How to achieve true online anonymity

Wow, I didn't realize that. Thanks.

So we should all be using Tor Browser, I guess.

How easy is it to set up TBB so it can't connect to Tor? And how easy is it to change the browser signature, so that you won't look like a Tor user? Many users might want better cookie protection without using Tor, or looking like they're using Tor.

 

Glad you are asking.

Go to Tor Button settings and set proxy settings to Transparent Torification. (As far I understand, this means "no proxy settings")

For *NIX, I documented it:
https://trac.torproject.org/project...#TorBrowserbehindatransparentorisolatingproxy

No idea about Windows, but perhaps similar.

I also created a patched startup script for Tor Browser, which makes that easier. Hopefully it gets merged upstream some day.
https://github.com/adrelanos/tbb-scripts/blob/master/start-tor-browser

I don't think that's easy at all.

That's a gap in software landscape. There is no serious browser project with all these privacy enhancements for non-Tor users. (Talking about anti linking and anti fingerprinting issues here. Not the private browsing mode which only prevents local traces.)

Someone could grab Tor Browser, rebrand, remove proxy settings and advertise it as privacy enhanced browser. Given enough users and having dynamic IP from ISP it would add some real privacy from web servers (advertising tracking). (Not talking about anonymity here. ISP still keeps IP logs.) (Bonus points for having a button to dynamically enable Tor.) (The Tor Project said in some talk, they would be quite happy if they wouldn't have to maintain a browser.) (It's the browser vendors who messed up. They don't care about these issues at all. Best you can do at the moment (other than starting that privacy enhances browser project) is educate people about the current issues and use Tor Browser with Tor. No, Tor Browser with Tor isn't redundant here. )

It really doesn't work as a do-it-yourself solution. Even if you figure out how to get ride of the evercookie. Each time you visit a page using that evercookie, you're "still that person with IP range X that always deletes evercookies". You can't have anonymity on your own and you can't have privacy on your own if only "10" people in the world managed to do that.

 

Thanks, adrelanos.

I do get that Tor would be better for everyone if everyone used Tor

OK, not everyone

If Tor were two or three fold faster, I'd use it for almost everything. I'd still run it through a VPN or two, on general principles, and hide behind free VPNs or proxies when necessary for sites that block Tor exits.

 

Yes, you first install VirtualBox, from -https://www.virtualbox.org/wiki/Downloads. After the install completes, download the extension pack. You'll be prompted to use VirtualBox to open the download.

Then start VirtualBox. My tutorials are at https://www.wilderssecurity.com/showthread.php?t=316044 .
Creating Linux VMs is covered in https://www.wilderssecurity.com/showthread.php?t=315680 at "Creating Test VM". These days, I like Xubuntu 12.4 (long-term release) best, but you can use whatever you like. If memory is tight, you could use something like Snowlinux.

It's pretty straightforward. Unless you have an existing account, I recommend Private Internet Access. They're pretty fast, not very expensive, and accept Bitcoins. Their instructions for Ubuntu (at -https://www.privateinternetaccess.com/pages/client-support/#ubuntu_openvpn ) are pretty good, albeit a little confusing. So I'll repeat them here with minor edits.

Before you do anything with your new Xubuntu VM, click the red "!" star icon on the top menu bar, and select "Show updates". If the VM's Internet connectivity has been intermittent, it's best to first click "Check", and then, after Update Manager has finished synching, click "Install Updates". After that's done, reboot the VM.

Go to -https://www.privateinternetaccess.com/ and buy a subscription. You're connecting via AirVPN, so I recommend using Bitcoins so you're at least somewhat anonymized. Best would be Bitcoins sent via -http://app.bitlaundry.com/ from an account that's associated with your true identity to a pseudonymous account that that uses an AirVPN exit IP address, using maybe 9-20 transactions over 3-5 days.

Go to -https://www.privateinternetaccess.com/pages/client-support/ and change the password that they emailed to you. Just in case While you're there, pick the server that you want, for example "sweden.privateinternetaccess.com".

