Anonymous Behavior

✨ Megiddo

✨ President ✨
Staff member
May 15, 2016
Despite the fact that the Internet unites a huge space, a person’s personal space is becoming smaller. The technology, which is designed to give people the freedom of speech and the ability to openly express their thoughts, over the years has become an instrument of control and suppression. Due to the technological features of the Network, each user is dragged by a digital trace of all his activity. Anyone who has the ability to collect this data, gets the opportunity to use it against users. Freedom of speech cannot exist in conditions where anyone can be punished for words. Even by itself, the possibility of being punished erects a wall of censorship and self-censorship, making public discussion impossible. Without this openness, stagnation begins, and the forces possessing resources start exploiting. In this way, The function of propaganda is added to the function of suppression and control. Because of its open nature, the digital footprint is available to third parties who can use it to interfere with privacy. What should remain a secret can be public domain. In such a situation, the only effective way to preserve your freedom of speech and privacy is through anonymous behavior, that is, not giving anyone and never the opportunity to connect the trail of activity on the Web with your real personality. There will always be some forces that will try to take away freedom of expression in various ways. To counter these forces there are many means. Below we provide the most common methods for ensuring anonymity and enhancing information security, categorized by importance. The methods of each category complement the previous ones.

Critical group
  • Do not report extra information about yourself. There is a set of attributes, knowing that you can select a particular user from a variety of others. These are age, gender, education, place of residence or time zone, profession, hobbies, appearance data and in general any individual characteristics of a person. Such attributes allow an outside observer to effectively filter out unnecessary users by profile, which gradually leads to deanonymization. You can avoid this by developing a habit of being careful when communicating. In addition, you need to learn how to control your emotions. In 2010, B. Manning, in the search for moral support, confessed to a private chat in a private chat that he had transferred 250 thousand military documents to WikiLeaks. The stranger passed it to the FBI agents, and now Manning is serving a term of 35 years. This would not have happened if he had been in control
  • When using the resources on which you want to maintain anonymity, be sure to change your IP-address. It is directly connected with the name in the physical world (through a contract with the provider, and with dynamic IP - through connection logs). An entry about the connection of a client to a server can be stored on this server almost forever. To change the IP is convenient to use Tor. This is an anonymizing network, which, roughly speaking, is a proxy chain and helps to easily change IP. Windows users can install the portable Tor Browser Bundle. Linux users can install it from most package managers. IP change concerns not only surfing sites, but also any other Internet connections to servers - Jabber, instant messengers and everything else. The same Tor can proxy almost any kind of connection, it is enough to specify the host in the proxy settings127.0.0.1 and port 9050 or 9150. Some sites may block Tor due to malicious activity. It is also impossible to download torrents through it, since the real IP will “leak”. In such cases, you can use VPN. They are paid or free. The above means for changing the IP address should be used for all work on the Web, or at least for work that requires anonymity.
  • Do not use one nickname twice. If you use the same nickname as on a non-anonymous resource, it is not difficult to compare the personality. Knowing not anonymous nickname, it is possible to get real IP. If you do not have enough imagination to come up with new nicknames every time, you can use online generators, there are a lot of them.
  • Do not use when registering on various resources that e-mail, which is associated with the real name. Even if it is not displayed anywhere else to other users, it is still accessible to an observer or at least to the administrator of the resource. It is best to use a one-time e-mail like 10minutesmail. It allows you to get a password or activation link to a one-time box and directly through the browser. After registration, you should always change the password to a more stable one.
  • Never use your mobile number to confirm registration. Such two-factor authentication negates the anonymity, since the number is often associated with the real name and allows the departments with resources to find out a lot of things, including the location. If you wish, you can use paid services like REG REG or free browser services to get registration codes. But first, it is better to think whether a similar resource is needed at all.
Advanced group
  • Be sure to remove the metadata when publishing any files. Metadata may contain records, based on which you can completely de-anonymize the user. Modern digital cameras can sew in the photo model number and manufacturer of this camera. Some smartphones sew in the photos of the GPS-coordinates of the location. To avoid de-anonymization, you need to pre-clean any published files. To do this, there are special tools, such as the Metadata Anonymisation Tool for Linux and Exiftool for Windows, and many similar programs.
  • Increase web surfing security. There are several extensions for popular browsers that fix some vulnerabilities. The NoScript extension blocks various website scripts that can be used to run malicious code or invoke any programs that may lead to de-anonymization. Some sites will work incorrectly after installing NoScript, so you may have to make them in exceptions. The second extension is called HTTPS Everywhere. It forces the use of a secure connection. Although TLS / SSL certificates are generally vulnerable to vulnerabilities, this extension can improve security on sites where the connection has no protection at all. RequestPolicy — it protects some user data, as well as AdBlock, which removes annoying ads, may be useful.
  • Use OTR to protect privacy in personal chat rooms. Personal messages are transmitted in the clear, they can be read by the server administrator or anyone else by setting a wiretap. Off-The-Record is an end-to-end encryption scheme that automatically creates one-time session keys and encrypts all messages with them (except the very first one). After completion, session keys are destroyed and the attacker will not be able to restore them, as well as the entire dialogue in the chat. OTR also has authentication functions - through the exchange of identifiers of permanent keys through another means of communication such as a phone, or through a shared secret, which must be arranged in advance at a personal meeting. OTR plugins are available for most instant messengers, they work well over XMPP, IRC and other protocols. For email, use GPG encryption,
  • Use special tools for storing passwords. Keeping them in clear form in a text file or on paper is a bad idea. They can be stolen by various methods. Programs like KeePassX and Password Safe create an encrypted database locked with one master key, that is, it is enough to invent and remember one strong password. Password stores also have the function of generating long passwords from random characters. This is convenient - they are immediately recorded in the database, and because of randomness and long length, it is difficult to hack them by selection.
