Anonymity on the web

By Theraider & Dangerous R.

[ t a b l e o f c o n t e n t s ]
01 - table of contents
02 - introduction
03 - first tips
04 - about proxies
05 - cookies
06 - ftp transfers
07 - secure transactions
08 - SSL tunelling
0 - anon!"it! on irc
10 - "ail cr!pto #and pgp usage$
11 - ic% pri&ac!
12 - sp!'are
13 - cleaning tracks
14 - ending 'ords
[ introduction ]
(o'ada!s) e&er!one 'ants pri&ac! on t*e 'eb) because no "atter '*ere !ou go)
so"eone could be 'atc*ing !ou+ So"eone like !our e"plo!er) so"eone tr!ing to
*ack !our s!ste") co"panies gat*ering all !our info to sell to !et ot*er co"panies)
or e&en t*e go&ern"ent) "a! be on !our track '*ile !ou peacefull! surf t*e 'eb+
,*us) anon!"it! on t*e 'eb "eans being able tu use all of its ser&ices 'it* no
concern about so"eone snooping on !our data+
-our co"puter being connected to t*e net *as an ./ 0.nternet /rotocol1 address+ .f
!ou *a&e a dial-up connection) t*en !our ./ c*anges e&er! ti"e !ou connect to t*e
internet #t*is is not al'a!s true) t*oug*+ ,*ere are dialup isps) speciall! for
uni&ersit! students) t*at do *a&e static ips$+ 2able "ode"s and 3SL connections
*a&e a static ./) '*ic* "eans t*at t*e ./ address does not c*ange+ 4ne of t*e goals
of getting anon!"ous is to "ake sure !our ip) eit*er static or d!na"ic$ isn5t re&ealed
to ot*er users of t*e internet) or to ser&er ad"inistrators of t*e ser&ers !ou roa"
around '*en using internet ser&ices+
,*is text tries to gi&e !ou so"e *ints on *o' to "aintain !our anoni"it! on t*e 'eb+
So"e of t*e *ints "a! sound banal) but t*ink of) if !ou reall! abide t*e" in e&er!
situation+
[ first tips ]
6*en c*atting on .72) .28) 9.: #etc++$) do not gi&e out personal infor"ation about
!ourself) '*ere !ou li&e) 'ork) etc+
3o not use !our pri"ar! e"ail address #t*e one !our .S/ ga&e !ou$ an!'*ere
except to fa"il! "e"bers) close friends or trusted people+ .nstead create for
!ourself a 'eb-based e"ail account suc* as !a*oo) *ot"ail) d!na"ite"ail)
"ail+co") etc+ and use t*is e-"ail address to signing up for ser&ices) '*en in t*e
need to gi&e !our "ail to do'nload so"et*ing) or to publis* on !our *o"epage+
6*en signing up for ser&ices on t*e 'eb) don5t gi&e !our real infor"ation like
address) p*one nu"ber and suc* unless !ou reall! need to do so+ ,*is is t*e kind of
infor"ation t*at infor"ation gat*ering co"panies like to get) so t*at t*e! can sell
out and fill !our "ailbox 'it* spa"+
;se an anon!"ous prox! to surf t*e 'eb+ ,*is "akes sure !our ip doesn5t get stored
on t*e 'ebser&er logs+ #6ebser&ers log e&er! <=, re%uest "ade) toget*er 'it*
date) *our) and ./+ ,*is is '*ere t*e prox! co"es in+ ,*e! get t*e ip fro" t*e prox!)
