Part II: How to Be Anonymous Online (for Beginners)

If you have significant reason to be concerned about your anonymity online, this installment will not be for you; please wait for the next installment. The methods described in this section are intended only for those who want to add a thin layer of anonymity on top of what they currently have (which is likely almost no anonymity).

Off the Shelf Solutions

There are quite a few excellent free and paid off the shelf solutions intended to protect your anonymity. And while each may offer a legitimate layer of protection, it is critical that you understand the risk you assume if you place all of your faith in the hands of a single entity. Should they be compromised, should they be corrupt, should they be monitored, should their product/service have serious unpublicized weaknesses, you would be potentially exposed. Only by combining these protections can you be sure you are truly anonymous; this will be covered in the next and more advanced installment. For now, if you need only minimal protection, you can explore these options alone.

The following are some of the popular and common options:

  • JonDonym
  • Tor Browser Bundle
  • SSH Tunnel (free/paid ssh tunnels)
  • VPN
  • Open Proxies
  • Xero Bank

I’ll attempt to briefly describe each and their role in your protection.

JonDonym

JonDonym is a brilliant approach to solving much of the problem of anonymity and access. It is designed from the ground up to be a means of protecting your anonymity and allowing people in repressive environments to access and share information. The technical details of how it works are beyond the scope of this document, I highly recommend visiting their site to learn the details if you are nerdly interested. I will do my best to provide a useful but crude and flawed description of the system.

To use JonDonym you download and run JonDo, formerly and sometimes still referred to as Java Anonymous Proxy (JAP).  JonDo is a web proxy which when used with a properly configured browser will let your web traffic pass encrypted from your computer through your ISP through a series of JonDonym proxies located around the world before going to the website you requested. Your anonymity is protected through layered encryption, through the distribution of your requests, and through a blending of your requests with those of other people.  The layered encryption makes it possible for there to be a separation between who knows who you are and who knows what data you are requesting and receiving.  The first JonDonym proxy (mix server) that your JonDo proxy passes your request to cannot read the contents of your encrypted request, but it knows who you are, the IP from which the request came.  That mix server passes the request with your identity encrypted in a way only it can read to the next JonDonym proxy who neither knows who you are nor what data you are passing.  That data is then passed to an exit node which is able to decrypt your request, contact the website you wanted, and encrypt the response back to you, but it knows nothing of your identity.  This response is then passed back through the chain.  Further protection is provided because of the locations of the JonDonym servers, which are operated by different unrelated entities in different countries, and by the blending of your requests with others, such that traffic analysis would make it practically impossible for any government or private group to tie any requests to you.

The basic idea behind JonDonym is that you cannot place all your trust in any one entity.  While each JonDonym server is required to sign legal documents stating they will be good shepherds to the bits they handle, and while they are periodically reviewed, there is always the possibility that one will be compromised.  Because of the architecture of the JonDonym network and how your data is relayed through it any single failure in the chain nor any collusion between two of the three will not undo your anonymity.

It is very important to understand what protection JonDonym provides and what dangers it invites.  Any data exchanged between you and a website not using the https protocol will travel unencrypted on the open internet between JonDonym exit node and destination website.  That data could be monitored, and anything you include in that data could defeat the anonymity JonDonym has provided you (e.g., if you include your email address or name in a form, or if your browser is not properly secured and allows Java).  It is vital that you use a properly secured and configured web browser to access your JonDo web proxy.  JonDonym makes available the JonDoFox web browser for this purpose, which is a customized profile for Firefox with special plugins added.  I strongly suggest you use only JonDoFox.  A misconfigured browser will betray your anonymity.

JonDonym is both a free and a paid service.  The free JonDonym service can only use two mix servers not three, so you will have reduced protection should one of the servers be compromised or should there be collusion.  The free servers also handle more users and they will be slower in handling your traffic.  JonDonym paid access is relatively cheap, and it can be purchased anonymously.  I highly recommend purchasing access, current rates mean $12 will buy you access to about 3,600 web pages ($0.003 per page).  The free service is good, and faster than solutions like the free Tor (described below), but your experience of the web will still be diminished, and you can support JonDonym and get a better experience at the same time.

While I strongly endorse JonDo, and believe them to be good and noble souls, having followed them since their early work on JAP, it’s important to remember that you should still not place all of your trust in one solution.  JonDo can be combined with VPN, Tor, and other solutions to ensure that no single solution can betray your anonymity.

