Saturday, February 22, 2020

TOR, Psiphon, Signal and Co.: How to move unrecognized on the internet

Dictatorships and online services collect all kinds of data. Many users have no access at all to the free network. Here are a few tips on how to navigate the internet safely and anonymously and how to avoid censorship.


How do I become visible to others on the internet?

Basically, all internet traffic is visible to everyone who has access to the servers through which it flows — just as a postcard can be read by any mail carrier.

A lot of data can reveal your identity. First, there is the IP address of your computer. But nowadays, users are also often recognized by other data from their computers: unique properties of browser plugins, screen resolution, window size, language, time. Very precise user fingerprints can be created that make someone recognizable to a web server to 98%, even without an IP address.

If a regime blocks certain websites, how can I still access them?

In the past, only static proxies were used. Often, it was just simple IP addresses that forwarded internet traffic. This worked as long as the censors didn't notice or know the proxies. In the meantime, however, many states have begun to block all proxies they disapprove of.

Proxies can also be used to conceal from the operators of websites where a visit is coming from. For this, you can take the detour via Anonymouse or a variety of similar anonymization services.

How do I build a tunnel?

Virtual private networks (VPN) are somewhat more complex. To do make use of them, you set up an encrypted tunnel connection to a server, for example in another country. No one can look into the tunnel. With VPNs, companies do things like establish a secure connection between their employees and the internal company network.

The tunnel can also be used to access the free internet from a censored area. But censorship authorities can see that it is a VPN connection and who operates it. Today, censorship regimes have become much more attentive and block static proxies relatively quickly. Moreover, proxies do not offer anonymity. VPN networks are also often forbidden. So you have to come up with something new, such as the TOR network.

What is TOR?

TOR means "The Onion Router." It's built like an onion — in layers. TOR helps to hide your identity. You are not directly connected to the server from which you want to retrieve information by the shortest route. Instead, Tor connects you using detours: so-called TOR nodes.

Each of these TOR nodes lays its own encryption layer over the browser behavior so that the other Tor nodes can't read it, either. This makes surfing very secure.

Can I access all web pages with the TOR browser?

There are special TOR websites with so-called onion services. Deutsche Welle also provides such a service.

These services are very secure. However, you can also access all other normal websites with the TOR browser. At that moment, you leave the TOR network and anonymity is somewhat limited, but the operator of the website that you are visiting cannot recognize either your IP address or any unique features of your browser, because TOR suppresses this information.

The countries with the most secure servers

So you can't tell who I am, but you can tell what I'm doing?

A censor can recognize what the internet traffic basically looks like, but can't necessarily glean any information from it. That's why TOR has evolved.

To circumvent censorship, TOR has developed so-called "pluggable transports." These make internet traffic appear completely different than it really is. For example, if someone surfs websites, it may look like a video conference, normal email traffic or something else. It also changes back and forth all the time. This makes it more difficult for censors to follow the surfing process.

Can censorship authorities outwit pluggable transports?

If the censorship authorities suspect that they are seeing TOR traffic veiled by a pluggable transport, they may send their own traffic to see how the server responds.

If the traffic is disguised as a video conference, they can see whether the server is also responding like a video conference server. Because the server then responds differently, however, the regime will probably disconnect you.

How do I get into the TOR network from a country with censorship?

People who live in countries where the internet is censored need "bridges." These lead to the known entry nodes to the Tor network, which are usually blocked by the regimes.

Every TOR user can provide a bridge, making their own machine a virtual entry point. So as many people as possible who live in countries with free internet should do this, because then people in countries with censored internet have many different possibilities for getting into the TOR network.


What do I do as a layperson if I want to use TOR?

It's very simple: On the website of the TOR project, the current Firefox-based TOR browser for each operating system is available for download. The browser can then be used like a normal browser. The only difference is that the user is anonymous.

What do I have to consider if I live in a censored country?

It is important to make the correct settings in the TOR browser if you want to avoid censorship. Unfortunately, the settings are somewhat hard to find in the Firefox browser. There is a special TOR area in the settings. During the TOR installation, the browser asks once if you are in a censored country. If you confirm this, the pluggable transport is loaded automatically.

