Foundations in Anonymity

Maintaining Anonymity, is divided into two categories- On the Internet and AFK | IRL

Internet Anonymity

Erasing Data

Cookies
Websites use cookies to identify users who have visited the website before, and maintain information on them. Sometimes, if you have visited a site previously through Tor, then gone back to it without Tor, it will detect you and your identity is exposed. To avoid this use TorBrowser and or have a Dark web dedicated browser or browsers one for each darknet you enjoy surfing which is highly recommended.

CCleaner

CCleaner will do the job for you and thoroughly. Also makes viewing your history impossible, should the FBI be knocking on your door. Take a peek under the tools section, Drive wiper, set it too very complex overwrite (35 passes) and AFK it’ll take a bit. Good luck recovering anything.

BleachBit

BleachBit is for Linux and will do the same as ccleaner, with bleachbit to get the most out of it you should use the Overwrite feature under root, and u can make it impossible for recovery of deleted files.

Derik’s Boot and Nuke

DBAN is a self-contained boot disk that automatically deletes the contents of any hard disk that it can detect… It is also a solution commonly used to remove viruses and spyware from Microsoft Windows installations. DBAN prevents all known techniques of hard disk forensic analysis. It does not provide users with a proof of erasure, such as an audit-ready erasure report.

A Hammer

Smash the hard drive…

USING Virtual Machines

It is strongly recommended you consider making a Virtual Machine (VM) to separate your personal OS instance with your “other” activity OS instance. It has several other advantages such as allowing you to quickly delete all “other” activity off your computer by simply deleting the VM itself. Not to mention being able to Encrypt the folder containing the Virtual hard drive, or Encrypting the VM itself, this is only available with VMware though.

 

Virtual Machine Software

Oracles VirtualBox – x86 and x64

VMWare Workstation – x86 and x64

Windows Hyper-V – x86 and x64

 

IP Address

Your IP (Internet Protocol) address (namely external) is the thing you need to most worry about. Through it, you are traceable to the very place you are sitting now. When you enter a chat room, you are recorded. When you enter an online game, you are recorded. When you enter a website, you are recorded. It is therefore important to hide it, to remain Anonymous.

Tor is the most effective for this. When used properly, even the FBI would have a shit-hard job tracking you down.

For quick anonymous website browsing, you can pick from a variety of online proxies here

Proxifier is a useful application that forces any online program running to go through tor (or whatever proxy you configure it to).

I2P is a robust darknet that provides web proxy use but where it really shines is anonymous communication, vibrant community, Services include anonymous email, torrents, IRC, webhosting, social media, the possibilities are endless its Highly recommended.

Free net is a peer-to-peer platform for censorship-resistant communication. It uses a decentralized distributed data store to store information, and has a suite of free software for working with this data store.

VPN are very important, trusting them isn’t recommended namely because depending where they are hosted they might be forced by your gov’t to give up the log files. Do research to which one would be most beneficial to you depending on your AFK | IRL geo location, never get one in your own country, make it harder for any “authorities” to legally or forcefully access your providers access logs.

MAC Address

MAC (Media Access Control) address is a quasi-unique identifier assigned to most network adapters or network interface cards (NICs) by the manufacturer for identification. If assigned by the manufacturer, a MAC address usually encodes the manufacturer’s registered identification number.

MAC Address is something that most websites don’t usually pick up, though sometimes chat rooms/websites/online games will have ways of finding it, also when using a hotspot or unsecured network it’s also recorded when your machine requests an IP address from DHCP. It is near impossible to trace an actual machine simply from a MAC Address, but it is also something unique to your machine, and if you bought your NIC or motherboard using a CC …well think about it. Mac Spoofing is possible, and recommended.

Host Name

A hostname can be used against you when accessing an unauthorized network, some routers record it along with your mac address and this information can be correlated in an even where you’ve been spoofing your mac and not the host name, so its recommended to spoof both when doing something which may be construed as illegal in your AFK Geo location.

DNS Leakage

DNS leaks are security vulnerability that is specific to Microsoft Windows operating systems. Do to security flaws inherent in windows OS, your computer can actually mistakenly use the wrong DNS servers, thus exposing your true IP address to the website you are visiting. When using any anonymizing technologies on windows it’s always a good idea to check for leakage. Here’s a good check http://www.dnsleaktest.com/ .

 

User Agents

Slightly trivial, but websites tend to pick up on which web browser you are using (Firefox/Internet Explorer/Safari etc.), so it can throw people off the trail if you appear to be using a different web browser to the one you really are.

 

Browser recommended Add-ons

Adblock Plus: This plugin blocks around 90% of internet services that attempt to track your web activity and then send you targeted ads. It’s crucial to use while browsing any questionable websites or sites that have questionable news articles, etc. http://goo.gl/fPmjm

NoScript: A very useful plugin that will disable JavaScript on sites to protect your privacy and stop malicious activity. Can set rules for individual sites or deny globally. http://noscript.net/

BetterPrivacy: This plugin is a tool to identify and remove cookies. It will also act as an “opt out” from advertisement and other forms of web tracking. http://goo.gl/TL79Z

FoxyProxy: An Add-on to the default way to handle connecting to proxies, the Foxy Proxy add-on will allow you to have easier access to enabling your proxy tunnels, also has advanced features, such as setting up a list of domains that you will always want to use a proxy to connect to, and to do so automatically, while still using another connection for non-listed sites. http://goo.gl/VRiHT

Ghostery: Another tool to help manage and mitigate tracking cookies, Ghostery features tools that will alert you when there are tracking cookies on the websites you visit. You can also view information about each tracker that is trying to harvest your browsing data, and even view the source code of said tracker and see exactly how the cookie is tracking you. Make sure you get Fanboy list and Easy list to stay updated (these can be selected during setup or in the options of the add-on itself) http://goo.gl/GoKQ1

Greasemonkey (GM): A great add-on that allows you to edit the way websites show information to you, using bits of JavaScript code. This is more of an add-on “engine” or development platform, allowing you to write and download scripts to do many different things using their add-on. http://goo.gl/atGk7

HTTPS Everywhere: A Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. http://goo.gl/fsKV

 

AFK Anonymity

When out in public, for example at an organized event, meet up, convention:

  • Never give out personal information to anyone you don’t trust, i.e. everyone.
  • Never allow yourself to be followed to a place that might compromise your Anonymity, e.g. to your car, place of residence, etc.
  • Trust No ONE.
  • No Routines, Never walk the same way home, avoid habitual hangouts.
  • Blend in, When in Rome do as the Romans.
  • Never mix up your identities, have over 9000 of them.
  • Full disk Encryption, for windows use Truecrypt, Linux use LUKS/LVM.
  • Hidden Encrypted Volumes and Plausible Deniability – see here

 

As with anything dealing with security you need to stay on top of your studying and keeping current on techniques and tactics, it’s a never ending war. Hope this guide will give you a foundation for you to begin with. If you have any suggestions or corrections they are always welcome.