Now set up Private Internet Access (or whatever) on the Xubuntu VM:

1. Open Accessories | Terminal Emulator
2. In terminal, install unzip using "sudo apt-get install unzip"
3. Download -https://www.privateinternetaccess.com/openvpn/openvpn.zip with Firefox
4. Create a folder in Documents named "VPNs" (or whatever)
5. Unzip "openvpn.zip" to Documents/VPNs/
6. In terminal, install openvpn packages using "sudo apt-get install network-manager-openvpn"
7. In terminal, restart Network Manager using "sudo restart network-manager"
8. In terminal, open File Manager as root using "sudo thunar"
9. In File Manager,
10. In File Manager, copy "ca.crt" to /etc/openvpn
11. For other VPNs, also copy TLS credentials ("client.crt" and "client.key") if supplied
12. Click Network Manager (the up/down arrow icon) on the menu panel, and select "Edit Connections"
13. Select the "VPN" tab and then click "Add"
14. Select "OpenVPN" (default) and then click "Create"
15. For "Connection Name", use something like "PIA Sweden"
16. For "Gateway", enter the server that you picked, e.g. "sweden.privateinternetaccess.com"
17. For "Type", select "Password"
18. If you're using a VPN that has TLS credentials, select "Password with Certificates (TLS)"
19. For "User name" and "Password", use the ones that you got from the provider
20. Click "CA Certificate", browse to "/etc/openvpn/" and select "ca.crt"
21. If you're using a VPN that uses them, also do that for "User Certificate" and "Private Key"
22. Click "Advanced", and enable "LZO Compression"
23. Click "OK" to exit "Advanced", and then "Save" to exit "PIA Sweden" setup
24. Click "Close" to exit Network Manager

Reboot the Xubuntu VM. Then click Network Manager, and select "VPN Connections | PIA Sweden". After about 5-10 rotations, it sould report that the VPN connected.

That's correct.

More generally, you can install whatever VMs you want, and they'll access the Internet through the host machine's AirVPN connection. As I said, you could install Whonix, but it would be connecting with Tor through AirVPN alone, rather than through two nested VPNs.

It's a good starting point. The only limitation is that all of your VPNs access the Internet through the host machine's AirVPN connection. Using pfSense VMs as VPN routers gives more flexibility.

The next step is ensuring that the VPN connections on the host and VM(s) don't leak. I defer to others for Windows host setups. I've seen a few tutorials on Wilders using Comodo etc. My rewrite of the old XeroBank shorewall tutorial for Linux is at https://www.wilderssecurity.com/showthread.php?p=2201706#post2201706

Please also keep in mind that your VirtualBox setup will retain history in many ways, as log and temp files in the OS and VirtualBox, as the existence and configurations of the VMs, and whatever. You can hide some of that by storing your VM files in Truecrypt volumes. And you can create VMs with whole-disk encryption. But whatever you do, it's best to use whole-disk encryption on your host machine, because there's no guarantee that it won't retain information about the VMs.

 

Oh wow thanks!! I will save these instructions. I am getting ready to go on a little trip so I don't know when I can actually do this. But I for sure will. Thanks so much for this!

 

I am curious. What kind of specific information could be retrieved from a VM? What if the VM was used while Shadow Defender was enabled? I would think that would severely limit any traces of activity.

Also, is there a way to run these VMs portable?

 

Well, a VM contains the same information that a physical machine contains.

I've never tried that. VirtualBox is just an app, so I don't see why it wouldn't work.

I don't know. What do you mean by that?

Linux VMs are portable, in the sense that you can copy VM folders from one host to another and then run the VM. But you can't do that with Windows VMs.

 

You're welcome, caspian.

Please let us know how it works, when you can.