Download JonDo

Download JonDoFox

Tor Browser Bundle

Tor is a variation on the JonDonym theme.  Rather than using officially sanctioned servers as JonDonym does, Tor relies primarily upon a peer to peer network to shuffle your data to its destination server.  A peer to peer network is a network of decentralized personal computers like yours all working together towards a common goal of sharing information.  When you run a Tor client on your computer it joins this peer to peer network and dynamically creates and manages these virtual circuits which will carry your data. This arguably may provide some additional protection through this decentralization but it also invites some trouble at the exit nodes.  With no one vetting the exit nodes it is possible to position yourself as an exit node for the purpose of monitoring traffic you exchange on behalf of others and even modify that content before they receive it (if the connection was not https) in an effort to try to compromise the users.

One advantage of Tor is that you can let your Tor client act relay Tor traffic for others and act as an exit node, thereby making it plausibly deniable that you were the one accessing particular websites.  There would be no way to distinguish your activity from those of others using your network.  This obviously can invite problems as well.  You would need to sell this argument to the government should your network be used to access illegal content, and that could be a difficult, costly, and ultimately futile sales pitch, best reserved for use by those whose networks are already shared.  This plausible deniability may also be partly possible under JonDonym if you opt-in to relay traffic to help others bypass censorship, though without being an exit node all it could do is mask your personal use JonDonym.

Security aside, the biggest disadvantage of Tor is its profound sluggishness.  The speed of your experience with Tor will all depend on the circuit created with your peers. If all of your peers are on broadband connections with minimal criss-crossing of the globe, the experience will probably be very tolerable (though still noticeably slow). Most of the time, however, you are not so lucky and using Tor will be at times agonizingly slow. It is not uncommon to experience 15 – 45 seconds delays in loading a single page.

Another issue with Tor, which may also occur with JonDonym (though I have not encountered it there), is that many sites block access coming from Tor exit nodes.  They do this because the Tor service has been widely abused, including being employed to spread comment spam.  Your anonymity is better protected when no one knows you are trying to be anonymous.

The Tor Browser Bundle is arguably marginally easier to set up and use than the JonDo/JonDoFox combo.

Tor can be a great tool in your toolbox, and if you have minimal privacy concerns, the Tor Browser Bundle is good as a stand-alone solution, though I would still recommend JonDonym over it for sheer speed alone.  Anonymity is only as good as the likelihood that you’ll employ it, and a strongly negative experience with Tor may cause you to settle for no anonymity.

Download Tor Browser Bundle

SSH Tunnel

SSH is a secure command line client, like an encrypted telnet (if you know what that is). It allows you to connect to a remote server and use encryption so that no one monitoring your network activity (packet sniffing) will be able to capture your username/password or anything you are doing after you log in. The brilliance of SSH is that built in to the server/client system is the ability to tunnel network traffic, including most notably for our purposes my web browser traffic. I can thus make sure my web traffic gets from my computer to the tunnel end point unread and any sites I access will think my traffic is originating at this tunnel endpoint, not from the location where my computer is.

SSH tunnels can be useful even if you do not need anonymity. It can protect you from deep packet inspection and traffic shaping by your ISP. It can protect you when you are using an unencrypted public wifi connection. You can also set up an SSH server at your home to allow you secure access to your home computers from elsewhere.

In this layered approach to anonymity I use one or more SSH tunnels to create secure hops, bouncing my web traffic between servers located in different countries (some with complicated US relations) to ensure that were someone to want to compromise my security they would ultimately need to get the cooperation of multiple nations and internet providers unlikely to cooperate.

Creating an SSH tunnel means you need SSH access to a server, which you can get by paid or free means. I keep a few paid (but cheap) SSH shell accounts in my back pocket; these are typically far more reliable and faster than the free options. I never use the same paid shell account for more than one billing cycle (usually a month). I purchase access with an anonymous online credit card, an anonymous email, and using an anonymous connection. Failure to maintain anonymity at any time with any of these layers will place your entire anonymity at risk.

I do also use free SSH shell accounts, which you can find on free SSH shell lists. Often these site operators require you to jump through hoops to get these free accounts. Sometimes they want you to participate in their community, other times they want to force you to look at advertisements, but other times they appear to just give you the access without restrictions, often because they are a new service just starting out.

The mechanics of actually setting up the SSH tunnel is a bit beyond the scope of this document, and is probably a little too tricky for beginners. It is not difficult, but neither is it obvious. If you are interested there are many guides available to help you.

It is vitally important to understand that SSH was not intended for anonymity, that is an accidental benefit. Any anonymity you achieve through it requires a browser that will not betray your anonymity and a filter to scrub your web communication (like Polipo or Privoxy).

For Windows users the best, oldest, and free SSH client is PuTTY.

Open Proxies

An open proxy is a proxy which is publicly usable by any user’s browser, allowing you to indirectly request a web page. Instead of connecting directly http://www.cnn.com your browser would ask this open proxy which would in turn contact http://www.cnn.com. This can provide some minimal protection.

