How to achieve true online anonymity

Discussion in 'privacy technology' started by LampHigh, Mar 14, 2013.

Thread Status:
Not open for further replies.
  1. LampHigh

    LampHigh Registered Member

    Joined:
    Feb 6, 2013
    Posts:
    20
    Location:
    USA
    Greetings, Wilders. I’d be enormously grateful if any of you could help me solve a problem which I’ve futilely spent a lot of time on in a quest that is feeling increasingly quixotic; maybe my goal is just impossible. That’s very surprising to me, because all I’m trying to do is not reveal my actual physical location when I’m online or on the phone. Other privacy measures, like encrypting my data, also interest me, but my only focus right now is specifically protecting my geolocation.

    Here’s what I see as the bottom line problem: To use the internet, you must use an IP address which is connected to your geolocation (even if the assigned IP address is at a different location, the ISP would still know your actual physical address). Further, to access many sites (even with a VPN), you must allow cookies/ javascript/etc., and these will often record your IP address.

    SO, MY QUESTION IS: IF YOU MUST HAVE AN IP ADDRESS CONNECTED TO YOUR ACTUAL LOCATION, AND YOU (REALISTICALLY) MUST ALLOW COOKIES/JAVASCRIPT WHICH WILL REVEAL THAT IP ADDRESS, HOW CAN YOU USE THE INTERNET WITHOUT REVEALING YOUR IP ADDRESS/LOCATION?

    I know some of you are very fluent with these issues, and may be able to answer this question easily. But for those who can’t but are interested, and for those who may be grappling with the same issue, please find below some context and various ideas which I’ve arrived at through quite a bit of research; I hope it’s helpful:

    My plan originally was to just get a good VPN for online browsing/emails, and use VoIP through the VPN for phone calls. But then I discovered so many seemingly unavoidable ways for my IP address to be exposed, even with a good VPN. Like with the aforementioned cookies/javascript/etc.: not allowing them at all doesn’t feel realistic; too many needed sites require them, and allowing some with extensions like FlashBlock/NoScript doesn’t solve the problem. Nor does going the “session cookie” route, because the cookie--during the session—would reveal my IP address, even though it’s deleted after the session, unless I’m misunderstanding this.

    So I’ve tried to find possible solutions (below), but I haven’t been able to determine if any of them could actually work (and frankly, I don’t even understand what some of them really are). A few quick caveats: Please note that I have no tech background at all, so this list may contain some stuff which is embarrassingly stupid (there are huge holes in my knowledge). Also, I realize that there are numerous ways, other than an IP address, through which location can be revealed (e.g. wireless triangulation, cell tower triangulation, GPS chip in hardware, etc.), but those seem like they can probably be relatively easily fixed (e.g. always have the wireless mode disabled, never use cell phone at home, make sure no GPS chips exist in computer, etc.)] Lastly, please bear in mind that I’m not trying to just reduce the number of times my geolocation is exposed; I’m trying to keep my geolocation from ever being exposed. Can that be done with any combination of the below options?

    Virtual Machines / Sandboxes seem potentially great, but wouldn’t cookies, etc. need to communicate my IP address, even when in isolation, and even with a VPN? Would any of these three options below work?
    --Run VM in bridged mode with Tor/VPN installed in both host and guest (install a filter driver so that the VM can use the physical NIC in the host machine)
    --Put Tor gateway and server VM’s in a hosted server running VirtualBox in headless mode
    --Use VPN/Tor through a bundled browser within a VM with a spoofed user agent


    IPv6 addresses are mostly a mystery to me; is there a solution among these options with IPv6?
    --use RFC 4941 extension
    --Use a proxy that doesn't show X-Forwarded-For headers, or use a VPN tunnel to an unproblematic server
    --find an ISP that serves many (e.g. thousands) customers out of a single /64


    Maybe I should be looking at the ISP level to help with this. Finding an ISP which doesn’t keep logs/ IP address assignment details would be helpful; do they exist? Would it help to find an ISP which assigns IP addresses not tied to actual physical addresses, like from a block of IP’s not geographically near me? Maybe Satellite ISP’s don’t tie their IP addresses to their customers’ actual location? What about “buying” a public IP address from an ISP? Or setting up a VPN server at a collocation ISP (because they may be less interested/able to snoop)?


