Anonymous Browsing: How governments track you in the online world
Anonymous browsing is more than a political statement that your privacy and anonymity is important to you. There may come a time, and in many countries it already has, when internet access will be censored and restricted. That governments around the world collect and store massive quantities of data, essentially treating you as a criminal, is already a reality.
A screenshot of my Tor proxy program. Arguably the easiest and fastest way to get into anonymous browsing.
I don't know about you, but if governments don't want me to know something, then I sure as hell want to find out what it is. Free speech and access to knowledge are two of only a few founding pillars of freedom. When throughout the dark and middle ages, The Church did everything to withhold information from the people and suppress knowledge - civilization in the West stagnated for a millennium.
It was only when the Byzantine empire fell, and their scholars fled to the Italian republics, that the combination of knowledge and a conducive environment led to the flourishing we now know as the Renaissance.
The current conduit of knowledge for the world is the internet. But with internet censorship clamping down, and no less heinously in so-called democracies, learning a few anonymous browsing techniques is vital.
Anonymous Browsing isn't just for criminals
This is a commonly perpetuated, and particularly vile lie. Governments, and the people who support them, want you to believe that only crooks, or people who have "something to hide", would care about anonymous browsing and internet privacy. But this isn't true. Governments have historically gone after people for the most banal of reasons - the most consistent of which has been any sort of opposition to the government.
For example, Nixon began the war on Marijuana so that he'd have an excuse to arrest the otherwise peaceful Vietnam war protesters. A war that to this day arrests almost a million Americans every year. Accordingly, America has the highest incarceration rates in the world - and half those people shouldn't even be in prison.
Worse yet, already in the United States, the FBI actively spies on everyone, and puts "undesirables" such as veterans into insane asylums. For what? For expressing their opinions about who was behind 9/11. That's not just a few cases, that's possibly as many as 20,000 people every year in Virginia alone.
I don't care who you think was behind 9/11 - if you support freedom, people should be able to express whatever opinions they want. Not get "disappeared" by the federal mafia every time they say something these thugs don't like.
So the way I see it, you have three options. You can...
Hope for the best and continue posting your opinions in an open manner, while praying government fascists won't disappear you at some point.
Cower in fear, and stop posting anything controversial altogether.
Continue exercising your freedom of speech, but in a way that your identity is protected as much as possible - in other words using anonymous browsing techniques.
So without further ado, here's an ongoing list of how you're being tracked, and how you can protect yourself and maintain some privacy and anonymity.
Think of this as a sort of anonymous browsing protocol, a list of rules that must be followed if you want to ensure maximum anonymity.
Anonymous Browsing, and how to overcome tracking in the Online World
Wikipedia
I'm not saying Wikipedia is evil. Quite the opposite. But they do record the IPs of everyone who visits, and they will easily give away any such information if the U.S. government asks them to.
So if your Wikipedia browsing history is heavy on such search terms as False Flag Operations, MKULTRA, Operation Northwoods, Monsanto, and so on, then you're going to show up in bright colors on any government apparatchik's screen.
Anonymous browsing alternative: This one's really simple. Wikipedia can be downloaded - in its entirety. It's only about 7 gigabytes in size. Using a program to read the archive, you can then freely access all the articles you need without anyone tracking you. These Wikipedia archives are released every year. I downloaded mine using a torrent.
Online shopping and anonymous browsing don't mix
Anything you buy online is recorded, both by the retailer itself (especially larger stores such as Amazon or Ebay), and your e-mail provider, who receives detailed order receipts for everything you buy. They also know your address and bank card.
Buying a tent, sleeping bag, and first aid supplies may seem fairly innocuous. Maybe you're just a backpacker. But if you've also purchased a particular book, such as a survival guide or some disaster-related fiction - then you're automatically labeled as a prepper. Which at least the U.S. government treats as criminal. Ironic, right? Governments are the largest terrorist organizations in the world. But in classic Orwellian style, they label anyone who prepares to try and survive their oppression a terrorist.
How to anonymously browse and do your online shopping? This one's difficult. The only legal way I can think of is to use someone else. Pay them in cash, maybe with a little surplus, and get them to take delivery of an item. Tell them that you don't have a bank card yet, or some other excuse.
Alternatively, the best way to maintain anonymity while browsing is to avoid buying things online.
Website trackers are the enemy of anonymous browsing
Such as google analytics. I use one on this website, though I'm looking for a good alternative to see how many people have viewed a page.
How to maintain anonymity: If you don't want websites to track you and your behavior, and thus maintain a session of anonymous browsing, it's really very simple - Use a tracker blocker! Ghostery is a free add-on you can install to your Firefox browser. It will block any trackers, and also tell you who they are, and what they were trying to do.
JavaScript scripts
These can do all manner of potentially evil things.
How to ensure anonymous browsing? NoScript is an excellent plugin. You can temporarily or permanently allow only those websites you trust - or block everyone and allow on a page-by-page basis those scripts you actually need. You'd be surprised how few you do need.
