How to achieve true online anonymity

mirimir, you've provided some great detail on the questions here and this part about SSDs is interesting.

While this part of a system does not play directly to the online anonymity question, it does play to the overall security of one's system and I read elsewhere that the ability to fully securely erase an SSD is questionable because of some "overhead" memory that is not visible to the regular Operating System.

You are much closer to this than I and perhaps you know of some tools that can access this overhead, or perhaps this not an issue with current generation / certain models of SSDs, or maybe it is only an issue for Windows O/S based systems, but not for Linux?

It has been a while since I last looked at this, but I've stayed away from SSDs for this reason (in addition to price). It would be happy news if this is no longer an issue.

 

With this profile, sounds like you might even be running a blog (no need to answer).

To the guys who have responded thus far, is there any modification to the advice already provided to be able to run a blog psuedonymously?

 

It's indeed not a common term "Tor-safe". Tor FAQ speaks about connection-level anonymity and application-level anonymity. Sometimes called protocol leak.

The knowledge about this things hasn't yet reached users. There are still more than enough people out there spreading how to configure stock Firefox with socks proxy settings without malicious intend, while that is totally non-anonymous.

I can only post a few links to proof that point:

https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Misc#FilesharingBittorrent
https://www.torproject.org/docs/faq.html.en#CompatibleApplications
https://www.torproject.org/torbutton/index.html.en
https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea

Any applications has to be checked for application level leaks, not just Voip.

Since there are very few applications audited for use with Tor or developed for use with Tor, since auditing is such a difficult task, not even a real guide exists, since very few people audit applications, since an audit is only good as long as upstream changes something without thinking about anonymity... I gave up on that and created Whonix. Needless to say, that there are alternatives also working on making applications over Tor safe (Tails, TBB, Liberte...).

 

I've also read that about SSDs. They have reserve capacity available for replacing damaged areas.

I use LUKS and LVM, so everything except the boot partition is encrypted when the machine is down. However, if SSDs use their reserve capacity interchangeably as temporary storage, unencrypted data might remain after shutdown.

That's a good point. Thanks I'll test before implementing.

 

Oh, and I read that best practice is to do a full disk encryption on brand new SSDs, because of this issue (FYI, vs after using it for a bit).

Thanks for your quick reply.

 

Wow, quick response!

I was afraid you'd say that this was the current state of affairs.

So, ultimately, we must not only isolate the real layer from the network with virtual layers, but we might have to "sandwich" a Windows VM (for those of us who must use them) between the Whonix client and gateway VMs to hide the real information from the applications we use. Is this correct?

Edit: FYI...Will take a while, but reading through the links you provided (thanks)...perhaps answered there.

 

"We RECOMMENDED to use "clean" computers made of parts manufactured by reputable companies and to pay in cash so as to not have hardware IDs leak our identity." from: http://sourceforge.net/p/whonix/wiki/Threat Model/

AFAIK, we've done nothing worthy of special interest, just want to apply the Bear Theory - be relatively "ahead" enough to leave the security/privacy unaware others to be targets of any mal-intents.

For anyone who is not a "high profile target", how realistic a concern would/should this recommendation be?

The concern seems to be that a specific part can be traced to a purchaser...I don't know how true that is for most anything other than for the pc or laptop themselves for which the retailer/manufacturer might maintain a record linking purchaser to the serial number for returns or warranty services. For computer parts, AFAIK, most retailers only maintain the UPC code and a sales record for each purchase of that product, not a specifically identifying serial number to that part.

If this were a large issue, wouldn't setting up a Whonix gateway using a Raspberry Pi (a possible consideration for us) be counter to the recommendation (just to name an example, not to pick on Whonix)?

The implication is that one builds their own pc, but we are moving towards laptops, tablets and smartphones...much more portable (and disposable for the really paranoid).

For context: Our need is to set up a higher level of psuedonymity on off-the-shelf laptops we use. Not interested in tablets (yet), but am interested in Smartphone privacy/security too. These last two items are probably in different threads and will research them when time permits.

 

Is the PrivaZer tool set the only one that cleans shellbags?
https://www.wilderssecurity.com/showpost.php?p=2213190&postcount=159

I've been using CCleaner for a long time, mostly for maintenance, and it also has a "privacy" effect too, but to read the following article, shellbags seem like a major exposure for malware to do some info gathering:
http://computer-forensics.sans.org/blog/2011/07/05/shellbags
https://www.wilderssecurity.com/showpost.php?p=2202700&postcount=129

Edit: Found a hit on System Tuneup on Wilders, but overwhelming hit count is for PrivaZer...
https://www.wilderssecurity.com/showpost.php?p=1451437&postcount=5

Edit2: "If you install VirtualBox on your Windows machine, you can bypass Shellbags capturing the folder paths even when using a USB device. Virtual Machines will also store logs and is a topic for a later post, but mounting the Virtual hard Drive on a removable device will keep the logs off of your Windows machine." from:
http://pinkdojo.tumblr.com/post/40099153328/dirty-windows-shellbags

 

R-wipe cleans shell bags

 

You can't !
http://en.wikipedia.org/wiki/Utah_Data_Center

If you want to stay below the radar .. Don't go online !
And these days that, by itself, is 'suspicious' !!

I know people who lost a otherwise sure employment because they where ungooglable !!

 

If you want to hide where you are located, you use Tor or a good VPN. As for cookies and javascript, they don't reveal your IP, they just help sites track you (among other uses, most of them well intended). So if you are very careful to separate your activities, you are reasonable safe.

 

Yeah if you use the TBB through a VPN that should do it. If you are just using a VPN make sure to disable geolocation in about:config. If you don't believe me, just fire up your VPN and open a Firefox browser with geolocation enabled, go to Google maps, and click on that little button. It will locate you. And you can most likely even see your house if you go into street view.

But if you live in a really unfriendly country, you can connect to a public wifi from a distance. Use MADMAC to change your computer name and mac addy, first. Get one of those cantennas and make sure that you are not around any cameras. If you pay cash for your VPN sub and never connect from your home network, that would be really private. Then Tor through that VPN. Maybe with Whonix.

You could also encrypt your computer. Or run Whonix from within a Truecrypt folder and with Shadow Defender enabled. That should prevent traces, although many say there will be *some* traces no matter what you do. But anyway, I would think that this would be pretty anonymous.

 

Thanks for your reply!

 

FYI...I posted about UEFI Secure Boot which seems to have a related issue on "how to":

https://www.wilderssecurity.com/showpost.php?p=2228020&postcount=10