So, you want to be anonymous online.
Cool. But first, what exactly does it mean to be anonymous online?
I distinguish anonymity from privacy in the post about controlling communication channels. Privacy is about controlling access to sensitive information. Online, that’s typically about what we communicate. We use end-to-end encryption (such as HTTPS, Signal and GnuPG) to protect our traffic from adversaries. But it’s also about protecting what we have, using full-disk encryption to protect our devices.
1) What Is Anonymity?
Anonymity is an aspect of privacy. And it’s about controlling access to our identities. That is, it’s about who we are. With anonymity, we can express ourselves more freely, with less concern about consequences and coercion. And if we’re anonymous enough, adversaries can’t piece together information about us, and so distinguish us from everyone else. So anonymity helps protect privacy, and circularly, it also helps protect against deanonymization.
But anonymity isn’t all or nothing. There are degrees of anonymity. I mean, it’s the goal of Tor browser for all users to be more or less indistinguishable. And so, in theory, anonymous. But in practice, that’s not possible, given that people use Tor browser on different hardware. But Tor browser is very proactive about updating itself, so everyone is at least using the same version. And there are just a few security levels, to limit diversity. And it’s also pretty aggressive about window size, installing additional add-ons, and so on.
But even with Tor browser, anonymity is toast as soon as we create online identities. Such as email addresses, and accounts on sites. I mean, Mirimir is not anonymous. And neither are any of the personas that I use via Tor. They’re all sort of anonymous, or pseudonymous.
Some of them are a lot like Mirimir, do similar stuff, and write in English. So they just hinder search-based linking, and provide some more or less plausible deniability. But others are very different, and never write in English. Or at least, only after a few cycles of Google Translate, through multiple languages.
In other words, anonymity, pseudonymity and privacy are distinguishable in the context of data and metadata. Privacy is about protecting data, and some metadata. To be anonymous, we must protect all data and metadata. And the degree of anonymity depends on both our goals, and our operational security (OPSEC).
Some metadata is impossible (or at least, very difficult) to hide. Local adversaries can see that we’re using the Internet, if not what we’re doing. But they can also see when we’re online, and the traffic patterns (bits/second vs time). That itself is metadata about us, that we’re people who hide what we do online. But that can’t be helped, unless we use some undetectable channel.
Still, remote adversaries ideally just see activity, with metadata that’s not associated with anyone in particular. At least, as long as we don’t create online identities, and so become pseudonymous.
2) Why Be Anonymous Online?
It helps to be clear about why you want to be anonymous online. And whether you can live with the requirements, and the consequences. Indeed, after I’ve gone on about this stuff on Hacker News, someone occasionally asks why I go to all the trouble. Sometimes I just say that it’s a hobby, or a game. And that’s true. It’s fun, and a challenge.
But fundamentally, I do all this because I value freedom.
Given all the authoritarian threats, freedom depends on privacy. And ultimately, privacy depends on anonymity, or at least pseudonymity. But still, it’s useful to keep in mind that it’s a game, where freedom is how we keep score.
3) What Does It Take to Be Anonymous Online?
Always keep in mind that it’s extremely difficult — and perhaps impossible — to be totally anonymous online. Or at least, for very long. That’s because the NSA (and some other national intelligence agencies) can intercept and manipulate traffic at so many points, throughout the Internet. After all, that’s why they’re called global adversaries.
At least some global adversaries can very likely gather basic information from traffic intercepts about all 4.5 billion Internet users. Stuff like IP addresses, ISPs, traffic logs, the use of encryption, and so on. But I doubt that they can retain all of that data for very long, or even analyze all of it substantively. Because there’s arguably just too much, and it’s distributed across too many thousands of interception devices.
So it’s likely that they must select what to retain and analyze, based on various criteria. Such as IP addresses, names, email addresses, language and keywords. Also the use of particular encryption protocols, such as Signal, GnuPG, Tor and VPNs. But not likely HTTPS, however, because it’s become too common. I recall reading that the NSA hasn’t been happy about increased use of VPNs for torrenting and streaming georestricted content, because dealing with it wastes resources that they’d rather reserve for serious work.
But here’s the thing. Even if they’ve retained everything required to deanonymize someone, actually doing it requires analyzing and correlating data from multiple intercepts. So it’s unlikely that they do that routinely for all information that they’ve retained. Also, it’s unlikely that they can retain even that filtered sample for very long. And so they must filter out what to keep long term, which reduces the chance that they’ve retained enough to deanonymize someone who wasn’t interesting enough, for long enough.
So if you want to be totally anonymous online on a long term basis, you want to avoid becoming too interesting to global adversaries.
And if you do want to do something that might attract their attention, or the attention of other Three Letter Agencies (TLAs, such as the FBI) that can get their help, you need to be especially careful. You must compartmentalize that activity rigorously from your meatspace (real life) identity.
Using online personas doesn’t provide anonymity, just pseudonymity. However, you can use multiple personas, which are well compartmentalized from each other, and shift usage over time. But the longer you use a persona, the less pseudonymous (and more dangerous) it becomes.
It’s essential, of course, to effectively hide your ISP-assigned IP address, without needing to trust the discretion of some third party, such as a VPN provider, or even the Tor Project. But there’s much more to being anonymous online than accessing the Internet anonymously.
All sorts of government agencies and service providers know who we are. And many identifiers interlink all parts of our lives, meatspace and online:
- passports and driving licenses
- postal addresses and landline numbers
- mobile numbers and email addresses
- bank accounts
- credit and debit cards
- social media accounts
And then there’s all the stuff we share on social media (assuming we use social media). We display our interests, and express our opinions. Also, our families and friends know us both online and in meatspace. And most of them don’t care much about anonymity, or even about privacy.
I’ve written at length about how online privacy depends on OPSEC and compartmentalization. That series covers those issues in greater detail, and contains many interesting links — but do finish this post first.
Anyway, let’s say that I gave you a box that lets you access the Internet anonymously, perfectly anonymously, against any global adversary. If you kept doing what you’re doing now — and I mean whatever it is, pretty much, unless you’re truly hardcore about anonymity — you’d likely remain anonymous (or even pseudonymous) for no more than a few minutes. Maybe a day or two, if you were careful. It might take years to catch up with you, however. For example, the former LulzSec celebrity Sabu had outed himself on IRC, many years ago, when he was first learning to hack. But it didn’t come out until he pissed off the guy who had retained logs of those chats.