not !ours$
;se a bouncer to connect to .72 net'orks) in case !ou don5t trust t*e
ad"inistrators) or t*e ot*er users+ 9 bouncer is a progra" t*at sits on a
per"anentl! connected "ac*ine t*at allo's !ou to connect t*ere) and fro" t*ere to
t*e irc ser&er) >ust like a prox! 'orks for 'ebser&ers+
;se anon!"ous re"ailers to send out !our e-"ails+
2r!ptograp*! can also *elp !ou b! "aking sure t*e "aterial !ou send out t*e 'eb)
like b! e"ail) etc) is c!p*ered) not allo'ing an!one t*at doesn5t *a&e !our ke! to
read it #in ke!-based cr!ptograp*!$+ /rogra"s like /</ #prett! good pri&ac!$ are
toolkits 'it* all !ou need to c!p*er and unc!p*er !our stuff+
3elete traces of !our 'ork 'it* t*e co"puter including *istor! files) cac*e or backup
files+
[ about proxies ]
/roxies are cac*es t*at rela! data+ 6*en !ou configure !our 'eb bro'ser to use a
prox!) it ne&er connects to t*e ;7L+ .nstead it al'a!s connects to t*e prox! ser&er)
and asks it to get t*e ;7L for !ou+ .t 'orks si"ilarl! 'it* ot*er t!pe of ser&ices suc*
as .72) .28 etc+ ,*ere5ll 'on5t be direct connection bet'een !ou and t*e ser&er) so
!our real ./ address 'on5t be re&ealed to t*e ser&er+ 6*en !ou &ie' a 'ebsite on
t*e ser&er) t*e ser&er 'on5t see !our ./+ So"e of 'eb proxies do not support
for'arding of t*e cookies '*ose support is re%uired b! so"e of t*e 'ebsites #for ex+
?ot"ail$+
?ere are so"e anon!"ous proxies t*at !ou can use to surf anon!"ousl! #notice t*at
so"e of t*ese "a! be a pa!ed ser&ice$@
9ixs - *ttp@AAaixs+netA
7e'ebber - *ttp@AA'''+anon+deA
9non!"iBer - *ttp@AA'''+anon!"iBer+co"A
,*e 2loak - *ttp@AA'''+t*e-cloak+co"A
-ou5ll *ig*l! probabl! find "an! 'ebsites t*at pro&ide t*e lists of unaut*orised
proxies and re"ailers + Suc* lists are being co"piled usuall! 'it* t*e *elp of port
scanners or exploit scanners) scanning for co"puters 'it* 'ingate or ot*er proxies5
backdoors+ ;sing t*ese proxies is illegal) and is being considered as unaut*oriBed
access of co"puter+ .f !ou get suc* list to !our *ands) c*eck if t*e info is legal or
co"piled b! script kiddie) and act acordingl!+
.f !ou an!*o' decide not to use prox!) at least do not forget to re"o&e !our
personal infor"ation fro" !our bro'ser+ 9fter !ou re"o&e details like !our na"e
and e-"ail address fro" !our bro'ser) t*e onl! info a 6eb site can sniff out is !our
.S/5s address and geograp*ical location+ 9lso Ca&a and Ca&aScript applets can take
control of !our bro'ser unexpectedl!) and if !ou are surfing to unkno'n and
potentiall! dangerous places !ou s*ould be a'are of t*at+ ,*ere are exploitable
bro'ser bugs #"ainl! .nternet explorer ones$ reported e&er 'eek+
[ cooies ]
:a!be !ou5re not a'are of t*e fact t*at if !ou *a&e t*e Dallo' cookiesD feature in
!our bro'ser on) 'ebsites can store all sorts of infor"ation on !our *arddri&e+
2ookies are s"all files t*at contain &arious kind of infor"ation t*at can be read bt
'ebsites '*en !ou &isit t*e"+ ,*e usual usage is to track de"ograp*ics for
ad&ertising agencies t*at 'ant to see >ust '*at kinds of consu"ers a certain site is
attracting+ 6eb sites also use cookies to keep !our account infor"ation up-to-date+
,*en for instance '*en !ou &isit !our e-"ail 'ebbased account 'it*out being
unlogged so"e *ours later) !ou find !ourself being logged on) e&en if !ou turn off
!our co"puter+ -our login and pass'ord 'as si"pl! stored on !our *arddri&e in
cookie file+ ,*is is securit! t*reat) in case t*at t*ere is "ore persons '*o *a&e t*e
access to !our co"puter+
:ost of t*e bro'sers offer t*e possiblit! to turn off t*e cookies) but so"e of sites
like ?ot"ail+co" re%uire t*e" to be turned on+ .n case !ou decided to allo' cookies)
at least ne&er forget to log off fro" t*e 'ebsites '*en !ou5re finis*ing &isiting t*e"+
[ ftp transfers ]
6*en using an E,/ client progra" to do'nload files) assure !ourself) t*at it5s gi&ing
a bogus pass'ord) like guestFunkno'n+co") not !our real one+ .f !our bro'ser lets
!ou) turn off t*e feature t*at sends !our e-"ail address as a pass'ord for
anon!"ous E,/ sessions+
[ secure transaction ]
=&er!t*ing being sent fro" t*e 'eb ser&er to !our bro'ser is usuall! in plain text
for"at+ ,*at "eans) all transferred infor"ation can be easil! sniffed on t*e route+
So"e of t*e 'eb ser&ers support SSL #'*ic* stands for Secure Socket La!er$+ ,o
&ie' and use t*ese 'ebsites !ou5ll need SSL support in !our bro'ser as 'ell+ -ou
recogniBe) t*at t*e connection is encr!pted) if ;7L starts 'it* *ttps@AA instead of
usual *ttp@AA+ (e&er use 'eb ser&er 'it*out SSL for sending or recei&ing sensiti&e
pri&ate or business infor"ation #credit card nu"bers) pass'ords etc+$
[ !!" tunelling ]
6*at is SSLG
SSL stands for Secure Socket La!er+ ,*e GSecureG i"plies an encr!ption) '*ile
Socket La!er denotes an addition to t*e 6indo' Socket s!ste") 6insock+ Eor t*ose
t*at donGt kno') a Socket is an attac*"ent to a port on a s!ste"+ -ou can *a&e
"an! sockets on one port) pro&iding t*e! are non-blocking #allo'ing control to pass
t*roug* to anot*er socket a'are application '*ic* 'is*es to connect to t*at port$+
9 Secure Socket La!er "eans t*at an! sockets under it) are bot* secure and safe+
,*e idea be*ind SSL 'as to pro&ide an encr!pted) and t*us) secure route for traffic
along a socket based s!ste") suc* as ,2/A./ #t*e internet protocol$+ 3oing t*is
allo's securit! in credit card transactions on t*e .nternet) encr!pted and protected
co""uni%uH along a data line) and o&erall peace of "ind+
,*e SSL uses an encr!ption standard de&eloped b! 7S9+ 7S9 are a 'orld respected
9"erican organisation t*at specialiBes in encr!ption and data securit!+ .nitiall!) t*e!
