Cybersecurity specialist and researcher.
The article also discusses Edward Snowden's methods to help you stay anonymous on the Internet. For example — using the Whonix distribution kit ensures user anonymity.
Image source - news.cgtn.com
The article also discusses Edward Snowden's methods to help you stay anonymous on the Internet. For example — using the Whonix distribution kit ensures user anonymity.
This article also:
? Table of contents:
Disclaimer
The article discusses the technologies used to protect your data and confidential information on the Internet. All presented information here is to inform PC users and political activists about information security measures. The author of the article does not in any way intend to harm or offend users and politicians.
If you suddenly need to hide from the state, there will be no time to think. How should you proceed to guarantee yourself complete anonymity on the Internet and in life? Read more about the methods of successful disappearance and the methods of Edward Snowden in our article.
“The issue of privacy is a serious problem because only privacy allows us to freely decide who we are and who we want to be.
Edward Snowden.
There is a common opinion that one cannot trust anonymous people because they do not risk their reputation, which means they can be provocateurs and aggressors. That could be indeed the case. However, the world has sunk into the era of totalitarian states, and freedom of speech is now increasingly punishable.
Political activists, public figures, and any not indifferent people cannot fully talk about their rights; therefore, they have to hide behind the mask of an anonymous person. For getting their freedom back, people are forced to act not according to the rules. Security prevention is an opportunity to preserve your dignity and the right to self-expression.
Right now, you are holding in your hands a thing that can be your assistant and, at the same time, an executioner — your smartphone.
The phone knows everything about you: your location, interests, hobbies, correspondence, bank accounts, Face ID, and even how your dog looks. These are a kind of beacon that records your every step. It is naive to believe that your data is not on the Internet.
What you see on search engines is just the peak of the iceberg. For an additional fee, all information about you can be found in the DarkNet databases. Law enforcement agencies and government services have free access to the “black” Internet, where you can find almost any information about anyone.
Possessing equipment that supports Internet access and cellular communication, you can forget about anonymity. Therefore, the first thing you should do if you want to disappear without a trace is to get rid of your smartphone.
Better yet, send it by courier to the other end of the country, as far away from you as possible. The next step is to purchase a new "clean" SIM card that has nothing to do with you or your environment.
It is better to purchase such a SIM card in advance because, in emergencies, you will not waste time looking for a new number.
The next thing that you urgently need to get rid of is a credit card.
With the help of a bank card can also find out geolocation, track payment for public transport, and your usual route.
Remember that any transaction records your exact location. Stop paying Masterсard Contactless and shopping online. If you need to hide from the public, use only cash. To reach a highest level of paranoia, you can check banknotes for any non-typical markings and signs.
Any place where you do present documents is a threat to your anonymity.
Buying plane tickets, train tickets, or checking into a hotel room, you inform the state of your location. Don't make such obvious mistakes. If you want to become elusive, consider changing your passport details.
The third dangerous thing is your laptop, desktop, tablet or whatever else you are using to get an access to Internet. It is impossible to remain completely anonymous in the digital 21st century, but you can follow several rules to protect yourself from increased attention from government services.
So you've encrypted your computer. What to do next? If you are coordinating on a network, then it is better to use two different computers: one for your daily work, the other for activities that can be used against you.
Regardless of the purpose of your computer, install Whonix, a special Linux distribution designed to compartmentalize Internet traffics through the Tor browser. It is one of the systems that Edward Snowden used when he was hiding from the NSA. Thanks to Whonix, even the indirect fingerprint you leave on the web will be confusing enough.
To use this system, you first need to install Virtual Box, a visualization program for operating systems.
Image source – virtualbox.org
Image source – whonix.org
Image source – virtualbox.orgThe peculiarity of Whonix is that the program presented not as an installation file, which is used to install the operating system, but as an image of a fully configured virtual machine with the operating system installed. And there are two such images: the first is Whonix-Workstation, the second is Whonix-Gateway.
Whonix installation is virtually the same across operating systems as the VirtualBox software is identical across all platforms. We will demonstrate installing Whonix on macOS; however, Windows or Linux users can easily install Whonix by following our instructions.
Whonix is installed in two steps: installing Whonix-Gateway and Whonix-Workstation.
Since the downloaded image file is a ready-made virtual machine with an installed operating system, all the virtual machine parameters (allocated RAM, disk size, etc.) have already been set.
The program will only inform you about the number of allocated resources.
Whonix-Gateway and Whonix-Workstation will appear in the list of virtual systems.
