I want to be Anonymous!

Anonymity on the internet is a common problem that most people face at sometime, and all people should face. The simple fact is, not everything we do online is suitable in all cases. I worked for a major ISP and they banned anyone looking at their competitors' sites. Even though such information was useful to us when dealing with our customers. One of my colleagues was caught and dismissed. If he had accessed the forbidden sites anonymously then he would not have been caught and therefore not have lost his job. Of course, all the illegal things that are possible on the internet require anonymity, after all online crime is often harshly punished and you do not want to end up in prison for being a pirate, hacker or whatever else it is you do. So this article is all about making yourself as anonymous as you possibly can.

The very first thing I have to say is, it is absolutely impossible for you to be 100% anonymous online. The only way you can get 100% anonymity on your computer is to be disconnected from the internet. If you are connected to the internet there must, by definition, be a direct and traceable connection between you and the internet. If it can not be traced then there can be no communication between you and the internet.So forget about total anonymity. What we are looking for is getting the highest degree of anonymity possible. After that we look at further systems we can employ to give increased protection from possible problems.

So what do we need to do? Well clearly we need to make our connection to the internet as obscure and confusing as possible. Commonly we use two main methods to produce this, spoofed IP addresses, and protocol obfustication, often linked to data packet encryption. Do not worry I will not be going into much detail about these things, more point you in the right direction and give you the tools to gain the best level of protection that you can.

As I said, your computer, when connected to the internet must be traceable so that communication can occur between you and the internet. When you open a web page, you send information to the web site through your browser and receives information back. Some of the information is hidden from you then rest is shown to you - that is the actual contents of the web page. We are only, at present, interested in the hidden info.

There a hundreds of millions of computers on the internet, how does the site you connect to, know where you computer is, so that it can send the page contents to you? Well when you connect to the site, you tell it some things about yourself. The most important thing is your IP Address, this is absolutely unique* to your computer.

When you connect to www.google.com you send the request to a DNS server which converts the name to an IP address. You do not need to worry about sending the request to the ~DNS server it is done automatically for you. It is much easier for us to remember names than the strings of numbers that make up an IP Address. When I first went online way back in the days before websites we did use IP addresses I also remember when we were able to use names through DNS servers for the first time. The DNS server I used was cool it had nearly 1500 names on it; Now they have billions. 

On the Internet your IP is king when it comes to digital forensic  examinations. This is your name, your fingerprint, and your address; it is your picture, your passport number, and in technical terms "evidential proof". That is, IP addresses are a de facto standard, just like DNA and fingerprints, matching IP addresses to you can put you at the scene of the crime. It is therefore, very important to do what we can to hide your true IP.

The most common way to hide your IP address is to use a proxy or open relay server. This will take your requests, and pass it on to the destination, get the response and pass it back to you. You are no longer connected to the destination, and the destination is not connected to you. That is like your DNA is no longer at the scene of the crime but proven to be elsewhere. Yay! your anonymous. 

NO YOU ARE NOT

If only it was that simple. Do you really think the law enforcement agencies have not realised this is exactly how criminals are going to go about hiding their tracks. Of course they have, and so they set up honey pots. They create relay servers which you connect to; download your latest terrorist plans and log off. However, you have just given the police two peices of information. Your IP, and your destinations IP, Oh, and you just told them arrest me, I am a terrorist and an idiot.

You need to get a proxy server which is safe to use, and which ones are safe? None are really safe, because you can never tell if they are run by a major criminal organisation or your local police station. You can never tell if they are keeping a log, even when they say they are anonymous, does not mean they do not log everything, it just means you do not need to register to use them. So, this is tricky, but look around and choose one you feel comfortable with; a few things to consider are:

1. Do not use really posh, fancy looking ones.
2. If it has not website at all and no way of contacting the owners then it is probably best
3. You can never be sure!

Ok, so you have set up a proxy server - google it for your browser for details on how to do that. But, lets say you do download the latest terrorist plans. If the proxy is run by the police or impounded by the police and it has logs. They will know you have been to the site. They track you down by your IP and check your computer. The file is found - and you are put away for the rest of your life. This does not sound good. IF you do not have criminal content on your system, then you are half way to walking scot-free.

To protect the data on your computer there is only one way you can do it for certain. That is you must encrypte the entire system drive and all additional drives and partitions. I would suggest TrueCrypt it is free and vailable for Windows and *Nix OSes. Read the manual fully before setting the program up, otherwise the data will still be found. And believe me, it will be found, I know! 

If you follow these two processes, then you will provide yourself with the best anonymity possible. Do not use any software which purports to provide anonymit for you, they do not work. Well, they wont beat a professional digital forensic examiner - although they will beat your mum; probably.