de&eloped a cip*er lengt* of onl! 40 bits) for use 'it* t*e Secure Socket La!er) t*is
'as considered 'eak and t*erefore a longer "uc* "ore co"plicated encr!ption
cip*er 'as created) 128 bits+ ,*e reasoning be*ind it 'as si"ple@ it needs to be
secure+
,*e 7S9 site puts t*e ad&antage of a longer encr!ption lengt* prett! clearl!@
because 40-bit encr!ption is considered to be relati&el! 'eak+ 128-bits is about 30
septillion ti"es # 30)485)000)000)000)000)000)000)000 $ larger t*an 40-bits+ ,*is
'ould "ean it 'ould take t*at "an! ti"es longer to crack or break 128-bit
encr!ption t*an it 'ould 40-bit+
.f !ou 'ant "ore infor"ation on t*e tec*nicalities or 7S9Gs SSL encr!ption engine)
&isit t*eir site@ *ttp@AA'''+rsasecurit!+co"AstandardsAssl+
Iut '*at does all t*is encr!ption and securit! *a&e to do 'it* !ouG
6ell) t*atGs a si"ple %uestion+ (o "atter *o' *ard !ou tr!) at ti"es !our pri&ac!
'ill need to be kno'ingl! in&aded so !ou can "ake use of t*e product offered for
doing so+ .f !ou t*ink about food) for exa"ple) one cannot eat 'it*out s'allo'ing+
6*en 'e 'is* to "ake a transaction or &ie' a site on t*e internet) '*ere 'e *a&e
to gi&e enoug* infor"ation a'a! so t*at it *appens) 'e also 'ant to be assured no
one else along t*e line gat*ers t*at data+ 9n encr!pted session 'ould "ean our data
is not at t*e *ands of an! pri&ac! perpetrators unless t*e! kne' *o' to decode it G
and t*e onl! ones in t*e kno') are t*ose !ou specificall! 'is*+ SSL uses public ke!
encr!ption as explained in t*e /</ section+
,o put t*is at a *ead@ if !ou use an encr!pted connection or session) !ou can be
relati&el! assured t*at t*ere are no pr!ing e!es along t*e 'a!+
9nd *o' do . i"ple"ent SSL 'it* SSL ,unnellingG
6e kno' t*at a Secure Socket La!er is safe) but '*at 'e donGt kno' is '*at a
,unnel is+ .n t*e "ost si"plistic for") a tunnel is a prox!+ Like prox! &oting in
general elections) a tunnel 'ill rela! !our data back and fort* for !ou+ -ou "a! be
a'are t*oug*) t*at t*ere are alread! GproxiesG out t*ere) and !es) t*at is true+
,unnelling is done &ia proxies) but it is not considered to be t*e sa"e as a standard
prox! rela!ing si"pl! because it isnGt+
,unnelling is &er! special kind of prox! rela!) in t*at it can) and does rela! data
'it*out interfering+ .t does t*is transparentl! and 'it*out grie&ance or an! care for
'*at is passing its 'a!+
(o') if 'e add t*is abilit! to GtunnelG data) an! data) in a pipe) to t*e Secure
Sockets La!er) 'e *a&e a closed connection t*at is independent of t*e soft'are
carr!ing itJ and so"et*ing t*at is also encr!pted+ Eor t*ose of !ou 'anting to kno' a
little "ore about t*e tec*nicalities) t*e SSL la!er is also classless in t*e sense it does
not interferer 'it* t*e data passed back and fort* G after all) it is encr!pted and
i"possible to ta"per 'it*+ ,*at attribute "eans an SSL capable prox! is able to
transfer data out of its GproxiedG connection to t*e destination re%uired+
So to su" up) 'e *a&e bot* a secure connection t*at does t*e >ob and rela!s t*ings
in t*e rig*t directionJ and 'e *a&e direct tunnel t*at doesnGt care '*at 'e pass
t*roug* it+ ,'o &er! useful) and al"ost blind entities+ 9ll 'e need no' is a secure
prox! t*at 'e can use as t*e tunnel+
/roxies@
Secure proxies are alike standard proxies+ 6e can eit*er use an ?,,/ base SSL
e%uipped prox! - one specificall! designed for securit! ?,,/ traffic) but because of
