|
Home > Archive > Anonymous Servers > October 2004 > Security and Encryption FAQ - Revision 20, parts 1 and 2
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Security and Encryption FAQ - Revision 20, parts 1 and 2
|
|
| Doctor Who@A.B.C 2004-10-21, 5:45 pm |
| I hope this is helpful. I am posting the two parts together at present to ensure that it
propagates over Usenet complete. I have deliberately not sent the Zipped file as an
attachment, because from previous experience, attachments of any sort are not welcome in
non-binary gorups. If people would prefer me to send it as a zipped attachment, with the
consequential saving in bandwidth, tell me. I would welcome any news regarding
socksifying Quicksilver.
Doctor Who
-----BEGIN PGP SIGNED MESSAGE-----
Security and Encryption FAQ - Revision 20 Part 1
by Doctor Who
"No one shall be subjected to arbitrary interference with his privacy,
family, home or correspondence, nor to attacks upon his honour and
reputation. Everyone has the right to the protection of the law
against such interference or attacks."
Article 12 Universal Declaration of Human Rights
This FAQ/Tutorial is offered in good faith and is intended to be an
encapsulation of my knowledge and experiences gained over the many
years that I have been a computer/Net user. There are many roads to
security and privacy on the Net, this is just one that I have
personally pursued and can recommend from experiences gained.
There are countless reasons why someone may need the reassurance of
anonymity. The most obvious is as a protection against an over-bearing
Government. Many people reside in countries where human rights are
dubious and they need anonymity to raise public awareness and publish
these abuses to the world at large. This FAQ is to help such people.
Privacy and anonymity are very important principles associated with
both freedom of speech and democracy.
"Anonymity is a shield from the tyranny of the majority... It thus
exemplifies the purpose behind the Bill of Rights, and of the First
Amendment in particular: to protect unpopular individuals from
retaliation - and their ideas from suppression - at the hand of an
intolerant society."
Justice Stevens, McIntyre v. Ohio Elections Commission, 1996
This is an entirely new update of what was already a major revision
(revision 19). Because things move so fast in the Internet world, many
changes and improvements are included in this latest version. So many
in fact, that I have decided to divide the FAQ into two separate parts
which can be downloaded either individually or together in a zipped
(compressed) file.
It is assumed that plausible deniability is an essential requirement to
the reader and the FAQ is slanted with this in mind.
Part 1 (this part) offers an overview approach to achieve security and
anonymity. It is intended for the less knowledgeable user, perhaps
someone new to computers and especially the Internet.
This first part can be skipped by the more knowledgeable user.
Part 2. In the second part will be the practical implementations of
some of the programs mentioned in Part 1. In some cases this will
include detailed setup instructions to help achieve the goal of true
computer and Internet privacy and anonymity.
Part 1
Links to the various programs mentioned are at the end of Part 2.
1. How does encryption work?
Essentially the plaintext is combined with a mathematical algorithm
(a set of rules for processing data) such that the original text cannot
be deduced from the output file, hence the data is now in encrypted
form. To enable the process to be secure, a key is combined with this
algorithm. The key is protected by a passphrase. Obviously the
process must be reversible, but only with the aid of the correct key.
Without the key, the process should be extremely difficult. The
mathematics of the encryption should be openly available for peer
review. At first sight this may appear to compromize the encryption,
but this is far from the case. Peer review ensures that there are no
"back doors" or crypto weaknesses within the program. Although the
algorithm is understood, it is the combination of its use with the
passphrase that ensures secrecy.
Thus the passphrase is critical to the security of the data.
2. I want my Hard Drive and my Email to be secure, how can I achieve
this?
You need PGP (Pretty Good Privacy) for your Email and DCPP (DriveCrypt
Plus Pack) version 3.0 or TrueCrypt version 2.1 for your hard drive
encrypted files.
Both DCPP and TrueCrypt are known as OTF (On-The-Fly) type programs.
OTF means the encrypted data is only decrypted into RAM (Random Access
Memory) and remains at all times encrypted on the drive. Thus a crash
close will not leaves packets of plaintext on your drive. A very
important feature.
PGP is available for all versions of Windows, Linux, Unix, Mac and
others. The source code is available for compiling your own version
should you wish.
DCPP is Win2000/NT/XP compliant but not compliant with Win98 or
earlier. Regrettably, no source code is available. It has two unique
advantages over other encryption programs. 1. It is a whole boot drive
encryption program. 2. It offers a form of very good plausible
deniability. More on this later in the FAQ.
TrueCrypt is a new, free and Open Source program of great promise.
As with DCPP it does not display any file header info to help a snooper
identify the files purpose. The header is encrypted and just shows as
random garbage. It also allows encryption of a whole partition or
drive and again does not display any info to help an attacker. The
source code is freely available so it means anyone with the ability can
compile the same program. The importance of this cannot be too
strongly stressed. It means the risk of a hidden back-door is
virtually eliminated.
Securstar the owners of DCPP also offer another program somewhat
analogous to Truecrypt. It has the disadvantage of being closed source
and not free, but offers the option of a hidden container within the
outer encrypted container (or partition). It is called somewhat
ambiguously, DriveCrypt.
DCPP, DriveCrypt and TrueCrypt have an additional crucial feature, they
all offer strong plausible deniability - see later in the FAQ.
If the sighting of the source code is important to you, I suggest using
PGP and TrueCrypt.
Note 1: PGP, although excellent to ensure your Email privacy, does
nothing for anonymity. The difference is crucial.
I will assume that anonymity is also very high on your list of needs
and so will concentrate on that issue further down the FAQ.
3. What is the difference between these encryption programs?
One of the difficulties before asymmetrical key encryption was
discovered was how to get the key to the person wanting to send you an
encrypted message. In the past trusted couriers were used to get these
secret keys to a distant location, maybe an overseas embassy. Nowadays
this is unneccessary because of the discovery of what is called public
key cryptography. Two different keys are used. One key is secret and
the other is made public. The most widespread program of this type for
home and private use is PGP, invented by Phil Zimmerman. in fact it
has become the de facto standard on the Net. This program is ideal for
Email.
Anybody sending you mail simply encrypts their message to you with your
PGP public key. It is analogous to someone sending you a box and a
self locking padlock for you to send them secret papers, when only they
have the key to open the box.
The public key is obviously not secret - in fact it may be spread far
and wide so that anybody can find it if they wish to send you encrypted
Email. The easiest way to ensure this is by submitting it to a public
key server. Despite this facility, some prefer not to share their key,
except within a small closed group. Your choice.
The only way to decrypt this incoming message is with your secret key.
It is impossible to decrypt using the same key as was used to encrypt
the message, the public key. Thus it is called asymmetrical
encryption. It is a one way system of encryption, requiring the
corresponding secret key to decrypt. PGP is simplicity itself to
install and use. It even offers to send your newly generated public
key to the key server.
Another very important advantage of PGP is it allows the option of a
digital signature. This is the digital equivalent of someone signing
a letter. Only this signature is very difficult to forge, unlike a
paper and ink signature. This proves both the authenticity of a
message and that it has not been tampered with.
For your normal hard drive encryption, you will need a symmetrical type
of encryption program. This means the same key is used for both
encryption and decryption. DCPP and TrueCrypt are of this type and
especially good because they are OTF (On-The-Fly) type programs.
Both DCPP, DriveCrypt and TrueCrypt use the passphrase to encrypt a
randomly created key. In DCPP this is stored encrypted in the keystore
and in DriveCrypt and TrueCrypt it is encrypted within the header and
the plaintext of the key is the device used to encrypt (and decrypt)
the contents of the disk on an as needed basis into RAM memory.
One question often asked by newbies is whether the passphrase is stored
somewhere within the encrypted file. No. The passphrase is passed
through a hash, such as SHA-1. It is the hash output that is stored
within the headers of the encrypted container. The program will
compare this hash with the hash it produces from your passphrase that
you type in to mount (open) the container. If they are identical, the
program will use your passphrase to decrypt the key that the program
generated to encrypt the disk or container. It is this key that will
then be used to decrypt the disk or container on the fly.
Hashing is a one way action only; it is impossible to derive the key
from the hash output. The hashing process is simply a way of checking
that the correct passphrase has been input. If the program was somehow
altered to force it to use an incorrect passphrase, the output would be
garbage.
