumbs.html


an then even your Internet Service Provider could be spying on you even though you're paying them.

as far as avoiding the U.S. Govt snooping on you consider that the old Libyan dictator Khaddafi paid a French company only $12 billion in order to build a system that vacuumed up all internet wired data, wifi data, all cellphone data, satellite phone data, UHF, VHF, all wired telephone data, etc etc and whatever else kind of communication you can think of in his country and this data was searchable in real time so imagine what US govt and FBI, CIA, and NSA can do.
 
#27 ·
i dont want future employers to be able to see all the crazy stuff i look up thats related to this site. there is way too much on the border kind of stuff that i research and way too many abrasive opinions i give for my comfort. If the government wanted to, they could totally pull up this stuff and label me a terrorist and throw me in prison indefinitely.


thanks for all the info guys. sounds like TAILS is the way to go. exactly what ive been looking for
 
#19 ·
btw there are free software programs that supposedly will change the MAC address of the device but idk if thats just a superficial fix or something...like on the User-Agent you can change that to various random user-agent but there are several other browser settings in about:config in Firefox that will still give you away....its getting very complicated and also some sites wont work without you giving them all this identifying data, which i think is probably by design...
 
#20 ·
It's true, most large e-mail providers like Yahoo & Gmail, won't work if you disable Cookies, Super Cookies & Scripts. What does work however is accessing their mobile sites & locking down the browser so no Cookies, Scripts & Super Cookies are able to be used. If combined with an un-registered pre-pay account, it's pretty bomb proof...
 
#26 ·
It's true that they are stripped off the packets before they're sent over
the Internet. But if Uncle Bug-Breath (Or whoever) is able to interrogate
your hardware with "Something", they can find it.

And that's the question... have they got such a "Something"? You can
bet your ass they're thinking about it. If they can get some spyware
onto your machine or a sniffer onto your LAN it can "collect" information
like that and transmit it. The newer breed of Trojans (conficker, etc.)
were specifically designed to do that (and nobody yet knows who
designed them AFAIK).

Additionally, as I posted earlier, if you're using IPV6, the MAC address *IS*
*embedded* in the IPV6 address. (Nice improvement, huh? For your
"convenience". or "protection". or... or... or...). Be sure to upgrade real
soon... (I notice it's installed by default on Windows 7, FI).

Reprogramming the MAC address the way @strokes762 does it will work
if you've really reprogrammed it, but just changing it in the registry will
not fool something that's looking in the hardware for a signature. He's
right, though, that it's a question of how high you're trying to raise the
bar, whom you're trying to keep out, what you're trying to hide, etc...
 
#22 ·
another alternative i've read about is that is you visit one site and then close out your browser and then flush with CCleaner and/or BleachBit. kind of a pain though. would be a lot better if there was just an option to be anonymous on the internet but there are too many people getting rich behind the scenes by stealing + compiling all this data on people. TrackerBlock now lists 663 different companies involved that need to be blocked.
 
#23 ·
I have a hard way of "Anonymously" browsing the internet:

Go to regedit in your windows PC and follow this path >>
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\
Here your setting for each network adapter is found. There is a string value called "NetworkAddress" and that should be the value of your MAC (Media Access Control) address. Write this value down and do not loose it. Then using DevCon (http://support.microsoft.com/kb/311272) you can reset your network adapter settings and this should change your MAC address to another one that will work.

When this is done (and you will need 2 computers for this) boot an Ubuntu Linux server live CD on one computer and connect to a network, then connect a wireless adapter and create an ad-hoc network (https://help.ubuntu.com/community/WifiDocs/Adhoc). With the ad-hoc make sure your encryption key is at least 16 characters long and include letters, numbers and atleast 2 symbols (*,$,+, etc.) Then (this is the hardest part) set up the firewall for your network with Ubuntu (http://1000umbrellas.com/2010/04/29/how-to-set-up-the-firewall-using-ufw-on-ubuntu-lucid-lynx-server). This will only allow traffic that you approve through, so make sure you add the static IP of your router and the static IP of the computer you will be connecting wirelessly to the Ubuntu machine. You can find the IP of your windows machine by going to the command prompt and typing "ipconfig." Even if you are not connected to a network you will still receive an IP address (either 255.255.255.0 or 255.255.255.255).

You can also go into your router that your ISP provides by opening a web browser and typing 192.168.0.1 in the address bar (this is your local IP address 99% of the time) and after you login using the default credentials your ISP provides you can create a "static MAC table" and enter the MAC address that your Ubuntu server pseudo host has by typing "ifconfig -a" in the terminal window. Then every 8 octet code that follows the word "HWaddr" should be entered into your static MAC address table.

After this is done connect the Ubuntu server booted machine to your router with an Ethernet cable. Wait until it says you are connected to the internet. Then use a wireless adapter with your windows PC and connect to the wireless ad-hoc network using the password you created earlier. If done right you can access the internet "anonymously."