Cookie trackers
All you need for anonymous browsing in this case is to use a cookie blocker, or if you must use a cookie to access a website (such as Google Mail), have your browser automatically delete all cookies when you exit your session. I like the selectivecookiedelete add-on for Firefox.
Flask cookie trackers
These are quite new, and embed themselves through flash. They won't appear on your regular browser's cookie list.
There are add-ons that block and delete these too, so you can browse anonymously after all.
Search engine trackers
Google, Yahoo, Bing, and all the other mainstream search engines collect information on what you think. After all, people search for information related directly to what they're thinking about. Moreover, the way search queries are phrased can also give a lot of information away.
Anonymous browsing for this one is easy: Use a secure search engine. I like duckduckgo.com, but there are others like scroogle.com, or ixquick.eu. Duckduckgo doesn't track you, or bubble you. It even has better functionality than google due to their bang syntax. Ixquick offers to create proxies on each of its search results, so that the destination website doesn't know who's visiting them.
You can set your default browser search engine to be whatever you want, so that you don't have to go to the search engine's website every time, but can use the search bar at the top.
Google displays the entire search query in the address bar above
Since most google searches are done over HTTP and not HTTPS, your ISP basically has a log of all your searches. Not exactly a system designed for anonymous browsing, huh. Think that's an accident?
Want to stay anonymous and safeguard your privacy? Don't use google search at all.
Your ISP is the first obstacle on your path to anonymous browsing, as it keeps a detailed log of what you do
Whether it's your search engine searches, or the full URL of any website you visited, and when. They don't just keep track of what you do on the internet, they can also build up a comprehensive behavioral profile that can later be matched to you even if change to a different ISP, or move country.
Don't blindly trust your ISP. To ensure anonymous browsing, use a proxy so that all your ISP sees is outgoing traffic to a proxy (see below on websites tracking your IP address). Encrypt your internet connection so that the packets of data you send are inaccessible (see section on HTTPS).
Another thing you can do to safeguard your anonymous browsing, is to use less predictable behavior. If your average day starts at 8 am, and is followed by accessing the same series of websites for your morning news, then the time-stamps and URLs of those websites could help track you even if you move and start using a different computer.
Websites recording your IP address
Even if you've blocked trackers, cookies, and other browser based technologies, the destination website still knows your IP address. And your ISP knows where you're going. It kind of sucks, but ISPs, the very companies providing you with internet access, are some of the worst enemies of anonymous browsing.
How to beat them: Use a proxy! The Tor network is a good example, but there are others. By using a proxy, you obscure who you are to the destination website, and what you're reading to your ISP. Be careful however, since the Tor network and other proxies have vulnerabilities. Read in detail about them before you start using a proxy network. Also, the more proxies between you and the website, the better. Just make sure the information is encrypted, or all those proxies along the way can read what you're doing in plain text.
Oh, and remember to fully proxify all your traffic, not just your browser. Otherwise any system updates you perform, or any other service that accesses the web without a proxy will give you away.
HTTP and HTTPS
If you're using HTTP, or plain text to send information across the net, then anyone on your WiFi network, your ISP, and basically anyone between your computer and the destination server can intercept and read the entirety of your traffic.
This is more an issue of privacy than anonymity, but it's difficult to maintain anonymous browsing habits without also ensuring privacy.
How to beat it: Make sure that any financial websites or websites handling important log-in information use an HTTPS encrypted connection. It should be on the left of your website address.
You can also use a Firefox add-on called HTTPS everywhere, which forces any website that has the capability to use HTTPS encryption on all its pages. Think of this as an encrypted tunnel between your browser and the destination website.
I find it intensely ironic that Google, the evil company that collects more information about you than even Facebook, has all manner of new initiatives to 'secure' your traffic with HTTPS. That way you know the Russians and Chinese won't pickup the data along the way - only the genocidal U.S. government.
Mac address
Every network interface device, such as a WiFi or Ethernet device, has a unique Mac address imprinted onto it from its creation. If someone tracks your IP address to a public WiFi hotspot, and then uses that WiFi hotspot to figure out which Mac address was connected to it, they can identify your computer. Then, based on the computer model, they can spot you on the CCTV footage recordings, and figure out who you are. Alternatively, the evil stalker bastards could just look up who purchased that particular computer.
How to maintain anonymous browsing: Your first line of defense should be a Mac address spoofer. This program simply broadcasts a random Mac address unrelated to your hardware mac address. Moreover, you can choose to spoof a particular computer's network device, should you wish to confuse the stalkers even more. Make sure that you change your broadcasted computer name too. You don't want, "Sam's PC", to show up on the WiFi hotspot history.
Don't visit alternative news websites while on a public WiFi, in view of CCTV cameras. Pay for your computer in cash and don't give away any personally identifiable information (wear a hat to the store, which probably has CCTV too). Finally, use a proxy so that the website you're visiting gets the wrong IP address.
Google Chrome is Google's spyware browser
How to beat it: Don't use Google Chrome. Although Chrome is an open source browser, Google adds a bunch of spyware to it. If you want to use the same browser without the spyware, go with Chromium.
update: It appears Chromium has few to no differences on the privacy aspect. I recommend Firefox.