4. I have Windows, am I safe?
Windows is a closed source operating system which is a law to itself.
Each new update that is released by Microsoft seems to need more
updates to fix the security holes discovered in the first releases of
the update. It has been an ongoing process over many years with no end
in sight.
These weaknesses can manifest themselves as security holes when on the
Net. A further problem with this operating system is its seeming
determination to write to your hard disk all sorts of information that
may be hidden from your view in all sorts of places that could be found
by a forensic examination of your computer.
This is a two fold problem. Firstly, the problem of Windows having
the potential of security holes that might be exploited by snoops and
hackers using the Net and a different security problem of writing all
sorts of information to sometimes hidden folders that might not be
obvious by a cursory check by you, but easily found by a forensic
examination.
If you wish to protect yourself from these potential weaknesses you
need to first of all have an effective firewall and an effective
anti-virus program. That will hopefully help to minimize the threats
from outside. That is only the start. You also need to replace your
Windows Internet Explorer borwser for something a little more secure.
I like FireFox or Mozilla. Even these need strengthening by the use of
specialist programs. More about that later in the FAQ.
Secondly, you are well advised to encrypt your whole drive to protect
yourself from what Windows will write to your hard drive. There are
so-called wipe and cleaner programs to remove cookies and many other
files that Windows will save to your hard drive for future reference.
But at the end of the day, the only truly effective counter measure
against these potential weaknesses is to encrypt your whole boot drive.
In some countries, even this might not be enough. Such countries can
force you to hand over your passphrases to these encrypted drives on
pain of imprisonment. As more and more judicial systems seem to be
leaning ever closer to this sort of injustice (injustice because the
culprit is being forced to self-incriminate himself, which is in direct
violation of Article 5 of the Bill of Rights. The right to refuse to
be a witness against oneself.)
Because of these encroachments on our liberty I propose a method of
plausible deniability. This means you can justify all your files and
folders that are on your computer.
5. Which program do you recommend for this whole drive encryption?
Unfortunately, there is at present no modern whole boot drive
encryption program with Open Source which also allows a hidden
operating system accessible on boot. Of the many different boot drive
encryption programs, I like DCPP. It is truly simple to install. The
new and vastly improved key registration process is helpful. But best
of all it offers truly excellent plausible deniability for its
presence on your system.
It encrypts the whole partition. So if you want to keep part of your
drive in plaintext you will need to divide your hard drive into
independent partitions or have two separate hard drives. Unlike its
namesake DriveCrypt and TrueCrypt, it does not destroy the data within
the partition it encrypts. This is obviously necessary as its main
advantage is to encrypt your boot drive.
A further major advantage over previously recommended encryption
programs is that the passphrase is input at Bios level, before Windows
is loaded.
The importance of this is difficult to over-emphasize.
This means it is impossible for any software key-logging program that
may be on your computer to detect your passphrase. Such programs are
sometimes picked up on the Net or arrive via Email and could circumvent
all your efforts at security. It is even conceivable that a snooper or
hacker could steal your passphrase as you type it in, if this is done
whilst the operating system is running. I am sure someone will mention
that there are hardware keyboard logging devices which of course could
grab your passphrase when you start up.
However, common sense local site security should minimize this risk.
A Bios level input of the passphrase in conjunction with whole boot
drive encryption is just about the Holy Grail of security - without
a hardware keyboard logging device, very difficult to intercept and
snoop.
6. Are there other OTF programs?
Yes, there are several. But so far as I know only DCPP operates from
boot and includes the opportunity of creating a second (hidden) boot
operating system.
Others, such as TrueCrypt only encrypt data files, not the Windows
operating system.
TrueCrypt also offers strong plausible deniability because it allows
you to encrypt a partition that appears to be unused and without a
drive letter. The method of ensuring this is simply explained in the
manual that accompanies TrueCrypt. The author must be congratulated
for doing an excellent job of this program.
It is important to note that just simply publishing the source code
does not guarantee safety. It just means the author is allowing his
program to be subjected to peer review. Hopefully many will take the
trouble to go through the code and compile it for themselves.
7. How difficult is it to break one of these programs?
Very difficult, in fact for all practical purposes, it is considered
impossible. In most cases, the weakest link will be your passphrase,
or being compromized by a key-logger through not having good security
on your desktop.
Your passphrase should be long. Remember, every extra character you
enter makes a dictionary search for the right phrase twice as long.
Each time a bit is added it doubles the number crunching time to
crack into the program.
Each keyboard character roughly equates to 8 bits, and is represented
on the drive as two hexadecimal characters. This suggests a 20
character passphrase is equal strength to the encryption. In practice,
probably not. Remember a keyboard has around 96 different combinations
of key strokes, thus multiplying this number by itself 20 times is a
hugely large combination, ensuring a high probability of defeat at
guessing a passphrase. But few people can remember a truly random 20
character passphrase. So most people use a less than random one. This
means it should be longer to help compensate for this lack of entropy.
You should also use at least part of both lines of the passphrase
input screen with DCPP. If you like, two passphrases.
8. Why?
Because any passphrase cracker cannot find the correct key until it
has exhausted a key search as wide as the last character you enter. A
strong hint that you should make sure the last character of your
passphrase is well along the bottom line! For higher security you
should spread it around on both lines.
Although TrueCrypt has a single line entry it will accept a long
passphrase of at least 57 characters from my simple tests.
Be sure that if any serious snooper wants to view your secret data,
they will find a way without wasting their time attempting a brute
force attack upon your DCPP or TrueCrypt container. In some countries
rubber hose cryptography may be the rule. In some "civilized"
countries there are more sinister methods, such as tempest or the use
of a trojan (see later in FAQ).
Fortunately, tempest and trojan attacks are far less likely to succeed
against DCPP than all the other programs. Hence my strong and
enthusiastic support for this program.
9. What about simple file by file encryption?
I recommend either PGP Tools which comes free with PGP or Kremlin. Of
course this is not necessary for files within your encrypted drive.
But is essential to clear files off your computer that are outside your
encrypted drive.
PGP Tools is a long winded process just to encrypt a single file, as it
asks you to first choose a key before entering the passphrase. Kremlin
is quicker because it allows you to right click on the file to be
encrypted, a password box opens and that is it. It also similarly
allows you to wipe any file by right clicking. This can also be done by
PGP. Another recommended program to erase individual files is Eraser.
10. How can I encrypt files on a floppy?
Use either TrueCrypt, DCPP, PGP Tools or Kremlin.
11. Does using Encryption slow things up?
Negligibly on any modern computer. The length of your passphrase is
immaterial to the speed of decryption. But different encryption
algorithms vary significantly. One of the fastest is Twofish and
probably the slowest is 3DES (triple DES). This applies only to
symmetrical encryption programs. PGP uses RSA generated keys, which
in turn are used to encrypt/decrypt a randomly generated session key.
The RSA key is very slow, but as it is only used to encrypt/decrypt the
128 bit CAST5 or IDEA session key its slowness is not noticed.
12. Do I need a PGP passphrase if I store my keyrings within my
encrypted drive?
Definitely. Just because you have encrypted your drive does not relieve
you of the necessity of protecting yourself whilst online.
13. I use Mac, OS2, Linux, (fill in your choice), what about me?
Use either BestCrypt (by Jetico - do a Google search) or PGPDisk.
There are others, but I know nothing about them.
14. How can I ensure I do not leave traces of unwanted plaintext
files on my system?
If you are using DCPP this should not be a problem. But one thing
that needs addressing is the possibility of Windows dumping your
keyfile data which is held in RAM memory only, onto the encrypted
drive. To avoid this catastrophe you must disable the Windows
hibernation (power saving) feature. When Windows goes into
hibernation it will dump everything that is in RAM memory onto the
boot drive by-passing the DCPP drivers. By-passing these drivers
means it writes everything to disk in plaintext including the keyfile
data, which unlocks your most secret partition. This will defeat the
whole purpose of having encryption.
Although your whole drive will be encrypted I would still install a
program to clean out bloat and cookies. My recommendation for this is
Windows Washer.
To wipe unsued space on your drive I recommend Zapempty. Although a
Dos based program, it runs easily even within Win XP. This is a part
of a zipped file of wipe utilities called Wipeutil.zip Extract
Zapempty onto the drive you wish to clean up and double click on it.
I recommend keeping copies in the root of every partition on your
computer.
