So with Anonymous & Lulzsec proving that virtually no-one is safe online, I've been making it my mission to erase all personal information about me from the internet, and generally make my presence online felt as little as possible.
In terms of browsing anonymously, what are the things to do?
+ I've turned off geolocation on Firefox
+ I have NoScript, AdBlock & Flashblock
+ I use Scroogle as my default search engine

I'm assuming the only other thing I can do is use Tor all the time? (Which is a pain, because it's slow as hell)

Are there any other things I can do?

Are people after you for any particular reason?

Are people after you for any particular reason?

LOL, no. I just don't like the idea of people being able to find out who I am, what I like & where I live just because I want to browse a few websites.

(does that sound cryptic and dodgy? I didn't mean it to. By websites, I meant Youtube & whatnot :P)

There's a Tor plugin for Firefox.

It's funny because, everything you already have on the internet, will likely be there forever.

While your taking the right steps to be proactive, it's very hard to be really, definitively anonymous. So your real goal, should be obfuscating yourself to the point that theres not enough dots to connect to get you.

Aliases and diligence can get you a long way. To get that last extra mile, you should probably switch your user agent, and you can use a proxy if your willing to put up with that. (Plus everything your already doing)

Honestly, if someone dedicates enough resources, they'll find you, trying to convince yourself otherwise is foolish.

Quick FYI lulsec is anon or at least the major players are the same (observation goes a long way), back to other news , you can use throwaway emails for signing up to stuff , turn off services you dont use or need (every running service is another point of attack), you can browse from live cds / internet cafes , run a tor node (helps obfuscate traffic from you network), use prepaid credit cards online , use mixed handles , configure your router firewall to allow traffic from services you only use and block the rest without sending acknowledgements , also read your distros security notes.

Also I'd be more worried about the "governments" than anon / lulsec (personal opinion).

Also ***do not use the same password for everything***

I don't completely understand why people use tor. Those who really want to hide what they visit are likely fooling themselves. But those who visit nothing they wouldn't want to admit, stand out like a sore thumb and invite unwarranted suspicion.

Whoever they're hiding from may not see what's being visited (unless they actually start looking into it) but they'll know that tor traffic is going on.

User's IP may be stored in the logs of an entry node and when that one is seized next time, the IP will be amidst an "interesting" collection of other IPs.

There is some good info in this thread on the subject, one in particular by tjwoosta, shows how to gain a great deal of privacy when surfing:

http://spiralinear.org/forum/viewtopic.php?f=17&t=243

Are people after you for any particular reason?
Just because you're paranoid doesn't mean they're not out to get you...
Ghostery is a nice anonymity plugin. But really, go Tor if you want to be much more anonymous. I seriously doubt lulzsec or anon or whoever is going to be going after individuals though. Besides releasing account information which isn't a problem if you're just passively browsing anonymously which is what you seem to want to do.
But if you're trying to "undo" posted information, to use a few quotes "Once it's on the internet it's about as hard to remove as crazy glue from the *** of a rhino" or if you like "Trying to remove your information from the internet is like trying to take pee out of a swimming pool".

http://www.torproject.org/projects/torbrowser.html.en

This link contains a bundle pre-set up to allow the maximum amount of anonymity possible. That way you don't have to set up the well-known-to-be-difficult Tor on your own firefox installation. They have a IM messager package too, if you want that anonymous as well.

Quick FYI lulsec is anon or at least the major players are the same (observation goes a long way), back to other news , you can use throwaway emails for signing up to stuff , turn off services you dont use or need (every running service is another point of attack), you can browse from live cds / internet cafes , run a tor node (helps obfuscate traffic from you network), use prepaid credit cards online , use mixed handles , configure your router firewall to allow traffic from services you only use and block the rest without sending acknowledgements , also read your distros security notes.

Also I'd be more worried about the "governments" than anon / lulsec (personal opinion).

Also ***do not use the same password for everything***

Oh I know that anon/lulzsec aren't likely to go after individuals or whatever. What they have highlighted is that information about you stored on private servers isn't very safe, so you need to be careful about what information others have of you.

I also agree that governments are the ones you should be concerned with. I actually happen to quite enjoy the chaos that lulzsec/anon have been causing; it's refreshing to see companies and governments on the back foot for once.