Now you may be asking "hmmm, hey strokes why do you say 'anomalously'?" Well good question my friend. Its not entirely anonymous, sorry. But, it is significantly harder to see your network activity and because you changed your MAC address no one can look for your specific network adapter, for all they know it belongs to Joe Smoe down the street. Add a firewalled hard wired Linux based host and any hacker looking to mess with you will have a run for his money. It will SLOW down anyone trying to look at your network activity. So if the NSA is after you then you have bigger problems than someone knowing about what adult XXX content you viewed last Tuesday.


Now how do I know this works? I used this method for a project in a networking security elective class I'm taking now. My friend and I used our laptops (my PC and his Ubuntu Linux) and a $25 wired router from Radio Shack to build a mock network and our professor tried to access a .txt file that he had an SA put on my C: drive. He couldn't do it in an hour but told us that if we wanted to stay for a few more hours he could do it.

We also got an "A" :D:
 
#24 ·
I have a hard way of "Anonymously" browsing the internet:

Go to regedit in your windows PC and follow this path >>


Here your setting for each network adapter is found. There is a string value called "NetworkAddress" and that should be the value of your MAC (Media Access Control) address. Write this value down and do not loose it. Then using DevCon (http://support.microsoft.com/kb/311272) you can reset your network adapter settings and this should change your MAC address to another one that will work.

When this is done (and you will need 2 computers for this) boot an Ubuntu Linux server live CD on one computer and connect to a network, then connect a wireless adapter and create an ad-hoc network (https://help.ubuntu.com/community/WifiDocs/Adhoc). With the ad-hoc make sure your encryption key is at least 16 characters long and include letters, numbers and atleast 2 symbols (*,$,+, etc.) Then (this is the hardest part) set up the firewall for your network with Ubuntu (http://1000umbrellas.com/2010/04/29/how-to-set-up-the-firewall-using-ufw-on-ubuntu-lucid-lynx-server). This will only allow traffic that you approve through, so make sure you add the static IP of your router and the static IP of the computer you will be connecting wirelessly to the Ubuntu machine. You can find the IP of your windows machine by going to the command prompt and typing "ipconfig." Even if you are not connected to a network you will still receive an IP address (either 255.255.255.0 or 255.255.255.255).

You can also go into your router that your ISP provides by opening a web browser and typing 192.168.0.1 in the address bar (this is your local IP address 99% of the time) and after you login using the default credentials your ISP provides you can create a "static MAC table" and enter the MAC address that your Ubuntu server pseudo host has by typing "ifconfig -a" in the terminal window. Then every 8 octet code that follows the word "HWaddr" should be entered into your static MAC address table.

After this is done connect the Ubuntu server booted machine to your router with an Ethernet cable. Wait until it says you are connected to the internet. Then use a wireless adapter with your windows PC and connect to the wireless ad-hoc network using the password you created earlier. If done right you can access the internet "anonymously."

Now you may be asking "hmmm, hey strokes why do you say 'anomalously'?" Well good question my friend. Its not entirely anonymous, sorry. But, it is significantly harder to see your network activity and because you changed your MAC address no one can look for your specific network adapter, for all they know it belongs to Joe Smoe down the street. Add a firewalled hard wired Linux based host and any hacker looking to mess with you will have a run for his money. It will SLOW down anyone trying to look at your network activity. So if the NSA is after you then you have bigger problems than someone knowing about what adult XXX content you viewed last Tuesday.


Now how do I know this works? I used this method for a project in a networking security elective class I'm taking now. My friend and I used our laptops (my PC and his Ubuntu Linux) and a $25 wired router from Radio Shack to build a mock network and our professor tried to access a .txt file that he had an SA put on my C: drive. He couldn't do it in an hour but told us that if we wanted to stay for a few more hours he could do it.

We also got an "A" :D:
Holy crap !! :confused: lol
 
#25 ·
Well for starters the old trick of clearing your history through the browser doesn't work.

Here are a list of programs I recommend:

DECAF - This defeats the standard FBI and police forensics program called CAFFEINE.

Ccleaner - Erases the web history all the way down to the index.dat files.

Spybot search and destroy for obvious reasons.

Tor - Far, far, far superior then a lousy proxy.
 
#28 ·
It's true that they are stripped off the packets before they're sent over
the Internet. But if Uncle Bug-Breath (Or whoever) is able to interrogate
your hardware with "Something", they can find it.