15. What programs do I put in my newly Encrypted Drive?
In previous versions of this FAQ I was wary that some programs might
write critical data to your boot drive. However, this is far less of
a security risk with it being encrypted. Because of this it is far
less critical that the programs be security friendly. For what it is
worth, here are some I recommend:
For your Web browsing I strongly recommend FireFox or Mozilla as the
browser. Anything other than Microsoft Internet Explorer.
For Usenet I recommend either Agent or Gravity or Xnews. These latter
two are free.
Agent is simple and very easy to use. The commercial version also
supports automatic decoding of yEnc coded files.
For your Email I have 2 different recommendations:
i. Agent, as mentioned above
ii. Quicksilver
Quicksilver is both Open Source and free.
Do not use Outlook or Outlook Express as they both suffer from the
usual Windows holes.
Use Quicksilver for both Email and light Usenet posting with strong
anonymity via the Mixmaster remailer system. When downloading
Quicksilver, remember to run update immediately after installation,
to download and install the Zipped files for News, Nym, POP and PGP
and Mixmaster. Quicksilver will offer to install all downloaded files
for you.
Both of these programs will also work with PGP. Agent will require you
to copy and paste, but Quicksilver has built-in support and works
seamlessly with PGP. I particularly commend Quicksilver for its
intuitive ease of use. This makes Nym maintenance much simpler.
I used to recommend JBN, but it is slowly becoming obsolescent. It is
not fully compatible with PGP versions 7 or later and does not support
SMTP authentication.
You must also have a virus checker and a firewall. For the virus
checker, I use Norton's. This will also find adware and spyware. For
the firewall I recommend Zonealarm.
Remember, just because your drive is encrypted does not relieve you
of an obligation to cover your tracks whilst Online.
16. How do I "cover my tracks"?
Never surf naked. Always, always use a proxy. There are now easy ways
to use a proxy. In the early days it was necessary to find and hand
select the proxies you wished to use. This was a laborious process
and needed expert knowledge of which programs to use to find and
exploit them. Some still prefer to do it this way. I call it rolling
your own. It has the distinct advantage of user choice and control
over each proxy to be used in a chain. However, this may offer
anonymity, but not necessarily privacy. Meaning no encryption. I like
privacy and anonymity, so I use other methods - see later in FAQ. The
suggested method also has the merit of ease of use and total
transparency once the programs are set up.
17. Earlier on you mentioned plausible deniability, what is it?
Plausible deniability is the ability to offer irrefutable justification
for every single file, folder, container, partition and drive that
might contain encrypted data. DCPP version 3.0 offers a world first
because it allows dual booting into either of two entirely separate
boot operating systems, each invisible to the other. One of these may
be called your honeypot operating system, meaning it contains encrypted
data that you are prepared to show under duress. The second (hidden)
operating system will contain your most secret data that you never
release. Its presence can only be known by correctly guessing the
second secret passphrase for that operating system. No other way
exists to prove there is a second operating system. Examination by
forensics of your first encrypted boot drive can only show the usual
random data that is associated with an encrypted drive. Nothing else.
This is excellent plausible deniability.
18. What if encryption is illegal in my country?
In that case, I suggest using the stego feature of DriveCrypt. But
ensure you create your own WAV file, by making your own recording.
Once the stego encrypted file is created within the WAV file, make sure
to wipe the original recording to prevent forensic analysis showing
their low level data are not identical.
Of course, you will need to install DriveCrypt in traveller mode. This
means running it off a floppy. But you will still need to hide the
floppy effectively in the case of a search. I am sorry I cannot help
you here. It must be down to your own initiative.
19. Are there any other precautions I should take?
Make copies of all your PGP keys, a text file of all your passwords and
program registration codes, copies of INI files for critical programs,
secret Bank Account numbers, plus anything else that is so critical
your life would be inconvenienced if it were lost. These individual
files should all be stored in a folder called "Safe" on your encrypted
drive. A copy of this folder should be stored on an encrypted CD,
preferably within the hidden part if using DriveCrypt 4.2 and stored
off-site.
If you are going to rely on any variation of the ploys suggested here,
then you should keep this FAQ within your hidden drive.
You need to take further precautions whilst you are online against
threats from hackers and snoops.
20. What are these threats?
They are known as Tempest and Trojan attacks.
21. What is a Tempest attack?
Tempest is an acronym for Transient ElectroMagnetic Pulse Emanation
Surveillance. This is the science of monitoring at a distance
electronic signals carried on wires or displayed on a monitor.
Although of only slight significance to the average user, it is of
enormous importance to serious cryptography snoopers. To minimize a
tempest attack you should screen all the cables between your computer
and your accessories, particularly your monitor. A flat screen (non
CRT) monitor offers a considerable reduction in radiated emissions and
is recommended.
22. What is a Trojan?
A trojan (from the Greek Trojan Horse), is a hidden program that
monitors your key-strokes and then either copies them to a secret
folder for later recovery or sends them to a server when you next go
online. This may be done without your knowledge. Such a trojan may be
secretly placed on your computer or picked up on your travels on the
Net. It might be sent by someone hacking into your computer whilst you
are online, or received by Email.
The United States Government has openly admitted it will be employing
such techniques. They call it Magic Lantern. It was originally
promulgated as a counter-terrorism weapon. But who knows how it will
be used in practice.
In view of these changed tactics, it is mandatory that these possible
attacks be countered. My suggestion is two-pronged. First use DCPP
to enjoy plausible deniability with whole boot drive encryption and
use specialist programs to thwart efforts by hackers and snoops to
break into your system whilst online.
23. How do I do this?
First of all you must have a truly effective firewall. It is not
sufficient for a firewall to simply monitor downloaded data, but to
also monitor all attempts by programs within your computer that may try
and send data out. I recommend Zonealarm. This firewall very cleverly
makes an encrypted hash of each program to ensure that a re-named or
modified version of a previously acceptable program cannot squeeze
through and "phone home". You also need a good anti-virus checker.
But that is but the start. You also need a Web browser that does not
leak information, plus a method of passing data across your ISP's
servers fully encrypted to prevent prying eyes from watching all that
you do on the Net. More about this later in the FAQ.
24. How will I know when a trojan has modified an acceptable
program?
Zonealarm will pop up a screen asking if this program is allowed to
access the Net. If it is one of your regular programs, be very wary
and always initially say NO until you can check why this program is not
now acceptable to Zonealarm. If it is a strange program, then
obviously say, NO and investigate.
25. What about TrueCrypt and DriveCrypt 4.2?
TrueCrypt offers the prospect of excellent plausible deniability. No
header information and the ability to install it on an unused
partition, perhaps at the end of a large drive. The passphrase is only
held in RAM memory so much more difficult to compromize.
DriveCrypt 4.2 allows the creation of a hidden container within an
existing encrypted container or partition. Excellent plausible
deniability. As with TrueCrypt the passphrase must be input after boot
when Windows is running.
26. How important is the passphrase?
Critically important. It is almost certainly the weakest link in the
encryption chain with most home/amateur users. I provide links at the
end of Part 2 of the FAQ. Some of these should either help directly or
give further links about how to create an effective passphrase.
For the newbies: never choose a single word, no matter how unusual you
think it is. A passphrase must be that, a phrase, a series of words,
characters and punctuation intermixed. One method that I believe would
help is to deliberately mis-spell common words in a phrase. Scruggle
in place of struggle, matrificent in place of magnificent. These could
be the start of a longer phrase. Taking this a step further, invent
words that are pronounceable but totally meaningless for example,
alamissis or grafexion. I recommend a minimum of eight words, but
obviously do not use either of those two. Use four (or more) on each
line with DCPP, together with a few figures.
27. How can I prevent someone using my computer when I am away?
With DCPP nobody can boot into your secret drive. So no problem.
However, if you are truly paranoid (and who isn't?) I would guard
against someone adding a hardware keyboard logger. These can be very
small and easily disguised as an RF trap on the keyboard lead.
Obviously, this is far more likely if your computer is also used by
others or can be accessed by others in your absence.
28. I use the Net for Web browsing, Usenet and Email, am I safe?
Whilst you are online anyone could be monitoring your account. They
do not need access to your computer to do this. They need only to
have access to your ISP. If you live in the British Isles be aware
that all ISP's are required to keep logs of your online activities,
including which Web sites you visit.
To minimize these risksyou must encrypt the data passing across your
ISP's servers.
