How to be Anonymous Online (3 page)

BOOK: How to be Anonymous Online
6.06Mb size Format: txt, pdf, ePub

To see how well you have minimized your digital fingerprint, visit
https://panopticlick.eff.org
and click the
Test Me
button. Visit it from Windows, Tails DVD, Tails USB with JavaScript enabled, disabled, etc. Compare your various results and see which options leave you with and without a unique digital fingerprint.

Remember when I told you that you could use someone else’s computer without them knowing? Tails is how. When a computer boots from Tails it circumvents Windows and the computer's hard drive (in fact, you can remove the hard drive and still use Tails). Instead, it runs as its own operating system, utilizing only the computer's RAM. At shutdown, even if you eject the Tails DVD or remove the USB flash drive while the system is running, Tails wipes the RAM.

When using a computer other than my own, I only use the Flash Drive or Micro SD card in its USB adapter. The reason being, I do not have to worry about the Flash Drive getting stuck inside the computer when I need to do a quick bailout. I can just yank it and go. Even if I need the Plop Boot Manager DVD to boot, I can remove it as soon as Tails starts.

The websites pages to visit EVERY TIME you go online

Anonymity is always under threat. As such, you need to verify that you are securely connected to the Tor network, and you must stay current on Tor news. Every time you go online, the first websites to visit are:

  1. https://check.torproject.org/
  2. https://panopticlick.eff.org/
  3. https://blog.torproject.org/
  4. http://slashdot.org
    and search “Tor”
  5. https://search.disconnect.me/
    , search “Tor”, and then click “News”

News of a Tails or Tor exploit will travel fast. You do not want to find out when it is too late.

 

 

Section: Safe Updates and PGP Program Authentication

In this section, you will upgrade Tails. Unlike just about everyone else, you will not leave yourself vulnerable to a security breach during the upgrade. I cannot stress how important it is to upgrade Tails properly. Once upgraded, you can go stand outside Labor Camp 16's fence and wave to all those people that said, "just download and install Tails." Since they did not follow these steps, they installed Kim Jong-Un's decoy program, Twails.

You are going to use PGP encryption to authenticate this upgrade. In the next section, I will fully explain PGP, but, for now, just follow these steps to get through the upgrade. This way, once you get to the next section and start making encryption keys you will know you are working within an authentic system.

Downloading and Authenticating Tails
  1. Boot from your Tails Flash Drive or MicroSD card and login with Persistence enabled
  2. Once in Tails, go online and visit the website
    https://tails.boum.org/download

The Tails website offers plenty of information about authentication, but, it ain't easy. I am going to make the process more “keep it simple stupid” like.

  1. You need to download three files from this page. They are easy to find, but you may still have to look around (all the links will be in green rectangular boxes)...
  • First, download “
    Tails x.xx ISO image
    ” (Click the “
    Tails x.xx ISO image

    box, and then cli
    ck
    Save File
    and
    OK.
    Then choose
    Persistent
    from the “Save in folder” drop-down menu and
    Save
    .
  • Second, download “
    Tails x.xx signature
    ” to your Persistent folder
  • Third, download “
    Tails signing key

    to your Persistent folder

At this point, you should be downloading the files “
tails-i386-x.xx.iso
”, “
tails-signing.key
”, and either “
tails-i386-x.xx.iso.sig
” OR “
tails.i386-x.xx.iso.pgp

You need to wait for all three files to download before continuing to step 4. That could take a few hours, sorry.

  1. Verify if “
    tails-signing.key
    ” is authentic. This step is a little erratic yet VERY IMPORTANT!
  • In your
    Persistent
    folder, right-click
    tails-signing.key
    and choose
    Open With > gedit
  • You should now see the text of the
    Tails PGP
    Public Key
  • To verify that this is the real key, not a decoy, you have to check it against other sources. Think of it as trying to figure out if someone is lying to you. If one person says he did not do it, but 20 witnesses say he did do it, he probably did it. To corroborate a signing key, you have to find other sources that agree it is authentic
  • Organizations change keys sometimes. However, as of August 1, 2015, the Tails key I have starts out with mQINBEytkvQBEAC3G9iFTj… and so on. I believe this is the authentic key. If this matches your key, then I believe you also have the authentic key (I will show you better ways to authenticate a key in the next section)
  • Once the key text checks out, you can close it

F.Y.I., in Windows, you can open a .key, .sig or .pgp file in Notepad.

  1. Now you will authenticate Tails
  • Right-click the
    tails-signing.key
    file and select
    Open with Import Key
    . A “
    Key Imported
    ” message will briefly appear at the top right of your screen.
  • In step 3, you either downloaded
    tails-i386-x.xx.iso.sig
    or
    tails-i386-x.xx.iso.pgp
    . If you have the “
    .pgp
    ” version of the file, rename it as a “.
    sig
    ” file (right-click
    tails-i386-x.xx.iso.pgp
    , select
    Rename
    and replace “.pgp” with “.sig”
    ).
  • Right-click
    tails-i386-x.xx.iso.sig
    and select
    Open with Verify Signature
    . A “Verifying” window will open. Just wait a minute, or so.
  • A “
    tails-i386-x.xx.iso: Good Signature
    ” message will briefly appear at the top right of your screen when complete. If so, you have authenticated your Tails “.iso” file!

It is common for PGP files to end in “.asc” instead of “.sig”, “.key”, or “.pgp”. For any of these files, simply open them in gedit and the top line of the file's text will tell you if it is a Key, Signature, etc. That should save you a few headaches.