Many open proxies exist, but they are usually accidentally available. The popular Apache web server has an option whereby it can act as a proxy. This feature is sometimes enabled by accident or as the result of a default setting in a particular install package of Apache. A number of sites maintain lists of these open proxies, the proxies being found by their site or other sites doing port scans (and tests). Other sites maintain their own set of proxies which they allow others to use; Pick A Proxy is one such example.

Open Proxies can have their role in anonymity but they should be used very carefully. You need to assume anything passing through an open proxy will absolutely be read. You have no reason to believe otherwise. These are randomly found servers which happen to relay traffic. They may be accidentally available or they may be there intentionally to spy on poor fools who happen to use them. Since these servers are often not intentionally open, the sysadmin may eventually notice loading caused by its use and may freak out since you are passing through his computer and network without his permission or intention. He may react extremely badly, he may immediately report the activity to whoever he can, or he may spy on the traffic before reporting the activity. You simply have no idea.

The only open proxies I use are ones which I know have been intentionally made open for the purpose for which I am using them. I still assume all data passing through them is being read, but at least it’s not going to be read by people angry that I am using their server/network. 🙂

VPN

There are several companies which sell access to high speed VPN servers. The beauty of VPN is that unlike proxies, with a VPN every single bit of network traffic that leaves your computer (except for local intranet traffic) will be bundled and sent through this VPN connection, emerging from and returning to some remote VPN server. With Tor, proxies, or SSH tunnels only web traffic (or in the case of SSH, data sent to the tcp port you configure) will be sent via the protected channel. Any misconfiguration, any connections which aren’t specifically handled, will be able to reveal your real IP.

You can purchase access to a VPN service anonymously using the anonymous online credit card and anonymous email, but they will know the IP from which you are connecting, so again, it can be a first link in the chain, but alone it does not give you true anonymity.

Examples of paid VPN solutions include Anonymizer Ultimate and VyprVPN.

XeroBank

XeroBank is a customized browser bundled with access to the free public or paid semi-private Tor network. XeroBank began as Torpark, which was an early Tor Browser Bundle-like package. The Tor network you can pay for access to was supposed to bring improvements over the slow experience of traditional Tor, though I did not entirely understand how they claimed to deliver on this promise. If you are still using the normal Tor network at some point I would expect speed improvements to be minimal.

I have not personally paid to try XeroBank’s semi-private Tor network.

I was sufficiently unimpressed with their software that I did not feel the desire to pay for the experiment. Also, when I tried to download their xb Machine software, which is a virtual machine they make available which can run their browser, all I got over several weeks was a PHP error. My using the xB Browser was a largely unhappy experience. It seemed to change my regular Firefox plug-in settings (leaving disabled many plugins I want in my non-anonymous life) and gave me a generally worse experience than the Tor Browser Bundle.

I therefore cannot currently recommend XeroBank, but it remains something to watch. I believe they are gearing up for a new software release.

Download XeroBank Browser at your own peril.

Conclusion

The solution and level of protection you choose will largely depend on who you fear and how much you fear them.

If you fear your ISP, a VPN is the easiest solution. If you fear the RIAA or the MPA, a VPN in a foreign nation with lax rules is preferable. If you only slightly fear your national government, a VPN, SSH tunnel, JonDonym, or Tor may provide you enough of a solution. If you strongly fear your government or you’re not even sure who to fear, you may need a layered approach involving a combination of a VPN, multiple SSH tunnel hops, JonDonym, going into the Tor network.

For most people with only slight fears I recommend JonDonym over international VPN when you need anonymity and international VPN alone when you simply want protection from your ISP and the US government packet sniffers.

Coming in the next edition, a greater description of layering these approaches and an introduction to securing your computer and the traces your activity leaves using encryption, virtual machines, and more.

Additional Important Tools and Topics

Anonymous Online Credit Card

Many people do not know this, but you can get a truly anonymous Visa or MasterCard that you can use to purchase items or services online. Technically it is not a credit card but a debit card, but only a very few sites actually care about this distinction. These cards are to be found in your local grocery store of pharmacy in the display where they have gift cards. You take them up the counter and give them the amount of cash you want available on the card. There is a limit of $500; I believe this limit is a be be a regulation to control.

When you first use the card to make a purchase you supply whatever fake name, address, and phone number details you want and the card will work. Depending on the card they may store some of this information and require you to re-use the same name, address, and phone number for subsequent purchases. You can also often log in to the debit card’s web site to check your current balance and add or update your fake information.

You cannot add money to your card, it is one time use only.

