Anonymous surfing and strong encryption

Discussion in 'privacy technology' started by Wai_Wai, Sep 21, 2006.

Thread Status:
Not open for further replies.
  1. Wai_Wai
    Offline

    Wai_Wai Registered Member

    Anonymous surfing and strong encryption

    1) Anonymous surfing
    How do you surf anonymously?
    What programs do you use? Why?

    2) Encryption
    What programs have probably the best encryption and hard to crack?
    Note: It doesn't matter whether the porgram needs to be paid. As long as the program is good, it's fine.

    What programs do you use for the following:
    - files and folders
    - instant messenging
    - emailing
    - file and data transfers

    Thanks for your sharing. :D
  2. Climenole
    Offline

    Climenole Look 'n' Stop Expert

    Hi Wai_Wai :)

    1) I'm surfing "anonymously" with Tor (running a Tor server too).

    More info on The onion router:
    http://tor.eff.org/index.html.en

    I'm using Tor to prevent Traffic Analysis.

    See this article for example:
    http://money.canoe.ca/News/Other/2006/08/31/1790056-cp.html

    «
    Canada's privacy commissioner is questioning the need for proposed legislation that would allow police to spy on Internet users without obtaining a warrant.

    "As privacy commissioner, I want to have a lot of questions answered about why this is necessary because, up to now, I haven't been convinced," Jennifer Stoddart said in an interview.

    The minority Conservative government is expected to reintroduce the Modernization of Investigative Techniques Act this fall or next spring.

    The bill, originally drafted by the previous Liberal government, was shelved when the government fell on a non-confidence motion last November. The Tories have promised to revive it.

    Privacy advocates fear the bill would allow police to obtain personal information from Internet service providers simply by asking them for it.

    The so-called "lawful access" bill became the subject of controversy this summer when Bell Sympatico changed the wording of its customer service agreement.
    »

    I'm also using Firefox (and never InterNUT Expl'horror!) with these extensions:

    - Adblock Filterset.G Updater 0.3.0.4 - filtersetg@updater: http://www.pierceive.com/
    - Adblock Plus 0.7.1.2 - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}: http://adblockplus.org/
    - Add N Edit Cookies 0.2.1.0 - {bb6bc1bb-f824-4702-90cd-35e2fb24f25c}: http://addneditcookies.mozdev.org/

    - CustomizeGoogle 0.51 - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}: http://www.customizegoogle.com/
    See this article of EFF:
    EFF's Six Tips to Protect Your Online Search Privacy
    http://www.eff.org/news/archives/2006_09.php#004900

    - NoScript 1.1.4.3 - {73a6fe31-595d-460b-a920-fcc0f8843232}: http://noscript.net

    - Redirect Remover 1.1 - {fe0258ab-4f74-43a1-8781-bcdf340f9ee9}: http://xeen.reversestudios.com/?page=rdr
    - RefControl 0.8.7 - {455D905A-D37C-4643-A9E2-F6FEFAA0424A}: http://www.stardrifter.org/refcontrol/
    - ShowIP 0.8.03 - {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}: http://l4x.org/showip
    - Torbutton 1.0.4 - {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}: http://freehaven.net/~squires/torbutton/

    I clean my surfing tracks with CleanCache:
    http://www.buttuglysoftware.com/
    with secure cleaning (DoD or Gutman)

    and

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
    ClearPageFileAtShutdown 1

    2) Encryption:
    I'm using GnuPG [http://www.gnupg.org/]
    + GpGShell[http://www.jumaros.de/rsoft/index.html]
    + Enigmail with Thunderbird [http://enigmail.mozdev.org/]

    I'm using Gmail account from Tb (SSL/TLS connections)
    Be aware there is some security problems with this:
    if you use Gmail from a browser (mix of Http and Https connection...)
    If you don't encrypt your email (What Google's poeple are doing with the unencrypted data ?)

    For Instant Messaging (I'm not using this often...) you may use
    XMPP Jabber network with Psi which provide encryption with GnuPG
    http://psi.affinix.com/

    I'm using from time to time AX Crypt for files or folders
    http://axcrypt.axantum.com/

    For File and data transfer you may use FileZilla (with SSH):
    http://filezilla.sourceforge.net/