And that's the question... have they got such a "Something"? You can
bet your ass they're thinking about it.
Oh, they do, my friend, they do:
http://en.wikipedia.org/wiki/Computer_and_Internet_Protocol_Address_Verifier
http://en.wikipedia.org/wiki/Magic_Lantern_(software)

Although using TAILS would defeat these pieces of software in my opinion.

i dont want future employers to be able to see all the crazy stuff i look up thats related to this site.
An unfounded fear, I don't think employers have the vast resources or the interest to go that far. As long as your user name doesn't lead back to you. You would be very surprised at how many users on this site I have (out of curiosity) positively identified through 5 minutes and the use of Google and a couple other sites. One of my number one rules on the internet:
NEVER use the same user name twice. Somebody I was in a flame war with on a site years ago narrowed me down to my city and job occupation based on my naive internet behavior. He didn't get my actual identity but it was far too close for comfort, it was all because I used the same unique user name across multiple sites. I learned from that experience. I won't dare say I'm completely untraceable (certainly not when it comes to the government) but I would venture to say that no users or forum members will ever get even a little bit close to finding out where or who I am.
 
#30 ·
Oh, they do, my friend, they do:
http://en.wikipedia.org/wiki/Computer_and_Internet_Protocol_Address_Verifier
http://en.wikipedia.org/wiki/Magic_Lantern_(software)

Although using TAILS would defeat these pieces of software in my opinion.

.
.
.
WEll, whaddyaknow... Uncle Bug-Breath is already doing EXACTLY what I
thought he'd be already doing. (Isn't he *cute*?). (thanx for that, btw...
always helps to have my paranoia corroborated.)

Although using TAILS would defeat these pieces of software in my opinion.
yeah... it sounds like it's the moral equivalent of a complete fresh OS install,
which is the moral equivalent of a single-use key or "tearoff pad" encryption
scheme... very difficult for Jackboot Janet to defeat

Using Linux or a MAC (yuck) probably helps... I doubt if Janet has the
resources to infest more than the Windows OS. plus you can deploy
authentication resources on Linux that make her infestation a lot more
difficult than it is with Windows where they basically can get MicroSuck
to incorporate stuff that looks like it's just part of the Windows release...

Ken Thompson gave an interesting lecture back in 1984 (I think)

www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf

IF I undersatand correctly... that means we're up against a fundamental
logical conundrum in even *attempting* to protect anything. but we can
certainly raise the bar high enough that Janet can't climb over it without
exposing herself (YUCK...).
 
#32 ·
I know exactly what I'm talking about.

One thing you need to realize is that if the government wants to, they WILL track you. Nothing can prevent that. They'll get a court order and issue a CALEA request to your ISP which is basically a "wiretap" on your internet. Everything you send or receive on the wire is read by them.
The ONLY way to beat ISP "wiretapping" is to use TOR (The Onion Router) or a similar product, which will encrypt everything between your computer and the network of TOR nodes. You can find there at http://torproject.org.

Nothing is 100%, not even TOR, but the only attacks on it are fairly exotic. Nothing short of the focused efforts of an entire department of either the FBI, NSA, or CIA will be able to execute the exotic attacks required to successfully attack TOR. This means your local or even state police department, no matter how many *hackers* they have, will be able to spend the money and time to break it.

The next MUST is that you MUST ALWAYS use HTTPS. It won't hide the websites you're looking at or the identifying cookies you send but it encrypts everything else.

Next, you CANNOT use flash or java. Uninstall both of these from your system.
Also, either disable javascript in your browser settings or install the noscript equivalent for your browser. Noscript is a browser addon for firefox and I believe chrome.

There are still kinks in this armor, but its the very best that can be had. You should research more thoroughly, though, because there are a few caveats to using TOR that you will understand once you learn how it works.
 
#35 ·
.
.
.
They'll get a court order and issue a CALEA request to your ISP which is basically a "wiretap" on your internet. Everything you send or receive on the wire is read by them.
That's true if they already suspect you of something... but if that's the
case, you already blew it by getting on their radar. Most of the debate
here is how to avoid *that* in the first place. Yeah, they *can* read
*anything* if they're really after it... unless *all* the data is somehow
encrypted at, what is it - 256 bits right now? there's some level beyond
which even NSA can't crack it... But that isn't even possible for web surfing
anyway - HTTPS won't support it AFAIK

.
.
The ONLY way to beat ISP "wiretapping" is to use TOR (The Onion Router) or a similar product, which will encrypt everything between your computer and the network of TOR nodes.
How does it compare with "anon-proxy" (JAP)?
 
#38 ·
The first step is don't use google (chrome). If Google went to all of the trouble to BYPASS Internet Explorer and Safari security settings what do you think the security settings in chrome mean to them? They track everything you do and if you are lucky and have many google affiliated services they bundle all the histories together and at the minimum share with advertisers and store it in 1 place for hackers. At the worst there have always been rumors that they work with the government or were even helped with startup money by the government.

Even if what you are doing isn't legal now, who knows if it'll be made illegal in the future. Tomorrow the government could ban prepping and all those times you googled for "SHTF SURVIVAL KNIFE" or youtubed for "KA-BAR review" "survival forums" could lead them to target you.

At the minimum connect to a VPN, then connect to TOR, then don't use your name on anything. Its not perfect but its something.

Also stop using google for searching as well, use https://duckduckgo.com .
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top