Three Letter Re: Internet and Search Engine Privacy

Tuesday, Jan 24, 2006

Jim:
I've done a lot of experimenting on this and offer my take:

Rule Number One: The U.S. Government is monitoring domestic internet traffic. Anybody visiting Survivalblog is already suspect by the government because of it's very subject matter. Assume that you are being monitored. Let's not be naive here please.

Anonymizer is obviously monitored by the Government because it maintains logs of in/out IP Addresses.

Tor...the Onion Router is the best way to go if you have DSL or Cable high-speed internet connection because there is no central logging. I use it.

CCleaner [Cache Cleaner] at http://www.ccleaner.com/ is the very best way to keep your computer free of what snoops want. It is FREE, tiny, fast, easy, and I click on it after every internet surf. It instantly removes all tracking cookies. It also instantly removes all those useless internet temp files that clog/slow your computer. Download it FREE right now. -Book

 

James:

You mentioned that your readers might be interested in a brief write up of privacy on the Internet and how to keep yourself off of the radar. I'll try to oblige.
First some background: My company and I do Information Security for small businesses, so we and I have experience in keeping private things private in the real world. What I'm doing is basically putting into text the Security Speech that I give any client who I consult for (and will sit still long enough to hear it). I'll stay away from technical terms and specific products/'solutions' until the very end where I'll describe a few different levels of 'security' in real-world examples. Specific privacy stuff is further towards the end.
Rule Number One: There Is No Such Thing As A Secure Computer (or Anything Else)
Perfect security is impossible. Computer security researchers are fond of saying that the only secure computer is one that's unplugged from the network, turned off, sealed in a vault and protected by well-paid guards, and they're only partially joking. (Yes this is what passes for humor in the computer security profession.) No matter what steps you take to keep your stuff secure, someone, somewhere can break into it and steal them; given sufficient time and money all computers are vulnerable. The only thing you can do to an attacker is slow him or her down. All of modern security is devoted to slowing attackers down. This has two effects: it makes you less appealing to casual attackers and it frustrates determined attackers.
In WWII the Germans used an encryption device called "enigma" to send secret messages to their troops. They thought it was unbreakable. The allies broke it. The moral of the story is that what we think is 'secure' today will be as tough as tissue paper in fifty years.
Rule Number Two: Security Is Not A Product.
What I mean by this is twofold: one, anyone who sells you a "secure" widget is lying. Widgets, computers, servers and networks are not secure or insecure by their nature; they are merely tools. Any tool can be used for good or ill, just think of the climate concerning guns. This is a continuation of the first rule; not only is there no such thing as a secure computer, any steps that have been taken to create a more secure computer can be blown away by the mentality of the user. This rule probably should read Security Is A State Of Mind, but this way I can combine two rules into one. In a nutshell, every system is only as secure as the users of that system are willing to make it.
The canonical example of this is a hospital. Hospitals have insane oversight in terms of confidentiality of patient information and they can get in real trouble for letting the Wrong People see certain files. So the natural step is to make each level of access have a separate password and each user must login to separate authentication levels, blah blah blah. Its a 'very secure system.' End result? Nurses get tired of remembering so many passwords and write them down on sticky notes on the monitor. Security that is too hard to use will be defeated.
Rule Number Three: Your Computer Is A Castle.
Traditional security is a good analogy to computer security. Things that people would never do in the real world they don't think twice about doing online. When you open an attachment you're not expecting, its like licking your neighbor's doorknob. When you blindly click 'OK' on every pop up window, its like walking around in a bad neighborhood with a roll of hundred dollar bills poking out of your pocket. Remember the Trojan Horse? Trusting everyone online will get you in trouble, just like in real life.
Likewise, when you evaluate a system for security the first place you look is the place where security is the weakest. If you double-encrypt everything and lock your computer in a safe but your password is 'secret', you're not really secure. Always look at the big picture and don't lose the forest for the trees. Likewise, if you have an uber-secure locked-down machine but its in an office where the cleaning staff have physical access, you're not secure.
Rule Number Four: Security is Boring
This is the hardest thing to get right. The best way to be secure online is to do the little things all the time. Boring things like keeping your security updates up-to-date and getting an anti-virus. Being paranoid about your email and choosing the right software go a huge way towards keeping your stuff safe. Have a legal copy of all your software, especially your anti-virus. Pay for it. If you don't want to pay for it, AVG anti virus is free and damn good. More detail later.
That's it for the theory, there will be a quiz on Thursday. Now the practice. There are a few things that you can do to keep yourself secure and protect what little privacy you still have.
The first thing to know is that email is not secure. Think of email as sending a postcard, there's nothing to stop anyone who touches it from reading it. Email is hard but not impossible to anonymize, but there are few remaining anonymizers left. Any old Hotmail or other free account will work for certain values of 'anonymous' but they probably will not stand up to a legal search warrant unless you are very careful. Gmail is not a good provider for anonymous email because of the invite system. Unless you can get an invite anonymously anyone tracing it can simply look up who invited you and compel them to spill the beans.
Another thing is that any site you visit on the web can get a huge amount of information on you that your browser just sends out on its own. Things like your IP address which can be traced to a rough location and if the government gets involved can probably be traced down to whoever pays the bills. This can be mitigated by using anonymizing proxies, Tor and privoxy. More detail further on
Yet another key facet is that anything that is on your computer is something that you are trusting fully. If you follow good protocol, you are trusting Microsoft with all of your data, and you are trusting whoever makes your anti-virus or firewall with all your data. There is precedent for law enforcement using the anti-virus update to compromise the computer of a group that was holed up in their cabin to prevent them from emailing out. In case I wasn't clear, this has happened and will happen again.
Now for some details and the all-important links:
In terms of an operating system, Windows is the default and there's no budging most people from it. With good practices and by keeping up to date you can keep windows tolerably secure. I would trust it for mildly embarrassing data but not critical data. Please upgrade to at least Windows 2000. Windows XP with Service Pack 2 is best. I know its expensive, but Windows 95, 98, and ME are outdated and not secure.
Since no one has access to the code that makes Windows tick, there is no way to determine for sure that there is not an easy back door that could be leveraged against you. I cannot recommend keeping mission critical data on a Windows machine. If you have a bit more freedom about what you run, I heartily recommend getting a Macintosh. The new Apple OS X is built upon a very secure BSD base and it strikes an excellent balance between usability and security. Any version of Linux or BSD can be made secure, but if you're running those you probably know how to secure it.
Web browsers: There really is only one. Firefox is the best that has come along yet. It can be setup for decent everyday browsing and keep a good rein on your cookies and history. In the firefox settings, you can exercise very fine control over what sites are allowed to set cookies on your machine and when to expire them. Please do not use Internet Explorer on ANY OS. It is not secure in any way. A good addition is Privoxy and/or Tor. A must-have extension for Firefox is Adblock Plus and "Filterset.G"