    Some of the following variations on/types of IP addresses I understand; others, not so much: virtual IP, IP aliasing, IP spoofing, IP masquerading, turbo page server IP, shared static IP, and/or remote IP. Are there any fixes to my problem among these different types of IP’s?


    Finally, below is a list of misc. other possible solutions I’ve found:

    Use NAT to hide private IP behind shared public IP (Run VPN client while in NAT mode and/or use VPN on middle server and connect to it from behind NAT)

    Use Cloud(n) system (with virtual router)

    Use Location Obfuscation techniques like: spatial cloaking, invisible cloaking, random noise, third party location providers, rounding, etc.

    Get DynamicDNS hostname (from e.g. No-IP.com), and install their client DUC 3.0.4.(Run in tray, leave open on desktop), checks IP every 60 seconds

    Use Amazon EC2 to pump data through a virtual machine

    Use Tor obfuscated bridges (non-publicly known Tor-relays, plus tool to hide Tor traffic & change packets to look like XMPP-protocol)

    Use Browser/System like: Whonix, KACE secure browser, SafePay Browser, Tails, EasySurf, and/or IronKey

    Use application like Privoxy to prevent problematic software (e.g. javascript, active x, java applets, flash) from ever reaching browser to begin with

    Use VPN through mobile hotspot. Use long-range hotspot connections.

    Modify my hosts file to point potential trackers to 127.0.0.1.

    Use one of the alternative nets like Meshnet, Darknet, I2P, Freenet, Opennet

    Computer --> ISP --> VPN --> JonDo Proxy 1 --> JonDo Proxy 2 --> JonDo Proxy 3 --> Website

    Run my own server, or use a VPS

    Use Port and/ or Range forwarding
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Wow! You've presented a lot of ideas, there!

    First, I must say that anonymity is an overused and poorly-understood term. Generally, what people mean is pseudonymity. That is, I don't want what I do online as mirimir to be associated with what I do online as my true identity, or what I do as any of my other pseudonyms.

    But I rarely attempt "true" anonymity, because it's hard to accomplish anything meaningful (except in a negative sense, which doesn't interest me) without relationships, and relationships depend on reputation. However, I will be doing a tutorial on using Mixmin remailer nyms in Whonix, which comes rather close to "true" anonymity. Still, what interests me there are nyms with replies via alt.anonymous.messages, which are pseudonyms with GnuPG authenticated identities.

    Anyway, the overall solution involves isolation and compartmentalization. That's how the pros do it.

    Basically, you use separate machines (VMs, or better, physical machines) with no shared network connections, and you never share any storage (remember Stuxnet!).

    For casual purposes, (1) VMs are good enough as separate machines, and (2) VPNs and Tor (all through the same ISP) are good enough as separate networking. Taking it to the next level, one could use separate notebooks etc with totally separate network connectivity (such as ISP vs various public WiFi hotspots). But with WiFi, one must be careful about MAC logging, so it may be prudent to use multiple mobile devices, each with its own set of activities and WiFi connections.

    I may have more to say later, after rereading your questions.
     
  3. LampHigh

    LampHigh Registered Member

    Joined:
    Feb 6, 2013
    Posts:
    20
    Location:
    USA
    Thank you very much for your quick reply, mirimir. I have read quite a bit on this forum, and at the risk of sounding gratuitously flattering, you are one of the people here who is most impressive re. the depth of your knowledge.

    I do understand the difference between pseudonymity vs. anonymity, and I’m looking for “true” anonymity. Is that possible using “Mixmin remailer nyms in Whonix” or “isolation and compartmentalization”? I’m not familiar with either, but very keen to find a solution. As someone with no tech background, I’d, of course, prefer that the solution be as non-complicated as possible, but I’m prepared to do whatever it takes.

    I’m fine getting separate machines to do this, although I don’t understand how to have “totally separate network connectivity”. For starters, my impression has been that wifi shouldn’t be used, because of the steep rise in wifi triangulation usage.

    I’m very interested in your additional thoughts; thanks again.
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    For background, just search on OPSEC, INFOSEC, COMSEC, SIGSEC and TRANSEC. Wikipedia is a good place to start. There are some good textbooks from, for example, Ross Anderson and Bruce Schneier. And there's lots of official stuff (mostly US) in the public record as well.

    You're right about geolocation vulnerability using WiFi. But it's the only feasible way, unless you rent and get service using fake credentials, of getting Internet access that doesn't use your ISP account. You can use a directional antenna, but then you risk being observed while doing that ;)

    Anyway, more later.
     
  5. LampHigh

    LampHigh Registered Member

    Joined:
    Feb 6, 2013
    Posts:
    20
    Location:
    USA
    Yikes, that sounds like an alphabet soup of acronyms that will cause this non-techie’s head to explode. I naively was hoping that there may be a relatively easy way to do this, but that was probably way unrealistic. I’ll look into your suggestions (although I fear any textbooks will be long out-of-date, given the lightning-speed of change with this stuff). Meanwhile, I don’t see how wifi can be an option these days, with wifi tracking becoming so commonplace. I’m set up fine re. my non-digital home privacy (there is nothing whatsoever which links my name to my home in any way, including with my ISP). It’s figuring out how to be digitally private which has proved so difficult…
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Which name?

    There's nothing (except hopefully hard to deconvolute digital tracks) connecting mirimir with my true name, address, etc.

    But, on the other hand, I make no efforts to hide anything in meatspace except for my privacy hobbies. And the only thing that I reveal about that is using a VPN. Given my profession, using VPNs wouldn't attract much attention. And, in any case, VPN use is pretty common where I am.

    Indeed, trying to hide too much attracts attention, I think.
     
  7. adrelanos

    adrelanos Registered Member

    Joined:
    Sep 28, 2012
    Posts:
    85
    I found that topic interesting. Here is what I wrote about Anonymity vs Pseudonymity.

    Please tell me if that makes any sense to you. I am also interested, if you still require real anonymity or if pseudonymity is enough.
     
  8. LampHigh

    LampHigh Registered Member

    Joined:
    Feb 6, 2013
    Posts:
    20
    Location:
    USA
    Thanks very much, mirimir and adrelanos, for your posts. After reading them, it occurs to me that it would be helpful to fill out the details a bit about my situation, and what exactly I’m trying to achieve:

    I want to be able--online--to read about, comment on blogs about, email about, a certain topic. This topic has generated quite a bit of international interest and is widely discussed in many countries. But while many people discuss this topic online, very few, if any, would spend as much time on it as me, because I am the person who is most globally associated with this topic (ie. I am considered the worldwide expert on this topic; many people have seen me repeatedly discuss it on national TV and radio shows, etc.). Since I spend around four to ten hours a day online dealing with this specific topic, it seems like it would be pretty easy to figure out that it’s me.

    The topic itself isn’t problematic at all (there’s nothing taboo/illegal/etc. about it). That’s why I said in my initial post that I’m not focused on encrypting my data (even though that would be nice in principle), since there’s nothing there that needs to be hidden. The issue is all about location. I have been intensely private my whole life, and for decades have never connected my name to my physical location. I feel determined to still do that, notwithstanding the outrageous invasions of privacy which technology, and changing cultural norms, have wrought in recent years. I am not paranoid (I have no belief at all that anyone is out to get me), but I have long been (perhaps neurotically) absolutely unwilling to give up my location privacy. This translates at the moment in me having to drive away from my location and use public hotspots to do many things online (including posting to this forum).

    So I guess I’m saying that yes, I am looking for anonymity, not pseudonymity (unless I’m misunderstanding these terms). And I agree with you, mirimir, about hiding stuff potentially leading to more attention (Hello, Streisand Effect), but I feel determined to not give in to Big Brother and join the masses who have barely a shred of privacy left. I should be able to make a phone call, or send an email, or browse online, without revealing my location, and I’m very much hoping you, or others on this forum, can help me figure out how to do that. Thanks again; I really appreciate any help with this.
     
  9. Techwiz

    Techwiz Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    541
    Location:
    United States
    The degree of anonymity depends on who your trying to hide from? These techniques might mask you to some degree, but there are ways of finding the location and identity of a device user. For example, some stores have started using video surveillance to connect consumers to their purchase. So the next time you walk into a store and swipe you card. They know who bought that computer, what you look like, and they have your personal information. Imagine how much that could tell a three letter agency or even a some nut case with a vendetta against you. I don't imagine it takes a genius to gain access to a Macy's store or to the public WiFi in the coffee shop where you frequently connect. If your paranoid about your privacy then you need to start thinking like a detective. Your best bet ... anything that is convenient that you take for granted is probably something that speaks volumes about who you are. We are in a knowledge-based economy where surveillance is king.
     
  10. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    With assistance from, among others Mirimir, i am in the process seting up a chained vpn,
    with anonymity as goal ( while having better speeds than with Tor) see here
    Iĺl report back in that thread when i am finished ( have to install firewal in linux yet)
    So far it looks good A vm with Mulvadd vpn which goes through the host with Airvpn running.
    The host is firewalled with Comodo , dns server is from Airvpn.
    So i guess i will be protected from geolocation snoopers.
    Cheers
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    If that's accurate, preventing geolocation by hiding your ISP-assigned IP address may be the least of your problems. Your family, friends, neighbors, associates, etc are probably greater threats ;)

    It's really not that hard. First, sign up for AirVPN (for example). You need not bother too much about anonymity, because you'll be connecting directly with their servers. There's no harm in paying with Bitcoins.

    Anyway, install AirVPN (for example) on your computer. Verify that it connects, and that "what's my IP address" sites show the VPN exit IP address rather than your ISP-assigned IP address. At this stage, you may want to install and configure firewall software to block non-VPN traffic. How to do that has been posted many times on Wilders.

    From here on in the instructions, and whenever you're running the VirtualBox VM that you'll create, you want AirVPN to be connected.

    Now you download VirtualBox from -https://www.virtualbox.org/wiki/Downloads and install it. Also download and install the extension pack.

    Then you download (for example) Xubuntu 12.04 from -http://xubuntu.org/getxubuntu/, and install it as a VirtualBox VM. You can find instructions for doing that in many places.

    At this point, you have a Xubuntu VM. Neither it nor the VirtualBox software has ever seen your ISP-assigned IP address. As long as you connect to AirVPN (for example) before starting VirtualBox, it's unlikely that they will.

    Now create a new email address, without revealing any meatspace information. You could use vmail.me, but some mail servers don't like them, and email delivery can take days. In my experience, gmx.us is a good compromise. They aren't too nosey, and they're fairly respectable. They do want a prior email address, but you can use tempinbox.com for that, or a vmail.me account.

    Using your new email address, sign up for a free VPN, such as SecurityKISS. Some hate on them, but there's no money trail with free ;) Anyway, set up Network Manager to connect to it. There are instructions for doing that in a recent thread on Wilders.

    Now connect to SecurityKISS (for example) in the Xubuntu VM, and check with one of the "what's my IP address" sites. As in the host machine, you can set up a firewall (here shorewall) to block non-VPN traffic.

    If you need more throughput than free VPNs allow, you need to pay for a VPN in a way that's at least as anonymous as your first VPN. Bitcoins with one or two BitLaundry cycles are probably good enough. But that will require additional Bitcoin wallets. Cash in the mail is probably overkill ;) I can unpack those comments if you want to go that path.

    As long as you don't introduce any associations with your location to the Xubuntu VM, it would take substantial work for an adversary to geolocate you.

    But of course, you have a history. If you've already been geolocated, you need to first move before doing all that :(

    I've covered a lot here, probably somewhat incoherently. If what I've described interests you, we can work through the specifics. If you want Tor as well, or instead of the inner VPN, that's very easy with Whonix.
     
    Last edited: Mar 15, 2013
  12. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Congratulations, and thanks for posting :)

    Maybe you can take the lead helping our friend LampHigh?
     
  13. adrelanos

    adrelanos Registered Member

    Joined:
    Sep 28, 2012
    Posts:
    85
    Well, you can't be anonymous by yourself. You need an anonymity system with lots of users and can only be one among them. To take the comparison to the extreme, if there was just one user using Tor, that user wouldn't be anonymous.

    Tor is currently the best way to mask your IP, i.e. making it anonymous because those IP's are frequently changing and thousands of other users are sharing the same exit IP's. If you use some VPN as exit node, I don't think many other users using that VPN looking up that topic, therefore it's pseudonymous.

    Even when using Tor... How many other users have an interest in that topic? If you're the only one or only very few, that still isn't anonymous, only pseudonymous.

    And putting the IP aside. There is also browser fingerprinting. I don't know what level of anonymity or pseudonymity Tor Browser provides. I don't know if Tor Browser without Java Script on that topic is more anonymous, if you are the only one who has deactivated Java Script. (And perhaps you depend on Java Script for any effective research.)

    I don't think there is currently anything offering more anonymity from web servers than Whonix. (Frequently exit IP changes thanks to Tor, Tor Browser (restart often), different guest time than host time, desktop resolution and color depth shared among all Whonix users, leak protection in case there is a bug.) But still... There are not *that* many Tor users (from your country) online at all times... The level of anonymity is still quite low, when looking at the number of users and possible attacks against Tor, browser fingerprinting and such.

    I don't think any clever chain of 10 VPN's makes you any safer, that's still pseudonymous.

    Plus, once you are under activate surveillance (miniature camera, party van...), no software can protect you.

    I wouldn't know what Julian Assange could use either. He's a high profile target and even if they wouldn't have a party van parked next to the embassy, it's clear he's going online from the embassy, which opens up for a lot active and passive attacks against all connections originating from the embassy.
     
  14. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    I am not knowldgeable enough to lead , i have been led myself, by you , and the support staff from Airvpn ( Quality and speed of email support is very good) .
    but, naturally iĺl post my experiences in the mentioned thread and will be glad to answer any questions.
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Hey, sorry to put you on the spot :(

    We all do what we can :)
     
  16. LampHigh

    LampHigh Registered Member

    Joined:
    Feb 6, 2013
    Posts:
    20
    Location:
    USA
    Thanks much to all who have taken their time to put new posts here.

    mirimir, I very much appreciate your post last night detailing an “isolation and compartmentalization” approach. A few questions about this:

    Does this approach keep cookies/javascript/malware/etc. from revealing my IP address, and if so, how? I’m confused re. how sites which require cookies and/or javascript to be allowed/enabled can be accessed without revealing IP.

    Why the need to use “specialty” emails, like tempinbox.com? Why not just create an email account on "regular" emails like Yahoo/Hotmail/etc. with a non-identifying name and only use the account for this one purpose?

    Similarly, why the concern about leaving a money trail when purchasing a VPN? [I haven’t used BitCoins, but I regularly use prepaid credit cards. You can buy them at lots of mainstream stores (only purchase with cash), and they are widely accepted these days. Yes, there are security cameras everywhere, and if that’s an issue, wear a disguise when purchasing (or have someone else purchase for you). Register the card with an alias and an address which isn’t yours (probably best to use an actual address that you find for an apartment complex, or mail receiving place like The UPS Store)]

    With this approach you outlined, how complicated is it to manage on a regular basis vis-à-vis glitches, ongoing configurations, etc.? With my digital cluelessness, I’d much prefer an “easy” set-up, and one which isn’t complicated to maintain and use regularly. I’m willing to put in as much effort as needed, but it sure would be better if it wasn’t real complicated.

    In any earlier post, you said “For casual purposes, (1) VMs are good enough as separate machines, and (2) VPNs and Tor (all through the same ISP) are good enough as separate networking. Taking it to the next level, one could use separate notebooks etc with totally separate network connectivity (such as ISP vs various public WiFi hotspots.” Is the approach you outlined here last night (which uses a VM) such that it would keep my geolocation private? [ie. if using separate computers, rather than VM’s, is needed, I’d do that.]

    qwax: thanks much for your post. How soon do you think you’ll be finished with setting up your chained VPN approach? I’m certainly interested to see if it works.

    adrelanos: I’ve heard good things about Whonix, although I’m wary of Tor because of how slow it can be. Does Whonix allow me to access sites which require cookies/javascript/etc. and not reveal my IP address/geolocation? I’m unclear on how that can happen.

    Re. anonymity vs. pseudonymity…yes, a tracker who sees that someone is spending a lot of time on that aforementioned topic may conclude that it’s me, but that in itself isn’t a problem for me as long as they can’t find my geolocation. I guess it’s specifically “location anonymity” that I want, and I’m OK with pseudonymity with stuff unconnected to my location. Similarly, with browser fingerprinting, I understand how browser fingerprinting can reveal the uniqueness of my browser, but would this reveal my geolocation?
     
  17. richnrockville

    richnrockville Registered Member

    Joined:
    Jul 15, 2009
    Posts:
    7
    Location:
    Rockville, Maryland
    One way would be to use a machine in a far off place and then connect with it via Remote Desktop Program (included with windows) or one of the remote control programs like logmein or there are others.

    This way, the only way to connect your machine to the remote machine would be if someone had access to the remote physical machine and read the access log. Then a SSL link would protect you further.

    I have not researched it but there could be a market for renting out RDP access for a fee. But it might be a target for wierdos that want to harass someone without being able to be tracked. Very similar to companies that rent out cloud services where most access via RDP.

    Just my $0.02 worth.

    Rich
     
  18. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Let's say that you have three sets of activities that you want to remain unassociated. First, to compartmentalize each set to its own machine (VM, or if it really matters, physical machine). You don't share anything among those three VMs that might associate them. No matter how each machine gets tagged, it doesn't affect the other two.

    If you're careful, those machines are no more associated that your computer and mine. We're both on Wilders, right? But, even if we were posting from the same machine, verifying that through network traffic analysis would be nontrivial ;)

    Anyway, each of your three machines has its own unique Internet connection path. For casual purposes, you might use the same ISP account and outermost VPN account for all three. That's low profile from perspective of local observers. Many people use a VPN, but not that many use three different ones, and not many use two or three ISP accounts.

    The same logic applies to the VPN(s) that you route through the outermost VPN. But you're already a VPN user, so using a different VPN for each of your three machines isn't too unusual. Also, most VPN services allow only one or two simultaneous connections, so you may need multiple accounts in order to get multiple exit IP addresses.

    If you'll be using Tor, you might as well use Whonix as at least one of your thee machines. Each workstation should have its own Whonix gateway. You might also want each Whonix gateway to use its own VPN chain, or at least its own inner VPN, for connecting to the Tor network.

    Anyway, while each of those three machines may know its effective Internet IP address, none of them know the effective Internet IP addresses of the other two, and none of them know your true ISP-assigned IP address. Almost nothing that goes down on any of those three machines -- be it cookies, or Javascript or Java exploits, or malware and botnet droppers, or whatever -- can leak to the others, unless you allow it. The one exception that comes to mind is VM-to-host malware breakout, but that vector would also require host-to-VM break in (which is, I admit, much easier technically).

    Of course, it's prudent to assume that everything done on a particular machine is associated with everything else done on that machine. But that's not problematic if you behave accordingly.

    I've found tempinbox.com useful when I just need a temporary address for a confirmation email. If I created a new email address every time for that, I'd have hundreds of them! As it is, I have far too many to keep track of ;) Also, many of the regular webmail providers require prior email address for confirmation. And you obviously don't want to associate your multiple pseudonyms through your email providers, do you?

    If you can buy prepaid debit cards where you are, and can use them for what you need, go for it. For casual purposes, I'm sure that they're fine. But PayPal, which many providers use as payment processor, doesn't really like them. And some nations have outlawed international use of domestically purchased prepaid debit cards.

    However, prepaid debit cards have a single point of failure. If they connect the card to you, you're hosed. If you'll just be using it to fund a VPN that you'll be connecting to directly, that's OK. But if you'll be using it to fund a VPN that you'll be connecting to through Tor, that vastly undercuts the level of anonymity that Tor can provide.

    Although Bitcoins have serious anonymity limitations, given that adversaries can analyze the block chain, one can readily anonymize them at modest cost by using BitLaundry or whatever. But be careful, and test services first with small transactions, because there are many scams.

    More generally, once you have Bitcoins, it's possible to arbitrarily anonymize your money through transfers among multiple accounts of multiple types. Each account, by the way, needs to have its own machine, its own Internet connectivity path, and its own financial resources. So there is a little chicken-egg paradox here. But again, the solution is compartmentalization.

    Please recall, though, that I'm talking about very modest amounts here, less than 100 BTC. The systems that we're considering have limits that render substantial money laundering impractical.

    I'm writing this on a Linux VM. It connects to the Internet through three nested VPNs, each connected through a pfSense VM. This is one of my low-security setups, so the host machine and the pfSense VMs are up 24/7. The host machine is whole-disk encrypted, so the VPN account information and connection logs are hidden when it's down. But this VM is also whole-disk encrypted, and is only up while I'm around.

    Typically, my VPN setups are stable for days to weeks. There are occasional glitches, but in most cases it's just necessary to reboot the pfSense VMs, starting with the ones that connect directly through my ISP.

    Yes, your "my secret life" VMs would never know their geolocation, as long as you never provided that information to them. Those VMs would never know their ISP-assigned IP address. Even the copy of VirtualBox that they're running on wouldn't know that.

    Consider that you're using two nested VPNs and Whonix. Your Whonix workstation VM sees only the Tor exit IP addresses provided by the Whonix gateway VM. The Whonix gateway VM sees only the inner VPN's exit IP address. And the inner VPN pfSense VM sees only the outer VPN's exit IP address. It's only the outer VPN pfSense VM that sees your ISP-assigned IP address.

    However, no matter how strong your technical anonymity may be, you must be careful to avoid compromising it. Here are some things to avoid: 1) checking the local weather; 2) commenting on recent storms, earthquakes, etc; 3) ranting about your government; and 4) using unusual spelling and grammar.

    Taking that step would be prudent only if you're doing risky things, such as testing malware that might break out of the VM, or if the stakes are so high that you want to reduce the possibility and impact of making mistakes.

    In your case, the major risk is the information about your geolocation that may already be out there.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Right.

    Accessing the remote machine using SSH from your Whonix workstation (which connects via two nested VPNs) is even better.

    Better yet is setting up the remote server with VPNs and Tor. I did a tutorial on that last year ;)
     
  20. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    It might seem that "pseudonymity" is somewhere on a continuum between "anonymity" and using one's true name. But it's not that simple.

    For example, it is true that most of my pseudonyms are just some VPN logs from my true name. But other pseudonyms have never seen the Internet except via Tor via chained VPNs, and some have Mixmin remailer nyms with a.a.m reply blocks. Does merely having a nym make one substantially more doxxable?
     
  21. bryanjoe

    bryanjoe Registered Member

    Joined:
    Feb 23, 2006
    Posts:
    380
    can recommend a simple method to achieve anonymity?
     
  22. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,363
    Location:
    Oz
    I think I have a pretty decent approach. I use a decent VPN. airVPN. Who can track that? Websites that I go to? I don't think so. I don't think that websites can trace that. And I am pretty sure that my ISP cannot know where I go once my connection exits the VPN. I have my DNS set to the German Privacy Foundation. Even when using my bare connection.

    If I want an extra layer of protection, I can fire up the Tor Browser Bundle. Or Whonix, which is really easy to use. So who can track that? airVPN knows that I am connecting to Tor. But that's it. My ISP only sees the VPN, so they do not know that I am also connected to Tor beyond that. So who could trace that? I would think that this simple setup would take some effort even for a government agency to trace. I bet it would take considerable time and money and I doubt that there would be an interest unless there was something really really serious going on. And I bet that no local authority could even come close to tracing it.

    So for an ordinary person, who doesn't live in a repressive country, I can't imagine needing anything more.

    As for browser fingerprinting? I know that it's possible. But what websites do this? Does Wilders? I bet there are almost none that do this, so far anyway. But just as mirmir uses different VMs, I would think that for most people, just using different browsers for each unique identity would suffice.

    And then I guess if you connect to a public wifi, use MADMAC and connect from a distance to avoid cameras. And of course disable geolocation in Firefox. mirmir mentioned having your name associated with the purchase of a computer. If you buy it at a store, they have the date and time and can view the cameras. There was a guy in a nearby city that made prank bomb threat calls with a prepaid cell. They traced it to Walmart and looked at the cameras when he bought it. And they also followed him to the parking lot and knew the car that he arrived in.

    But of course if you are not making bomb threats or anything like that, then why would anyone spend the time and money trying to find out who you are? If you are a political activist, I guess that could happen depending on what country and what type of activism it was. Sometimes though I can't help but wonder if we might be traced just for the simple fact that we are using anonymity software. Who knows? But in general, for most people, I would think that this approach would be plenty good.
     
  23. adrelanos

    adrelanos Registered Member

    Joined:
    Sep 28, 2012
    Posts:
    85
    What about Evercookies? I've seen claims that they are in wide use already, but I didn't have time checking if it's really the case.

    Some tracking things are global across browsers such as Flash cookies? Who knows about Flash cookies anyway, but they are widely in use.

    Using different standard browser doesn't help against many other browser fingerprinting values, such as resolution or system clock time drift.
     
  24. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,363
    Location:
    Oz
    I use Sandboxie with Eraser, plus Shadow Defender, and the better privacy addon. So I don't worry about any type of cookie.

    Screen resolution? How identifiable is that? Is my screen resolution so different from millions of others? And time? How many people live on the West Coast, for instance?
     
  25. adrelanos

    adrelanos Registered Member

    Joined:
    Sep 28, 2012
    Posts:
    85
    It's indeed slow. If it's still fast enough is for you to decide. Imho it's usable and the only anonymity network still taken serious by researchers.

    Yes.

    No, location privacy is much simpler than anonymity or multiple disconnected pseudonyms.

    Location privacy: In case of Whonix you could for example install the regular Firefox or any other browser you find most secure inside Whonix-Workstation and log into twitter @yourrealname or into your e-mail account real@name or log into google and search and so on. Some people actually say they are acting like this. (Tor people Jacob Appelbaum) (using TBB)

    Having multiple disconnected pseudonyms or ideally being anonymous as much as possible (although not the main goal), is also a security consideration: If adversaries aren't sure where you regularly show up and when, attacks become much harder.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.