 

I’ve been spending some time learning about new (to me) concepts introduced on this thread in recent days, filling in some of the big holes in my computer security/privacy knowledge. One of those holes has been about potentially “malicious” software, like cookies, javascript, malware, etc. I think I may have been, prior to this week, making a very wrong assumption about this type of software vis-à-vis IP addresses. I thought I had read in the past that some software could find your actual ISP-assigned IP address, even when you were using a VPN. But mirimir, adrelanos, and others whose credibility on such issues is very high, wrote earlier this week that tracking software sees your VPN exit IP address--not your ISP IP--so now I’m re-thinking this. But I want to make sure that I’m clear on this issue, because it plays such a large role in my privacy considerations.

Mirirmir, adrelanos and/or anyone else who knows this stuff: is there any software that reveals your actual (ISP-assigned) IP address when using a VPN? If not cookies or javascript, how about any of the various forms of malware? Or any other software; or for that matter, anything—software or otherwise--that is able to bypass the VPN to reveal your ISP-assigned IP address? I could have sworn that I’ve seen references to the increasing ability of adversaries to get your ISP IP, regardless of your use of a proxy/VPN.

Earlier this week, mirimir wrote that there are exploits for "deanonymization", but that they shouldn’t work with the approaches under discussion in this thread (assuming proper configuration). Is this true re. only cookies and javascript, or also for malware, etc.? It makes sense to me that if a machine/VM doesn’t see the internet via your ISP-assigned IP address, that it wouldn’t be able to know or reveal that address. But the trackers/snoopers seem to be very creative in using new technologies to bolster their endless attacks on our privacy.

 

There is still a bit truth in what you read. The subtle difference is the environment. The thing is, if you are using Tor, a proxy or VPN on a machine, which knows it's own external IP address or which can find it out (through STUN or similar mechanism), then there are chances, that IP will leak. For example Skype and some BitTorrent clients are known to disobey proxy settings. Such applications use advanced techniques to find out their real ISP IP and send them to other nodes. When using Virtual Machines (or physical isolation), this can be, when-done-right, prevented.

If NOT using a secure VM (or physical isolation): Some BitTorrent clients, maybe Skype. Perhaps others. That's why you should only use applications, which are "Tor-safe", i.e. applications audited to obey proxy settings and audited not to spill IP through the protocol.

Malware is an issue. There is "off the shelf" Malware, which any idiot can simply download and send to targets and if they can be convinced into opening it they get infected. More specialized Malware installs without requiring the user to take action.

When running Tor/VPN directly on the host (no VMs or physical isolation): malware (sometimes only with root rights) can find out easily the ISP IP address.

When using Whonix VM: Malware inside VM can see what you do inside the VM, but can not easily find out ISP IP. Doing so requires breaking out of the VM using an exploit (even more specialized Malware, it requires finding an unpatched/new vulnerability).

See Whonix attack comparison matrix:
http://sourceforge.net/p/whonix/wiki/Comparison with Others/#attacks

The question boils down to, how much money does your adversary have at hand? I wrote somewhere in Whonix docs, if you pay 1.000 or 100.000 $ to a black hat, they might be able to develop an exploits. Let's say you have an anonymous e-mail address and never open attachments. The adversary needs to know "anonymous user we don't like has that e-mail address". They could code send a mail, you'd never see that mail. That mail would exploit the browser and infect the system. With system access the malware finds out you are using Virtual Box (or even Qubes OS), they investigate and find and write a new exploit to break out of the VM. Game over.

There is really no way to prevent such sophisticated targeted attacks. You can make it much harder, i.e. physical isolation, small attack surface, self written kernel, self written browser, hardening and so on but in the end nothing is 100% secure. I know that and I am working on making attacks more expensive, that's all that can be done. If you're a high profile target and known to run some website or e-mail address, no software can protect you. It all depends on threat models, what one is going to do, adversary resources and so on.