The pluggable transports can also be downloaded in the existing TOR browser settings. The bridges are also loaded; the TOR browser searches for current bridges itself. The settings for automatically receiving new bridges are located where you also set the pluggable transports: If the first bridge doesn't work, the browser takes the second bridge, and so on.

Secure alternatives to Google & Co.

As a user in a free country, how can I support people in censored countries?

If you live in a non-censored country, TOR will ask you if you want to provide a bridge. It is possible that internet speed will suffer a little., but with today's fast internet connections, that's probably not such an issue anymore.

Read more: A safer internet and the stupid things we do online

To provide a large number of bridges, there is the project 'Snowflake.' How does it work?

Snowflake is a project where all users with normal Chrome or Firefox browsers can provide bridges. You don't need a TOR yourself.

The inventors hope that as many users as possible will provide such bridges. The project is called Snowflake because the bridge exists only as long as someone is surfing. Then the snowflake melts away and is no longer recognizable.

Do I have to accept restrictions when surfing with TOR?

You have to accept that there is less comfort. In the default setting, for example, Javascript is suppressed and cookies are not saved. This means that the browser does not store any passwords and does not fill out any forms in advance.

There are also websites or entire infrastructure operators who do not want any traffic from the TOR network because they fear that it could be dangerous or dubious. But now, even the internet giants are realizing that TOR traffic is not evil per se.

How great is the danger that I, as a TOR user, will be caught by the regime?

Traffic to the bridge may be identified. Normally, the traffic is simply stalled and blocked. But there is a danger that the authorities will continue to investigate the user.

What is the difference between the darknet and TOR?

The darknet uses the TOR protocol. But not everyone who uses TOR is part of the darknet. Facebook, The New York Times, the BBC and Deutsche Welle also use TOR.

So TOR is not a place for illegal activities, but a protocol for anonymizing those who have a legitimate interest in it.

There are other tools to circumvent censorship, such as Psiphon. What is that?

Psiphon is a commercial provider from Canada that has been working with media like Deutsche Welle for a long time and has created a product for the needs of the free media.

Psiphon offers apps and computer programs in which different censorship avoidance mechanisms are tried out one after the other. Different servers, proxy servers, VPN technologies and so on are used.

If you use Psiphon via Deutsche Welle, you will see the DW website and can then use any other website on the free internet, too.

How do I get to Psiphon as a user?

Psiphon helps DW to provide the download source for the program or app. They lie in the cloud, as the censorship regimes cannot afford to block the big cloud services because the collateral damage would be too great. If you want to use Psiphon, you should contact Deutsche Welle directly at dw-w@psiphon3.com.

Read more: Fighting censorship online: 'It's an ongoing race'

Are there also secure messaging services?

Many people use instant messaging services such as WhatsApp, Facebook's messenger service. But this service, for example, has fallen into disrepute because it reads the phone books of its users and it is not clear where the data ends up. More secure is a free app called Signal.

DNA data storage

With it, you can not only chat securely but also make phone calls. And there is a desktop application for the computer. In contrast to other services, the source code for Signal is open, meaning that IT security experts can check that it is really secure.

Are there search engines that respect privacy?

Yes, they do exist — search engines that unlike Google or Bing do not collect, store and process the IP addresses of their users. Then there is also no annoying, personal advertising. These search engines are called DuckDuckGo or Startpage.

What are add-ons for the browser?

Those include other tools to make browsing safer. These include add-ons that block cookies, trackers or scripts such as Java. Examples are uBlock Origin or the Privacy Badger. They are installed via the browser settings.



WHY IT SEEMS LIKE EVERYONE'S BEING HACKED
CCTV surveillance cameras hacked in DC

Two people were arrested in Britain on Saturday after allegedly attempting to hack the Washington DC CCTV surveillance camera system just days before President Donald Trump's inauguration. US media said 123 out of almost 200 cameras throughout the city were disabled by ransomware software. Officials feared a bigger attack may have been planned for the day of Trump's swearing in.


No comments:

Post a Comment