In many countries around the world people risk and lose lives in their struggle for freedom and democracy, oppressed by regimes violating the civil or even basic humans rights of their citizens.
After my latest post “Digital Self-Defense” a few people asked me if I know about ways how to communicate online while staying absolutely anonymous. Here´s what I´ve learned:
First of all: There is NO way of absolute anonymity online. Accept this and grow a healthy dose of paranoia. Do no shortcuts, not a single one, in your efforts to stay anonymous, not because you´re tired, not because you´re stressed or pressured by others.
Very basically you have to think about four areas where you have to cover up:
- Hardware (f.e. mac adress)
- Software (f.e. operating system, browser)
- Access point to the web
- Payment and Login info for the software you´ll use to encrypt and hide your web traffic
At best have a machine that you only use for your political work. You have never logged in to facebook, there´s no history of downloads, no mail clients, no activation of Windows or OSX. Simply nothing that is in anyway associated with your identity.
If you don´t have a new machine you can erase your harddrive´s data with tools like “Darik´s Boot and Nuke”.
What is true for your hardware is even more true for your software. Don´t use an operating system associated with your identity. There are basically two ways to do this:
Either you use another machine, f.e. in a public internet cafe, or you use live CDs. A live CD (or USB partition) is basically booting a Linux operating system from CD and does not store anything on your hard drive. In case you want to save specific settings or data on your disk some live CDs come with tools like “Truecrypt”. Truecrypt allows to create an encrypted partition on your harddrive to store to. In case of emergency when you might not have enough time to erase your data, it will be encryted at least.
Currently I´d recommend “The Amnesic Incognito Live System (Tails)” not just because of its name but for its range of functions.
“Tails” comes with “Tor”, a distibuted network of relays run by volunteers all around the world that bounce your communications to prevent the allocation of data traffic to individuals. Tor is really easy to use and comes with an adapted version of the Firefox browser called “Tor Browser” with the add-on"HTTPS Everywhere“ preinstalled. "HTTPS Everywhere” enforces encryption of your web traffic to websites automatically. Now again: Don´t do anything else with this browser! No Facebook login, no installation of add-ons, just leave it as it is.
To add an extra level of anonymity you can think of running the TOR/ webtraffic through the server network of a “Virtual Private Network (VPN)” service. If choose your VPN provider check for the following:
- No logs policy: no logs, not only of the websites you visit, but also of your connection times aso. This means you´ll have to avoid providers in the EU and US.
- The VPN provider should have access servers close to your location to not slow down the whole security apparatus even more (as it will be pretty slow anyway).
- And maybe most important for our topic of anonymity: Do they offer options for anonymous payments? After the FED shut down “Liberty Reserve” there are the following options:
Find a VPN provider that
- accepts prepaid cards like “PaySafeCard”, “WebMoney” or a similar service that works in your country.
- that accepts the online currency “Bitcoin”. If you run it through “Tor”, use new “Bitcoin” adresses for each transaction and pay the VPN provider in bulk this is pretty secure.
- Search for how to set up an anonymous “Paypal” account as I won´t run you through that here.
Do NOT provide any of the above with your real name or similar information again! If you need a mail adress use free mailers with funny personal details or a temporary mail address service like “GuerrillaMail”.
Now if you finally want to go online don´t do it from home or any access associated with your identity. Go to a public wifi or use prepaid cards for mobile that allow for data traffic. If you connect your machine through your mobile´s prepaid data plan via tethering that´s also might work. Change cards from time to time.
Disclaimer Curse: If you use the above for illegal stuff just for your own egocentric benefits go burn in hell!
Please feel free to add hints or questions in the comments.