Anonymous Email
... is complicated. I've looked all over the place for a secure email provider, and basically all email providers will give away your private emails if anyone so much as asks. There are ways to send emails anonymously, by routing the email through many web servers using a layered encryption approach, but quite frankly this is so complex and time consuming that I don't see any point for regular emails.
How to beat it: Make sure to read the privacy policy of your email provider, and don't send anything important by email. There are far more secure ways to communicate if you need to.
If you really have to, use GPG to encrypt everything.
If you want to ensure anonymous browsing, stop using windows
At least for anything important. Microsoft has a history of cooperating with the NSA, and Windows in general is probably the most insecure and vulnerable operating system on the market. Think that's an accident?
How to beat it: Use Linux. There are so many distributions with good GUIs and good hardware compatibility that there's really no excuse anymore.
If you want to go the extra mile, choose GNU/Linux.
Avoid Apple like the plague
Besides being a lawsuit-happy anti-innovation corporate monster, Apple doesn't let you take the battery out of your own mobile phone. Since taking the battery out is currently the only way to stop it from spying on you (besides putting it in an EM blocking cage), this should tell you everything you need to know about what Apple really wants to do with your information. Besides, they've been known to collect an enormous number of location and other data on you without you knowing about it. Duckduckgo it.
How to beat apple: Get an android phone, and then flash a custom ROM absent of any Google apps or OEM spyware.
General Computer Security Principles
Now, the last four parts are about how to encrypt your files, how to securely delete them, how to create a secure password, and lastly what you can do to foil attempts at keylogging.
While these are not strictly related to anonymous browsing, they form a good security foundation without which you're unlikely to have much success.
File Encryption
As it stands, your data is probably easily accessible. If a virus or piece of malware infiltrates your computer, or some self-righteous criminal with a badge simply confiscates it - how much of your data is secure? Some countries, like the UK, have a law obliging people to give any passwords over to the police or face jail time. Of course, go reveal a government secret and suddenly you've committed great crimes. Double standards on privacy suck.
How to beat it: Encrypt your data. All of it. I use Truecrypt, but there are many alternatives. Regularly transfer any new files into your encrypted containers, and then delete the originals (see secure deletion below).
Please keep in mind that you need a secure password (please see below).
Secure delete your files
You should know that when you hit the delete key, or even when you shift-delete, you're not actually removing the file itself - only its header. Think of file-systems as tables. The headers point to the file, and then the content itself is below it. You can download several free programs right now that will analyze your hard drive and 'recover' files. Recover because they were never deleted in the first place.
How to beat it: Securely delete your files. There are countless programs for this. From DBAN that will nuke your entire hard drive, to Eraser that will delete files, or empty space on your hard drive (where all the previously un-deleted files reside).
Of course, if you had encrypted your files in the first place, you wouldn't need to securely delete them.
How to create strong passwords
There are three vulnerabilities to your passwords. The first is simplistic passwords that are easy to guess or crack. The second is using the same password for multiple services. In the second case, any web service that is hacked (that includes by the government) can then provide criminals with the ability to access other online services where you've used the same password. The last vulnerability is key logging (or people standing behind you as you enter your password).
How to beat it: Create a secure password using random letters, numbers, and symbols that don't form any logical words or sentences. Also use lower and uppercase characters. Create your passwords using truly random generators. I used a table of characters and flipping a coin or dice. Make sure to never enter your password on your computer without using key encryption (see below). That means when you're building your password - use a good old fashioned piece of paper. Then shred, burn, and flush that piece of paper down the toilet. But first make sure you remember the password. Aim for at least 20 random characters.
Also, keep a separate, and much stronger inner password for all your file encryption. Use a different password, or set of passwords, for your online services. That way your inner password never touches the internet. If you use the same password for your email account and your file encryption, then you've basically given your email provider the password to your encrypted file containers.
How to stop keylogging
First, What is a keylogger?
This is when a virus or bit of malware sits on your computer and logs all your keys. Sometimes they also log mouse movements and capture screenshots of what you're doing. Hardware keyloggers also exist. For example, a USB stick plugged into your computer. The latter requires direct access to your computer, though.
Rather than trying to detect keyloggers, you can prevent the entire problem altogether.
Use an anti keylogger. Keyscrambler encrypts the keys from your hardware and through the operating system until the keys reach the program they're aimed for, where it decrypts them. Anyone or anything trying to intercept them along the way will see encrypted gibberish.
Secondly, regularly check for malware and keyloggers. There are all sorts of anti-virus and anti-malware programs out there. Consider using those that boot into their own live Linux environment (live booting from a USB stick), as they can be better than those that operate within your Microsoft OS. Avoiding Microsoft and Apple is once again a good idea.
--- I will post more as I think of it. Please feel free to comment or remind me of anything I've forgotten to post about. ---
This is a daughter post of Self-Defense in the Information Age.
For my sister article on ways governments track you in the real world, see Government Surveillance: How you're treated as a criminal and what you can do to protect yourself.