t*e ignorant nature of SSL co""unication) it can be bent to an! needs G or 'e can
use a proper SSL ser&ice designed for our connection G like !ou 'ould use a secure
((,/ #ne's$ progra" 'it* a secure prox! on port 563 instead of taking our long
'a! - '*ic* 'ould probabl! 'ork as 'ell+
9 secure ?,,/ prox! operates on port 443+ ?ost proxies are not public) t*at "eans
t*e! operate for) and allo' onl! traffic fro" t*eir subnet or t*e .S/ t*at operates
t*e" G but) t*ere are "an! badl! configured ?,,/ proxies and so"e public ones out
t*ere+ ,*e use of a progra" called ?,,rack #a&ailable on (e'order$ 'ill aid !ou in
scanning and searc*ing for proxies on !our net'ork or an!'*ere on t*e .nternet if
!our .S/ does not pro&ide !ou 'it* one+
(e'order also features a nu"ber of sites dedicated to listing public proxies in t*e
9non!"it! section+ 6*ile itGs often *ard to find a suitable fast prox!) itGs 'ort* t*e
effort '*en !ou get one+
So *o' can . secure "! connections 'it* SSL ,unnellingG
,*atGs a big %uestion) and be!ond t*e scope out t*is tuition as it "ust co"e to and
end+ . can *o'e&er) point !ou in t*e rig*t direction of t'o resources t*at 'ill aid !ou
in tunnelling bot* .72) and "ost ot*er connections &ia a ?,,/ prox!+
Eor 6indo's) t*e first stop 'ould be *ttp@AA'''+totalrc+netGs Socks2?,,/+ ,*is is
an SSL tunnelling progra" t*at turns a nor"al socks prox! connection into a
tunnelled SSL connection+
,*e second stop) for bot* 6indo's and ;nix is stunnel+ Stunnel is a <(; kit
de&eloped for SSL tunnelling an! connection+ .t is a&ailable for co"pile and do'nload
as binar! *ere@ Stunnel *o"epage - *ttp@AA"ike+dae'oo+co"+plAco"puterAstunnel
[ anonymity on irc ]
9 I(2) or a Iouncer - is used in con>unction 'it* .72 as a 'a! of *iding !our *ost
'*en people A'*ois !ou+ 4n "ost .72 net'orks) !our *ost isnt "asked '*en !ou
'*ois) "eaning t*e entire ./ appears) like 14+2+0+21) '*ic* can be resol&ed+ 4n
ot*er net'orks) !our *ost "ig*t be "asked) like .72net'ork-0+1 but it can still gi&e
&aluable infor"ation) like nationalit! if !our *ost is not a ./) but a 3(S resol&ed
*ost) like "!+*ost+cn 'ould be "asked to .72net'ork-*ost+cn but t*is 'ould still tell
t*e person '*o '*oised !ou) t*at !ou are fro" 2*ina+
,o keep infor"ation suc* as t*is *idden fro" t*e ot*er users on an .72 net'ork)
"an! people use a Iouncer) '*ic* is actuall! >ust a /rox!+ Let us first dra' a
sc*e"atic of *o' a nor"al connection 'ould look) 'it* and 'it*out a I(2 installed+
6it*out a I(2@
!our+*ost+cn KK--LL irc+box+sk
6it* a I(2@
!our+*ost+cn KK--LL "!+s*ell+co" KK--LL irc+box+sk
-ou 'ill notice t*e difference bet'een t*e t'o+ 6*en !ou *a&e a I(2 installed) a
s*ell functions as a link bet'een !ou and t*e .72 ser&er #irc+box+sk as an exa"ple$+
-ou install a I(2 on a s*ell) and set a port for it to listen for connections on+ -ou
t*en login to t*e s*ell 'it* !our .72 client) Iitc*MAMc*atA".72) and t*en it 'ill login
to t*e .72 ser&er !ou specif! - irc+box+sk in t*is case+ .n affect) t*is c*anges !our
*ost) in t*at it is "!+s*ell+co" t*at "akes all t*e re%uests to irc+box+sk) and
irc+box+sk doesn5t kno' of !our+*ost+cn) it *as ne&er e&en "ade contact 'it* it+
.n t*at 'a!) depending on '*at *ost !our s*ell *as) !ou can login to .72 'it* a *ost
like i+rule+co") t*ese &*osts are t*en actuall! >ust an alias for !our o'n "ac*ine)