    :)
  3. herbalist
    Online

    herbalist Guest

    Since I'm still using dialup, my IP changes regularly, every hour or less actually (one hour connection time limit). ID Blaster randomizes my systems ID numbers each time I reconnect. Most of my internet apps are run thru Proxomitron, which filters out many identifiable items (browser, OS brand and version) and stops Javascript from being nosey about what I'm using/doing. When I need it, I use A4Proxy and rotate between several proxy servers. When they get my DSL service hooked up, I'll be checking out TOR.
    Most of the time, I don't use a proxy. Only when I'm doing something out of the ordinary.
    Many encryption programs can use several algorithms (encryption patterns). Barring cracking methods known only to the NSA (if they exist) several algorithms have never been broken and the time estimates for brute forcing some of them open is nearly forever. More often, passwords are guessed by tools designed for the purpose, or fished out of your systems cache. Other times, there are flaws in the encryption software that get used like a backdoor. Without going into brands, a few general suggestions. Stay with ones that use reputable algorithms. Avoid ones claiming to have their own exclusive ones. Encryption is useless if your system isn't clean. What good is strong encryption if you have a keylogger or rootkit present, recording all you type? Depending on who you believe, some claimed that strong encryption software has government mandated backdoors especially e-mail encryption software. Given the political climate since 9/11 and all that's happened since, it's a very real possibility. Since this gets close to a political topic, which isn't allowed here, I'll say no more on it.
    Regarding encryption software, I don't think the apps I use will work with XP. Scramdisk 3.01r3c definitely won't, which is what I use for files and partitions. It's excellent on 98/ME, and free. As far as I know, Scramdisk itself hasn't ever been cracked when a strong algorithm is used.
    For e-mail, instant message, etc, I use a CKT version of PGP. The CKT versions can be hard to find but are free and have more features than the equivalent "official" versions.
    Rick
  4. Wai_Wai
    Offline

    Wai_Wai Registered Member

    Dear Climenole,

    Thanks for your detailed response. :thumb: :thumb: :thumb:
    I still reading and investigating some of your recommendations.
    :)
    Last edited: Sep 26, 2006
  5. Wai_Wai
    Offline

    Wai_Wai Registered Member

  6. rogersdd90
    Offline

    rogersdd90 Registered Member

    hey im at a military school and they blocked alot of the proxys i was wondering if anyone new some that i could tryo_O
  7. Wai_Wai
    Offline

    Wai_Wai Registered Member

    How about Tor?
  8. Wai_Wai
    Offline

    Wai_Wai Registered Member

    About anonymity:
    - is it possible to connect to somewhere / programs via proxy; somewhere / programs by direct connection at the same time? If so, how?
    - is it too hard to make the switch (eg switch from proxy browsing to direct browsing)?

    About encryption and decryption:
    - how significant does it slow down the access from and to the encrypted files/folders?
    - when the file is being decrypted, how could I prevent the hacker from stealing or spying on the decrypting data at that time?
    - is it possible if the encryption is corrupt and I would not get back my data forever? If so, how can I prevent it from happening?
    - how do I know which encrpytion algorithm is porbably the hardest to crack? Any resources or website which compare among different algorithms?

    Thanks so much for your answer. :)
  9. rogersdd90
    Offline

    rogersdd90 Registered Member

    do you have to download it??
    if you have to then i cant do it i need a web page
  10. Climenole
    Offline

    Climenole Look 'n' Stop Expert

    Hi rogersdd90 :)

    May be Torpack + Http Tunneling:

    Torpack:
    http://torpark.nfshost.com/

    Secure TCP-into-HTTP tunnelling guide
    http://sebsauvage.net/punching/

    Put all this on a USB Flash keychain.
    ;)

    In case of problem with the "Sarge" you may eat it...
    :ouch:
  11. Devinco
    Offline

    Devinco Registered Member

    Yes. Use two different brand of browsers, one configured to use proxy, the other direct connection.
    No, it is very easy. Just go into browser general/connection config page and click on direct connection or your already configured proxy setup.
    If you use Firefox extensions like SwitchProxy, it is even easier.

    For general purpose computing, it is perfectly acceptable.
    But what is useable for one may be too slow for another.
    TrueCrypt has a performance benchmark built in that can show you it's speed on your system.
    You can then run some other hard drive benchmark to compare the speed without.
    Follow all regular safe computing guidelines to prevent malware from running on your computer.
    Yes. Bad things can happen sometimes with corruption. If you use a well established encryption program that has most of the bugs removed, then it can be very reliable. I haven't had a corruption problem yet with TrueCrypt or PGP(except for a CD issue).
    Backup, Backup, Backup.
    Generally, people say Serpent is the hardest to crack.
    Search the forum for encryption and you will find some good old threads about it.
    AES (Rijndael) is what I use most of the time, fast and effective. Twofish is also good.
    You really can't go too wrong with any of the top AES contenders.
  12. herbalist
    Online

