Tuesday, October 29, 2013

How to remain anonymous online

The lengths to which you must go to remain anonymous online depend on whether you're trying to hide your tracks from your partner or the Pentagon.

Former US National Security Agency computer specialist Edward Snowden lifted the lid on just how extensively the US government and partners, such as Australia, are spying on us. You don't need to be a suspected terrorist for the spooks to trawl through your phone, SMS, browsing, email and chat records. Meanwhile, the US Patriot Act lets them search your email and cloud back-ups in data centres on US soil, or elsewhere if they are controlled by US companies.

(No secrets: Edward Snowden lifted the lid on US government snooping. Photo: WikiLeaks/AFP)

 You should always assume that someone, somewhere, is watching. Tricks for gaining a little privacy depend on whether you're worried about hiding from members of your household, your internet service provider (ISP) or the government.

Your web browser's ''private browsing'' mode deletes your history and temporary files such as cookies, but it doesn't stop your broadband modem or router logging the websites you visit. Your ISP can also see where you've been, so government agencies can too.

A proxy server offers an extra level of privacy by sending requests to websites on your behalf and sending back pages. The website doesn't know who you are and your ISP doesn't know which site you're visiting, making proxy servers a common way to bypass filtering.

The next level of security involves a virtual private network, or VPN, which can also bypass filtering.

VPNs encrypt all the internet traffic between your computer and the VPN provider. The encrypted link stops people snooping on your internet traffic when you're using a public Wi-Fi hotspot. Your ISP can't even see what you're doing, but it can tell you're using a VPN. There are many options available online for both paid and free VPN and proxy server providers. Unless you enable private browsing, your browser will still track your web history when using a VPN or proxy server. These tricks offer a certain level of anonymity but stubborn cookies, network metadata and even your computer's ''fingerprint'' - the specific characteristics of your machine and software - can still make it possible to identify you.

Using a VPN tricks websites into thinking you're located in the same place as the VPN server, so connecting to a US-based VPN often lets you bluff your way into US-only video services such as Hulu. It might not be able to tell you're in Australia, but Hulu can see the web address of the VPN server. It has been known to block traffic from popular VPN servers in an effort to keep out foreigners.

VPNs might let you bend geo-blocking rules, but they're not a foolproof way to avoid the long arm of the law. Government agencies can demand records from VPN providers and ISPs to trace traffic back to you, plus they might examine your computer's fingerprint. Fake email addresses also only offer limited anonymity for the same reasons. The authorities might go through Google, your VPN provider and your ISP to track you down as the owner of anonymous@gmail.com.

The heavy-handed tactics of the US government have even seen secure email services such as Lavabit and Silent Circle pull the plug because they can't guarantee privacy. To send secure messages you can use Pretty Good Privacy (PGP) to encrypt emails. Each PGP user is allocated a public and private encryption code.

Anyone can use your public code to send you an encrypted message, but you need your private code to read it. You can also hide messages inside other files such as digital photos - known as steganography.

Political dissidents and whistleblowers often use TOR and I2P to hide their online activities, but these are also used by people with less noble intentions. You can run TOR from a USB stick and it will encrypt your traffic and bounce it through a string of servers.

Not even TOR is infallible, though, with a recent attack on TOR for Firefox on Windows designed to identify users.

It appears the attack may have been launched by US law enforcement agencies to help bring down a secretive child pornography ring.

Someone, somewhere, is always watching.

theage.com.au 27 Oct 2013

There is literally NO SUCH THING AS ANONYMITY when it comes to being internet connected.
All encryption keys are held by US 'authorities' and used to retrieve the (encrypted) desired data upon request.

If the general populous were to carry out surveillance to a similar extent, then they would be labeled (by the government lap dogs - the corporate media) as 'nut jobs', paranoid, conspiracy theorists, and the like.

No comments: