Freenet

This is a fascinating article on the "dark side" of the Internet.

In the "deep web," Freenet software allows users complete anonymity... like all things, it can be used for good and bad.

http://www.guardian.co.uk/technology/2009/nov/26/dark-side-internet-freenet

It sounds slow and potentially dubious (to my mind), but for those seeking ways around oppressive govt. censorship, it offers another possibility to communicate freely.

 

all in balance
"..
"The anonymity things, there are ways to get round them, and we do get round them. When you use the internet, something's always recorded somewhere. It's a question of identifying who is holding that information."
.."

 

We believe that the benefits of Freenet, for example for dissidents in countries such as China, Saudi Arabia, Iran, far outweigh the dangers of paedophilia or terrorist information being distributed over the system.
-- Ian Clarke, Freenet

The cost of online anonymity
http://news.bbc.co.uk/2/hi/programmes/click_online/4227578.stm

 

Look into Tor as well. I think it's better for anonymous surfing. The user doesn't have to hold anyone else's info on his computer if he doesn't want to (although users are encouraged to become a node). It also allows for things like anonymous blogging, etc. with a very high degree of effectiveness. It's virtually impossible to penetrate unless one exploits a flaw in a browser codec or javascript, etc. (it's suggested to turn all of these off).

 

It's too slow for downloading/uploading large files but it's fast enough for forums/blogging, etc. I personally don't care what the exit node does. The exit node can't really do anything to compromise my anonymity or harm my system. My system is immune to side-channel attacks. Perhaps the gullible people who think Tor is for privacy may be harmed. But as far as unmasking my real IP address while I'm posting on this forum, good luck.

Trust is only required for privacy, not anonymity. It's the same with end-to-end encryption, which was discussed recently in another thread. It's not needed for anonymity.

 

Exactly. Many people confuse privacy and anonymity. Tor is for anonymity (not privacy) and it does as good a job as anything out there. Assuming it's configured properly, I would say it's as close to bullet proof as is possible. It's certainly more secure than using a for profit VPN service (although it will be slower).

 

Hang on, reading this thread it appears some think Tor and Freenet are similar. They are two completely different animals. Tor is "get on the internet with anonymity." Freenet is "get on FREENET and do just about anything" through their private network of distributed applications.

Freenet is like a modular P2P private network, allowing for encrypted connections between two or more individuals, organizations, etc. On top of the 'shell' of Freenet are the modules, such as forums, chat rooms, private file sharing, even Freenet-only email (like PMs) if that particular module is installed. The anonymity proxy shell is really just the beginning of Freenet, where that's all Tor is. You really can't compare the two for distributed communications utilizing a variety of applications.

 

I no more than U and Chronomatic,

could you specify what measures exactly you have undertaken in order to make Tor resistant to attacks, please?

Thank you

 

Take a look at this article:

http://www.defcon.org/images/defcon-15/dc15-presentations/Perry/Whitepaper/dc-15-perry-WP.pdf

On page 3, four different attacks are mentioned. The first two are entirely preventable by the end user. Fortunately, they're also the two most common attacks that an adversary would attempt (because they're the easiest). The last two attacks are attempting to exploit the design of the Tor network itself, so I wouldn't worry about those. The last two attacks require a lot more resources to implement.

1. Application layer attacks (or side-channel attacks) are attempts to get the application (e.g. browser) to bypass the proxy settings to obtain the real IP address. There are three types of solution to this problem that I'm aware of, and any one of them should be sufficient.

a. The first is to create a secure browser or VM environment that will prevent these leaks. As you know, Steve specializes in this. With this solution, a well-behaved application/browser is created that can't be tricked into bypassing the proxy settings or revealing additional information about the user.

b. The second solution is to simply use an outbound software firewall and not worry if the application is well-behaved or not. This is what I do. You simply create a rule in the firewall that forces the application to only use the proxy and nothing else. For instance, with Tor, you only allow the application access to 127.0.0.1:8118 and nothing else.

Note that it's probably not even necessary to include the port number in this rule. All you really have to do is limit the application to access to the localhost/127.0.0.1 (any port). Zonealarm makes this particularly easy because it always prompts for localhost/trusted zone and internet zone separately. So, all you have to do is allow access on the first prompt (localhost/trusted zone) and deny access on the second prompt.

I like to use Proxomitron as an intermediary for one simple reason. Proxomitron doesn't leak (to my knowledge). If you tell it to use a proxy, it will use it. No need to control it with a firewall (although you could if you wanted). So, I route my browser traffic through Proxomitron, then through Tor. You, again, limit your browser to only access the localhost through a firewall (and set it to access port 8080 through the network settings because this is the port Proxomitron listens on). Then you set Proxomitron to use a proxy (port 8118 for Tor). Proxomitron is also good because you can easily switch between proxy and direct internet with one click.

Another application layer attack is using retained data in the browser (such as cookies). So, I always delete all browser data before using Tor (or other proxy). Then I delete all data after I'm done with Tor as well. Firefox makes this easy with the "private browsing" option, as well as the option to delete all cookies upon closing the browser.

Another thing that I do is disable the DNS client (Google it to learn how to do it) and force all applications to do their own DNS requests. This is because if the DNS client is enabled, all DNS requests are made through svchost (Generic Host Processes). I've found no way to control application DNS requests with a firewall when the DNS client is enabled. Because all DNS requests are made through one application, there's no way to only allow some applications to do DNS requests and others not to. This is my own experience, and I haven't really seen this discussed before. So, take it for what it's worth.

The last thing that I like to do is use a router so that my local IP is assigned by the router and not my ISP. This is probably a step to take if you're paranoid, but I've heard that some applications will take the computer's local IP and transmit it. You can also spoof your computer's MAC address to prevent an application from transmitting that as well. It's probably pretty rare, but I've heard of it before.

c. The third solution is to use an external router (such as a Cryptorouter) to access the Tor network or a VPN. These should be leak proof out of the box. I'm sure Steve can discuss these. I haven't tried one yet.

2. Intersection attacks. The only thing I can say here is try to give away as little information about your true identity and location as possible.


p.s. Regarding Proxomitron, another reason to use it is that it's a very effective filter. You can change your http headers to whatever you want to prevent being identified by a unique browser header. You can filter javascript so that a website can't use it to obtain information about your browser or system. http://browserspy.dk/ will help you figure out what information you're sending out so you can tweak Proxomitron to your liking.

I hope that's clear. The information in 1.b. is my favorite technique. I think you really have to understand some of the technical details to achieve effective anonymity.

I'm open to any corrections or suggestions.

Edit: You can use http://www.deanonymizer.com/ to test if your setup is immune to some side-channel attacks. Unlike some of the criticism I've read here, I think it's actually very useful for hardening your setup.

 

I have a serious question that's not meant to be insulting in any way. It's open to anyone.

Is configuring a firewall just too difficult for the average user? I've noticed that the Tor documentation takes great pains to avoid mentioning firewalls, even when it's abundantly clear that it's the best solution. The number of threads about modifying a browser or using add-ons to control leaks probably outnumbers the firewall threads 100 to 1, even when it's clear that a firewall is a better option. And, finally, I've noticed that Steve never mentions using a firewall for Windows to control VPN leaks, even though I consider it superior to any other technique mentioned. In fact, I've noticed very little talk about firewalls since Paranoid2000 stopped posting on the privacy forums regularly.

For me, steps 1, 2, and 3 for controlling leaks are as follows:

1. Firewall
2. Firewall
3. Firewall

And steps 4 through 10 don't look any different. If I had it my way, there would be a firewall sub-forum in the privacy section.

Anyone? I'm particularly interested in hearing from Steve or Paranoid2000. I'd certainly like to see Paranoid2000 come back to the privacy forums.

 

Well, I'm not talking about the average computer user. I'm talking about the average Tor user. Of those users, I suspect a large portion will visit one security forum or another.

The problem I'm seeing is that people don't even seem to know that a firewall is an option (much less the best option) for controlling leaks. I've seen countless threads about DNS leaks with Tor, VPN, etc. Almost invariably the solutions center around modifying the app or adding another app instead of just putting the proper rule in a firewall. Oh well (shrugs shoulders).

My only point is that you don't have to either know or care whether an application leaks DNS or other traffic natively. Just put the proper rule in the firewall and forget about it.

Edit: I wanted to start a big thread about firewalls and leak prevention, but, at this rate, I think it would only be big because of the volume I would post. I don't think I would get any responses.

 

If the average user takes the time to learn the basics of Internet Protocol, configuring a firewall isn't that hard. The user needs a basic understanding of the system for IP addresses, how DNS works, what the basic protocols are (TCP, UDP, ICMP, etc), what ports are and what the common ones are for. The most difficult part is controlling local or loopback traffic. Not all firewalls do this well.

 

I no more than U, thank you very much for your time and effort in explaining things.

Noone_particular, can you recommend a good book or tutorial on internet protocols?

 

I know you asked noone_particular, but let me give you my 2 cents. You don't need a book. You might learn something from reading it but you'd be doing yourself a disservice if you want to learn how to leak-proof Tor from a book.

I have no formal training. I just started with ZoneAlarm and then worked my way to other firewalls, using trial and error.

There are only a few things you need to know.

1. "127.0.0.1" is the same as "localhost" is the same as "loopback". These three terms are interchangeable. They basically mean you're accessing your own computer and nothing is leaving your computer.

2. Proxies pick a specific port to "listen" on. For example, if Tor/Privoxy is listening on port 8118, and you tell Firefox to access port 8118, then Firefox will send everything through Tor. You just go to Tools -> Options -> Network -> Settings and enter 127.0.0.1 as the proxy, and then enter the port that the proxy is listening on.

3. The problem with the above statement is that Firefox under some circumstances may choose to not use the proxy. That's where a firewall comes in. Under the rare circumstances that Firefox traffic doesn't use the proxy, the firewall will block it. Basically, you tell the firewall that Firefox can only access 127.0.0.1 and nothing else.

4. That's where ZoneAlarm comes in. It's the easiest to use. When you open an application that wants internet access, it will give you two prompts. The first is about access to 127.0.0.1 (trusted zone). You allow this. The second prompt is about direct internet access. You deny this.

That's it. It doesn't get any easier than that. You've leak-proofed Firefox/Tor. Once you've played around with that for a while, you can do more advanced things. Just download ZoneAlarm and get used to it. You might also want to try an earlier version of the free ZoneAlarm, because they were lighter. You can try Steve's Deanonymizer site both with and without a firewall. You should see the difference.

 

True... with the default values... but using a one-setting tweak, there will be no DNS "leak" requests from modern Firefox:

http://www.metropipe.net/wiki/index.php/Avoid_Firefox_DNS_Leak

See also (for newbies):

http://www.hermann-uwe.de/blog/howto-anonymous-communication-with-tor-some-hints-and-some-pitfalls

 

I don't believe this is correct. I haven't personally tried this fix with Steve's Deanonymizer, but I suspect it will fail. Besides, I believe this fix is only for Socks proxies. If you want to use a Socks proxy with Firefox to access Tor, then you have to access Tor directly (i.e. you're no longer using polipo, privoxy, and/or proxomitron). You have to enter 9050 as the port instead of 8118. And you no longer get the filtering that is done by polipo, privoxy, and/or proxomitron.

And, anyway, it's foolhardy to trust the application itself to follow your settings. We're talking about plug-ins that can be triggered to bypass the proxy. It's not so much Firefox itself as the crappy plug-ins that it uses. Maybe one version of the application will work properly and the next won't. Regardless of the how well-behaved the application is, I'll personally always use a firewall.

Edit: I haven't tried the fix but I'm almost certain it will fail. Sorry for the confusion.

 

Wikipedia has detailed info for all of the terms, probably more than you'll need.
Internet Protocols.
IP addresses.
Ports.
DNS system.

