Thursday, August 13, 2009
7:56 AM

Staying Anonymous on the Internet

I will begin by giving you an Overview of staying anonymous on the web, and then I will provide a HowTo do this yourself. I will also provide links and credits to whom they belong to from where I learned this which is several sources. I will cover Onion Routers, Tor, Spoofing (faking) your web browser's user agent. Note: None of this is illegal at all.

What I am about to explain works for several applications, but most commonly used for browsing the web (Firefox for example) and giving you much more anonymity than a proxy alone. First lets start with how proxies work. Your computer sends and receives information from and to a proxy server. The proxy then sends and receives your information to the destination, so the destination can only see the proxy, not where it came from (your computer). What is the problem with this? All the logs on the proxy show who you are and where you've been on the web, so all it takes is for that proxy server to be confiscated, and then the info can be retrieved from it if not using tough encryption with a strong password (otherwise brute force attempts will easily break the password). Note: For you non tech users who do not know the computer jargon I am using, I will provide the definitions of each in a new blog entry. The purpose of my blog is for learning, so knowing the jargon will help you when you understand not only my blog, but when you are reading on other websites as well. And the purpose of my blog is to contribute back to the Linux and Open Source community for all they've done freely for me and the community. Here's why the use of onion routers are far superior over using a proxy. The data sent and received must go through several routers, and each one only knows the information the last one gave it, and each time you use them, random different onion routers are used. But how do you use these onion routers? You must use an implementation known as Tor. I will go further into that in the howto section, so you see that onion routers work like proxies, but are far better advanced. Here are some visual diagrams with examples of how it works.

Credit for the above 4 pictures go to the Tor Project. It's open source and freely available and under a Creative Commons license. You can read there for more information.

Credit for that diagram goes to HANtwister at the English Wikipedia project and is under the gpl 1.2 license.

Spoofing your browser's user agent also hides more details. Visit this website for example. IP Chicken. Was it able to tell you a lot of information about your computer? You will spoofing your user-agent when it shows something else such as this example of my own.


Finally is the HowTo for setting this up. You will need Firefox. I haven't fully tested this in Windows, but I found some instructions that I believe do work.

HowTo User-Agent Spoofing

  1. If you don't already have Firefox. Get it! It's far superior over Internet Explorer and the only competitor that stands a chance against it in the future is Google Chrome.
  2. Install the User-Agent Switcher Add-On/Firefox Extension from here. Click on the "Add to Firefox" button and then follow the instructions about restarting Firefox. You should see a button that restarts Firefox after the Addon is installed.
  3. Now at the top of your Firefox window, click on Tools>Default User Agent, and pick any you like, such as the iPhone. Now when you browse the web, you should see pages displaying a little differently. This is so that they work good with an iPhone. I use a BlackBerry with Opera Mini to Browse the internet from my Phone. To be sure this has worked, go visit www.ipchicken.com again and see if your correct information shows up or if it says you are using an iPhone. IP Chicken is not the only site that can see your personal information. Nearly every webserver (hosting a website) stores logs that your personal information will show up in.
Howto Tor and Onion Routers using Firefox

  1. Again, you need an addon for Firefox called torbutton, so now, the same as before, install this addon.
  2. This next step depends on whether you are running Linux or Windows. For Linux, if you are using a debian based distro such as Ubuntu, use Synaptic Package Manager to install privoxy. Then hit alt f2 and enter the following in the run dialog box without the quotes 'gksu /usr/sbin/privoxy. Next, in Firefox, push the tor button where it shows in red "Tor Disabled". Now it should be green saying "Tor Enabled". Now attempt to browse the web. If you get any messages, read carefully what it says, and follow the directions. If you are using any other Linux Distro, then I assume you are a more advanced user and do not need to be walked through the steps of installing privoxy. For Windows, you can get privoxy here. You may want to be on the safe side and do the full installation of the three items since I haven't tested this myself and just enable tor the same as I gave for the Linux instructions.
  3. Troubleshooting: If you have any problems, refer to the FAQ (Frequently Asked Questions) at the Tor Project
Don't browse public wifi and web w/real MAC

  1. First, install macchanger. Use Synaptic or sudo apt-get install macchanger
  2. Figure out which device Linux is uses for your internet. Common ones for wired is eth0 and eth1. For wireless, common ones are wlan0, and ath0. Check with the ifconfig command which device has been assigned an ip or even better, use this route -n | tail -n 1 | awk '{print $8}'
  3. Okay, now you know if it is wlan0 or eth0 or something totally different. Add it to your bootup script to fake your MAC address each time you boot (MAC is like an ip address). do gksu gedit, and add the following on an empty line right before the exit 0 line macchanger -A wlan0 (Substitute wlan0 with your device.)
  4. Enable the /etc/rc.local bootscript file to run on system startup sudo update-rc.d local defaults 80

0 comments:

Post a Comment