Search the Community

Here's an outline: 1. Anonymizing Your Internet Usage 2. Securing Your Browser 3. PGP Encryption 4. Changing Your Mac Address 5. Anonymous IM 6. Anti-virus 1. Anonymizing Your Internet Usage The easiest way to anonymize your internet usage is to use TOR or a VPN RELIGIOUSLY. NON-STOP 24/7 FUCKING TOR ACTION NOT EVEN A SINGLE GOOGLE OUTSIDE TOR/VPN VPN A Virtual Private Network helps to ensure privacy by creating an encrypted tunnel between your computer and a remote VPN server. Example setup without VPN: Home PC -> ISP -> Internet Example setup with VPN: Home PC => ISP => VPN server -> Internet Once data has entered the VPN tunnel (=…=) it is hidden from view by encryption protocols so that no-one, not even your Internet Service Provider (ISP), can ‘see’ it. The only computers that can see the data are the ones at each end of the VPN tunnel. Because the VPN server can see all data going into and out-of the tunnel (and trace it back to you), it is vital to choose a VPN provider you trust, and who keeps no logs of your internet activity. If you are concerned about privacy then you should never pick a VPN provider who keeps logs, and the comments below assume a no logs service. Providers we particularly like that are good for keeping no logs are Mullvad, AirVPN and Private Internet Access (although the fact that PIA is US based has introduced considerable uncertainty to this recommendation). Pros: As long as your VPN provider is trustworthy and keeps no logs, VPN is a very secure and anonymous means of surfing the internet It is also good for securing connections at public WiFi hotspots, and for evading firewalls used to censor the internet It is a lot faster than Tor (although there will be a small hit to your internet speeds) It is very good for P2P filesharing, and ‘spoofing’ IPs in order to stream geo-restricted media content (e.g. Hulu). Cons: It relies on trusting your VPN provider, and is therefore not as secure as Tor It costs money (typically between $7 to $10 per month, with substantial discounts for bulk purchases). Many VPN providers accept Bitcoin payments. It is obvious to observers that you are using VPN. TOR (You should be familiar with TOR, but I'll throw it in here for educational purposes.) Tor is an anonymity network that supplies free software which lets you use the internet anonymously. Basically you connect though a number of randomly selected nodes (at least three), with the data being re-encrypted each time. This means that although each node knows who is connecting to it, and who it connects to, no node knows the whole route (circuit). The final link in the chain, the one that connects you to the internet, is known as an exit node, and is one of the biggest weaknesses of the system. See a Sybil attack for more information on this. My favorite motto is: "You're only as safe as the exit node you're connected to." Also, don't run exist nodes because if anyone watches CP through it, you're responsible and they will take you down. This has led to a fairly small number of public exit nodes being available, and has meant that restrictive governments such as China, who monitor these nodes, have been able to block access to many of them. There are still plenty of nodes around however, but it does mean that Tor users in some countries my need to reconnect to a number of different nodes before they find one that has not been blocked. Pros: Very secure and anonymous (in fact it is generally considered the most secure and anonymous way to access the internet available, and is therefore suitable for political dissidents and the like) It is also good for securing connections at public WiFi hotspots and for evading firewalls used to censor the internet (although see comments blocked exit nodes above) Free Cons: Slow (often very) Restrictive countries can make finding unblocked public exit nodes a pain Not good for P2P downloading and streaming from spoofed IPs – not only are network speeds too slow for this to be practical, but doing so slows down the system even more for other users. In addition to this, volunteers running the exit nodes may be held accountable for your copyright violations, so it is considered very rude It is obvious to observers that you are using Tor, and some websites (such as PayPal) may refuse to play ball Other services which may be of interest include JonDonym, Lahana, I2P and Psiphon. === 2. Securing Your Browser By now you're probably using the Tor Browser Bundle or TBB for short. This is the easiest way to go about things. a. Ensure NoScript is disabling scripts globally. b. Click the 3 bars/settings menu, then click HTTPS and finally enable "Block All HTTP Requests". This makes it so that you can't get ARP poisoned for cleartext passwords. Never hurts to make all your connections HTTPS, right? c. Click again on the 3 bars. Now select 