!our+*ost+cn) and it is all co"pletel! transparent to t*e .72 ser&er+
:an! ser&ers *a&e sock bots t*at c*eck for socket connections+ ,*ese aren5t I(2
connections) and I(2 cannot be tested using a si"ple bot) unless !our s*ell *as a
socket port open #nor"all! 1080$ it 'ill let !ou in 'it* no proble" at all) t*e s*ell is
not acting as a prox! like !ou 'ould expect) but "ore as a si"ple .72 prox!) or an
.72 router+ .n one 'a!) t*e I(2 >ust c*anges t*e packet and sends it on) like@
to@ "!+s*ell+co" -L to@ irc+box+sk -L to@ "!+s*ell+co" fro"@ !our+*ost+cn K- fro"@
"!+s*ell+co" K- fro"@ irc+box+sk
,*e I(2 si"pl! s'aps t*e *ost of !our packet) sa!ing it co"es fro" "!+s*ell+co"+
Iut also be a'are) t*at !our o'n "ac*ine is perfectl! a'are t*at it *as a connection
establis*ed 'it* "!+s*ell+co") and t*at -4; kno' t*at !ou are connected to
irc+box+sk+ So"e I(2s are used in .72 net'orks) to si"ulate one *ost+ .f !ou *ad a
global .72 net'ork) all linked toget*er) !ou could *a&e a local ser&er called@
cn+"!ircnet'ork+co" '*ic* 2*inese users 'ould log into+ .t 'ould t*en Iounce
t*e" to t*e actual net'ork ser&er) in effect "aking all users fro" c*ina *a&e t*e
sa"e *ost - cn+"!ircnet'ork+co") "asking t*eir *osts+ 4f course) !ou could c*ange
t*e *ost too - so it didn5t re&eal t*e nationalit!) but it is a nice gesture of so"e
net'orks) t*at t*e! "ask all *osts fro" e&er!one) but it "akes life *ard for .72ops
on t*e net'ork - but its a s"all price to pa! for pri&ac!+
(ote@ =&en if !ou do use .72 bouncer) 'it*in 322 transfers or c*at) !our ./ 'ill be
re&ealed) because 322 re%uires direct ./ to ./ connection+ ;sual "istake of .72 user
is to *a&e 322 auto-repl! turned on+ Eor an attacker is t*en eas! to 322 c*at !ou or
offer !ou a file) and '*en .72 clients are connected) *e can find out !our ./ address
in t*e list of *is ,2/A./ connections #netstat$+
?o' do . get .72 bouncerG
!ou do'nload and install bouncer soft'are) or get so"eone to install it for !ou
#probabl! t*e "ost kno'n and best bouncer a&ailable is I(2) *o"epage @
*ttp@AAgotbnc+co"A$
!ou configure and start t*e soft'are - in case it5s bouncer at ;nix "ac*ine) !ou start
it on !our s*ell account #let5s sa! s*ell+so"e'*ere+co"$
!ou open .72 and connect to t*e bouncer at s*ell+so"e'*ere+co" on t*e port !ou
told it to start on+
all depending on t*e setup) !ou "a! *a&e to tell it !our pass'ord and tell it '*ere to
connect) and !ou5re no' on irc as s*ell+so"e'*ere+co" instead of !our regular
*ostna"e
0 "ail cr!pto 1
;suall! t*e safest 'a! to ensure t*at !our e-"ail 'on5t be read b! unaut*orised
persons is to encr!pt t*e"+ ,o be co"patible 'it* t*e rest of t*e 'orld .5d suggest
to use free /</ soft'are+
/</ #/rett! <ood /ri&ac!$ is a piece of soft'are) used to ensure t*at a "essageAfile
*as not been c*anged) *as not been read) and co"es fro" t*e person !ou t*ink it
co"es fro"+ 3o'nload location@ *ttp@AA'''+pgpi+orgA
?o' does pgp 6orkG
,*e '*ole idea be*ind /</ is t*at of /ublic and /ri&ate ke!s+ ,o explain t*e
algorit*" /</ uses in order to encr!pt t*e "essage 'ould take too "uc* ti"e) and
is be!ond t*e scope of t*is) 'e 'ill *o'e&er look at *o' it ensures t*e integrit! of
t*e docu"ent+ 9 user *as a pass'ord) t*is pass'ord *as to be c*osen correctl!) so
don5t c*oose pass'ords like DpopD or Dilo&e!ouD) t*is 'ill "ake an attack "ore likel!