Most people aren’t really aiming for total anonymity, however. For more than just reading, it’s limiting. And once you start doing stuff, it’s really hard to remain anonymous. It’s tedious to write without having a consistent style. You can’t have meaningful conversations. Once you’ve registered somewhere, or leased a VPS or server, you’ve created an identity.
So anyway, my focus here will be on “anonymous” online personas, and how to use them.
4) First Secure Your Uplink, and Hide Your Location and IP Address
I’ve already covered securing your Internet uplink and hiding your location and ISP-assigned IP address.
Bottom line, there are three key criteria:
- your setups must be effective and secure
- they shouldn’t attract attention
- there should be plausible cover stories
As @thegrugq says:
VPNs provide good cover that Tor simply cannot – “I was using it to watch Hulu videos” is much better than – “I was just trying to buy illegal drugs online”
That doesn’t necessarily mean that you shouldn’t use Tor. It’s just that local adversaries shouldn’t see that you’re using Tor or I2P. And nobody local should have any clue that you’ve ever even thought about using Freenet. Indeed, even if your OPSEC is impeccable, I recommend against using Freenet. It’s not at all hard to see stuff that you’ll never forget, no matter how much you wish you could.
5) Compartmentalization Is Key for Online Anonymity
In order to have an anonymous online persona, you must compartmentalize that persona’s stuff from the rest of your life. Any overlap creates a link. And with enough links, that persona is no longer anonymous. Obviously, you can’t use the same email addresses and online accounts. It’s risky to even frequent the same sites, unless they’re widely popular. For example, Reddit is OK, but not particular subreddits. You can be identified by your language, your writing style, and your use of slang.
It’s even risky to display the same interests, or express the same opinions. Especially if they’re uncommon. Finally, no matter what you do, don’t play sockpuppet games with yourself, because people are good at detecting that.
It’s also prudent to compartmentalize each online persona from the others. That way, if one persona gets into trouble, the damage will be limited. And so it may be enough to just stop using it. But if information about multiple personas can be connected, that can make you more interesting, and there’s a greater chance that you’ll be fully deanonymized. And even if you’ve done nothing too iffy, there’s the risk that you’ll be monitored thereafter. Some years ago, I published a series of guides about compartmentalization for IVPN.
For example, let’s say that you’re leasing a VPS, and running a Tor onion site. And let’s say that you’ve leased and managed the VPS anonymously via Tor. But you want to provide a contact email, or post to social media about the site, or whatever. If that persona can be linked to the one that you used for leasing the VPS — by email address, Bitcoin wallet, or whatever — that might be enough for an adversary to identify the VPS. Then they might compromise the site, collect data about users, go on to target them, and so forth. And that might eventually lead them to you, in meatspace. I do plan to write at length here about anonymous web hosting, with detailed instructions on GitHub.
It’s also crucial to compartmentalize operating systems. Many years ago, I published a series of guides on IVPN about using VPN-router VMs and Whonix (Tor) VMs to create nested chains, for greater anonymity. I’m now in the process of updating it, and it will include detailed instructions for new approaches that I outlined in this Restore Privacy guide.
I’ve mostly used VirtualBox for this, because it’s both straightforward and reasonably secure. There’s no doubt that Qubes is far more secure against attack, but it’s arguably no less likely to passively leak than VirtualBox, when configured properly. And it is much harder to learn.
Still, all virtualization approaches are more or less vulnerable to breakouts from VMs to host machines. And once attackers or malware can reach the host, all bets are off. If that’s a substantial risk, you can employ hardware compartmentalization. Instead of using VMs in host machines, you can use multiple physical machines, such as Raspberry Pi or whatever. You can also use multiple host machines, and segregate VMs based on desired isolation level.
6) But Lying All the Time Can Be Hard
Sharing about your anonymous online stuff with your family, or with meatspace friends and associates, is risky. So is sharing about your meatspace life with those who know you as some anonymous online persona. Both are dangerous, because people often gossip. So you may acquire a reputation, or even get doxxed.
In my experience, keeping secrets and lying is the hardest part. We all have secrets. And we all lie about them, at least sometimes. But this would be many secrets. And it’s hard to resist sharing what we enjoy with those we’re close to. We might feel dishonest, or even disloyal, in keeping secrets. People may be hurt that we don’t trust them enough to be honest. Also, we’re sometimes proud, and we crave recognition.
But that’s part of getting clear about why you want to be anonymous online. And you can at least be straight about it online. You can just blame it on your OPSEC.
However, that doesn’t work in meatspace. Because there, you want to come off as someone who doesn’t even know what OPSEC is. Because that in itself would be an OPSEC fail. But still, you need a plausible cover story, because others will wonder what you’re up to online.
7) Email Accounts and Web Browsers
Back in the day, when I was still using Windows, I worried about locking it down, to prevent excessive logging, and to prevent exfiltration of data to Microsoft. I even installed extra RAM, and ran Windows swapfiles in ramdisks. I used router rules to prevent Windows from reaching addresses for Microsoft and associated firms.
And then I gave up on Windows, and switched to Linux, which for the most part respects users’ privacy. So I no longer needed to worry about Windows and Microsoft.
But I was still concerned about using secure email providers, and securing browsers against exploits, cookies, fingerprinting and tracking. I used some Tor-based email providers, which are all gone now (along with Freedom Hosting and Freedom Hosting II). And of course, I’d never use Gmail or Chrome. I also modified Firefox a bit, and installed several add- ons. This is my current version:
- AdBlock Plus
- browser.newtabpage.enhanced;false
- browser.privatebrowsing.autostart;true
- Canvas Defender
- Disable WebRTC
- dom.storage.enabled;false
- dom.webnotifications.serviceworker.enabled;false
- extensions.pocket.enabled;false
- font.internaluseonly.changed;false
- media.peerconnection.enabled;false
- NoScript
- noscript.forbidWebGL;true
- privacy.sanitize.pending;[{“id”:”shutdown”,”itemsToClear”:[“cache”,”cookies”,”history”,”formdata”,”downloads”,”sessions”],”options”:{}}]
- Privacy Badger
- Smart Referer
- toolkit.telemetry.reportingpolicy.firstRun;false
But then I got seriously into compartmentalizing my activity into multiple host machines and VMs, and using combinations of VPN services and Tor to compartmentalize their Internet activity. And once I had done that, I no longer cared so much about preventing fingerprinting and tracking at the browser level. I still use most of what I’ve learned, but I haven’t been very interested in learning new alternatives, such as uMatrix.