'Options' and navigate to the Privacy tab. Select 'Do not tell sites...' and under "History" choose 'Never Remember History'. FLUSH YER DNS! Computers automatically cache the hostname of the websites you have visited to make reloading the pages faster than if there was no cache. This is clearly not wanted. ipconfig /flushdns CCleaner CLEARNET LINK: https://www.piriform.com/ccleaner CCleaner cleans out pesky Flash cookies and also a host other rubbish that is slowing your computer down and leaving traces of your internet activity behind. Flash cookies or ‘zombie cookies’ are bits of persistent Flash code which respawn regular cookies when they are modified or deleted. To configure CCleaner to work properly and delete these, 1. Open CCleaner, then navigating to Options -> Include -> Add: C:\ -> Users -> User name -> AppData -> Roaming > Macromedia > Flash Player -> #SharedObjects and C:\ ->Users -> User name -> AppData -> Roaming -> Macromedia -> Flash Player > macromedia.com -> support -> flashplayer -> sys 2. Then go to ‘Exclude’ and ‘Add’: C:\ -> Users -> User name -> AppData -> Roaming -> Macromedia -> Flash Player -> macromedia.com -> support -> flashplayer -> sys -> settings.sol Windows XP users should: 1. Include: C\: -> Documents and Settings -> User name -> Application Data -> Roaming -> Macromedia -> Flash Player -> macromedia.com -> support -> flashplayer -> sys and C -> Documents and Settings -> User name -> Application Data -> Roaming -> Macromedia -> Flash Player -> #SharedObjects 2. Exclude: C\: -> Documents and Settings -> User name -> Application Data -> Roaming -> Macromedia -> Flash Player -> macromedia.com -> support -> flashplayer -> sys -> settings.sol HTML web storage CLEARNET LINK: https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/ This extension is said to remove web storage automatically on a regular basis. Privacy Badger CLEARNET LINK: https://www.eff.org/privacybadger Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser. To the advertiser, it's like you suddenly disappeared. Red means Privacy Badger believes this domain is a tracker, and has blocked it. Yellow means the domain is believed to be both a tracker and necessary for the functioning of the page, so Privacy Badger is allowing it but blocking its cookies. Green means that Privacy Badger believes this is not tracker. Other very useful Browser Extensions are: Lastly use Duck Duck Go or Startpage INSTEAD of Google. Google = bad bad bad! === 3. PGP Encryption If you aren't using PGP Encryption when sending messages you might as well off yourself right now. It is extremely vital to use it. As Ping once said 'The longer the better '. Download GPG4Win Here: CLEARNET LINK: Gpg4win - Secure email and file encryption with GnuPG for Windows Run the downloaded file and select to install only Kleopatra and GPA. Open GPA Keys > New Key Fill in the information with whatever you want people to see your public key as. NOTE: DO NOT USE YOUR REAL NAME! After selecting your alias it asks for an e-mail adress. This e-mail should be non existent, and be linked to a website that also doesn’t exist. Take the example below: Then make a backup of your key. Find where you put the back up of your key. It will be an .asc file. Open it with Notepad. When sharing your key with others, you wan’t to copy and paste from the beginning dashes to the end dashes. To import other people's keys into GPA, create a blank text document. Paste their key in. Open GPA. Import Keys. Select File. Confirm. Done. SENDING AN ENCRYPTED MESSAGE: 1. Open GPA. 2. Open up clipboard. 3. Write your message. 4. Encrypt. Choose the receiver's key. 5. You'll now have an encrypted message. 6. Just email/message that to them. To decrypt a message sent to you: 1. Open GPA. 2. Open Clipboard. 3. Paste funky looking message. 4. Decrypt - enter password. === 4. Changing Your Mac Address CLEARNET LINK: http://devices.natetrue.com/macshift/ Very easy. Download, open cmd, run macshift -r -i "Wireless" #If you're using Wireless macshift -r -i "Ethernet" #If you're using Ethernet 5. Anonymous IM CLEARNET LINKS: https://www.pidgin.im/ + https://otr.cypherpunks.ca/ Run both installers - pidgin with the default settings. Set it up how you want, currently I only have it set up for Google Hangouts which kind of defeats the purpose. If I can get it set up later, I'll edit this. ONLY USE XMPP If you want to connect to a hidden service, for example the jabber.ccc.de hidden service I use the following configuration: 6. Anti-virus 10/10 would recommend the AVG + Malwarebytes combo. If someone lands malware on your machine, you're 110% fucked. Nuff said. === Lastly, if you want to be the safest, run it in a virtual machine. To Hackerjon - I wrote this following your restrictions (no VM, no Tails, no Linux). Having all three of those is by far your safest bet, but whatever. === Source: hell