    herbalist Guest

    Very little. I have one partition on my hard drive encrypted and installed several applications in it. Even on my old box, they run normally.
    File encryption is of no use if the system it's being used on isn't secured and clean. What good is a password protected file if your keystrokes are being monitored. While the better encryption apps will make sure they don't leave a cached password behind, the burden is on the user to make sure their system isn't compromised.
    It's entirely possible. If a sector goes bad on a hard drive and it's part of your encrypted container, there isn't much you can do about it. Any file or disk corruption issues that can affect normal files will also affect encrypted files. Beyond that, it's also possible for a file to get corrupted when being moved to the encrypted container. A power surge or brownout at the wrong moment could do it. The easiest way to avoid that is to copy the file to the container, then destroy the original after the copy is verified. Another thing you can do is make a copy of the container to a CD or CDRW. It's contents can't be edited directly but it can be decrypted and put into a new container should the original get corrupted.
    Most of the better algorithms are for all purposes uncrackable. I don't have a website link handy. All the "fish" algorithms are good, as is IDEA. 3DES might be slow, depending on your equipment. DES and Summer are weak. As good as the better algorithms are, attacks on encryption are usually directed elsewhere, either at the software itself or at the operating system, slip in a rootkit or keylogger. Most often, the password is attacked as it's often the weakest link in the chain. Take the password much more seriously with encryption than you would with other passwords. Scramdisk for instance has 4 lines for passwords/passphrases that are case sensitive, each accepting up to 39 characters. I have several encrypted containers and partitions. My shortest passphrases total 80 characters. The more random appearing, the better.
    Rick
  13. Wai_Wai
    Offline

    Wai_Wai Registered Member

    Neither Climenole's nor my solution work for you.
    You need to download something first.
    But why can't you download something?

    Anyway I think you need to find an uncommon proxy which your military school hasn't blocked yet, but I'm not aware of.
  14. rogersdd90
    Offline

    rogersdd90 Registered Member

    casue the computer system doesnt allow you to download something unless you are administrater.....
  15. Climenole
    Offline

    Climenole Look 'n' Stop Expert

    Hi rogersdd90 :)

    Indeed?

    You're in a Military School, not a concentration camp I guess.
    Sometimes you may get out of there to drink a beer (or go to church ;) ), no?
    Instead go to an internet café and download what you want...

    Buy a USB Key, download a tool for Http tunneling to bypass the School firewall and Torpack to encrypt your surf...

    Just put it in this USB key and plug it into the usb port of your PC.

    In Kingston Military College every student officers hides bottles of beer.
    (Hiding and Drinking beer is a part of the Canadian army training!)
    Don't tell me that you can't find a hole somewhere to hide that USB key!
    Manage yourself private! ;-)

    :)
  16. Wai_Wai
    Offline

    Wai_Wai Registered Member

    After a few trials of Tor, I am not too satisifed about it.

    1) The slowdown seems too much
    It usually take more than ~10 seconds to load a page, which is a bit too much. Images are even worse, taking ages to load. The slowdown is just too big for the exchange of anonymity.

    I wonder if there're faster proxies outside. It would be okay if the slowdown is reasonable like just 1-5 seconds.

    2) Security about proxy surfing
    Anyone can be a Tor server. How about if the owner of Tor server is malicious? Can it make use of this to invade my system? Can it redirect my traffic to a phishing website of what I am visited?
  17. Climenole
    Offline

    Climenole Look 'n' Stop Expert

    Hi Wai_Wai :)

    For sure, web surfing is slower with Tor since all transmissions are encrypted and transmitted accross many nodes
    until the exit node. The speed depends also of others factors and may vary from time to time. Please note that some sites without Tor are also loading in more than 10 sec.

    If you talk about Proxy server it's also slow down your connections but this time with no encryption and few protection for your anonymity. They hide your IP address to the site you're visiting, nothing else.

    Yes, a Tor server may be runned by malicious poeples but:

    a) the path of nodes from the first one to the exit one is changed on regular basis ( 10-15 minutes),
    you can changed it yourself by choosing the option "New identity" in Vidalia.

    b) the "rogue" nodes are spotted fast and may be placed in your policies "black list"...
    The Tor developpers are also working on this.
    Recently some Tor users experiments some connections to "strange" web sites.

    The problematic exit nodes have a DNS services which redirect some access to ads sites.
    With the other Tor users I found which one:

    (all this information was published in the http://tor.eff.org/documentation.html.en or-talk list
    and in the Gmane http://gmane.org/ ==>> News Group (Nntp/s): gmane.network.tor.user ...)