I don't completely understand why people use tor. Those who really want to hide what they visit are likely fooling themselves. But those who visit nothing they wouldn't want to admit, stand out like a sore thumb and invite unwarranted suspicion.

Whoever they're hiding from may not see what's being visited (unless they actually start looking into it) but they'll know that tor traffic is going on.

User's IP may be stored in the logs of an entry node and when that one is seized next time, the IP will be amidst an "interesting" collection of other IPs.

It is somewhat of a privacy paradox; some steps you take to making you anonymous make you more noticable simply because you're not giving away much information.
The Electronic Frontier Foundation have written a paper on it (including some steps you can take to cover yourself), you can get it here: https://panopticlick.eff.org/browser-uniqueness.pdf


There is some good info in this thread on the subject, one in particular by tjwoosta, shows how to gain a great deal of privacy when surfing:

http://spiralinear.org/forum/viewtopic.php?f=17&t=243

Great thread, contains some really interesting information. Especially about accept headers. It's fascinating to learn about how much information your computer transmits to the world when you try to interact with the web.


Just because you're paranoid doesn't mean they're not out to get you...
Ghostery is a nice anonymity plugin. But really, go Tor if you want to be much more anonymous. I seriously doubt lulzsec or anon or whoever is going to be going after individuals though. Besides releasing account information which isn't a problem if you're just passively browsing anonymously which is what you seem to want to do.
But if you're trying to "undo" posted information, to use a few quotes "Once it's on the internet it's about as hard to remove as crazy glue from the *** of a rhino" or if you like "Trying to remove your information from the internet is like trying to take pee out of a swimming pool".

One thing I found was useful about scroogling myself was how many accounts I had on websites I'd completely forgotten about, holding personal information about me that I was totally unaware of. Enabled me to go back on to those really old accounts and delete it all.
But you're right, once something is online, it's extremely difficult (if not impossible) to get it off again. Case in point, the Library of Congress is now storing every single tweet that has (and will) ever be made on Twitter, permanently. Think of how many throwaway (but potentially harmful) comments people make on that site every hour. You make a mistake on that (highly likely given that the point of Twitter is to encourage a total lack of quality control -tweet first, reflect later/never) & that's it.

browsing anonymously and having your personal information exposed aren't really the same thing. if i used tor to sign up to Mt.Gox, the hack last week would have still revealed my email address, username and hashed password. you'll gain more protection by using various email addresses and usernames for various types of sites than you would by using tor, in this instance.

eg, one email & username for tech sites, one for porn, one for sites where you know people in real life, one for important things etc. and all the ones you care about should have different strong passwords, of course.

using tor would stop the destination logs from containing your IP, but i dont really consider my IP to be as personal as my email addresses or usernames

Just what your browser gives away, apart from IP & email addresses is an invasion of privacy as far as I'm concerned.

It should be opt in, for the populations of the world, for those of us who want to feed the marketroids with information on our personal habits & preferences.

We shouldn't be in the postition that we find ourselves in, where we have to try every trick we can come up with to opt out, to the best of our ability, when it comes to this problem of having our web usage tracked & stored by people that we don't know, & can't control re. the usage of same.

browsing anonymously and having your personal information exposed aren't really the same thing. if i used tor to sign up to Mt.Gox, the hack last week would have still revealed my email address, username and hashed password. you'll gain more protection by using various email addresses and usernames for various types of sites than you would by using tor, in this instance.

eg, one email & username for tech sites, one for porn, one for sites where you know people in real life, one for important things etc. and all the ones you care about should have different strong passwords, of course.

using tor would stop the destination logs from containing your IP, but i dont really consider my IP to be as personal as my email addresses or usernames

Oh I know, but the less one's presence is felt, the better :)

(Plus, I'm treating it sort of like a game for my own amusement; how invisible can one get whilst still being able to do the stuff everyone usually does?)


Just what your browser gives away, apart from IP & email addresses is an invasion of privacy as far as I'm concerned.

It should be opt in, for the populations of the world, for those of us who want to feed the marketroids with information on our personal habits & preferences.

We shouldn't be in the postition that we find ourselves in, where we have to try every trick we can come up with to opt out, to the best of our ability, when it comes to this problem of having our web usage tracked & stored by people that we don't know, & can't control re. the usage of same.

Totally agree with you. Though the challenge is somewhat fun.

vpntunnel.se

Encrypted VPN tunnel is a solution to get anonymity, although it costs money.