For example, everything that Mirimir does is correlated, and I have no problem with that. I have a Gravitar associated with my email address. If I want to do something that won’t get associated with Mirimir, I use a new persona, in a new VM, which hits the Internet through a new nested VPN chain and Tor. That’s what keeps stuff unassociated, not some set of add-ons in Firefox.
I’ve had probably over 100 email accounts, and most are dead or abandoned. I maybe have a couple dozen that I check at least somewhat regularly. Mirimir uses Riseup, of course, and I love them like family. Otherwise, I end up using email providers who play well with Tor, such as Cockmail, Protonmail, and Tutanota. Cockmail admittedly has quite the chan vibe, and that may offend some. But they do offer some email hostnames that are safe enough in polite company (such as airmail.cc, tfwno.gf and firemail.cc).
8) Anonymity in Meatspace Is Dead
Basically, privacy and anonymity in meatspace are dead. There’s just too much surveillance.
- physical environment
- postal mail
- voice and data communications
- financial transactions
- social media activity
- government informants
We’re surrounded by cameras and microphones.
- surveillance cameras
- vehicle tag scanners
- electronic toll collection systems
- smartphones and other devices
In many cities now, pedestrian surveillance cameras are pervasive. Vehicle tags are scanned on the street, and also for toll collection on highways and bridges. There are surveillance cameras in many indoor environments: at work, in commercial establishments, and now in many homes. Also, there are cameras overhead, in drones, airplanes, dirigibles and satellites. And indeed, most of us now carry smartphones and other devices with cameras and microphones, which may be controlled by remote adversaries.
There’s also surveillance of postal mail. All mail and packages are imaged, and many are subjected to X-ray inspection. And international mail is subject to full physical inspection by customs.
All voice and data communications are likely monitored by the NSA, which may pass on leads to domestic agencies (such as the DEA, DHS, FBI, IRS and USCIS) under the SOP program. And financial transactions are subject to particular scrutiny, given concerns about money laundering and tax evasion.
And then there’s social media, where people overshare, both about themselves and their associates. Also, increasingly since 9-11 , government agencies encourage people to report suspicious behavior, criminal activity, and suspected terrorism. It’s become like postwar East Germany, where about 1% of the population were reportedly informants for the secret police (Stasi).
So really, we have privacy only where we control the physical environment, and can exclude surveillance devices, and where we don’t tell others what we’re doing.
But that could get a little boring, just sitting in our bunker.
There is one option, however. Perhaps bizarrely enough, it’s only online where we can interact with others and do stuff privately, and perhaps even anonymously.
It’s true that being online requires connecting to some ISP. But at least we can use VPN services to hide content and remote IP addresses from the ISP and other local adversaries. Using unauthorized VPNs is illegal in some countries. But otherwise, it’s common enough that we won’t attract much attention.
And once you have an innocuous VPN connection, we can route stuff through it that provides stronger privacy and anonymity.
I mean, there’s nothing like anonymity networks in meatspace. We can’t routinely disguise ourselves in public. That’s illegal in many places. And in any case, it attracts attention.
But even that is limiting. Say that we luck out speculating in cryptocurrencies, or through some anonymous online business, and want some of that money to live well in meatspace. Or maybe we want a Twitter account, and need to do SMS verification. Maybe we want to buy something from a Tor darknet market. Or we want to buy some equipment in meatspace, to use anonymously online.
Any of those actions could create an additional association between our online anonymous activity and meatspace, and that’s risky. Or at least, they could flag us as particularly interesting, and lead to increased scrutiny of our Internet connectivity. And conversely, if we were already flagged as interesting, based on our Internet connectivity, that could lead to increased scrutiny of our physical and financial activity.
Moving Money Anonymously
It’s also crucial to pay for stuff anonymously. The best option is arguably still anonymized Bitcoin, because it’s so widely accepted. First you need a wallet. I recommend using the Electrum Appimage in Whonix. Each persona should have its own wallet, in its own Whonix instance.
But first, make sure to get the Electrum Appimage from electrum.org, and not from some other site, which may be serving malware. Also get the signature file, and Thomas Voegtlin’s public GnuPG key. Typically, they’ll all be in /home/user/Downloads. So open a terminal there.
First verify the signature:gpg --verify electrum-3.3.8-x86_64.AppImage.asc electrum-3.3.8-x86_64.AppImage
You should see this:gpg: Signature made Thu 11 Jul 2019 07:26:15 AM MST using RSA key ID 7F9470E6
gpg: Good signature from "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>"
gpg: aka "ThomasV <thomasv1@gmx.de>"
gpg: aka "Thomas Voegtlin <thomasv1@gmx.de>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6
Now verify that the GnuPG key indeed belongs to Thomas Voegtlin. Browse to his 2016 presentation about Electrum and pause the video when his GnuPG fingerprint is on the screen. You will see that it matches the “Primary key fingerprint” in the above gpg output:6694 D8DE 7BE8 EE56 31BE
D950 2BD5 824B 7F94 70E6
If you plan to own substantial amounts of Bitcoin or other cryptocurrencies, you might want to use hardware wallets. I don’t use them, and so I can’t be of much help. But the Bitcoin Forum has a subforum about them.
Each of my personas has its own Whonix instance, containing its own Electrum wallet, and its own Bitcoin, which has been mixed multiple times, through a different series of mixing services. So basically, the Bitcoin in each of those wallets is unrelated to the Bitcoin in any of the other wallets. Also, generally only one Whonix instance is running, at any given time. And in any case, they’re arguably well enough isolated from each other, and not so easy to compromise. Keeping all that straight is hard enough, and I don’t want to add the complication of hardware wallets, which I’d need to keep track of and protect.