There is a quick way to check how well your firewall and its rules/configuration controls loopback connections. The PCAudit2 demo trojan (aka leaktest) works very well for this. The executable, pcaudit2(6.3).exe creates a randomly named DLL in the system folder, which is deleted when the test is done. It will then try to inject or hook this DLL into your system. SSM displays this message when the hook is attempted:

If you're using a HIPS, you must allow this hook for the test to be of any value in checking loopback control. The e-mail results question is optional and can be ignored. The test will then ask you to type something on a page, document, etc, after which it will try to leak that data out. In the process, it will try to establish loopback connections with every running executable on your system. If your firewall or its configuration aren't adequate, you'll fail the test. This test can be passed without the use of HIPS or any form of application or hook control if your firewall can control loopback traffic. Make sure that you don't have any global permit rules for local/loopback traffic before running the test. If your firewall controls loopback traffic well, you should see a lot of outbound connection alerts, which you should deny. If your firewall and its rules are good, you'll pass.

 

Interesting.

Normally when you set FF to connect via localhostort, it will do this until you say otherwise. If I have read the rest of this thread correctly, you are saying that FF could be tricked/compromised into disobeying the order that one gives it, thereby diverting its communication away from localhostort to elsewhere.

Or are there other 'cirumstances' in which FF will not obey its order to pass all traffic through what it has been told to?

Cheers.

 

I would like to make a correction here. Taken from the DeAnonymizer.com site.

Giving credit to whom it deserves. Yes, Steve may talk about deanonymizer, but I was the one who developed it. I'm sure Steve doesn't mind giving credit where it's due.

The advice you give about leak-proofing your browser is good advice. ZoneAlarm, or any firewall that alerts you to OUTBOUND traffic, is a very good firewall choice to stop side-channel attacks.

That's my two cents.

 

It doesn't have to be "tricked" into disobeying the proxy settings, if by "tricked" you mean a purposeful, malicious attack. It doesn't have to be malicious at all. Certain benign websites will trigger this bypass entirely incidentally. I've been observing this since day 1 with Firefox. It's mostly the multimedia plugins that cause the problem. And it's not just DNS leaks. It's a complete diversion of traffic away from the proxy. The plugins appear to be completely autonomous and are free to access the internet directly, completely bypassing the proxy. It's probably up to the plugin developer how seriously to take the proxy settings, although I can't say for certain.

@ Kyle

I stand corrected, and I apologize. Well done again with Deanonymizer.

 

Thanks for the clarification. In light of this, I'll also be doing some firewall tweaking

Just out of interest, can you let us know which plugins (or websites for that matter) might behave in the way you previously described (PM if necessary) - am just curious, thats all.

Thanks again.

 

http://www.deanonymizer.com/ is a good site to try. Now, under the assumption that you've tried it and it didn't reveal your true identity, I can't really speculate on why it would work on some systems and not others. It worked on mine when I didn't use a firewall. You never know. It might work in the future with future versions of Firefox or future plugins. Or perhaps Kyle hasn't yet incorporated the one test that will fail your system.

A firewall is a good safeguard even if you don't fail any current tests.

 

So (back to the original topic), is it necessary to make any firewall tweaks or browser's proxy settings when using Freenet?

It is recommended to use a separate browser for Freenet only, so following Ian Clarke's advice I use Google Chrome in Incognito mode for this purpose especially.

When I launch Freenet, Zemana AntiLogger's Security Alert popup window says:
"chrome.exe is trying to inject code into one of your applications and could gain full access to your system."
Is it safe (anonymity-wise) to allow it?

At Freenet's start the browser's address bar shows http://127.0.0.1:8888/?incognito=true which is, I suppose, OK.
Any adjustments needed?

In what degree can browser's language (if other than English) compromise anonymity?

 

Hilarious. One of the funniest things I have seen in a while.

 

Yes. I saw it first in a newspaper and liked it immediately. I remembered it and I wanted to use it for my sig here. I found it first on a university website and put the link in my sig. After awhile somebody warned me that the link was dead. That page had been removed, so I tried hard to find it elsewhere. I finally found it on the link I have in my sig now.