My suggestion is to use a combination of several programs. Each is
easily set up (see Part 2). Between them you will be secure and
anonymous. The best news, all these programs are free and open
source!
29. How is this achieved?
You need four main programs besides the news client such as Agent (my
favorite) and the Web browser such as FireFox (again my favorite) and
the Email client, such as Quicksilver (another favorite).
These programs are: Stunnel, Freecap, Privoxy and Tor.
They are all very easy to use and really can be setup by a newbie. The
best part of all is they are totally transparent to the user. Once
setup there is no maintenance or searching for proxies, etc. It is
all automatic.
30. Tell me more about these programs?
Stunnel encrypts the data between you and your news server and very
simple to use.
Freecap is also easy to setup and acts as the bridge between Stunnel
and Tor.
Tor is a connection-based low-latency (meaning fast) anonymous
communication system that protects TCP (Transmission Control Protocol)
streams for Usenet, web browsing, instant messaging, irc, ssh, etc.
In basic language Tor is a socks (secure) server that accepts data from
any program that is "socksified", meaning set up to communicate with
it.
Tor is a new program and is still in Beta development mode. But it is
still a fully functioning Socks proxying system that offers the promise
of great anonymity and privacy. It is free and open source.
Tor will build automatically and transparently to the client (you) an
anonymous and encrypted route across the Net. It uses multiple layers
of encryption, each node only knowing the previous and next node, so
with several nodes your data becomes anonymised. The principle is like
an onion with many layers of encryption and anonymity. Thus it is
called onion routing. Where the data eventually emerges it is sent on
to its destination, perhaps a news server and ordinarily in the clear.
But by using Stunnel, the data will still be encrypted all the way into
the news server.
For Web browsing we need Privoxy. This again acts as a bridge between
your browser and Tor.
A web proxy is a service, based on a software such as Privoxy, that
clients (i.e. browsers) can use instead of connecting directly to the
web servers on the Internet. The clients then ask the proxy to fetch
the objects they need (web pages, images, movies etc) on their behalf,
and when the proxy has done so, it hands the results back to the
client.
There are many reasons to use web proxies, such as security
(firewalling), efficiency (caching) and others, and there are just as
many different proxies to accommodate those needs.
Privoxy is a proxy that is solely focused on privacy protection and
junk elimination. Sitting between your browser(s) and the Internet, it
is in a perfect position to filter outbound personal information that
your browser is leaking, as well as inbound junk. It uses a variety of
techniques to do this, all of which are under your control via the
various configuration files and options.
Privoxy will bridge the connection between your browser and Tor the
Socks proxy host. It will minimize pop up ads, etc. But its main
advantage is it will help prevent information leakage from your desktop
to any third party trying to sniff your data. Used in conjunction with
Tor it ensures all your Web browsing is totally anonymous.
There is no need to close Privoxy if you wish to use your news client
or whatever. These programs are totally transparent to you once they
running.
The best news is, these programs are much faster than the old hand
rolled system of choosing multiple proxies. In the previous version of
this FAQ I had recommended JAP. Tor in conjunction with Stunnel and
Privoxy is much faster. In fact it seems at least on a par with the
fastest SSH host service I have come across. But far superior in terms
of anonymity and especially so because it is free. The only service
you now need to sign up for anonymously is your news provider.
Full setup instructions for these programs are offered in Part 2.
31. Is the data encrypted after it leaves the remote server and Tor?
Yes, provided you are using Stunnel. The only precaution you must take
to ensure both privacy and anonymity, is to ensure you use Stunnel in
combination with FreeCap. More about this in Part 2.
32. How do I subscribe anonymously to a news provider?
Obviously never ever use a credit card. You can either send cash or
some may accept E-Gold. Privacy.Li offer a proxy service on your behalf
to sign you up themselves to your choice of news provider. They offer
their own service but at present it does not allow a secure (SSL)
connection right into the news server.
I believe there are now at least 4 news servers offering Stunnel
encrypted connections through port 563. These are: Easynews, Newscene,
Maganetnews, and Octanews.
Methods of anonymous payments for Privacy.Li include DMT/ALTA, E-Gold,
E-Bullion, Pecunix and of course cash and travellers checks mailed in
through anonymous maildrops.
E-Gold is not intended to be anonymous. But provided you sign up using
your choice of details and (most importantly) immediately disable the
security protocols which sense your IP address, you should be Ok. If
you don't you may find your access blocked. With anonymous access from
different IP addresses using Tor, it is very important to do this.
33. How do I create a secure/anonymous Email account with Quicksilver?
I recommend creating a Nym. To do this you should first of all finger
(download) a copy of the Nym help file. Quicksilver will do this for
if you go to finger on the menu and input help@nym.alias.net. Read it
carefully before attempting to create your own Nym. Once you have
decided on your course of action, use the Quicksilver Nym Wizard to
help you crreate a Nym. It is quite involved because of the necessary
procedures that have to be nogotiated with Nym.Alias.Net (often called
NAN). After sending in your create request, you will receive an
Email asking you to confirm receipt. This is to prove your chain
back to your normal Email address is working. After that you should
receive another Email telling you, your Nym is alive and active.
Of course you can use Yahoo or Hotmail, but I consider them only soft
anonymous. But they can be hardened by socksifying your connection
using Privoxy and Tor. More about how to do this in Part 2.
34. Can you briefly summarise all the above?
You need PGP and DCPP and/or Truecrypt for encryption of your hard
drive. You need Quicksilver for your Email. These recommended
Programs should help you achieve a very high level of plausible
deniability and privacy.
You need to be anonymous online. To achieve this you need at least
six different programs: FireFox, Quicksilver, Stunnel, FreeCap, Privoxy
and Tor. All are free and open source. You must subscribe
anonymously to your choice of independent news provider.
This ends Part 1 of 2.
Part 2 contains detailed setup instructions on how to achieve the
recommended privacy and anonymity mentioned in this first part. Links
are offered to download all the programs mentioned in Part 1.
The second part also contains my PGP key and fingerprint for anyone to
send me comment or helpful suggestions.
Revision 20 part 1
...............................................................
-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt
iQEVAwUBQXgS0GToeXEUpganAQF+eQf/ZDsxOZQDann9A7aAksVy1oZl/6R2kRWt
oElyS4cZEmyqhWe0h5CWLQ/DRVPwJkaUd/vynJ8u5JKpsKg/w8/5/a2RVCAawExv
CTytdp2Lj44PyUVlPkS6IGDSSlocIl04XLk8R9ID
R/Yi0HP5+FxspoMLLDxmKcnS
dDOYRJu3DkhEvymkuUQWDYnyjjccj1wcLX7rM3wx
d2mkENdDNALDPshIqCiNrUZE
1YQUCM2VmM2R7iQ90IE0BWzTkUKPegXn/AsKTYV2bhkvNYOk0u7lFkRj41xbAeHf
Cx+VeQQwWUCAioh/ kUblWZ+pRRxBO6FOy67uGesnYhdbpX8K69IAYQ==
=GOkQ
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Security and Encryption FAQ - Revision 20 Part 2
by Doctor Who
This is an entirely new update of what was already a major revision
(revision 19). Because things move so fast in the Internet world, many
changes and improvements are included in this latest version. So many
in fact, that I have decided to divide the FAQ into two separate parts
which can be downloaded either individually or together in a zipped
(compressed) file.
It is assumed that plausible deniability is an essential requirement to
the reader and the FAQ is slanted with this in mind.
Part 1 offers an overview approach to achieve security and anonymity.
It is intended for the less knowledgeable user, perhaps someone new to
computers and especially the Internet.
In this second part will be the practical implementations of some of the
programs mentioned in Part 1. In some cases this will include detailed
setup instructions to help achieve the goal of true computer and
Internet privacy.
Part 2
1. What programs should I get?
There are seven programs recommended for security and anonymity:
DCPP, PGP, TrueCrypt, Stunnel, FreeCap, Privoxy and Tor.
And three others recommended for Email, Usenet and Web browsing:
Quicksilver, Agent and FireFox.
In all cases where there is a choice of download, ensure you download
the version that is compliant with your operating system, e.g. Windows
XP or whatever.
Before downloading anything I recommend reading through this FAQ
completely.