All free VPN's will be data mining so don't use them.

Encrypted VPN tunnel is a solution to get anonymity, although it costs money.
"a classical text mining classifier [...] can be used by an attacker to determine which websites were downloaded over an encrypted connection. Our technique simply operates on the frequency distribution of IP packet sizes, which is robust against small modifications of websites. Furthermore, the packet size distribution can be easily recorded with common network monitoring tools by a passive, external observer."

http://epub.uni-regensburg.de/11919/1/authorsversion-ccsw09.pdf

Just as a handy tip, FF users can do the following for searching:

1) Install Scroogle (http://mycroft.mozdev.org/search-engines.html?name=scroogle)

2) In the search engine box, click on the icon (default is the Google icon as Google is the default search engine) with the downward facing arrow to bring up a drop down menu.

3) Click on 'Manage Search Engines'

4) Click on Scroogle, move it to the top of the list. Then (with Scroogle still selected), click 'Modify keyword'. Pick something short and relatively unused (I use '¬' -without the scare quotes). Click OK

5) Now whenever you want to run a search from the FF address bar, just type in your key word, followed by what you want to search. So, for example (and assuming you use the same keyword as me):
¬ ubuntu
This'll make Scroogle search Google for 'ubuntu' and, crucially, Google won't be able to personalise the results, nor will it ever know your IP address, etc. So you get the benefits of using (arguably) the best search engine without the privacy issues or the personalised search results (read the following article for why personalised search results are a problem: http://www.guardian.co.uk/technology/2011/jun/12/google-personalisation-internet-data-filtering?INTCMP=SRCH)

Enjoy!

Oh I know, but the less one's presence is felt, the better :)

I'm treating it sort of like a game for my own amusement; how invisible can one get whilst still being able to do the stuff everyone usually does?

Once you're on the tor network, "the stuff everyone usually does" around you is no longer the kind of stuff people normally do outside of tor. Look at the graphs here www.usenix.org/events/leet11/tech/full_papers/LeBlond.pdf

Once you're on the tor network, "the stuff everyone usually does" around you is no longer the kind of stuff people normally do outside of tor. Look at the graphs here www.usenix.org/events/leet11/tech/full_papers/LeBlond.pdf

Link doesn't work?

Link doesn't work?

I just clicked on it as quoted in your post and it does work.

Perhaps "they" are blocking you already :-)

I just clicked on it as quoted in your post and it does work.

Perhaps "they" are blocking you already :-)

Yeah it is working now. Weird. Glitch in the Matrix? :P

(Now it's not working again. I assume their server is under a lot of strain)

Also come across another useful add-on for Firefox, HTTPS Everywhere.
https://www.eff.org/https-everywhere
Makes Firefox use HTTPS versions of sites that are supported by the add on.

Here are some related IceCat (http://www.gnu.org/software/gnuzilla/) (FOSS FireFox) add-ons.

PhZilla (https://addons.mozilla.org/en-us/firefox/addon/phzilla/) achieve anonymity in surfing, using web-based proxy
AdBlock Plus (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/): ESSENTIAL, customizable malware ad blocking.
Beef Taco (https://addons.mozilla.org/en-US/firefox/addon/beef-taco-targeted-advertising/): opt-out of cookies permanently.
BetterPrivacy (https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/): ESSENTIAL, gets rid of LSO "super" cookies (https://secure.wikimedia.org/wikipedia/en/wiki/Local_Shared_Object).
GoogleSharing (https://addons.mozilla.org/en-US/firefox/addon/googlesharing/): ESSENTIAL, helps us all become liberated from Google's spying. PLEASE add this one, the more the merrier!
HTTPS-Everywhere (https://www.eff.org/https-everywhere): provides encryption to the communications with a major number of websites.
Close'n forget (https://addons.mozilla.org/en-us/firefox/addon/closen-forget/): helps stamp out cookies.

Various secure searchbars:
Youtube (SSL) (https://addons.mozilla.org/en-US/firefox/addon/youtube-ssl/): utilizes SSL (https://secure.wikimedia.org/wikipedia/en/wiki/Secure_Sockets_Layer) to protect searches between You and YouTube.
Scroogle SSL Search (https://addons.mozilla.org/en-us/firefox/addon/scroogle-ssl-search/): search Google anonymously.
After using Scroogle for a while, decided to make the change to YaCy (http://yacy.net/).