Anyway, privacy in meatspace is basically dead, given increasingly pervasive surveillance. So it’s arguably pointless to seek substantial anonymity while purchasing Bitcoin. And in any case, you can anonymize Bitcoin after purchase. But even so, it’s creepy to purchase from exchanges, given government reporting requirements.
However, it’s easy to find Bitcoin traders (sellers and buyers) in your country using LocalBitcoins. You can check traders’ reputations, and there’s an escrow service to reduce the risk of fraud. Interesting payment methods include:
- Other Remittance: Cash in person in public location
- Cash [deposit] at ATM
- Cash deposit: [bank]
- Cash deposit: bank deposit / in person
Another (riskier) option for finding private sellers is the Bitcoin Forum /…/ Currency exchange. And then there’s bitcoin-otc. It’s a chat (IRC) based system for negotiating trades, involving Bitcoin, other cryptocurrencies, cash, or whatever.
But then, Bitcoin is by design totally not anonymous. However, you can mix multiple times through Tor, using different mixing services. The following mixers were working in January 2020. But never mix more in one go than you can stand to lose. Even if a mixer works with a few mBTC, there’s no guarantee that it won’t steal a few hundred mBTC. At least, occasionally.
- BitCloak: Tor (five confirmations before mix)
- Bitcoin Fog: Tor, Twitter (needs account; six confirmations for deposits; withdrawals instant)
- Blender: clearnet, Tor (three confirmations before mix)
- CryptoMixer: clearnet, Tor (0-1 confirmations before mix)
Do not trust other URLs, as long as the ones listed above work. Bitcoin Fog is the oldest mixer still in operation. It mixed Bitcoin from at least two large thefts, and apparently did that successfully. Some have claimed that it steals, or at least that it’s unreliable. However, I’ve had only one delayed deposit, a couple years ago, and that was resolved within a couple days.
Bitmixer shut down in late 2017, and BestMixer was seized in late 2019 by police. GhostMixer was purchased in late 2019 by BitWhisk, but I didn’t test that. I also didn’t test Grams Helix light. It was stealing in 2018, but is supposedly OK now.
Another option is exchanging through Etherium currencies, which are supposedly anonymous by design. Although the Etherium ecosystem is heavily smartphone-centric, there are browser-based wallets. But still, there’s also considerable dependency on Chrome.
Anonymous SMS Authentication
Online accounts more and more require mobile numbers for identity verification, especially if you’re using VPN services or Tor. And smartphones are a privacy/anonymity nightmare. So using one for verification may destroy your anonymity.
Virtual SMS services work for some providers. Using free ones is risky, because messages are public. But in my experience, even paid ones don’t work for Twitter. There are also SIM leasing services, but typically the SIM and account country must match.
None of this seems to work for Google. And generally, if you’re using Tor. So I’ve ended up buying Gmail addresses and accounts on /r/BitMarket. Quality sellers also provide secondary email addresses, in case the account gets locked. However, it’s impossible to be certain that sellers can’t take accounts back, so it’s unwise to risk anything that really matters.
However, you can just use your smartphone, if you’ve secured it and anonymized the Internet uplink.
Receiving Packages Anonymously from Darknet Marketplaces
Darknet marketplaces are arbitrarily anonymous. But receiving stuff requires a shipping address.
From a recent academic discussion:
Silk Road participants neither viewed themselves as immune to, nor passively accepting of, the risk of detection and arrest. Rational choice theorists have viewed offending decisions as constrained by limited access to relevant information. Cryptomarkets as ‘illicit capital’ sharing communities provide expanded and low-cost access to information enabling drug market participants to make more accurate assessments of the risk of apprehension. The abundance of drug market intelligence available to those on both sides of the law may function to speed up innovation in illegal drug markets, as well as necessitate and facilitate the development of law enforcement responses. [emphasis added]
So yes, darknet marketplaces are also the best source for tradecraft information.
Using legitimate postal delivery services is iffy. The basic approach is simply to not attract attention. Vendors employ stealth packaging, to blend in and hide odors from dogs, and customers rate them on their methods. Vendors recommend that customers use real names, because fake names attract attention. That is, postal authorities maintain records of who receives mail at each address. That’s pretty creepy.
To remain anonymous, you must somehow interpose an intermediary. A proxy, so to speak. One common option is having stuff sent to another person, and pick it up before they do. Perhaps someone who’s on vacation, but hasn’t stopped mail delivery. Or someone who just doesn’t check their mail promptly. Maybe even a recently vacant apartment or house that’s still receiving mail.
However, there’s still the risk that investigators discovered the package, and so would be observing its delivery. And regardless, there’s the pervasive surveillance. You could perhaps pay someone to pick up stuff for you, and then meet somewhere neutral. Or indeed, you could just pay them to receive mail, or lease a post office box. However, even that is vulnerable to surveillance. In any case, you’d need to trust them. And if they got nailed, they’d likely give you up.
Dead drops are another option. That’s standard tradecraft for spies. And it’s far easier now, given GNSS/GIS based geocaching. And perhaps even drones, for popup dead drops. You could find a darknet marketplace or vendor that offers that option, or perhaps a group that offers the service more or less locally. Or simply setup a dead drop to isolate yourself from an intermediary.
Anyway, see these articles from opaque.link and Bitcoin News. And for a seriously out there approach, Drop Zone. It’s an anonymous P2P local contraband marketplace, running on the Bitcoin testnet.
Buying Stuff Anonymously in Meatspace
Buying stuff anonymously in meatspace is similarly limited by pervasive surveillance. We can certainly travel to distant stores, and pay cash. And we can of course turn phones off, and put them in Faraday bags.
But with cameras everywhere (even overhead) and vehicle tag scanners, there will likely be records. And in any case, all stores have surveillance cameras, given the risks of shoplifting and robbery.
Even so, the alternative is typically buying online, and paying with a credit card. Which is far worse.
9) Anonymous Tor Onion Sites
I’ll cover this in the next guide. But here’s the bottom line:
- Local hosting is very easy and private, but it’s also very dangerous. If adversaries manage to locate your site, they’ve also located you.