2. Can't I just download them all right away?
It depends. If you are wanting to show reasons why all your
connections to your ISP are secure, then by all means download them
all and install them onto your Drive C. If not, wait until you have
created your secret hidden drive and only then install them onto that
drive. Meanwhile, you must download and install DCPP at this time.
Install DCPP onto your Drive C (and your Drive D when it is dual
bootable). Its presence need not arouse suspicion, provided you
follow the instructions further down the FAQ.
DCPP: http://www.drivecrypt.com
3. OK, I have downloaded and installed DCPP, what must I do next?
Create a second bootable drive on say, Drive D. You must immediately
defrag this drive, reasons later. Now install all your programs and
defrag after each one is installed. Finally restore all your data
from My Documents or wherever. This is your honeypot data that is
there to be discovered as backup data to your regular Drive C.
Do a final defrag before proceeding further.
4. How do I achieve maximum plausible deniability?
You must have two separate bootable drives. Drive C is your regular
drive, it need not be encrypted. Your second bootable Drive D is the
one we shall concentrate on.
Run DCPP on this Drive D. Install Boot authentication first. Before
re-booting create an Emergency Repair (ER) floppie disk.
Test both Boot Authentication and your floppie allow you to boot. Now
encrypt your Drive D. Immediately after this encryption process has
finished and before re-booting, update your ER disk. This is vital.
Next you use DCPP to clone your operating system. This is where some
care is required over the size of the passphrase. At this stage use a
relatively simple one of around 8 characters per line. Reasons follow.
5. So far, so good. What now?
The first encrypted drive (Drive D) is your honeypot encrypted
partition containing data you are prepared to reveal. The second
(hidden) boot partition is your truly secret one with a different
passphrase. Now you must encrypt that second cloned operating system.
As soon as it is done, update your ER disk. In fact I suggest making a
pair.
When booting you can input either passphrase and boot into either the
honeypot encrypted drive or the hidden operating system drive.
Clever, very clever. Superb plausible deniability.
Or is it?
What happens when an attacker finds that the dates of all the files in
the first partition have never been opened perhaps for months?
Read on.
My justification for this scenario is that Drive D is an encrypted
backup of my Drive C. It is encrypted to minimize the risk of it
being corrupted should my computer catch a virus. When dismounted
(closed), my encrypted drive will be shown by Windows to be unformatted.
As such, Windows will not normally write to it. Thus it offers a layer
of security that should I lose all of my Drive C, I can recover by
booting into my encrypted Drive D. I am not going to argue the fine
print here. This is my justification for having encrypted my Drive D.
If there are viruses which can cause Windows to format Drive D, so what?
I will argue I am ignorant of such things.
"Yes, the files do show I never use it. That is because I have never
yet had need to. It is there as an encrypted backup for the day when I
do need it. Being encrypted Windows cannot read or write to the drive
(unless it is mounted, of course). Thus the drive is a safe haven if I
am attacked by a nasty virus".
This is your explanation for this drive and the fact the file dates are
old.
If doubts are raised they are impossible to prove without correctly
guessing your second passphrase. Even if your attacker convinces
you he knows DCPP offers the possibility of a hidden partition there
is a plausible defence. See further on.
Of course after installing DCPP onto Drive D and creating a hidden
encrypted partitions, there is no need to bother about encrypting
your Drive C. In fact I would go even further and suggest there is
no further need for Boot Authentication. This is needed to encrypt
Drive D, but can safely be removed from within Drive C after the event.
Of course, it is axiomatic that you first create and test one or better
several Emergency Repair (ER) disks to allow future access.
For security at least one of these should be stored offsite.
6. Is it as straight forward as this?
Not quite. After creating the first encrypted partition on your
second hard drive you have to avoid a couple of slight bugs. I am sure
that they will be addressed, but for now a little care is required.
After the first installation and encryption of your honeypot drive, you
can then create a clone of this drive within the same partition.
Naturally and essentially you choose another most secret passphrase.
This is where I found the first small bug. You must defrag your drive
completely before you proceed. I had two very large blocks of data
separated by around a gigabyte of disk space that windows considered
defragmented, despite my repeatedly telling Windows to defrag. But
DCPP told me there was insufficient space to clone the operating
system. This with over 50 Gigs of free space! This is what I have
learnt from Shaun Hollingsworth (the program's Author):
"Defragmentation is a problem. Last week I did some work on a
windows based "consolidation tool" and managed to move all the files
to the start of the drive, BUT Windows 2000 and Windows XP, WILL NOT
allow any folder data to be moved!! Even the offical "diskkeeper"
style defragger won't allow this, and it DOES NOT SHOW any folder
data, in the white space area. My test machine, ended up with
nothing but folder data, at the end of the drive, yet it wouldn't
show up anything visible on DiskKeeper (XP standard defragger)."
This is a concern. To get around this, I re-formatted the second
drive and started over. Immediately after installing Windows I
defragged the drive. I did this after each program was added. By
this ruse, I managed to get Windows to tightly pack everything.
Actually not quite true, there were a few gaps, but thankfully DCPP
ignored these. From what Shaun has said, above, we know that Windows
can write folder data all over the place on your drive. These do not
necessarily show up when defragging, causing DCPP to (correctly) report
there is insufficient space to clone.
Shaun has suggested one work around is by using Norton's Ghost to
backup the to-be-encrypted partition and then to restore. He tells
me this will ensure all data are then packed together at the start
of the drive.
However, another little bug raised its head when I tried again to get
it to clone. I found that the password input screen DCPP displayed
before it would clone only allowed a shorter passphrase to be input.
There is no error as such, just that DCPP tells you it has found the
keystore but cannot open it because either it is corrupt or it is the
wrong passphrase.
Tests showed it was not a corrupt keystore, therefore the culprit
logically had to be the passphrase input screen, which indeed was
the cause of the problem. I expect that shortly this will be
addressed.
However, as long as this bug remains, it offers you the chance of
further plausible deniability. See further on.
As this passphrase was used to create the second (and secret) keystore
for the cloned operating system, I had to go back and create it over
with a shorter passphrase. I would strongly urge you not to store this
second keystore on your honeypot encrypted drive. I suggest creating
and storing it on a floppy. Later after creating/updating your ER
floppies, you should completely destroy the floppy. This ensures this
critical keystore was never put onto your honeypot drive.
Note: There is no requirement to keep a copy of this keyfile. If at
any future date you wish to decrypt this clone or the original you can
use the ER disk recovery tools to do so.
The finding of a second keystore on your honeypot drive will totally
destroy any attempt at plausible deniability. Or will it? On second
thoughts, perhaps not. You could create a false keystore, one with a
long (and different) passphrase to suggest you have been attempting to
create a hidden drive but had failed. You can prove this is feasible
because of the above bugs. Using a very long passphrase will prevent
the creation of the clone. If your are told this is a known bug
(perhaps from reading this FAQ), you act surprised and insist it is the
first you know of it. Who can prove otherwise?
After you have cloned your drive, it then needs to be encrypted.
This might sound a little strange as you have just cloned an encrypted
drive, but it makes sense if you think it through. This is essential.
Before doing so, change the shortened passphrase you used to create
this cloned drive to something far stronger, meaning far longer.
When booting you choose which passphrase to input. Either the honeypot
encrypted drive passphrase or more likely the hidden drive with your
ultra secret data within it. Or, you can just boot into your normal
plaintext Drive C for non critical use.
It is absolutely essential that no further data are added to your
honeypot drive at the risk of destroying altogether your hidden drive.
This is no idle threat. To (slightly) help in this regard, when
about to clone the operating system, you are offered a choice of
spacing between the two partitions, input at least 200 megabytes or
more for this gap space.
I would recommend that you initially test out both passphrases. But
use your honeypot passphrase just once to test it works ok. Never
again use it at all. Windows is a very pro-active operating system and
it will do things you may not be expecting. Things such as automnatic
backing up of the registry, defragging, etc. Everyone must have
noticed how their drive can sometimes be very active when they are not
doing anything. This is Windows doing its thing. So mount once to
test, then forget all about it. But do not forget the first
passphrase, it may be your credibility lifeline.
7. Any more hints about this system?
You could remove Boot Authentication off your computer. Do this only
after creating a couple or more Emergency Repair (ER) disks. You can
now create a proper boot floppy or even an IMA file which can be used
with Nero to create a bootable CDROM.
Nice one, Shaun. That was my last little niggle with DCPP.