to succeed+ ,*e pass'ord is used to create a pri&ate ke!) and a public ke! - t*e
algorit*" ensures t*at !ou can not use t*e public ke! to "ake t*e pri&ate ke!+ ,*e
public ke! is sent to a ser&er) or to t*e people !ou send e-"ailsAfiles) and !ou keep
t*e pri&ate ke! secret+
6e 'ill use a fe' ter"s and people in t*is introduction) t*e! are@ /k - /ublic Ne!) Sk
- Secret Ne! #pri&ate ke!$+ 9da" 'ill send an e-"ail to =&e) and 7ita 'ill be a
person in bet'een) '*o 'e are tr!ing to *ide t*e content of t*e "ail fro"+ 7ita 'ill
intercept t*e e"ail #/</ doesn5t ensure t*at 7ita cant get *er *ands on t*e package)
s*e can - its not a secure line like ot*er tec*nologies$ and tr! to read itA"odif! it+
9da" *as a Sk1 and a /k1) and =&e *as a Sk2 and a /k2+ Iot* 9da") =&e) and 7ita
*a&e /k1 and /k2) but Sk1 and Sk2 are presu"ed to be totall! secret+ Eirst) *ere is
a sc*e"atic of *o' it all looks@
/;IL.2 S=7O=7
/k1) /k2
9da" K------------------------------------------L =&e Sk1 P Sk2
Q
Q
Q
Q
7ita
So 9da" 'ants to send a packet to =&e) 'it*out 7ite reading it) or editing it+ ,*ere
are t*ree t*ings t*at 'e need to "ake sure@
,*at 7ita cant read t*e text 'it*out per"ission
,*at 7ita cant edit it in an! 'a!) 'it*out =&e and 9da" kno'ing
,*at =&en kno's t*at 9da" sent it
Eirst t*ing is "aking sure 7ita cant read t*e text+ 9da" does t*is b! encr!pting t*e
"essage 'it* =&es /k2 '*ic* *e *as found on t*e ser&er+ -ou can onl! =ncr!pt 'it*
t*e /k) not decr!pt) so 7ita 'ont be able to read t*e data unless =&e *as re&ealed
*er Sk2+
,*e second t*ing to "ake sure) is t*at 7ite cant edit t*e "essage+ 9da" creates a
*as* fro" t*e "essage *e *as created+ ,*e *as* can be encr!pted using /k2) or
sent as it is+ 6*en =&e gets t*e "essage) s*e decr!pts it) and creates a *as*
*erself) t*en c*ecks if t*e *as*es are t*e sa"e - if t*e! are) t*e "essage is t*e
sa"e) if its different) so"et*ing *as c*anged in t*e "essage+ ,*e ?as* is &er!
secure) and it is in t*eor! i"possible to "ake a c*ange) and get t*e *as* to re"ain
t*e sa"e+
,*e t*ird) and probabl! one of t*e "ost i"portant t*ings to ensure) is t*at 7ita
*asn5t grabbed t*e "ail) "ade a ne' one) and sent it in 9da"s na"e+ 6e can
ensure t*is b! using /ublic ke! and /ri&ate ke! too+ ,*e Sk can be used bot* to
encr!pt and to decr!pt) but /k can onl! encr!pt+ 6*en 9da" nor"all! sends a
"essage : to =&e) *e creates t*e encr!pted "essage 2 b! doing@ 2R/k2#:$+ ,*is
"eans) 9da" uses /k2 #=&es /k$ on "essage : to create "essage 2+ ."age t*is@
9da" can encr!pt t*e "essage 'it* *is Sk1) because it is i"possible to deri&e Sk1
fro" t*e "essage) t*is is secure and 'it*out an! danger) as long as no one kno's
t*e pass'ord used to "ake Sk1 'it*+ .f t*e "essage : is encr!pted 'it* Sk1) *e
gets a "essage called M) =&e can decr!pt t*e "essage using /k1 '*ic* is public+ .f
t*e "essage decr!pts to so"et*ing t*at "akes sence) t*en it "ust be fro" 9da")
because Sk1 is considered as secret) and onl! 9da" kno's it+
,*e entire process looks like t*is) '*en sending "essage 2@ 9da" signs *is digital
signature on 2) and *as*es 2@ MRSk1#2$+ ,*en 9da" encr!pts t*e "essage for =&e@
:R/k2#M$+ ,*e "essage is sent) and looks all in all like t*is@ :R/k2#Sk1#2$$+ 7ita
can intercept :) but not decr!pt) edit) or resend it+ =&e recei&es :) and decr!pts it@
MRSk2#:$+ ,*en s*e c*ecks t*e digital signature@ 2R/k1#M$ and c*ecks t*e ?as* on
t*e 'a!+
,*is 'a!) t*e /</ /ublicA/ri&ate ke! s!ste" ensures integrit! and securit! of t*e
docu"ent e-"ail) but /</ is not t*e onl! algorit*" t*at uses t*e /ublicA/ri&ate ke!