- Avoid shared onion hosting. It’s easy, but it’s very vulnerable to compromise. Read about Freedom Hosting and Freedom Hosting II.
- Hosting on anonymously leased remote VPS is easy enough. Although it’s less private, you can remain anonymous, even if it’s located.
- Hosting on anonymously leased remote dedicated servers, with full-disk encryption, is the most secure option. But it’s expensive.
This post is part of the ongoing Advanced Privacy Guides series.
This article leads me to one question. I’m a noob in this kind of topics.
Situation: I have a setup where i dualbooted my PC, one boot with a SSD with Steam OS for gaming (Arch Linux distro-based) and a HDD with Fedora and some VM for work. Sadly i don’t have enough money to buy another one for compartimentalize them.
Question: Can their activities be correlated even using a VPN? Each dualbooted OS will have the same browser fingerprint and/or device fingerprint because they share the same hardware as graphics card and other things? Or they act like two different PC?
Hi Sven,
I have been thinking on VPN chaining.
This article has made me consider traffic that appears to be VPN protocols or HTTPS.
NordVPN claims offer “obfuscated servers.”
Do you think such a service would be useful to avoid attracting attention arising from surveillance arising from ISP level monitoring or correlation attacks arising before entering the chain.
My thoughts are that if the ISP can’t detect the obfuscation than it would be great to simply blend in with HTTPS traffic;
On the other hand if the ISP can detect the obfuscation than this would make the traffic standout; and would likely draw special attention.
What is your advise?
Regards,
BoBeX
I do not think it matters whether you use obfuscated servers or not in the situation you describe.
Thank you
Decent article, but the crypto part is subpar. Nothing about Monero, seriously?
As someone else mentioned, coinjoin wallets like Wasabi are preferred to mixers, if you MUST deal with Bitcoin at all. Best is to convert Bitcoin to Monero through a service listed at GetMonero.org under Community -> Exchanges.
Also, don’t run Electrum. (or any thin wallet client) It’s well-documented that blockchain analytics firms run Electrum servers that your client may end up connecting to.
Mixbtc.io was created for the bitcoin mixer community with three things in mind, trust, speed, and security.
We understand that using a bitcoin mixer for the first time can be uncomfortable so we recommend splitting larger transactions into multiple ones until you’re comfortable with the process.
[https://www.mixbtc.io/]
Hey Vladimir,
I have just modified Firefox a bit as you recommended above, however, what I noticed is that trying to browse the web as usual using Swisscows is getting me anywhere, only particular websites are opening while the search engine doesn’t respond to the rest of my requests instead white pages are appearing, with other words whatever I choose to search for using Swisscows search engine don’t show up like results but white pages, I am not allowed to reach any content in a new tab except several websites, one of them is Restoreprivacy. I turned on all the add-ons of Firefox but that has not helped me at all. Using different search engine like DuckDuckGo with the same browser indicates no errors and it works perfectly fine! May I ask how should I proceed in order to browse the web as normal using Swisscows!? Before customized Firefox the way you recommended above, it was working perfectly fine with no errors indicated! I am a little bit confused! Have I done something wrong? If some of you guys have experienced similar issue feel free to leave a commment below with recommendations what I should do to fix the issue! Lastly, I just want to say a big thank you for all the hard work you guys have done! I am impressed by the website and his founder and dedicated team of proffessionals. I can confidently say I stand behind Restoreprivacy’s mission and visison! Great stuff! Thanks for your amazing job and help to stay safe in such risky, tricky, vulnerable times! Stay safe!
[https://www.mixbtc.io/]
Mixbtc.io was created for the bitcoin mixer community with three things in mind, trust, speed, and security.
We understand that using a bitcoin mixer for the first time can be uncomfortable so we recommend splitting larger transactions into multiple ones until you’re comfortable with the process.
The time that a mix takes to complete is usually down to the network fee that is selected, choose a high network fee to get your transaction confirmed sooner and the mix initiated quicker.
https://www.mixbtc.io/
Mixbtc.io was created for the bitcoin mixer community with three things in mind, trust, speed, and security.
We understand that using a bitcoin mixer for the first time can be uncomfortable so we recommend splitting larger transactions into multiple ones until you’re comfortable with the process.
The time that a mix takes to complete is usually down to the network fee that is selected, choose a high network fee to get your transaction confirmed sooner and the mix initiated quicker.
please make cursor look like pointer when hovered on site header’s items 🙂 would be better
I think I should call you the greatest. First of all, it is just today for me to know that you were the one who wrote this https://www.ivpn.net/privacy-guides/advanced-privacy-and-anonymity-part-1
What a wonderful article! – By the way, I have a couple of questions on it. I noticed that when I have two OS (Ubuntu) on virtual machines, both share the same Canvas and WebGL, which means i can be identified. I know that you said we should disable WebGL but how about Canvas?. Also another problem is, some websites force you to collect WebGL, Canvas and all other device fingerprint otherwise you wont be able to use their services. How can I make a virtual machine that has its own device fingerprint (e.g. WebGL, Canvas, Font, Plugin,Battery information etc). I know there are some products such as FraudFox, AntiDetect, Kameleo, Linken sphere or MultiLogin but I cannot trust them either since they collect data. Reference: https://seon.io/resources/device-fingerprinting/
I read that you would update this article https://www.ivpn.net/privacy-guides/advanced-privacy-and-anonymity-part-1 but i dont know where you will update it with detailed instructions? You meant in restoreprivacy?
Another question, have you digged into Decentralised VPN? I think this would be an alternative to normal VPN since the average joe does not know whether the companies store logs or not.
By the way, I wouldn’t recommend any mixing services you mentioned in this article but only Wasabi https://www.wasabiwallet.io/
I’m loving your series. I was wondering when can we expect the updated guide for the vpn and tor chaining?
Thank You!
As of the end 2019, there are 3.84 Billion social media users worldwide.
2.2 Billion Active Facebook Accounts
800 Million Active Instagram Accounts
330 Million Active Twitter Accounts
260 Million Active Linkedin Accounts
225 Million Active Snapchat Accounts
Because our life as active web users, the elife mirror is recorded online, and a lion’s share of incriminating evidence ends up here. The Trojan Horse, which misleads users of its true intent. The stratagem subterfuge effect if you will.