  • Do not use proprietary software. Due to the fact that it is impossible to view the internal contents of the program, it is impossible to recognize all its functions and make sure that it does not have built-in backdoors for special services. Only the closeness of the system allows you to embed bookmarks that perform any function of collecting data about the user, who also set up such a program voluntarily. To avoid leaks of important information, you need to use only free open source software. The content of open programs can be viewed entirely by anyone. In addition to checking for bookmarks, free software has a completely open development cycle, which is much more efficient due to the feedback circuit - systems like GitHub allow you to contact the author of the program directly and quickly resolve any vulnerabilities and bugs found. Before you download any program, you must make sure that it is open and free. This is usually indicated on the program website. If not, you need to find an open analog. The use of open source operating systems (various Linux distributions and BSD systems) will also help increase your security.
  • Having mastered open source operating systems like Linux, advanced users can increase the security of their systems even more. Methods and tools to improve security usually depend on specific tasks. In some cases, whonix may come in handy. This distribution allows you to create isolated virtual machines whose traffic is fully proxied via Tor. You can run any other OS in the virtual machine itself, even Windows, and all virtual machine traffic will be anonymized. Whonix is ideal for those who like to isolate the system through virtualization, but it requires quite powerful hardware. Gentoo lovers can enhance security using the GrSecurity core, this distribution is called Hardened Gentoo. Such a kernel has a large number of patches that eliminate low-level vulnerabilities, typical of the usual Linux kernel. There is also a SELinux, role-based access control system. Initially, this tool was created by the NSA to protect its computers. At the network level, there are iptables, which allows you to create an effective firewall. All of the tools mentioned (and not mentioned too) are suitable for truly experienced users, and setting them up requires attention and caution.
  • When installing various programs, it is necessary to verify the check-sum of the downloaded files with those that are located in the program sources. This will help ensure their integrity. In case files were corrupted during download or intentionally changed by an attacker even by one byte, the check-sum will be completely different. This is achieved due to the avalanche-like effect of hash functions. In addition to check sums, some developers use GPG signatures of files and assemblies. Usually the release manager signs with his key, acting as a guarantee of reliability. For example, Tor builds have been signed by Erinn Clarke over the years. Verifying signatures of downloaded software is good practice, as it helps to establish the authenticity and integrity of critical programs.
  • Protect your computer from physical access will help tools for disk encryption. They decrypt the partition when the operating system starts and encrypt it back when it is disconnected. Linux users have a built-in dm-crypt tool that has all the necessary utilities for disk encryption. You just need to keep in mind that Linux will have to encrypt not only root, but also swap, otherwise some data will not be protected. It is also necessary to preset the DE for instantaneous shutdown of the machine, since only shutdown helps to securely lock data in an emergency. Encryption with convincing denial may be useful in some cases. Simply put, creating a hidden “double bottom” in encrypted partitions with other partitions without any labels, locked with a different password. Effectively to prove the existence of such a “double bottom” no examination can, it is possible only to assume by the size of the general section. For retrogrades and Windows users, there is TrueCrypt, which ceased to exist in May 2014 under mysterious circumstances. The only reliable source for builds and source code is a repository with signatures: . The latest reliable version is 7.1a. TrueCrypt can also be used for disk encryption, creating hidden partitions and encrypted volumes. Using this program is quite simple and well documented. For those who need to replace the obsolete TrueCrypt, there is Veracrypt: The project has inherited parts of the TrueCrypt code, has a compatibility mode with its volumes and is being actively developed. Another heir to TrueCrypt is Ciphershed:, it is still in a fairly early development stage. Using disk encryption, you need to know that there are several dangers. One of them is Cold boot attack, which allows you to start the machine in a short period after shutdown. The second danger is attacks like Evil Maid, which allow you to steal a password from an encrypted partition: . All this must be considered, leaving the computer unattended.
  • If possible, reduce the physical attack area. If you have a built-in WiFi card, you should remove it and use an external, connected via USB. This will allow you to completely and securely disconnect the computer from the network if necessary, isolating and reducing the attack area (the physical method of isolating the computer from the Network connection points is called “Air gap”). Watch out for the built-in Access Management System. This system provides the manufacturer with remote full access to the machine. Initially, this system is used to track when you steal, but it can be used for anything. Do not buy computers with delivery by mail. The NSA has a unit called Tailored Access Operations, whose job it is to intercept mail parcels with computers, installation of hardware and software bookmarks and further sending to the recipient. According to the agency, such a scheme is considered one of the most effective for implementation in the desired system.
  • The basis of information security is knowledge. The best way to increase your security is to study systems, cryptographic algorithms and protocols. This is a long process that requires patience and time. The reward for work will be the opportunity to understand the vulnerabilities and solve them.

For a single user, there are no clear boundaries between the “anonymous / non-anonymous” state. This state is directly dependent on the threat model, because different attackers have different resources available to attack this user. Basic equipment will be enough to protect against random factors, and the best equipment will be needed to resist the work of the special services. Without having enough data about your threat model, the choice of the means used should be made on the basis of a compromise. On the one hand, there is a familiar convenience, on the other hand, there is a huge risk of disclosing sensitive data generated by default and independently of the user. It is also worth bearing in mind that 90% of intelligence data comes from open sources, mostly from the Web. In other words, in the digital age, users unknowingly make up their own files. The possession of personal data gives power, therefore possession of them will always be of interest. Anonymity is difficult, information security is even more difficult. Everyone has to learn only one thing: no one will protect your data, no one will keep your privacy, except yourself.
Top Bottom