When Tor/VPN is run directly on host, protection is weaker than many people think. Just setting up a VPN with standard mechanism isn't very strong. If the VPN breaks down it fails open, i.e. applications continue to send traffic non-anonymously. Also using socks proxy settings or a socksifier to use Tor isn't very safe. Sometimes due to a bug https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs IP still can leak. Or the application uses advanced techniques to obtain the IP anyway (protocol leak), example: https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea

Given enough adversary resources, they could have enough exploits at hand to deanonymize anything.

Yes.

They're not using exploits yet, that's too expensive.

Maybe they are using advanced fingerprinting techniques to link all activity (from one VM/browser) to one pseudonym. That's not nice, but also not non-anonymous and once the VM is destroyed, that link is hopefully gone.

All projects, TBB, Tails, Whonix, etc. provide anonymity, work well enough for a lot people and have different goals, advantages and disadvantages. Anonymity is tough. There is an endless list of open issues, beginning with end-to-end correlation attacks, too few Tor servers, too few Tor users, too few trans Atlantic cables, too few ASes, over browser fingerprinting, unusable (in a safe way) by mortals, exit node sniffing, man-in-the-middle attacks by exit nodes, sststrip, SSL CA's, too much documentation required, trusting trust, (non-)deterministic builds, unsafe code (exploits) etc. And there are no easy just-download-and-everything-is-fine solutions (tm). So no, there is no system for proven high anonymity, privacy and security. If it really matters to stay anonymous for you, it's better not to use the internet unless you're a real hacker and know more than your adversaries do.

 

If you're just running an OpenVPN client on your computer, and if you haven't taken any precautions to block traffic via the physical network adapter that bypasses the VPN tunnel, that is a serious risk. The physical network adapter is still there, after all. The OpenVPN client is using it. What prevents other traffic from using it is the VPN's virtual adapter advertising itself as primary.

Also, if you also use your computer when the VPN isn't connected, doing something as simple as opening a PDF could open a connection to some server that would flag your true IP-address as having that PDF. If it's a special-enough PDF, that could be bad. You can block that by configuring your PDF reader to never access the Internet. But malware could do all that and more, and be very hard to stop, or even to detect.

The first stage is hardening your VPN connection using routing and firewall rules that block everything except the VPN tunnel. But there are weaknesses. As we see in the thread about HotSpot Shield, using a DNS server that's associated with you, even if you connect through the VPN tunnel, can compromise your "anonymity".

Also, having the VPN connection and your applications (aka userland) on the same computer is a weakness. Smart malware could trash the VPN connection, and the firewall and routing rules that protect it. Using Tor with the browser bundle, smart malware could also trash the Tor client.

The defence is having your client (VPN or Tor) and userland on separate machines, or at least on separate VMs. That's what Whonix does for Tor. That's what my pfSense VMs do for VPNs. And that's what Qubes does, in an extremely hardcore and thorough way, for everything

I'm not into exploits, so I can't be of much help. Read the background at -http://decloak.net/, and more generally, the documentation at -http://www.metasploit.com/ and -http://www.backtrack-linux.org/.

The important point, for me, is that it's possible.

If your userland VM has never known your ISP gateway public IP address, and will never know it, nothing that remains isolated to that VM can ever reveal it. That's true as long as (1) the malware can't break out to the host machine, and (2) as long as it can't compromise the VPN or Tor client, which is running in a separate VM, through the VM-to-VM network. The Tor gateway VM in Whonix is firewalled. So are the pfSense VMs that I use as VPN clients. Only carefully-crafted attacks would have much chance against either.

And, once you access Tor with Whonix through two nested VPN tunnels with pfSense client VMs, it would take serious work for malware to get the ISP gateway IP address.

 

mirimir & adrelanos: thanks very much for your thoughtful replies to my question yesterday. I'm disappointed to learn that I was right in the past re. VPN's not necessarily protecting your ISP-assigned IP, but at the same time, encouraged that there is probably a way to have a pretty high level of location anonymity with VM's/Whonix/etc. Ain't easy, but probably doable. Alas, it sounds like 100% location anonymity isn't doable, but perhaps one can, in practical terms, make it extremely difficult for potential adversaries.