I notice that Drive C is still required to boot either of these
encrypted partitions. So I recommend investing in significant
quantities of RAM and switching off the pagefile. Just in case Windows
decides it wants to write anything to your normal drive.
8. What about those other files: PGP, TrueCrypt, Stunnel, FreeCap,
Privoxy and Tor, Agent, FireFox and Quicksilver?
Obviously all future downloads should be into your hidden drive.
Get them here:
PGP: http://web.mit.edu/network/pgp.html
or: http://www.panta-rhei.dyndns.org/do...pgp658ckt08.zip
TrueCrypt: http://www.truecrypt.tk/
Stunnel is used for NNTP secure connections to your news provider.
Stunnel requires the executable file plus 2 others.
Stunnel: http://www.stunnel.org/download/binaries.html
stunnel-4.05.exe
stunnel-4.05.exe.asc (digital signature file optional but recommended)
OpenSSL Libraries (required files):
libssl32.dll
libeay32.dll
libssl32.dll.asc (optional)
libeay32.dll.asc (optional)
FreeCap: http://www.freecap.ru/eng/?p=index
Privoxy: http://www.privoxy.org/
Tor: http://www.freehaven.net/tor/
Not essential, but stronglyrecommended:
Agent: http://www.forteinc.com/main/homepage.php
FireFox: http://www.mozilla.org/products/firefox/
Quicksilver: http://www.quicksilvermail.net/
9. Where do I put these files?
PGP should be installed onto your hidden operating system. It may
offer to install onto your Drive C. Avoid that unless you want to
deliberately offer a sanitised version on your Drive C.
Actually there is good reason to install all of the above onto your
Drive C. this may sound alarming, but consider, their presence might
be deduced if any snoop has been monitoring your ISP data. It will
always pass across as encrypted data. If an examination of your hard
drive were to show the absence of such programs, how do you show how
you were doing it? The presence of these programs is not illegal at
all. On the contrary, there are very good and sensible reasons why you
want to avoid spam and having your privacy invaded.
TrueCrypt should be installed only onto your hidden drive. This
program should not be openly displayed. Its presence is best kept
hidden. The plausible deniability it offers, if you choose to use it,
is strengthened by its absence from your system.
For the other files, create a new folder called Proxy. Open Proxy and
create the following sub-folders: FreeCap, Stunnel, Privoxy, Tor
Install by copying all of the downloaded files into their respective
folders. Ensure the library files for Stunnel are in the same
sub-folder. Some, such as Tor are simple executables and do not
require installation as such. Whatever, just ensure they are all
installed in their respective folders. After installation, create
shortcuts from these four programs and place on your desktop, or
wherever you choose if different.
10. How do I configure Privoxy?
Privoxy is used for HTTP secure connections to the Web. It works in
conjunction with Tor. The config.txt file looks daunting, but you just
remove # from any line to make that line active. I recommend making a
copy of this file before you start and keep it in a different folder in
case things go awry.
Scroll down to section 5.2 in config.txt
The only line that need concern you at this stage is:
forward-socks4a / 127.0.0.1:9050 .
Just remove # from the line. If this configuration is not present,
simply add it exactly as shown. The spacing and the period at the end
are important.
By default it will run on startup and minimize to the task bar. You
can animate the icon if you wish by scrolling down to:
# 6. WINDOWS GUI OPTIONS
and remove the # from: activity-animation 1
I recommend that, at least until you have confidence in its working
properly.
11. How do I configure Stunnel?
Stunnel is required for an NNTP secure connection to Usenet.
Copy and paste the following in Notepad and save it to a file called
stunnel.conf in the Stunnel folder.
# config file for connecting to Easynews server
client = yes
[nntps]
accept = 119
connect = yournewsserver.com:563
# end of config file
Substitute the news server name given you by your news server after
signing up with them. Whatever it is, add a colon ( and 563 for the
port number, with no spaces.
This file does not exist until you create it. Stunnel cannot work
without its presence. You will just get some server error. This
might happen if you or Windows names it wrongly.
You may need to get Explorer to show extensions to known file types,
otherwise Windows may save the file as stunnel.conf.txt. If you are
not sure, go to Tools > Folder Options > View > uncheck "Hide
extensions to known file types". Click on Apply, Ok.
This is the only configuration you need for Stunnel.
12. How do I cofigure FreeCap?
FreeCap is easy. First of all go > File > Settings > Default Proxy.
Type 127.0.0.1 into the server window and 9050 into Port. Click OK.
With the program back at the opening screen, drag and drop the Stunnel
shortcut into the FreeCap open space. You will immediately see the
Stunnel icon position itself along the top of the screen. Good. You
have socksified Stunnel. That is all it takes. Whenever you run
Stunnel you must start it by clicking on it from within FreeCap.
Socksifying secures the program and ensures it routes data over an
encrypted connection socksified by FreeCap and into the Tor network.
Note: Some may experience problems with FreeCap. If you do, an
excellent free for non-commercial use alternative (but not open
source) is SocksCap. It is here:
http://www.socks.permeo.com/Downloa...nload/index.asp
13. How do I configure Tor?
Nothing to do. Just click on its shortcut and watch the green screen.
Initially you will see an error about a missing torrc file. This can be
ignored by 99% of users. It will tell you it is using reasonable
defaults. Wait a few seconds for it to create its onion route across
the Net. Once this is enabled it will display, "Tor has successfully
opened a circuit. Looks like its working."
That is it for Tor.
14. How do I configure my Browser?
To ensure your browser chooses this route you must now go to its Proxy
settings Window. With FireFox this is > Tools > Options > Connection
Settings.
Input 127.0.0.1 into each line except Socks Host, leave that line
completely clear. Input 8118 into the Port window for each line, but
again leave the Socks Host line clear. This is because Privoxy listens
for connections on port 8118 by default. Remember we have already
configured Privoxy with the line: forward-socks4a / 127.0.0.1:9050 .
This is telling Privoxy to pass on its connections to Tor which is
listening on Port 9050 by default.
What is happening is the output from your browser is passing through
Privoxy which strips out anything that might compromise your anonymity
before passing it on to Tor. Likewise, everything coming through Tor
is passed back down through Privoxy which stops pop-up adds and any
more serious stuff that might be a security threat. Privoxy then
passes on the sanitised data stream to your browser. Firefox is in
any case a far safer browser than MS Internet Explorer even before all
these extra precautions are taken.
Between them, you should be anonymous and safe. Nothing is 100%, so
periodically check that these programs are continuing to protect your
privacy by dong the checks below.
15. How do I configure my news client?
You must now configure your news client by inputting 127.0.0.1 into the
window which asks for your news server name. If you have never used a
proxy prior to this, go to the screen displaying "News Server". In
Agent 1.91 this will be Options > User and System Profile > User.
Enter 127.0.0.1 for the server name. Click OK. The port is set in the
Agent.ini file to 119. But do not change that. Stunnel has already
been configured to listen on port 119 anyway and to forward through
port 563.
Note: Stunnel can only be used with a news provider that offers a
secure (NNTPS) connection on port 563. For other news providers, I
suggest omitting Stunnel and socksifying (by dragging and dropping into
FreeCap) the Agent shortcut. Not nearly as secure as your data will
not be secure after it leaves the Tor network on its way to the News
provider.
Each of these four programs, Stunnel, FreeCap (or SocksCap), Privoxy
and Tor accepts connections from either your Web browser, into Privoxy
and on to Tor, or from your News client into Stunnel, socksified by
FreeCap and on to Tor, again.
Many programs can be socksified. But it must always be the final one in
the chain, the one immediately prior to Tor that should be socksified.
Some programs have problems with this. I have a suspicion that Quicksilver
is one. I say this because of my experiences, others may be successful.
This is a pity and I am awaiting clarification about this from the
program's author, Richard Christman.
16. How do I test these are all working?
Let's check the Web first.
Start Privoxy (which by default starts with Windows).
Open your browser and input: http://p.p/
You should see the Privoxy main page with the following:
"This is Privoxy 3.0.3 on localhost (127.0.0.1), port 8118, enabled."
If you see that, be assured you have accessd via Privoxy.
If you see "p.p. could not be found, please check the name and try
again." You are definitely not accessing via Privoxy.
Go back through the above and check everything very carefully.