    See these messages and the thread:
    Message-ID: <45226626.90203@Gmx.net>
    and
    Message-ID: <20061004163314.GB23881@gmx.de>

    Here a partial information I found:

    Listed in blacklist.spambag.org: 64.74.223.0/24 --> Blocked by spambag, see
    http://www.spambag.org/cgi-bin/spambag?mailfrom=012netil

    [OTHER (riswhois.ripe.net) whois information for 64.74.223.198 ]
    [riswhois.ripe.net]

    route: 64.74.208.0/20
    origin: AS12182
    descr: INTERNAP-2BLK - Internap Network Services

    http://www.spambag.org/query.html
    http://www.spambag.org/cgi-bin/spambag?query=64.74.223.198

    *This IP address is listed by spambag.org's record for enom*.

    http://www.spambag.org/cgi-bin/spambag?record=enom

    Spambag: 63.251.160.0-63.251.199.255
    Spambag: 66.151.144.0-66.151.159.255
    Spambag: 212.118.240.0-212.118.255.255
    Spambag: 69.25.140.0-69.25.159.255
    Spambag: 216.52.180.0-216.52.191.255
    Spambag: 64.74.80.0-64.74.109.255
    Spambag: 64.74.223.0/24
    Spambag: 63.251.80.0-63.251.95.255
    Spambag: 70.42.32.0-70.42.47.255


    And here a beginning of answer ...:

    « Massive problems with enom.com-hosted spam domain redirectors.
    enom.com must stop hosting domain redirectors for professional criminal spam gangs
    enom.com is hosted by Internap. Complaints to Internap has been ignored
    Internap must stop ignoring spam complaints about enom.com
    »

    Is it related to the "tor-proxy1.internap.com" Tor exit node, I asked o_O

    US *inap1 *tor-proxy1.internap.com*

    Ref:
    http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?textonly=1

    Finally some users blocked this node and the problem disappear...

    Please note that this information about this exit node was not confirmed:
    it's only suspected and not directly. The problems seems to come from the
    DNS service of this node...


    There's many more problem with Tor:

    Run on TCP only not TCP-UDP
    DNS leaks
    Socksifying working partially
    Too long delay with Pop3 and Pop3s
    No support for Ftp
    Need to Privoxy :sick: (and buggy in multiuser env. on W xp)
    Tor as NT service (working or not?)
    Documentation deficiencies...

    and last but not least:

    / (Here a "subjective" remark)

    like many Open source development there is a lack of client support, nobodies are responsible for the whole project, some poeple seems to look at "non-Unix" users as "stupid poeple"... (partially right but some bsd or linux poeple are stoopid too... Be sure of this! ;) ) and so on...

    I'm not a future Nobel Price but I'm running computers since 1983 on different systems as programmer, sys admin and tech support and I don't like to be treated like a "Noob"...

    Sometimes I feel like a "guinea pig" for brights New England scholars...
    :rolleyes:

    (End of "subjective" remark.) /

    Nothings perfect...
    ;)
    Last edited: Oct 10, 2006
  18. Wai_Wai
    Offline

    Wai_Wai Registered Member

    Climenole, thanks so much for your detailed reply.
    I'm still digesting your given info.
  19. Climenole
    Offline

    Climenole Look 'n' Stop Expert

    Hi Wai_Wai :)

    You're wellcome !

    :)

    P.S. please note that this Wilderssecurity page was loaded in less than 10 sec.
    with Tor...

    ;-)
  20. Wai_Wai
    Offline

    Wai_Wai Registered Member

    Good news. :p
  21. Wai_Wai
    Offline

    Wai_Wai Registered Member

    Hmm... But on the other hand, if the proxy server is reputable, we don't need to afraid of malicious tor server. What's more, anyone can be a tor server, including the one that does spying. Although the traffic is random, the problem still exists. It just the tor server can't target particular persons.

    What proxy server is probably faster?
    Last edited: Oct 11, 2006
  22. Climenole
    Offline

    Climenole Look 'n' Stop Expert

    Hi Wai_Wai :)

    At this very moment there is NO malicious Tor nodes.
    The problems was with a DNS server used by some nodes and this was fixed ...

    The way Tor is build avoid a "contamination" of the network by a malicious node. Ther's new version of Tor in testing and the network is expanding with more and more Tor server nodes. It's faster and more secure and like I explain you before, the "rogue nodes" are spotted fast ...

    IMHO Tor is still the most secure of all existing anonymity networks.

    Spying ? There's no spying at all! I'm running a Tor server with exits allowed to ports 22 SSH, 53 DNS, 80 HTTP, 110 POP3, 119 NNTP, 443 HTTPS and so on...

    The exiting access using my exit nodes can not be related to a specific user because the way Tor is build: the connection started with a node entry server, encrypted and passed to a set of nodes with an encryption at each stage of the process... There is no way to decypher these transmissions and no way for any node to established a relation between an exit access and a specific Tor client...