And thanks for the reading material; I'll be spending a fair amount of time this weekend reading about all this. Onward and upward...

 

From the excellent advice I’ve received from this thread this week, it seems like it is possible to have a pretty high level of “location anonymity” by using a VPN’s/Tor/VM’s system (like mirimir’s pfSense VM’s/VPN’s system, or adrelanos’s Whonix). It feels like a difficult and endless battle, however; constantly defending against the long list of possible (and ever-increasing) threats. This is made that much more challenging for someone as tech-clueless as me, and it doesn’t seem like there is much (if any) room for error (if you reveal your location even once, that feels pretty destructive to the goal of location anonymity, especially given the interconnectedness of major databases/websites). Moreover, I feel concerned about my ability to keep a VPN/VM system like this operating correctly. If someone as expert as mirimir needs to regularly tweak/fix glitches to keep such a system humming along (mirimir commented that these systems only stay stable for him for days/weeks), I certainly have concern about my much-less-experienced ability to do so.

So I’d feel quite a bit more comfortable with some kind of safety net, to protect me in the event of (perhaps inevitable) VPN’s/VM’s system fails. I intuitively like the remote options (RDP, TeamViewer, etc.) as that possible safety net, but I may have underlying assumptions about them which are very faulty. It seems to me that when one uses a remote option like this, there is more of a disconnect between the IP address of that remote device and the actual geolocation of the user vs. the disconnect between a VPN exit IP address and the actual user geolocation. Is that true? If I’m understanding correctly, an adversary seeing the IP address of the remote device would have no reason to think that it is remote, while it could be more easily ascertained that a VPN exit IP is, in fact, a VPN exit IP, which would then lead an adversary to try to obtain the ISP-assigned IP address behind that VPN. Further, it feels like the computer work being done is really done primarily on that remote device, as opposed to a straight VPN scenario in which the work is being done on the local device. And I’m guessing (OK…hoping) that cookies/javascript/malware would be less problematic using a remote system; perhaps malicious software doesn’t even get past the remote device, to my local device?

Is the above inaccurate gibberish, or am I somewhat in the right direction with this? I guess my main question about this is: what are the relative advantages/disadvantages of VPN-->Remote Desktop-->Destination Website vs. VPN-->VPN-->Destination Website, when it comes to protecting the privacy of one’s geolocation? Ancillarily, what could a tracker do to find your ISP-assigned IP if he had your VPN IP vs. if he had your Remote device IP? [For the sake of these questions, let’s assume that I am able to effectively protect the remote device from someone physically accessing it.]

Finally, I’ve found quite a few remote options, including: Windows built-in RDP, TeamViewer, LogMeIn, Microsoft's Live Mesh app/SkyDrive app, Splashtop, Jump Desktop, Online VNC Server, Mac to Mac with built-in Screen Sharing feature, and UltraVNC. If I decide to go the remote route, which of these options would be best for my purposes, which are to browse online, send/receive emails, and make/receive VoIP audio calls, without revealing my geolocation? Priorities in doing this include: ease of use for non-techie, and reasonably fast speed.

 

Quick answer: With hosted servers, you have no physical security, and no privacy, except to the degree that you trust the provider.

More: Later

 

I fully believe in preparing for the worst - finding a super secure method that you can use - that isn't super hard to use every time you want to go online. That said, if you look at the history, not even the basic stuff we talk about here, has been compromised. Sabu was busted because he hopped on IRC unprotected. Hammond was busted because of MAC addresses. Barret Brown flat out made a YouTube video in the clear. Sabu could have prevented all communication, except VPN, with his router, or software firewall rules. Hammond could have spoofed his MAC and simply run a CAT6 cable all around his apartment. Both could have not ever done anything from their homes. My point is, yes, try to build the most secure, but user friendly system you can - but realize that so far, it has been the basic stuff that has gotten people busted. It's fun to discuss OpenVPN, Tor and TrueCrypt attacks by NSA, but they just aren't happening that we can see. Enjoy the net!