Note: This is an internal test, not via the Web. It just proves that
Privoxy was invoked to display that page from its own folder, which you
will see displayed if you click on "View and change the current
configuration"
You will then see a clear display of all the configuration settings.
Do not change anything unless you have a backup file and know what you
are doing.
Let's assume your Web browser is functioning as it should and you see
the p.p. page displaying the confirmatory message.
You should now test your news reader client.
17. How do I test my news connection is anonymous?
Open FreeCap and click on the Stunnel icon in the FreeCap
Window. It is imperative that Stunnel be started only from within
FreeCap and thus be socksified. Otherwise it will simply connect
directly with your news provider. Certainly it is a secure
(encrypted) connection but totally useless from an anonymity point of
view. If the news provider logs connections, you have just destroyed
your carefully built up anonymity for ever. The news provider will
have logged your true IP address! A painful lesson.
Without opening Tor at this stage, start your news client. As a small
precaution ensure you are in an appropriate newsgroup and attempt to
download its headers. You should see connecting to 127.0.0.1
displayed on the lower taskbar in Agent or wherever in the version you
are using, followed by error reported by Winsock driver. Good. This
proves Stunnel was attempting to connect to Tor, which is of course
offline, thus no connection was possible.
Now start Tor. Try again. Hopefully this time you will have more
success and it should connect to the news server and start downloading
headers.
Go to a multimedia goup and start to download a large file. While the
download is in progress, close Tor. You should see an immediate error
about connection to server closed unexpectedly. good.
Re-start Tor. Re-establish the connection with the server and start
over. This time close FreeCap. Notice the download will continue.
Do not panic! It is still accessing via Tor. Prove this for yourself
by closing Tor and notice the download again stops immediately and
there is the same Winsock error. Good.
If you have got this far, you have succeeded in creating a secure and
truly anonymous network connection for both your browser and your
Usenet posting/downloading.
18. Can I socksify Quicksilver?
Not on my machine with FreeCap. That is not to say it can't be done.
But on mine, despite it showing in FreeCap's window and being started
from there, closing Tor does not make any difference, suggesting it is
obviously not using Tor. This is a concern and needs further testing.
I do not want to dealy the whole FAQ because of this, so I would just
caution you about Quicksilver and test it for yourself. It might be
that another Email client will work, perhaps JBN.
19. Can I post binaries anonymously to Usenet with this system?
Absolutely. If you choose to use Agent, it will always use your news
provider as the posting host. This is why I recommended you subscribe
anonymously to this news provider. Nothing can then be traced back.
If you are into heavy posting then you should use Power Post or
something similar that allows you to choose whole folders of files for
posting.
If you use Quicksilver for posting to Usenet it will always use one of
the mail2news gateways. All data from your desktop is encrypted
through to the first remailer and then on through the Mixmaster
remailers and onto Usenet. The one and only down side is that the
anonymous remailer network does not readily accept large files, such as
binaries. Do not try and post as attachments, better to write it into
the body of the message, if possible. But it is considered bad form to
use the remailer network for binaries. The remailer network is intended
for text files.
Many programs can be socksified. But it must always be the final one in
the chain, the one immediately prior to Tor that should be socksified.
Don't try socksifying Tor!
20. Surely all this is totally over the top for the majority of users?
It is certainly over the top for 99 per cent of users for 99 per cent
of the time. If, however, you are the one in a hundredth and you do
not much like the idea of being at risk for 1 per cent of the time,
then no, it is not over the top at all.
In any case, using these tactics helps create smoke which in turn
helps protect those who really do need all the protection and security
they can get.
Remember this FAQ is intended to help many different people. Some
may be living in deprived conditions, in countries where human rights
abuses are a daily fact of life.
21. Can I use IRC/ICQ/Yahoo/MSM in this way?
No idea. I rarely use instant messaging and then only with a few
friends in plain vanilla. You can use a program called Trillian.
There is now a Pro version which will allow an encrypted conversation
between a group and even allows file exchange (I believe). I have
only used the beta version, text only. It appears to do all they
claim for it. Both parties need to be using Trillian for the
encryption to be effective. You can use it as a stand alone, but it
will not then support encryption.
Trillian is here: http://www.trillian.cc
It might be possible to socksify Trillian. If so then yes, this could
be a very useful way to be anonymous on IRC (Internet Relay Chat).
I am sure there are other ways to achieve this, but I am sorry this
is beyond this FAQ. My knowledge is limited because I have never
tried it myself.
22. Can I be anonymous as far as other Web sites are concerned?
Yes, but do not use MS Internet Explorer. MSIE is a dangerous
program designed by MS to allow remote servers access to your
computer's registry. Although designed for use by MS to allow
easy updating of the Windows Operating System, this feature could be
used by any site to access your IP address, even your machine ID and
your personal registration details or worse, far worse, your
saved passphrases. This can be done even if you have logged onto a
site through a chain of proxies. In other words Microsoft Internet
Explorer is an absolute no-no as far as anonymity is concerned.
As alternatives, I have already mentioned FireFox and Mozilla.
23. What about backing up my Data?
Although not strictly relevant to a FAQ mainly concerned with
privacy, nevertheless, this is so important a few words are needed.
Create another encrypted container using DriveCrypt 4.2 on an
external hard drive. Open this partition and copy some innocuous
data from your normal plaintext drive. Now close this container and
create a hidden container, following the instructions in the
documentation that comes with DriveCrypt. Now copy all your secret
data across into this secret container. Restoring is just as simple.
Just open the secret container and copy into your DCPP partition.
TrueCrypt can be used by creating an encrypted partition at the end
of the drive. Follow the TrueCrypt help files on how to make this
drive appear as unformatted and without a drive letter to Windows.
All your secret data can now be copied into this TrueCrypt partition.
24. Lastly, what do you say to the charge that this FAQ may be
useful to criminals?
I did take time to have a re-think after the events of 9/11.
However, on balance I believe it is still the right thing to do.
Like gun control, if we ban weapons only the police and criminals
will have them. Banning encryption or anonymity is not going to
make criminals stop using encryption or attempting to be anonymous.
It is almost laughable for anyone to be so naive as to believe that
passing any law would make the least difference to a criminal. I
believe that the individual should be allowed to choose, not the
Government on his behalf.
Who benefits the most if Governments are allowed to reduce our
freedom of choice? The Government or us?
Those that give up a little freedom to gain a little security will
lose both.
This ends the FAQ.
Here is my PGP key and fingerprint:
- - -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 6.5.8ckt
mQENAza3VwsAAAEIAJoghtgM5IW0CmQOocBDJPUS
DAlkaPkP4LVN/6I6U1qYXYSX
slRiXL6R8/L5LiYGjc8+jkK0MbpTh7W4WiT35L31kX2EU/MSNlpawvpwTvaye8cz
Kbwupsi7qtxVEETM11ucSuxtG8ShOwiYrMUqOmP9
3hf9h78gNzD/qGOYGV994Adt
MHRZ4lPlQnknxoDszHxCDcS83jlo4mD1xhuvLQ1t
hXFkGBl9Bw/lSWDxcu0gssZB
necFTSkFtJbnu3gHp6DVE9CO/ZxhXDGHAmC/jLfB5QH59Zbbw4fFgQ7tw2gUAgiS
kvv0RS55TB9n7JiDwc+Mk0OlYavdZOh5cRSmBqcA
BRG0JURvY3RvciBXaG8gPGRv
Y3Rvcl93aG9AbnltLmFsaWFzLm5ldD6JARUDBRA2
t1cLZOh5cRSmBqcBAb87B/46
wEezqswaPz8NIA0/ XYULXPKse11aCgRL7MIQPO1CRdqjbFnWi1wU2AnA
kCtCLia+
lhulNrLJxMUvHgOQc4oC+nlUntBE9f8hHg0VwvQJ
/4kO29UeVf0iwr+drZjRJooR
oR1C1UDDr199eeKJ3+m2pO7j1DBxv4tWQAYsJmZQ
QqlNRLzsmHJyTI/ZN03UREAZ
Qr4k6EjD1lScWg9MfueITgiMdbeV3MmCpf7mnlah
vlN/S31CeEfoY2OpcRYVXNQb
it9N8cPM+2KZEdl/FW7yVPgd6BCGFFgPcRiqLC7c1F6qBPUpbdYf/pvd3/lhRJR9
IY35xfmdHWM8Rk+ivIPD
=0l2S
- - -----END PGP PUBLIC KEY BLOCK-----
Fingerprint: F463 7DCB C8BD 1924 F34B 8171 C958 C5BB
To contact me, please post to news:alt.privacy with the subject
"Att: Doctor Who" (without the quotes) or send encrypted mail
to my Nym: doctor_who@nym.alias.net
Links to items specifically mentioned or recommended in the FAQ:
PGP: http://web.mit.edu/network/pgp.html
or: http://www.panta-rhei.dyndns.org/do...pgp658ckt08.zip
DCPP: http://www.drivecrypt.com
TrueCrypt: http://www.truecrypt.tk/
Putty: http://www.tucows.com/preview/195286.html
or here:
http://www.chiark.greenend.org.uk/~...y/download.html
Stunnel is used for NNTP secure connections to your news provider.