Please consider making a donation to the developers of FOSS (https://secure.wikimedia.org/wikipedia/en/wiki/FOSS) add-ons and programs.

Yeah it is working now. Weird. Glitch in the Matrix? :P

(Now it's not working again. I assume their server is under a lot of strain)


Someones probably hammering them with some kind of packet flood, it happens.

The actual paper was interesting. Then again, the tor people have already come out and said that tor won't protect you on Bittorrent (Bittorrent attaches your IP to packets you send over the network at the client level.)

I don't trust GoogleSharing.

If you use Greasemonkey & the googlePrivacy script (a script that you & the many thousands of others who use it can read) you get more than GoogleSharing is offering, with the aforementioned safety of the open to the world script.

Crap! where's my tinfoil hat!?

I don't trust GoogleSharing.

If you use Greasemonkey & the googlePrivacy script (a script that you & the many thousands of others who use it can read) you get more than GoogleSharing is offering, with the aforementioned safety of the open to the world script.
Cool, thanks for the heads up.
Just scratching the surface reading about Greasemonkey, and it seems to be a bit over my head. I guess I'll have to install and play around with it a bit. Is is difficult to use for a n00b? What's the relationship with the googlePrivacy script? Do they work together? Could you go into a bit more detail on your skepticism of GoogleSharing?

Does anyone here have experience using Netsukuku homepage (http://netsukuku.freaknet.org/?pag=home) (Wikipedia Netsukuku article (https://secure.wikimedia.org/wikipedia/en/wiki/Netsukuku))?

It's funny because, everything you already have on the internet, will likely be there forever.

Or until Skynet wakes up and deletes all that useless data.

Simplest way to describe it is that Greasemonkey is a Firefox extension that allows you to run scripts that then behave as though they were a Firefox add-on.

Because they are scripts, everyone gets to see the script, so the Greasemonkey community is vetting all the scripts. Which is really cool.

As far as GoogleSharing is concerned, I read stuff about it many months ago which turned me against it. I'm sorry I don't have a link, & my poor old memory doesn't remember much that I don't keep using (or write down) these days, I'm sorry to say...

If you have a bit of a search you should eventually dig up info' on the topic. Sorry I can't be of more help there.

From memory, GoogleSharing was bought my a company associated with marketing. That set the alarm bells of for starters as far as I am concerned.

They paint themselves to be on the consumers side, which is what I would expect from a good marketroid anyway, as it is their job. But they are in the business one way or another. The worst case scenario is that GoogleSharing is a wolf in sheep's clothing data miner.

The good news is that Greasemonkey with the googlePrivacy script does more than GoogleSharing & as mentioned previously the script is there for you to look at.

the tor people have already come out and said that tor won't protect you on Bittorrent (Bittorrent attaches your IP to packets you send over the network at the client level.)

Tor people also say that mildly resourceful, interested people can easily identify who is doing what on a tor network, be it bittorrent or not: http://blog.torproject.org/blog/one-cell-enough

Anonymous to Home Depot and such? Yes, but why bother. Otherwise, not really anonymous.

Simplest way to describe it is that Greasemonkey is a Firefox extension that allows you to run scripts that then behave as though they were a Firefox add-on.

Because they are scripts, everyone gets to see the script, so the Greasemonkey community is vetting all the scripts. Which is really cool.

As far as GoogleSharing is concerned, I read stuff about it many months ago which turned me against it. I'm sorry I don't have a link, & my poor old memory doesn't remember much that I don't keep using (or write down) these days, I'm sorry to say...

If you have a bit of a search you should eventually dig up info' on the topic. Sorry I can't be of more help there.

From memory, GoogleSharing was bought my a company associated with marketing. That set the alarm bells of for starters as far as I am concerned.

They paint themselves to be on the consumers side, which is what I would expect from a good marketroid anyway, as it is their job. But they are in the business one way or another. The worst case scenario is that GoogleSharing is a wolf in sheep's clothing data miner.

The good news is that Greasemonkey with the googlePrivacy script does more than GoogleSharing & as mentioned previously the script is there for you to look at.

Cool thanks, I'll try and dig up that GoogleSharing info and give Greasemonkey a try.
Anyone ever tried out YaCy (http://yacy.de/)?