PD

 

Yes, and messing up the connection to the server is just as likely.

LampHigh, so even if you go that route (remote server/VNC...), it still makes sense to pay that server anonymously and to connect anonymously to that server.

 

Yes.

I don't think so. While I think that anonymizing MAC addresses may have some valid use cases, I don't think it buys you anything when doing it at home.

According to http://arstechnica.com/tech-policy/...the-fbi-tracked-and-busted-a-chicago-anon.ars they where already standing in front of his house when they made use of the MAC address. At this point it's game over anyway. Hammond made many and big mistakes (telling about personal things, jail time, owning a macbook and so on) much earlier as the news tells.

Perhaps anonymizing MAC addresses is worth a separate topic.

 

I'm very much looking forward to opinions here about remote desktop options (per my post on this thread yesterday). As I've been thinking about these remote options, I'm wondering if there even needs to be a separate ISP-assigned IP address; maybe the remote device can be accessed somehow without one. Like maybe accessing the remote device via a non-internet network? Or maybe accessing the remote desktop via the internet, but in a way that doesn't need an additional IP address on my end. This is probably just wishful thinking on my part, but I'm hoping that there is a remote option which helps with keeping my geolocation private.

Understood; trust plays such a major role with this stuff. Looking forward to your additional thoughts.

Yes, I think approaching this, like with most things in life, require a sense of balance; there are always tradeoffs.

What do you mean by this, adrelanos? And what are your thoughts generally about using a remote approach like TeamViewer when trying to achieve location anonymity?

I certainly agree; thanks. I go strictly private with any payments connected with anything like this (prepaid credit cards, paid for with cash, registered with unconnected alias, paid for from public hotspot, etc.)

 

Yes, that goes almost without saying

I recommend learning the local stuff first.

 

Unless you have serious money, you're not going to be accessing anything very far away except through the Internet! You could drop back to dialup, I suppose, but that's rather constraining. You'd first need to be comfortable working at command line

Using remote servers doesn't need any IP address from your end, unless you're using a VPN with a local DHCP server, which you probably aren't ready to tackle.

In other words, remote servers typically have IP addresses that are assigned by the hosting provider or their ISP. Those remote IP addresses have no connection to you, your IP address, your ISP, etc. The only connections are the money trail, and the Internet connection that you use for access.

Consider this scenario. You're using a server that's hosted somewhere. Someone tracks you back to that server. Maybe they get a court order, maybe they bribe someone, maybe they do armed robbery, or whatever. Then then take the server to their lab. Or maybe they add malware, and leave it there, and observe your activities. Which is most likely depends on the circumstances. And maybe none of those are realistic possibilities, in which case you have no problem.

There are defences, such as physical hardening, tripwire software to detect changes, Mandos server to prevent booting after removal, and so on. But none of that is easy.

 

One other thing comes to mind.

It's also important to respect providers of services that you use -- whether it's VPNs, or Tor exits, or hosted servers, or email providers, or websites, or whatever -- and protect their interests.

 

TeamViewer is a proprietary product, it opens up the question, is it a direct connection between you and the remote server or does it go through TeamVierwer servers?

Is the connection between you and the remote sever encrypted? Encrypted VNC isn't that easy either, most VNC connections are unencrypted by default, thus observable by the ISP of yours and the hosting provider.

 

Thanks for this, but I’m unfortunately confused (my fault, not yours). Let me try to ask about this in a different way, although I’m having some difficulty being clear with this. Is there is a difference between VPN-->Remote Desktop-->Destination Website, as opposed to VPN-->VPN-->Destination Website, when it comes to protecting the privacy of one’s actual IP address/geolocation? If someone was trying to figure out geolocation in the second scenario, I’m guessing that it would be pretty easy to determine that the IP address they see is a VPN exit IP, which may then lead the tracker to try to figure out what the ISP-assigned IP address is behind the VPN(s). With the former scenario, I’m wondering if the remote server’s IP address would also as easily reveal that it is not the “end” user’s IP address. If it looks like the remote server’s IP address is the one used in the actual home/office (ie. The “last” one in any chain of IP addresses), then a tracker would presumably not look for any additional IP address "behind" the remote IP.