Stunnel requires the executive file plus 2 others.
Stunnel: http://www.stunnel.org/download/binaries.html
stunnel-4.05.exe
stunnel-4.05.exe.asc (digital signature file optional but recommended)
OpenSSL Libraries (required files):
libssl32.dll
libeay32.dll
libssl32.dll.asc (optional)
libeay32.dll.asc (optional)
Privoxy: http://www.privoxy.org/
Tor: http://www.freehaven.net/tor/
Quicksilver is here: http://quicksilver.skuz.net/
Mixmaster (required by Quicksilver and Jack B. Nymble):
Kremlin: http://kremlinencrypt.com/download.php
Wipeutil: http://short.stop.home.att.net/freesoft/filutil2.htm
Windows Washer is here: http://www.webroot.com
pecunix is here: www.pecunix.com
e-bullion: www.e-bullion.com
DMT/ALTA: https://213.132.35.90
E-Gold: http://www.e-gold.com
Privacy.Li: http://privacy.li
Agent is here: http://www.forteinc.com/main/homepage.php
Norton's A/V is here: http://www.symantec.com/index.htm
Zonealarm: htttp://www.zonelabs.com/store/content/home.jsp
Other links that might be of interest:
JAP: http://anon.inf.tu-dresden.de/desc/encr_jap_en.html
SSL Proxy info: http://www.jestrix.net/tuts/sslsocks.html#intro
WinHex: http://www.winhex.com/winhex/order.html.
ACDSee: http://www.acdsystems.com/english/products/acdsee/index
Thumbs Plus: http://www.cerious.com
VuePro: http://www.hamrick.com
A Proxy site listing: http://www.samair.ru/proxy/
News Providers: http://www.exit109.com/~jeremy/news/providers/
Freenet: http://freenet.sourceforge.net/
Trillian: www.trillian.cc
Nym remailers:
nym.alias.net, home page: Http://www.lcs.mit.edu/research/anonymous.html
Anon.efga.org, home page: http://anon.efga.org/
In case you need convincing:
http://www.gn.apc.org/duncan/stoa_cover.htm
Useful programs:
Partition Magic: http://www.powerquest.com/
FSRaid: http://www.fluidstudios.com/fsraid.html
HJSplit: http://www.freebyte.com/hjsplit/
Mastersplitter: http://www.tomasoft.com/mswin95.htm
PowerPost: http://www.cosmicwolf.com/
Quickpar: http://www.pbclements.co.uk/QuickPar/
SmartPar: http://www.smr-usenet.com/tutor/smartpar.shtml
WinAce: http://www.winace.com/
WinRAR is here: http://www.rararchiver.com/
YProxy is here: http://www.brawnylads.com/yproxy/
Media Player Classic: http://sourceforge.net/projects/guliverkli/
Some anonymity sites:
http://www.worldnet-news.com/software.htm
http://www.skuz.net/potatoware/index.html
http://www.skuz.net/potatoware/jbn/index.html
http://packetderm.cotse.com/
http://www.cotse.com/refs.htm
http://freeyellow.com/members3/fantan/pgp.html
http://www.all-nettools.com/privacy/
http://Privacy.net/
http://www.geocities.com/CapeCanaveral/3969/gotcha.html
http://www.junkbusters.com/ht/en/links.html
http://www.skuz.net/potatoware/privacy.txt
Other additional useful sites:
Beginner's Guide to PGP:
http://www.stack.nl/~galactus/remailers/bg2pgp.txt
PGP for beginners:
http://axion.physics.ubc.ca/pgp-begin.html#index
FAQ for PGP Dummies: http://www.skuz.net/pgp4dummies/
The PGP FAQ: http://www.cryptography.org/getpgp.txt
The SSH home page: http://www.ssh.com/products/ssh/
Anonymous Posting:
http://www.skuz.net/Thanatop/contents.htm
Anonymity Info: http://www.dnai.com/~wussery/pgp.html
Nym Creation:
http://www.stack.nl/~galactus/remailers/nym.html
General info:
http://www.stack.nl/~galactus/remailers/index-pgp.html
Revision 20 Part 2
-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt
iQEVAwUBQXgkpmToeXEUpganAQGRnwf/YI7VrU8kYRM0KNiZqLsRKctPPnA8Xu5i
moJ1KJoJ1KBl4nSgzqxdJ7fopoYQxmPe0vXu5JV1
jHzpc4/8SPXdVf61rq2ukPFc
7Wcm1PXp8KzYrqH8PLrqzaIcFiHqObFO+PRkT0o4
Kj4COcapoxjWbBAwSN4aX2LW
UWGQ8rp+qpgjp+Ch66CtxrRbBcNbczD5urrs0oDe
B9aiNPE/RZGcUOBADH+1WvNL
R/ RDpWp4Rd91XC5oBkNqHFuR4pvCqDkjpDiJAqEFiA
ReYGHJAyC3Ns+r+tw5ivuQ
fnRiebGGtcnHjN8c0+EjChRS0DoiasoEi//cwn8zXAWgruIDrP7c5Q==
=ctO+
-----END PGP SIGNATURE-----
| |
| Anonymous 2004-10-22, 5:45 pm |
| On Thu, 21 Oct 2004 21:41:45 GMT, Doctor Who@A.B.C wrote:
>I hope this is helpful. I am posting the two parts together at present to ensure that it
>propagates over Usenet complete. I have deliberately not sent the Zipped file as an
>attachment, because from previous experience, attachments of any sort are not welcome in
>non-binary groups. If people would prefer me to send it as a zipped attachment, with the
>consequential saving in bandwidth, tell me. I would welcome any news regarding
>socksifying Quicksilver.
>
>
>Doctor Who
>
>
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Security and Encryption FAQ - Revision 20 Part 1
>
>by Doctor Who
>
>
>"No one shall be subjected to arbitrary interference with his privacy,
>family, home or correspondence, nor to attacks upon his honor and
>reputation. Everyone has the right to the protection of the law
>against such interference or attacks."
>
>Article 12 Universal Declaration of Human Rights
>
>
>This FAQ/Tutorial is offered in good faith and is intended to be an
>encapsulation of my knowledge and experiences gained over the many
>years that I have been a computer/Net user. There are many roads to
>security and privacy on the Net, this is just one that I have
>personally pursued and can recommend from experiences gained.
>
>There are countless reasons why someone may need the reassurance of
>anonymity. The most obvious is as a protection against an over-bearing
>Government. Many people reside in countries where human rights are
>dubious and they need anonymity to raise public awareness and publish
>these abuses to the world at large. This FAQ is to help such people.
>Privacy and anonymity are very important principles associated with
>both freedom of speech and democracy.
>
>
>"Anonymity is a shield from the tyranny of the majority... It thus
>exemplifies the purpose behind the Bill of Rights, and of the First
>Amendment in particular: to protect unpopular individuals from
>retaliation - and their ideas from suppression - at the hand of an
>intolerant society."
>
>Justice Stevens, McIntyre v. Ohio Elections Commission, 1996
>
Dear Doc:
I have not read your new FAQ yet so I am not denigrating it,
but the above preamble is inconsistent, or rather contrasts oddly,
with statements that you make a couple of weeks ago in which you
stated that you were quite willing to give up your privacy for a
little more security in the wake of the 911 disaster.
You can't have it both ways, either you are for civil rights
and freedom or you are not. There is no such thing as free and a
little bit free, just like there is no such thing as pregnant and a
little bit pregnant. Either you are free or you are not, either you
believe in privacy or you do not. If you do not, then you should
write about something else.
|
|
|
|
|