Email client: I recommend either Mozilla Thunderbird, but basically anything but Outlook (Express) is acceptable. Outlook is massively insecure, Please do not use it.
Anti Virus: They're all equally mediocre. I use AVG which is free for personal use. Pick one and keep it updated.
Firewall: Again, the windows firewall cannot be trusted. I recommend Kerio Personal Firewall, and I use it myself. Tiny Personal Firewall is good too. Zone Alarm is less powerful and Black Ice is worthless.
Proxies: Privoxy is a nice semi-anonymizing proxy that runs on your local machine. It can't hide your IP but it will strip out a lot of identifiable information. Its pretty easy to set up too.
Tor is a very clever onion routing network that passes your traffic through a few levels of other machines so that theoretically not only does the site you're visiting not know who you are, nobody could trace your connection back to you. An added benefit is that Tor servers are encrypted so your traffic is harder to snoop on as well as being more anonymous. The disadvantage is that this is SLOW.
Encryption: BestCrypt can create secure images that can be viewed on Windows and Linux.
Below I'm going to outline three levels of security and what they should be reasonably protected against.
The first is an easy to use everyday machine. You will be protected from most common automated and non-directed attacks but a determined attacker will still be able to penetrate as will a governmental entity. If there is demand I can work up a similar profile for a Mac.
Microsoft Windows 2000 or XP.
AVG anti virus or similar.
Kerio Personal Firewall of similar.
Firefox, Adblock Plus and Filterset.G set to only allow same-domain cookies.
Privoxy
The second is more anonymous but it sacrifices speed. You will use this if you want to do something that you wouldn't want broadcasted.
The same as above except Firefox is set to expire cookies on close, and keep no disk cache or history. Privoxy is also connected to Tor for anonymization.
For email, Thunderbird and Enigmail can be setup to encrypt your email to a very strong degree, as long as the recipient has a similar setup. New Enigmail versions are very user-friendly in this regard.
Also, it is possible to have two different "profiles" of firefox on one machine, one that simply browses normally with sane cookie rules, and another that passes through Tor/Privoxy and keeps no history or cache and clears cookies on exit. This is simple to do and a good mix of usability and the ability to be more anonymous if desired.
One note: Remember that today's "uncrackable" will be a joke in fifty years. Also, encrypted traffic will probably raise a certain level of awareness among those doing the spying. Legally this poses no problems but if you're doing something you wouldn't like discovered sending encrypted e-mails to osama@alqaida.com it is probably a bad idea.
A Proviso: The above two systems rely on closed code and trusting updates. They would be very vulnerable to any form of governmental intrusion and nothing can be done to mitigate this. IF YOU ARE GOING TO DO SOMETHING ILLEGAL, DON'T USE ANYTHING CLOSED-SOURCE TO DO IT WITH. If you do intend to do something illegal, or even if you're just paranoid like me, a good idea would be to have a second machine. This is similar to what the NSA does internally: Classified machines cannot talk to Top Secret machines, and none of them can talk to Unclassified machines.
A good Classified or Top Secret machine might look like this. This machine should be reasonably secure against anything but a direct, physical attack.
BSD or Linux OS, properly configured (details are outside the scope of this article. I will be happy to provide further information upon request).
A solid, encrypted file system or BestCrypt for any user data.
Not connected to the network. Use a USB flash keychain/thumb drive for getting data off of it.
Again, none of this is any good at all if your master password is your birthday.
I hope someone finds this useful and I'm happy to answer any more detailed questions either via SurvivalBlog or directly. - Paedrig Hawkwing (PaedrigHawkwing-at-gmail.com--change the "-at-" to an @ symbol)

JWR Adds:  Our web statistics show that 19% of our readers now use the Firefox browser, up substantially from the 16% when we started SurvivalBlog back in August of Aught Five. My advice:  DUMP that back-door ridden, data mining Microsoft Internet Explorer. Firefox is free!

Hi Jim,
Another option for anonymous web browsing is to install Tor, an "onion routing" package that sends your data through 'layers' of different servers before reaching your desired destination. After I first installed Tor, I visited Google and was surprised to see it looked a little different -- Google detected that I was coming from Austria (since the last server 'layer' was located there) and presented me with "Google Österreich"! Tor is free and easy to setup. The EFF has instructions for Windows ( http://tor.eff.org/cvs/tor/doc/tor-doc-win32.html) and OSX (http://tor.eff.org/cvs/tor/doc/tor-doc-osx.html ). Regards, - MP


Copyright 2005-2012 James Wesley, Rawles - SurvivalBlog.com All Rights Reserved