First, you need to connect the server machine — Whonix Gateway. It is the server machine that connects you to the Internet.
After connecting to the Tor network, before using the server, we recommend opening a terminal and updating the internal files with the sudo apt-get update command.
You can use the default password “change me”. Next, we recommend changing the password with the passwd command, choosing a certain combination of letters.
Please note that characters are not displayed in the terminal as you type — this is normal. This password needs to install software and make changes to system settings. You will rarely use this password, but your system becomes vulnerable to attackers if you do not change it.
Never use a server virtual machine to access the network!
After completing all the instructions, you will find yourself in an anonymous environment: not only the browser but all your connections are protected in the Whonix system through Tor. You will become as anonymous as trivial methods can achieve.
To maintain this anonymity, in no case connect to personalized accounts from an anonymous environment.
What does it mean?
Let's say you logged into your work mail and anonymous channel from the general Whonix session. It is the point of association. Now all the traffic that you with such difficulty hid can be analyzed. The mail you just entered can be tied to your real identity.
Please note: this rule also needs to be observed offline — in your real life. If your real and virtual personalities touch at some point, expect trouble.
So, the main rule of identity protection is not to confuse your real and fictional identity. But what if you need to be pseudonymous for your work? Anonymity and pseudonymous activity differ in several ways. So, anonymity assumes that it is enough for you to commit some one-time act.
Pseudonymous activity is creating an alter ego, in other words, an alternative personality to which you plan to return for an extended period. This is much more difficult because the human factor significantly increases the likelihood of making a mistake.
The most apparent mistake when creating pseudonymous accounts is renaming your old accounts. As stated earlier, a phone number required when creating social media accounts. Even if you rename your Twitter or Facebook profile, it is the phone number that will reveal your real identity.
To go unnoticed, you need to start from scratch: create a new mail for a pseudonymous account. We are recommending to use ProtonMail.
Image source – protonmail.com
For essential registration, ProtonMail asks for a small Bitcoin donation or activation via another mailbox. There is a wide variety of disposable mailboxes, some of which are blocked by Proton, but new mailboxes appear every day.
It is safer to use a disposable e-mail account to receive activation codes.
Follow our instructions to use your ProtonMail inbox.
Image source - protonmail.com
Image source - protonmail.com
We advise you moving to the second line of the search engine, as the mailboxes offered on the first page may be blocked.
A confirmation code will be sent to the specified mailbox.
This mailbox is in no way tied to your real identity, computer, IP address, and social networks. You are going to confuse any system trying to follow you!
Next, you need to create an account on a social network or messenger, for example, on Telegram. Most of the existing social networks ask for a phone number when registering: you use your real SIM card under no circumstances! Some services are anonymously selling phone numbers to receive activation codes.
Contrary to the myths about the anonymity of Bitcoin, it is completely insecure. Moreover, every Bitcoin transaction is permanently recorded on the blockchain and is easily traceable.
By using Bitcoin, you are very much at risk of your anonymity. To be on the safe side, transfer Bitcoin to Monero. It is an open-source cryptocurrency created exclusively for anonymous monetary transactions.
Unlike Bitcoin, Monero uses the CryptoNote protocol, which obfuscates transactions. You will pay just a little for transaction, but you will be able to protect yourself.
Today, only Monero is a virtually invulnerable cryptocurrency, as its transactions cannot be traced. You can create a pseudonymous account on Twitter, Telegram, or any other social network by purchasing a number.
On the technical side, you have entirely secured yourself and your anonymity. The only risk that can threaten you is yourself. Do not forget about the human factor because it is mostly just ridiculous mistakes that lead to negative consequences.
To protect yourself from potential problems, follow these simple guidelines:
We recommend using the MAT: Metadata Anonymisation Toolkit to remove metadata.
Remember that your anonymity is only in your hands. Some attackers can use social engineering.
It can be difficult for people to keep up with technology, but if we aren’t holding our fingers on the pulse, the consequences can be disastrous. Tens of thousands of people fall victim to hacker attacks and fraudsters every year.
Phone numbers, bank accounts, and other personal information can be made public in no time if you doesn’t take good care of your cyber hygiene.
We urge you to know and respect your rights, take care of your information security and, if possible, protect your loved ones — older people who find it more challenging to preserve their confidential information in the digital age. Share basic guidelines with your parents and older relatives.
We wish you to remain anonymous and elusive!
Dear readers, we hope that this article was informative and valuable for you. Share if you use any methods to protect your data on the Internet?
If you think, some anonymity methods were missing here, please let us know in comments.
Leave a comment