Fake Email Account

You should create several fake email accounts that you can use to separately sign up with the different sites/services you will need. Some email providers will not let you create anonymous email accounts (e.g., Google now requires telephone or text message verification for each account). Yahoo mail does not require this.

It is vitally important that you never access the mail server using the same IP or with your cookies still in place fro having logged in to their service under a different account. If you fail to be vigilant about this they could use this information to determine all the accounts are tied to one person. And if you used those separate accounts to purchase different items like shell accounts or proxy access it would remove those layers of protection.

As brilliant as Tor is, there are several concerns:

  • Anything that goes through Tor can be read at the exit node. You must be very careful about what information you pass through Tor. Your data is in the clear once it reaches the Tor exit node. Tor traffic being largely that of people who feel they have something to hide, it is reasonable to suspect anyone monitoring the internet would pay particular attention to these servers. Nefarious persons may be interested in poisoning Tor exit nodes, spoofing or invading a Tor exit node. This only matters if you are sending information in the clear via Tor that would identify you. I would strongly recommend against using Tor for accessing any personal sites, personal email, and certainly never for banking, shopping, etc. (The Tor Project strongly recommends connecting https: to sites wherever possible, since then neither the exit node nor other persons should be able to read your exchange without you knowing about it. But this is often not an option, and even when it is, I still feel reluctant to trust it for personal info when using Tor.)
  • Browser must be configured properly. Only use the Tor Browser Bundle! It comes with a specially configured version of Firefox Portable with the settings you need to remain protected. The dangerous plugins are disabled, Java is disabled, JavaScript is set in its least threatening mode, and a tool called Polipo is set up as a filter to remove browser headers and elements likely to give you away.
  • Some sites block those using Tor. The Tor exit nodes are publicly known and some sites will block access to requests coming through Tor, or otherwise impose restrictions on them. People will know you are hiding your anonymity, and this is undesirable.
  • Tor is slow. The speed of your experience with Tor will all depend on the “circuit” created with your peers. If all of your peers are on broadband connections and not criss-crossing the globe, the experience will probably be very tolerable (though still noticeably slow). Most of the time, however, you are not so lucky, and using Tor will be at times agonizingly slow. It is not uncommon to experience 15 – 45 seconds delays in loading a single page.

Tor is a critical tool in your toolbox, and if you have minimal privacy concerns, the Tor Browser Bundle is good as a stand-alone solution.

4 Responses to Part II: How to Be Anonymous Online (for Beginners)

  1. […] part of my Guide to Anonymous & Evidenceless Internet. This installment introduces you to the basic tools and mechanisms for online anonymity.  If you haven’t read it, check out the explanation of why you should care about your […]

  2. macproguy says:

    I’m not sure google requires you to verify an email account, but adsense does and there are a ton of other places that don’t care as much. Also another thing with gmail is it tracks wherever you access your email from, whether it be POP3, IMAP, Google Sync, or over a browser and I am not sure that they delete them in the end.

    How would you tackle the problem of remaining anonymous while shipping? would buying a PO box with cash work?

    Also wouldn’t you recommend to make sure that you pay for the hidden visa/mastercard purely with cash and not something that could be traced back?

    • As to Google requiring phone/text verification for a Google account I can promise you they do, though perhaps it may only be for accounts created via detectable anonymizing services (like Tor).

      Whatever email service or sites you use, you must always assume the site is logging your IP (they all are in the form of server logs if nowhere else), and therefore you must only and always connect anonymously. If you ever once connect to that same email account or web site directly, without anonymization, you have suddenly made yourself vulnerable and forever lost that anonymity; data now exists which could be used to identify find you. For this reason I strongly recommend people use additional measures which I’ll get into in the next installment (including using a separate computer, a virtual machine, and other people’s wifi).

      As for receiving physical goods, I know of no good solution. The official PO box route is not an option, they require ID and a real home address. Third-party postal service places may be useful, and some may not require ID, though it’s still very high risk. Another option which I’ve used is to have things delivered to a post office “General Delivery”. You simply have something sent to your name at the address of the post office and write “General Delivery” under your name. They will hold it at the post office for you (for some period of time). You then simply show up and collect it. I have some non-official forms of ID with an alternate name (credit card in fake name with my photo on the credit card) which they have accepted. Still, any sort of physical delivery of something is high risk and should be avoided if you are serious about anonymity.

      Excellent point about the anonymous credit card, I forgot to mention that, in part because they require that you pay for it in cash. I’m not sure if this is universally true, but the places I have purchased them do. But yes, always pay only in cash, and I’ve even gone so far as to buy several at a time while on business trips far away from home.

  3. olanya says:

    i got xerobank anonymous proxy sesrvice card but dont known how to use it

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: