Anonymity is derived from the greek word ἀνωνυμία (anonymia), meaning without a name or name-less. In colloquial use, the term typically refers to a person, and often means that the Ppersonal identity, or personally identifiable information of that person is not known.
The main question is of course, what are you trying to hide? Closely following that is how important is it?
The precautions you take have to weigh up to the value of the data you are trying to protect, in this case, you are trying to protect your anonymity.
In the recent years privacy and anonymity have become big issues with CCTV cameras everywhere, and projects like Echelon reading all your e-mails and reporting back to the Orwellian ‘Big Brother’.
So just for normal surfing, or if you are planning on hacking a foreign governments personnel database (not that we recommend that of course), you need to protect yourself in different ways.
Remember Anonymity is not an absolute, there are varying degrees.
Using a proxy I found on the web in my browser is enough.
People have been using proxies for years, normally open proxies found from scanning large IP ranges on the internet, what you have to think though, is this proxy open for a purpose? Is this purpose to listen to what you are doing? To collect your passwords?
Also it’s not infallible, remember the traffic has to go from your computer to the proxy, and come back in, those records can be corelated in your country alone and need to external aid.
Plus the proxy may keep records of who access what and when, it make be a honeypot and keep full packet logs of all completed TCP/IP sessions.
The problem is you just don’t know.
If I chain proxies no one can find me.
Also not true, it doesn’t matter if you cross through Taiwan, Korea, Russia and Iraq, your ISP just needs to see the packets going out and coming in at the right times to your machine from the last proxy hop in your chain.
It can be said, pretty much whole heartedly, there is no such thing as real anonymity online, if you do something bad enough, the people in power can find you.
IP Spoofing is misunderstood in 9/10 cases and is no protection against anything (I’ll write an article about this later).
And web proxies, as above, offer little or no protection. They are good enough if you just want to stop your school/parents/office from tracking your surfing habits, but they won’t protect you from doing time if you commit a federal crime.
There are a whole bunch of proxies to surf at school or work in this post.
The next best thing from this is Onion Routing, the common peer to peer implementation known as Tor.
Onion Routing prevents the transport medium from knowing who is communicating with whom — the network knows only that communication is taking place. In addition, the content of the communication is hidden from eavesdroppers up to the point where the traffic leaves the OR network.
Source: Onion Router
Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.
You can read more at the Tor site.
Getting Tored Up
For most people Tor is enough, I recommend getting the Tor Bundle, which includes Tor, TorCP and Privoxy.
All you need to do is set your applications to use a proxy, host is localhost and port is 8118.
Then you’re done, it works for most applications.
Just remember though it’s encrypted from your machine to the end point, not from the end point to wherever it’s going, so that Tor node can see whatever traffic you are sending through Tor..
So make sure you encrypt (POPS, SMTP with TLS etc).
We at the h07 unix research team recognized that people paranoid enough to use tor are still dumb enough to use plaintext-authentication protocols like pop3 and telnet.
They might think it’s “secure because tor encrypts it”. This isn’t the case.
it’s encrypted, but …… communication from client to entry node and exit node to server will still remain as is. POP3, telnet and others will still be plain-text and thus subject to sniffing.
So please, always be REALLY careful :)
Still the best way is switching your MAC address and jacking an open Wireless Network, which ethics experts say is ok.
It may not be totally legal, but it’s pretty much bulletproof (Unless of course you get caught in a car parking jacking off to porn downloaded from an open Wireless Access Point).
When you do this, you should make sure you are using an anonymous operating system, so what better than a bootable distro especially for this purpose, called Anonym-OS
kaos.theory’s Anonym.OS LiveCD is a bootable live cd based on OpenBSD that provides a hardened operating environment whereby all ingress traffic is denied and all egress traffic is automatically and transparently encrypted and/or anonymized.
The easiest thing you can do to test your anonymity is to go to WhatismyIP.com and see if the IP showing up is yours or not.
After that you can check out services like:
And then there are various proxy tests:
Here you can see if your setup is leaking any info.
Good luck, and stay secure :)
- AIDE – Advanced Intrusion Detection Environment
- Tiger – Unix Security Audit & Intrusion Detection Tool
- Egress-Assess – Test Network Egress Data Detection
- Interpol Chief Ronald K. Noble Has Facebook Identity Stolen
- Hacking Tor – A Flaw Appears?
Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,685 views
- Password Hasher Firefox Extension - 117,433 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,631 views