t*eor!) Ilo'fis*) and 7S9 are a"ong t*e "an! ot*er tec*nologies t*at use it) /</ is
>ust t*e "ost popular for e-"ail encr!ption) but "an! don5t trust it because of
ru"ors of backdoors b! t*e (S9 #. don5t kno' if its true t*oug*$+ /</ co"es in a
co""ercial) and a free'are &ersion for 6indo's) and is a&ailable for Linux as 'ell+
6*at e&er encr!ption !ou use) it 'ill be better t*an none+
[ anonymous remailers ]
7e"ailers are progra"s accessible on t*e .nternet t*at route e"ail and ;S=(=,
postings anon!"ousl! #i+e+) t*e recipient cannot deter"ine '*o sent t*e e"ail or
posted t*e article$+ ,*is 'a! t*e sender can5t be traced back b! routing *eaders
included in t*e e-"ail+ ,*ere are different classes of re"ailers) '*ic* allo'
anon!"ous exc*ange of e"ail and anon!"ous posting to ;S=(=, and often "an!
ot*er useful features+
7esources@
2*ain is a "enu-dri&en re"ailer-c*aining script@
*ttp@AA'''+obscura+co"Acr!pto+*t"l
7ap* Le&ien5s re"ailer a&ailabilit! page offers co"pre*ensi&e infor"ation about t*e
sub>ect
*ttp@AA'''+sendfake"ail+co"ASrap*Are"ailer-list+*t"l
,*e 2!p*erpunks 7e"ailers are being de&eloped to pro&ide a secure "eans of
pro&iding anon!"it! on t*e nets+ ?ere !ou can find out about t*e a&ailable
re"ailers) t*ose '*ic* *a&e been standard in existance for a long ti"e as 'ell as t*e
ne' experi"ental re"ailers and anon!"ous ser&ers+
*ttp@AA'''+csua+berkele!+eduAc!p*erpunksAre"ailerA
[ ic# pri$acy ]
?o' can . keep "! pri&ac! at .28G
Send and recei&e "essages &ia .28 ser&er) not directl!+ =&er! direct connection
enables attacker to learn !our ./+ =ncr!pt !our "essages b! dedicated soft'are)
encr!ption addons+
?o' to encr!pt .28 "essagesG
,*ere are addons '*ic* en*ance !our .28 'it* possibilit! to encr!pt outco"ing
"essages+ ,*e user on t*e ot*er side needs to *a&e t*e addon as 'ell in order to
decr!pt !our "essage+
7esources@
*ttp@AA'''+encrsoft+co"AproductsAts"+*t"l
,op Secret :essenger #,S:$ - trial &ersion *as onl! 'eak 8-bit encr!ption
*ttp@AA'''+planet-express+co"As&enAtec*nicalAde&Ac*atbudd!Adefault+*t"l
2*at Iudd! - a free'are 6indo's application for encr!pting c*at sessions
*ttp@AA'''+algonet+seAS*enisakAic%Aencr!pt-&5+txt
*o' encr!ption 'orks in .28 protocol &5
[ spyware ]
9s 'e all 'ork *ard to beco"e "ore sa&&! about protecting our personal infor"ation
and keeping as anon!"ous as possible on t*e 'eb) ad&ertising co"panies are
'orking >ust as *ard to co"e up 'it* ne' 'a!s of getting our personal infor"ation+
4ne of t*e 'a!s t*e! acco"plis* t*is is t*roug* sp!'are+
Sp!'are are applications t*at are bundled along 'it* "an! progra"s t*at !ou
do'nload for free+ ,*eir function is to gat*er personal infor"ation about !ou and
rela! it back to ad&ertising fir"s+ ,*e infor"ation is t*en used eit*er to offer !ou
products or sold to ot*er ad&ertisers) so t*e! can pro"ote ,?=.7 products+ ,*e!