According to a 2017 survey by R H Legal, 52% of lawyers have reported an increase over the past two years in lawsuits involving posts, images, and data found on social media.
According to the ILTA 2018 Litigation and Practice Support Survey, 90% of law firms conducted social media discovery that year, with a 46% increase in firms handling at least 20 matters per year involving social media evidence.
Demographics continue to fuel the rise of social media in litigation.
A lot of really useful tips and extensions have been written, thank you to the author. I’ve been taking advantage of some of them for a long time, some of them just found out today. I never use my personal number for any kind of verification, from mail to online shopping. There are several services for receiving SMS online. For example, free numbers [https://smsreceive.eu/] . On the plus side, all the numbers there are real and the text will definitely be delivered. If I register a bitcoin wallet, for example, I use a service [smsplaza.io] – here each number is linked to the user and you can always use it. Maybe I helped someone with my advice… I hope so.
at J M
Would you elaborate some on the part as stated: “But in the end, true online privacy is only done while not online. This on the prominence in contexts of merit as being related in what way here? Cloaked web use or more so in your total abatement from a personal web’s use as if it’s used at all and the foreground in your own privacy’s sake?
Separating a businesses must usage to that of your own personal privacy desired in your off hours. Duel persona’s, as one lives somewhat unleashed and while the other lives in a very self-restricted style.
To me it’s also tied to your undergarment clause given as “Everything I do online I do as if it is a post card.” In others words, it’s usage being treated as an ‘open chain letter’, as not being able to hide any part at all while online use occurs.
It’s hard for the novice persons and me to get this articles posting authors drift to their actual meanings as it’s coming off as an hap haphazardly delivered rendition to their actual (long history in the field thats self proclaimed), where any important knowledge of facts as not being updated and then mentioned for us. Yet, it’s being bloated with contradictions and misaligned facts as whats given us in nothing as a KISS delivered path of actions we’re able to take into account in our own action of a remedy but, to buy a VPN subscription.
In as much, parts of the US and in other global world areas the internet is circumcised to circumstances beyond a users control where as they must obtain entry through an employed ISP and devices riddled with leaks in users data and it’s own meta-data (data about data).
Using the mobile platform in stimulus as examples: 4 majors become 3 with sprint and t-mobiles merger. Then in those desolate areas prior spoken of that are far from the metros commercial real estates venues in web use must be by way of satellites and mobiles. As well to a single cables offering only given in a choice of one ISP provider. The webs abilities of cross-device tracking in the use of etags, beacons, flash/evercookies, and device fingerprinting technics are still another web users dilemma to overcome.
In short review, users are hamstrung by their ISP choices and the foregoing state in which the natural web developed and in the modernization to it for all devices accessibility.
I so much wanted to see information that would render us in our web use as these two pictures do for the human element.
https://postimg.cc/K13P58WY
and then https://postimg.cc/WF1tX947
@ Sonar,
I think the best way to explain is that the mere fact of being online means you can be tracked somehow, some way.
While we can mitigate that, I am not sure you will ever be 100%. Thats all.
J M thanks, I was hoping for a single magic bullet effect you’d possibly realized. Noteworthy of mentioning, hath the vast resources of all nations governmental players where evidently they are found out to. In the ways they try employing to conceal themselves in their hacking of the other gov’s departments. So our chances are even slimmer I’d suggest in our online use, as we play good in it’s realm to redeem any sort of self privacy aspect we’d sought. Even in my supplied images, the human outline (or parts) are still visible. While I’m guessing the starting ‘A’ and the ending point ‘Z’ (ex: all networks time stamps), no matter of employing any obfuscation to. That with, as all todays active web elements reveal the individuals path as recorded by their time stamps just as well and so easily.
Sorry I don’t have the background and expertise for a specific pin point to it all.
I wanted to add: Uncommon as privacy foundations are to budget v income template sites in discussions on your personal Privacy coverage having sprung up in giving any attentions to these web fact with endless users time devoted and some in recursive costly solutions to them.
Do they give anyone value in the end to real solutions in new laws or revisions to old laws on the books affecting your electric privacy. I have found one that signing up for it’s news letter tells you exactly of it’s many fights using the US courts system rightly done.
Electronic Privacy Information Center (EPIC) use org
@Sonar,
Sorry, I wish I had a single bullet answer. I think it takes everyone and many different tools to help but I am but one little screw in the building structure of security and privacy.
I agree. Until there is a sure way of blocking, managing and excluding all tracking, and self identifiable ways to trap someone, we need to be very careful.
I am with you, I do not have the expertise and I am just a novice at this. However, I do know a few things and one of which is, “The internet is a postcard” :).
at J M on privacy,
Interesting was the concept I’ve herd used of Honeypots and that is misused a lot by the uninformed persons knowledge in.
https://en.wikipedia.org/wiki/Honeypot_(computing)
Me to almost, but I should say clearly that a Botnet is more inline with my meanings here later reveled. Overlooking that the Botnet term is usually used with a negative or malicious connotation as DDoS attack, stealing data, sending spam, and allows the attacker to access the device and its connection.
https://en.wikipedia.org/wiki/Botnet
On the assumptions that a Botnet has mastered the machines owner ISP connection. Why can’t something as VPN’s are doing already, be cleaned up from maliciously as in a Botnet program and it’s pooled together of connections within a group of people that so elected to this co-oping usage in their real ISP IP’s to cover and mask the white/gray noise that’s given off by their own ISP IP’s that has been assigned to them? Being deployed how I can only imagine.
Essence of contamination by collaging their profile(s) of that single ISP IP with many users in the hundreds of different users tastes wherein the tracking info obtained is sanitized basically to of the real IP owners identity as being profiled but of a generic collage now. Can you follow?
Another example as what happens where unauthorized mining activity from cryptomining malware. (So prevalent that ad blocking firm AdGuard estimates more than 500 million users are mining cryptocurrencies on their devices without realizing it.)
Forbidding the use of the machines owners device resources in said ISP IP’s sharing.