Updating Tails
  1. Now that you have authenticated your
    tails-i383-x.xx.iso
    file,
    you can burn it to a DVD-R
  • Insert a Blank DVD-R into your system.
  • Right-click “
    tails-i386-x.xx.iso
    ” and select “
    Open with Brasero
    ”.
  • Your Tails ".iso" file is preselected. Choose your blank DVD-R from the "
    Select disc to write to
    ” drop-down menu. Click
    Burn.
  • Go get some cheese, crackers and a glass of wine.
  • Success! You have an up-to-date Tails DVD. Next, you will update your personal Tails Flash Drive or MicroSD card.
  1. Restart your system, this time booting from your new, up-to-date Tails DVD. Just go all the way into Tails; you do not need to create an Administrator password at login.
  2. Insert the same Tails Flash Drive or MicroSD card you have been using all along (Don’t worry; you are only updating it, not erasing it).
  3. From the top toolbar, select
    Applications > Tails > Tails installer
    .
  4. Select
    Clone & Upgrade
  5. Choose your target device (it is probably preselected), click
    Create Live USB
    , a
    nd then
    Next
  6. Once completed, you can boot from your up-to-date Tails Flash Drive or MicroSD card with your little secret Persistent world intact.
The following steps are different in your updated version of Tails...

When starting Tails, if you choose
Yes
for
More Options
at the
Welcome to Tails
screen,
you are given the option to uncheck
Spoof all MAC addresses
and to use a
Bridge
to connect to Tor. Under almost all circumstances, you can
leave these settings unchanged.

MAC address spoofing
is a way of anonymizing your machine's identity within your local network. Spoofing can be a problem if your local network has restrictions that only allow connections from 'approved' machines. That could be the case within some office networks to increase security. Do not worry if you do not spoof your MAC address, it is not visible online like an IP address. It will only show a network administrator that your machine connected to the internet on a particular network at a particular time. It does not reveal your online activities.

A
Bridge
is an unlisted access point to the Tor network. Using a Bridge is necessary when a local network (like your office, coffee shop or internet service provider) blocks access to Tor by blacklisting known Tor servers. I talk more about Bridges in a few posts on my blog. You can read them at
https://howtobeanonymousonline.info/?s=bridges
.

The Tor Web Browser will not automatically open upon connecting to the internet. So...

  1. Connect to an Ethernet cable or Wi-Fi network
  2. Wait for a little
    Onion Icon
    to appear on the right half of the top toolbar. It will be yellow while it connects to the Tor network.
    Wait for it to turn Green
    .
  3. Once the onion turns green, open your browser from
    Applications
    >
    Internet
    >
    Tor Browser
    or by clicking the
    Blue and Green Tor Icon
    on the left half of the top toolbar

To disable JavaScript, in the Tor Browser:

  1. Click the Green Onion to the left of the address bar
  2. Click
    Privacy and Security Settings...
  3. S
    elect
    High
  4. Click
    OK
    and you are finished

This also disables automatic loading of online custom fonts (an extra preventative measure to stop a website from determining fonts installed on your system)

Disabling Cookies: You no longer have the option of disabling all cookies. However, by default, Third-Party cookies are Disabled. These are the dangerous ones that track you from one site to another. First-Party cookies are Enabled, but, automatically deleted when no longer needed. These cookies only track you within the site that gave you the cookies. They are used, for example, to keep you logged into the site.

A few optional steps:

To disable automatic loading of online images (helpful to speed up browsing):

  1. In the Tor browser URL address bar, type '
    about:config
    ' and hit
    Enter
  2. Click the
    I'll be careful, I promise!
    button
  3. Scroll down to the
    permissions.default.image
    line. Either double-click, or right-click it and select
    Modify
  4. Change the
    integer value
    to “
    2

  5. Click
    OK
    and you are finished

 

Section: PGP/GPG – Everything you want to know

PGP allows you to encrypt messages. So, if you want to email a secret love note or favorite recipe without Kim Jong-Un fixing his hungry eyes upon it, type it into a little text file, encrypt it and send it.

PGP vs. GPG

PGP and GPG are pretty much the same. The difference between the two comes down to licensing and encryption algorithms that you probably will never notice. They are interoperable, so, using one will not leave you unable to communicate with someone that uses the other. Unless you are a mega uptight person, there is no need to distinguish between the two. I will refer to it all as PGP.

Quick explanation of .asc, .key, .pgp, .gpg and .sig files?
  • .asc
    – t
    his extension is for a public PGP key file saved using the American Standard Code for Information Interchange character-encoding scheme, abbreviated ASCII (when you import or export a public PGP key the file name will be keyname.asc)
  • .key
    – this can be the same as a .pgp, .gpg or .asc file (since they are the same,
    filename
    .key can be renamed
    filename
    .asc)
  • .pgp
    – this extension is for a file that has been encrypted using PGP (if you encrypt
    filename
    .txt, the new file created will be named
    filename
    .txt.pgp)
  • .gpg

    this extension is for a file that has been encrypted using GPG. Just consider it the same as .pgp
  • .sig
    – this extension is for a signature file (if you sign
    filename
    .txt, a second file,
    filename
    .txt.sig, will be created)

Other books

Hellbound Hearts by Paul Kane, Marie O’Regan
Ghosts of Rathburn Park by Zilpha Keatley Snyder
Hudson by Shayne McClendon
Hot Water Music by Charles Bukowski
Power Games by Judith Cutler
Make a Wish! by Miranda Jones