clai" t*is is all t*e! do 'it* t*is infor"ation) but t*e proble" is nobod! reall! kno's
for sure+
Sp!'are fits t*e classic definition of a tro>an) as it is so"et*ing t*at !ou did not
bargain forT'*en !ou agreed to do'nload t*e product+ (ot onl! is sp!'are an
in&asion of !our pri&ac!) but #especiall! if !ou *a&e a fe' different kinds on !our
"ac*ine$ it can also c*e' up band'idt*) "aking !our internet connection slo'er+
So"eti"es) t*ese spies reall! are *ar"less) "erel! connecting back to t*e *o"e
ser&er to deli&erT!ou "ore ad&ertising+ So"e) like <ator for instance) send out
detailed infor"ation about !our surfing *abits) operating s!ste") inco"e) age
de"ograp*ic et cetera+
9&oiding sp!'are
9&oiding sp!'are is getting *arder and *arder) as "ore soft'are distributors are
c*oosing it as a "et*od of profiting fro" free'are and s*are'are distributions+ Ie
leer! of progra"s 'it* cuteTlittle icons like <ator+ 9lso) 'atc* t*ose (apster
'annabes like 9udio<alax!) Li"e'ire) and NaBaa+ .5&e !et to find one t*at didn5t
include sp!'are+ Iefore !ou do'nload) c*eck to see if t*e progra" is kno'n to
contain sp!'are+
Eor a list of "ost kno'n sp!'are) t*e best .5&e found is *ere@
*ttp@AA'''+infoforce+%c+caAsp!'areAenkno'nlistfr"+*t"l
<etting rid of sp!'are
.n "ost cases) !ou can re"o&e t*e sp!'are fro" !our s!ste" and still use t*e
application !ou do'nloaded+ .n t*e case of <ator and 2o"et 2ursor) t*e t*e '*ole
progra" is sp!'are an it "ust be co"pletel! re"o&ed to stop t*e sp!ing+
,*ere are se&eral 'a!s to get rid of sp!'are on !our s!ste"+ -ou can use a fire'all
to "onitor outgoing connections+ ,*e progra""ers t*at put t*ese t*ings toget*er)
*o'e&er) are getting sneakier and sneakier about getting t*e" to circu"&ent
fire'alls+ 2o"et 2ursor) for instance uses an ?,,/ post co""and to connect 'it*out
t*e inter&ention of a fire'all+ -ou can also install a registr! "onitor suc* as 7eg"on
to "onitor !our registr! for un'anted registr! registr! c*anges) but t*is is not
foolproof eit*er+
/robabl! t*e best "et*od of re"o&al is to do'nload a sp!'are re"o&al progra" and
run it like it 'as a &irus scanner+ ,*e best exa"ples of t*ese progra"s are@
La&asoft5s 9da'are+ 9&ailable at *ttp@AA'''+la&asoftusa+co"A 4r professional
c!bernut Ste&e <ibson5s 4pt4ut+ 9&ailable at@ *ttp@AAgrc+co"Aoptout+*t" Iot* of
t*ese progra"s are free and are updated regularl!+
?ere are so"e links) if !ou 'is* to learn "ore about sp!'are@
*ttp@AA'''+sp!c*ecker+co"A
*ttp@AAgrc+co"Aoptout+*t"
*ttp@AA'''+t*ebee+co"Ab'ebAiinfo200+*t"
[ cleaning tracs ]
7esources@
Iurnt 2ookies - allo's auto"atic detection and optional deletion of 2ookies
deposited b! Ianner 9d 'eb-sites
*ttp@AA'''+andersson-design+co"AbcookiesAindex+s*t"l
Surfsecret - auto"aticall! kills files like !our .nternet cac*e files) cookies) *istor!)
te"porar! files) recent docu"ents) and t*e contents of t*e 7ec!cle Iin+
*ttp@AA'''+surfsecret+co"A
(ote@ 4ne sidenote on cleaning tracks+ 6*en !ou delete so"e files on !our "ac*ine)
t*ese aren5t actuall! deleted+ 4nl! t*e reference to t*eir location in t*e *ard dri&e is
deleted) '*ic* "akes t*e 4S t*ink t*at t*at location on t*e ?3 is free and read! to
take t*ings+ ,*us) t*ere are 'a!s to reco&er data e&en after !ou delete t*e"+
,*ere are *o'e&er) se&eral 'a!s to U'ipeU t*is infor"ation+ /rogra"s t*at fill *ard
disk locations 'it* Beros) t*en 'it* 1s) on se&eral passes are !our best bet to "ake
sure no docu"ent goes to t*e 'rong *ands+ 4ne of suc* progra"s is /</+ /?/i no'
co"es 'it* a utilit! t*at does t*is 'ork) and !ou can e&en select t*e nu"ber of
passes to 'ipe files+ Eor Vnix) t*ere is also t*e D'ipeD progra"+ ;se t*ese '*en !ou
feel !ou *a&e data t*at needs secure cleaning+