Sorry I don’t have the background and expertise for the specifics as it was just a thought and as such not researched to much.
@ Sonar,
Thanks for telling me about Epic. I will check it out.
Cost to ROI, I can’t say as to the advantage, I can say that while I appreciate some of the security, I love my freedom more.
In the words of a US founding father, “I prefer dangerouse freedom over secure bondage”.
at J M on privacy#2,
The part of the botnet ideology was as I stated just a passing thought, kind of eerie that I’m susceptible to these incoming partly mind visions, partly as thought logic to an idea coming to me. I’m not gifted nor educated and while in school hated reading a lot (not graduating HS as well) , nothing paranormal either I can account for. Bad headaches only at times is all I relate if in anyway connected. I do tend to get possessed in as much to be in tune on a subjects matter or in sink with a persons felt karma.
As the cosmos is grounds for quantum theories it must be a convectional conduit (conveying or transmitting), that humans have a very deeply embedded abilities too, Liken as animals have to their breed instincts are in the earthly world lived.
Not as I’d say, an omen was to Nostradamus or the brilliance of Leonardo da Vinci. If anything again sparely relative, numbers and art was my excel. As the little fingers nail to Michelangelo though extremely far away to even comparing myself more than that. I’m not big on myself but, big that is in where life is an art, and art mere trapped expressions of life around the living. Building that abstract look to self and getting on with my botnet ideology.
Reading of the site more I do see mention of a damn close mentioning in some hardware here that’s essentially even closer than I had envisioned.
https://winstonprivacy.com/pages/technology
Magic bullet? Weigh in please – all!
@Sonar,
I think what I meant by a magic bullet was that one bullet and it would solve all issues relating to online privacy and security.
I know of no such beast. Wish I did though.
at J M on privacy #3,
That’s inline to what I meant by magic bullet. Varies to as then it might be comprised for the needs of everyone’s attention by many tools for anyone’s specific privacy and security. Unknowingly most of us give away a frightening amount of compromising personal information for their news, entertainment, emails, videos, facebook associations, based on web use and intertwined with matchless offline personal records and new age biometrics.
That data absolutely can be used against our self, our family and compromise the whole families unit of safety and security. There was no original idea of the Internet to democratize the information. Only decades later, we find this has been corrupted by a vast network of big tech companies, advertisers, data brokers, governments, and even more so of foreign bodies now. The result of an earlier information economy has essentially become the state of surveillance economy today.
VPN can only help out some but it’s not a complete solution to the problems at hand. VPN traffic’s encryption can’t fend off against a users behavioral online times nor the activity as when their home, in an office and a stores wifi’s use as witnessed by logs and containing devices trace data. Even to what devices and types are being connected to a network of any internet sources, even thwart off knowing about the sleeping/wake patterns of a user. As that’s all beyond the VPN ability and your ISP and others will still know this even after all.
I guess as the magic bullet effect would be limited to your total device protection of which the Winston hardware filter box claims to do. See the link given earlier for interesting details. Only Con things are the high costs and a recurring subscription that I find.
So agree with you J M in the explained, based on simplicity as rule – ex: some how and some way…
I do re-comb and re-climb through the readers thoughts expressed herein this site and each time to hopefully gain another piece of our privacy’s puzzle that is relieved to me.
A common denominator is the devices and networks as to where time stamps and that involves using our no-par VPN. That only a (VPN) amounts to an encryption of the transits or flow data in the tunnel, beings nothing is covert outside of it’s established purpose of those perimeters is masked at all.
Factual trace data remains as it is possible to find out who you are as well by looking at your Computer name, Hostname or even it’s MAC address by those on the web or local ISP network in checking any logs over.
[Offbeat thoughts (please this is no proof – my subliminal perceptions only), and guarding your own health to it’s best life and your understandings backed by trusted health care professionals.]
In as much, US money sometime ago had the little magnetic strips concealed in them. Yearly the US people are encouraged to get flu shots.
Before it has been witnessed in inventoried products we’d only had seen SKU’s and then UPC bar-codes used, and now many have this QR code (abbreviated from -Quick Response code). Where in practice, QR codes often contain data for a locator, identifier, or tracker that points to a website or application. A QR code uses four standardized encoding modes (numeric, alphanumeric, byte/binary, and kanji) to store data efficiently and extensions may also be used.
Thinking about eBiometrics and new age fingerprinting tectonics building on the last models. An hidden QR code chip very well can be so small now it’s nano-sized for undetectable as planted in devices at the factory (any components part there of a device) or hidden in a yearly flu shot to dissolve in time.
Can you feel the burn of being fed up to technology’s innovations to a driven beat in the web’s state of a digital surveillance economy – not yet?…
The Power Station – Some Like It Hot / check out the Lyrics, thinking about technology. Shine On you crazy diamond – Pink Floyd Lyrics thinking about yourselves and Don Henley – Dirty Laundry Lyrics for information data brokers having their fingers in your data pie.
I found this on Reddit. To quote, “ it does not access your ip. It needs access to the website’s ip/dns records to uncloak the cnames, which some sites’ are using to hide ads/trackers.”
https://www.reddit.com/r/uBlockOrigin/comments/f8p2cx/new_permissions_request_ip_address_and_hostname/
Interesting. Thanks for posting.
I think you missed it on the storage arguments you’ve made as not applying to how fast technology pace is multiplied with each new advancement achieved / keeping outside measurements same but volume storage held increases.
Then over looked your own point of: “That’s because the NSA (and some other national intelligence agencies) can intercept and manipulate traffic at so many points, throughout the Internet.”
Countering the point of yours about: “multiple intercepts”.
Totally over looking google’s breakthrough with a running Quantum computer late 2019 as we move towards Quantum Communications.
In theory quantum communication would enable instantaneous communication from anywhere in the world.
Your argument:
“But here’s the thing. Even if they’ve retained everything required to deanonymize someone, actually doing it requires analyzing and correlating data from multiple intercepts. So it’s unlikely that they do that routinely for all information that they’ve retained. Also, it’s unlikely that they can retain even that filtered sample for very long. And so they must filter out what to keep long term, which reduces the chance that they’ve retained enough to deanonymize someone who wasn’t interesting enough, for long enough.”