In other words, is it just as easy for a tracker to determine that the IP address he sees is not the actual home/office IP address of the user he’s tracking, if that IP address is a VPN’s exit IP, vs. if it is the IP address of a remote server?

Adrelanos asked today about TeamViewer: whether it is “a direct connection between you and the remote server or does it go through TeamVierwer servers?” I don’t know, and will try to find out, but perhaps that is getting at what I am struggling to ask.

Let me try this silly example: let’s say I had my local ISP run their cable line to an abandoned shack somewhat near my home (and this ISP assumed that is where I’m physically accessing the internet). But I, without the ISP’s knowledge, run a wire underground from the abandoned shack to my actual home. When I would use the internet in this scenario, not even my ISP would know my actual geolocation; it would assume I was physically at the abandoned shack. No matter what any malware did, it would presumably only be able to reveal the IP address/geolocation of the abandoned shack, not my home where I was actually using my computer. This silly abandoned shack example isn’t workable, but is there any analogous situation which is workable? I’ve been hoping that maybe a remote server/remote desktop is kind of like that abandoned shack, and that my remoting into it couldn’t reveal any IP address connected to my actual home, because it wouldn’t have/know my actual home IP address.

Along these lines, is there a difference vis-à-vis cookies/malware/javascript/etc. between the VPN vs. Remote options under discussion? I know that this malicious software could get back to my actual home computer when I’m using a VPN; is it the same when using a remote server/remote desktop, or does the malicious software stay at the remote server/desktop, and never get to my home computer?

Sorry if i still haven't asked about this in a very clear way; in my head, I understand what I’m trying to ask, but I fear I haven’t done so very cogently.

 

Just thought of another example which may make my question clearer. Like in the abandoned shack example I just gave in the above post, if I were to use the wifi connection of a neighbor (without the neighbor’s knowledge), presumably no tracker could know my geolocation (for the sake of this question, let's pretend that there is no such thing as wifi triangulation). Any malware/cookies/snooper/etc. could only find the IP address of my neighbor. I’m wondering if any of the remote options like RDP, TeamViewer, LogMeIn, etc. operate in a similar way, where there is no discoverable IP address at my actual geolocation.

 

OK, I get what you're asking.

While hosting facilities might be less obvious than VPN exits, it's only because they're not as heavily used for web surfing. After all, most VPN exit servers are in hosting facilities However, anyone researching the IP address could easily determine that it's hosted, rather than that of an individual ISP subscriber. There are public whois databases with such information.

Some VPN providers will provide private IP addresses at additional cost. While a private exit IP might be "cleaner" as in less likely flagged as VPN exit, you're also the only one using it, rather than being part of a crowd.

If you look hard enough, you may find "anonymous" proxies (and maybe even VPN exits) that use individual ISP-subscriber IP addresses. While they may be "legitimate", to the extent that the provider has obtained numerous individual ISP accounts in empty shacks or wherever, they may also be botnet slaves. Using a botnet slave as your exit IP would be immoral, and might also attract unwanted attention. Using a fraudulently-obtained ISP account might also be risky. I've never wanted to play with any of that.

Both one-hop VPN exits and private remote servers know the IP address that you're connecting to them from. But neither will reveal that to Internet sites. Adversaries would need to review their connection logs to get the IP address that you connected from.

Still, if that's not your true IP address, you're still safe. But the adversary could do the same for the next link, and eventually find you. If at least one of those links were Tor, however, doing that would become much, much harder.

With a remote server, you have far more isolation and control. For example, you could access it using x windows over ssh via VPN over Tor. All files would remain on the remote server until you got them via sftp.