    I can see these exits at the level of my node exit but I have no way to relate this to the person asking these requests...

    The only way to relate specifics exits to a specific user required analysis tools and resources to spot somebody.

    Did any organisation or agency will mobilised so much resources to found somebody like you and me ? Are you a target for the NSA? ;) I don't think so...

    :D
    To be very clear: I'm not Oussama Bin Laden running a Tor node in a cavern in the North of Pakistan
    but a guy from Quebec city... (to speak frankly I'm running my Tor node in a WigWam ! Ugh ! )
    :D

    The proxy server comes and goes... The main problem is to find one for a certain period of time and try again to find an other one...

    A good tool to do this is MultiProxy (if you have a list of reliable proxy servers...).

    There is many more chance to used a "rogue" proxy server this way compare to Tor network...:

    1- A rogue Tor node may be easily spotted and blacklisted
    (this happen rarely: poeple using Tor are more respectful of the private life than any poeple running any Proxy server... )

    2- With a Proxy server you're alone: nobody will inform you about a suspected proxy... Right?

    3- Transmissions with Tor are encrypted not with a "classic" proxy server.

    4- Tor is sponsored by the Electronic Frountier Foundation and M. Kapor,
    the Lotus 123 developper and now a defensor of privacy.

    Tor is developed by brights poeple of Harvard and MIT such as

    Roger Dingledine (http://freehaven.net/~arma/cv.html)
    [He was a Teaching assistant for Professor Ronald Rivest, the inventor of MD5 checksum and he is the R of RSA with Shamir (SHA checksum) and Adlemann at MIT used by Pgp and GnuPG encryption softwares!
    (I'm a fan of Prof.- Doctor Ronald Rivest !!!!)
    and
    Nick Mathewson (http://www.wangafu.net/~nickm/)
    and so on...

    / subjective remark ;)

    One year at Harvard cost $ 45 000 ! How they pay this?
    I'm really frustrated to see how all poeple makes money easily except me!!!
    Somebody would like to buy my WigWam ?
    $ 1 million (negotiable: but not too much!)

    end of subjective remark ;) /

    Who are the people running "classic" proxy servers ?
    Nice guys or Russian Mafiya dudes?

    Tor is not perfect but there's nothing like Tor.

    Have a nice day.

    :)
    Last edited: Oct 11, 2006
  23. stride000
    Offline

    stride000 Registered Member

    I've just installed and tried Tor.

    Am I the only one experiencing ridiculous slow connection speed with it?

    It's the same thing with ghostsurf.

    Seems like every anonymizer out there is hogging the connection speed. I tested a download and it was 5k per second and pages takes forever to show.

    Have i missed something in the settingso_O
  24. Paranoid2000
    Offline

    Paranoid2000 Registered Member

    It's simple supply and demand. Tor relies on volunteers to run nodes and supply the bandwidth which is then shared amongst a larger group of end users.

    Many of the nodes are using DSL connections which typically have a fast downstream but slow upstream connection, e.g. an 8Mb/s (960KB/s) ADSL line may only offer 448Kb/s (about 50KB/s) upstream. Since a Tor node has to both receive and send traffic, the upstream bandwidth becomes the limiting factor.

    As traffic is sent via 3 nodes, there is a greater chance of a significant delay due to one of them going off-line or losing connectivity. Setting up a circuit in the first place takes time due to the need to establish an encrypted channel (and verify the public key) of each node in turn. Reducing the number of nodes would gain performance at the cost of security but the standard Tor client does not seem to offer this option - however the JAP client does (when configured to use Tor).

    Finally, when you consider that Tor quadruples the traffic involved (a 100KB web page takes up 400KB of bandwidth due to it being routed through 3 nodes), it should become clear that you really need 2-3 contributors for each end user to provide a truly "fast" network. Even then you will have some latency due to the need to build a new circuit every 10 minutes.

    For this reason, you should avoid using Tor for large downloads and just configure your browser (or download manager) to connect directly (it is web page access and search results that have the most need for anonymity). I'm now watching out for (and breaking connections to) Rapidshare because of the ridiculous filesizes involved. Downloading 80MB+ files through Tor (= 320MB+ of bandwidth via other people's connections) just to avoid Rapidshare's download limits is an abuse of others' goodwill and resources.
  25. stride000
    Offline

    stride000 Registered Member

    Thanks for the reply Paranoid.

    So how can Firefox 2.0 can be configured to surf via Tor while download directly?

    If not, what's the best download manager out there at the moment?
Thread Status:
Not open for further replies.