(Click on image to enlarge)
https://hddmag.com/wp-content/uploads/2018/10/Evolution-of-Hard-Drives-and-Digital-Storage-1.jpg
Seeing the storage likes of how it’s not standing still and advancing into it’s own new frontiers.
1996 – NAND Flash solid state storage for 512GB to upwards of 3.84TB.
2012 – Harvard researchers encoded a 543k world book, 11 jpeg images, and one javascript program into a DNA strand. DNA would last thousands of years and provide 2.2PB of storage per gram.
2018 – Toshiba 14TB Internal hard drive.
2018 – Nimbus Data announces 100TB ExaDrive DC100, 80-90% more energy efficient than the top competition.
The average cost per GB has over the last 30 years gone from way over $1000,000. to just a few cents.
Today in cloud services typically one finds free rides up to 20GB and paid services can offer unlimited for around $99. monthly / $999. yearly.
Google processes ~20PB of user content daily. Understanding then a Petabyte (PB) or 1,000 terabytes, so just 1PB would be close in having 20 million four drawer filing cabinets filled with text.
If storage limits about everything anyone does on the Internet is one recursive attribute you do consider for now I don’t get it as facts found do not agree.
You might want to rethink that avenue a bit, information brokers aka data brokers compile 1,000’s of pieces in data about a person. Some data brokers retain all information indefinitely.
This data as such are aggregated to create individual profiles, often made up of thousands of individual pieces of information, such as a person’s age, race, gender, height, weight, marital status, religious affiliation, political affiliation, occupation, household income, net worth, home ownership status, investment habits, product preferences and health-related interests.
Brokers then sell the profiles to other organizations that use them mainly to target advertising and marketing towards specific groups, to verify a person’s identity including for purposes of fraud detection, and to sell to individuals and organizations so they can research people for various reasons.
Sites such as checkingrecords and checkthem both with a com, can be both open public as well as non-public information. It goes over and above what a single resource can do for you or what engines like google can provide you with. You will have accessibility to public record information, social networking summary, a general online lookup, court records, records of criminals, telephone records (both general public and privately owned directories ), driving records and much more.
Then what if a co-op of unknown sorts starts up or new (eyes) groups where only members say as (fingers to the hand) only mine for and retain certain targeted parts in data/meta-data about the profiled subjects into it’s linked network.
So the targeters scale is much larger to a target than would be expected as it’s distributed between the co-op hand image having the strength in each finger as a gripped fist on the profiled subject.
Imagine now the human body (instead of the hand) as this Internets co-oped networked (eyes) of reach and power leaves no anonymity options, that’s one case in the multi-billion dollar business that Gov’s black opps have to be tapping in to.
@Mirimir,
I read through the article. While what you are saying makes sense, I am struggling with two concepts.
1) As you have mentioned, the advisary we are trying to hide from has unlimited power, scope, time and equipment, in relation to we who are simply online.
Because of this, the fact that there is an attempt to really “hide” is almost an impossible game of hide and seek. Can it be delayed? Yes. Can there be things that are done? Yes. But in the end, true online privacy is only done while not online.
I mentioned this before and will say it again. Everything I do online I do as if it is a post card.
2) I read through the process you have to maintain privacy online. You have several dozen online profiles. Each that is used for specific functions and purposes. Each with their own taglines, writing styles, passwords, emails and structures in place to operate.
When shifting from one to the other, you must have a notebook to keep your identities in line for I know that I have had two online identities. Crossing from one to the other, even in the slightest of fashions, causes a breakdown of those identities.
Couple that with my work and trying just to get through the day in an orderly fashion…yeah! I have decided that I have my id here on this site. I do not visit any site that I have to log in on to post a comment and I have stopped going to any other site that I used to be part of.
I do have an online presence with my NPO and I have not given any indication of what that is here on this site and the email I put in and my screen name is not the NPO contact.
Can a connection be made? Yes. But I am online for work and then I am not. I use a VPN to hide myself from my cell phone company and I use a VPN to protect myself when I am online in public. I realize that a VPN may serve its purpose elsewhere and I will use it as such, if I need it, but these are my two big things.
If I do not want to be known online, I don’t get online.
The fact that you can maintain so much overhang and order is very commendable. I just cannot do it. I have two email addresses. One for my NPO and the other for my personal which only three people have. I cannot fathom having more than that.
These are just my thoughts and while I appreciate the article, I am not sure how little users like me can do more than we already are. We follow some of the things on this site, but at the end of the day, is it really enough?
Why use Adblock Plus and not uBlock Origin or AdGuard instead?
The best I can say is the new update on my Linux Firefox UBlock Origin is the new update requires connection to the IP address.
Just my thought.
Hey Restorer… I had the exact same question. (Why “Smart Referer” would be my 2nd question.)
But I do not think that Dimi will respond. He, and Herr Heinrich, are in the higher stratosphere of Techno Geeks. You, I assume, are like me: Just want to know how to keep safe/secure on-line. Something we can use after understanding why and how to use it. Like probably 95% of folks that appreciate this web site and Sven’s banner efforts.
I think it’s a good thing that Sven has these guys/gals/whatevers on board… but for the plain person, like myself, it’s like explaining Quantum Physics to a 10 year old = no comprendi!!!
P.S. J.M.’s 26 Feb. reply to your query was about as non-sequitur as you can get.
Cheers, George
at George, If I may though when you do offer something it seem well thought out or related as these in that other topic.
“These technologists think the internet is broken. So they’re building another one.”
and
“Decentralisation: the next big step for the world wide web”.
Mainly what my shortcomings are with people (not you in my answering previously), but negative energy is expelled. Which it’s of the same energy (amount), directed wrongly. That could be used to build one up and yourself to an higher level comparable enough to drive a positive relationship than as to run one off so to speak…
Like as humans, we’ll compare our worst the the best of someone else we may admired – when really being two equals just not in the fields.
I do ask you to don’t stop offering the things you feel are important and, if you feel someone as them then, has unrelated/unimportant facts given or understood – help by example than for anyone left hanging in a bad position. Start a dialog with – to what they meant and let them work it over with you on it.