Skip to main content

How to be anonymous on the internet (99-100%)

Updated: 06/2016

Summary: Tor Browser is not enough. This short tutorial will help you to significantly improve your security in only 15 minutes. 

Your online privacy is under attack. Government agencies (NSA, FBI etc.) and private companies (e.g. Google) are snooping on you. You will find a lot of tips on the web to achieve online anonymity, but most of it is useless.

The information below will give you a rock-solid setup in a reasonable amount of time. If you run into any problems post a comment and I will help you out.

It is possible to avoid being tracked, but to stay anonymous online you need a) a good setup and b) use your common sense.

My setup | User -> VPN -> Tor -> Internet

Using Tor alone is often not enough as a Harvard student had to learn when he emailed a bomb threat to campus officials to avoid having to write a final exam.  He was deanonymized by the fact that he was the only person using Tor on the campus network at the time the email was sent.

A VPN will hide the fact that you are using Tor from your Internet service provider or the network you are connected to. Choosing a VPN which can be trusted is extremely important. Companies such as Hide My Ass will reveal your identity as soon as someone knocks on their door. Money spent on these kind of operators is completely wasted money.

Step 1: VPN

Find a good VPN provider. I am using NordVPN. Their servers are operated under the jurisdiction of Panama, they have a no logs policy and it is possible to pay in Bitcoins for their services.

After you have signed up, install OpenVPN or use NordVPNs software and connect to the NordVPN network or the network of your VPN provider of choice.

A VPN will add a layer of protection regardless of whether you decide to proceed with Step 2 or not.

Step 2: Virtual Environment and Tor

Next, download VirtualBox and Whonix-Workstation/Gateway, which is a security-focused Linux distribution that tunnels ALL traffic through Tor. Install VirtualBox.

How to be anonymous online

Open VirtualBox and import the two (!) .ova files (Whonix) into VirtualBox. To do this go to File --> Import Appliance .

How to be anonymous online

First start Whonix-Gateway.

How to be anonymous online

As soon as you see the Desktop of Whonix-Gateway go back to VirtualBox and start Whonix-Workstation. 

Everything you do (i.e. surfing the deep web) is done on Whonix-Workstation.

How to be anonymous online

Important: USE your brain.

The best possible setup won't help you if you are careless and login to your normal Facebook/Gmail account while hiding behind VPNs and Tor. Do not use your everyday email address and do not use your everyday username for any anonymous activity online.

Unfortunately people make mistakes, but by using a virtual environment (Whonix) you can greatly mitigate that risk. It will help you separate your two identities and thus stay truly anonymous online.

If you have any questions or problems, please write a comment below.


EXTRA (You don't need this)
Please be aware that the following is of theoretical nature only. Breaking into networks without consent is illegal.

In theory the following setup would make it impossible to track somebody down: User --> hacked Wireless Access Point Router --> VPN --> Tor (Whonix) --> Internet

Don't use Windows, but a clean install of Debian instead. Make sure you enable full disk encryption (password should be a minimum of 30 characters).

Securely erase your HDD: Boot from an Ubuntu live CD. Install wipe (sudo apt-get install wipe) and wipe the hard disk drive.

·         WEP poses a significant security risk http://ubuntu-skype.blogspot.co.at/2012/08/how-to-crack-wep-with-aircrack-ng.html


Adversary most likely will change his mac address. This can be done via macchanger.  e.g. macchanger -r wlan0



Comments

  1. Why is needed step 5 ? - crack one of your sourrounding aps...

    ReplyDelete
  2. lets say i have access to your router. if someone tries to trace me he will end up at your ISP. I am just a MAC address in your router's log details. btw you must not hack any ap, because that's illegal.

    ReplyDelete
  3. Hello Mike,

    What about accessing through android mobile phone?
    You need orbot+orfox, still anything else?
    But isn't tor a vpn itself? Why you need another one?

    Thanks for the tutorial.


    Regards

    ReplyDelete
    Replies
    1. it's better to use a pc with whonix. connection on phone could drop and expose you to accidental leaks.

      Delete
  4. Another Mike, on openvpn for android i have to create an account by entering an email. I have several email's from different providers and with different names, can i use any one of them? Or what do you suggest?

    P.S. Same guy from the post above.


    Regards

    ReplyDelete
  5. Only 15 minutes my ass the whonix things take several hours just to download

    ReplyDelete

Post a Comment

Popular posts from this blog

Scid vs PC installation guide - Ubuntu (Mint, Debian etc.)

Scid vs PC Scid vs PC is definitely the best and most comprehensive chess software for Linux.  Unfortunately I struggled quite a bit to get it up and running. Before I start: You might prefer to watch the video. Otherwise keep on reading. Open a terminal and execute the following commands sudo apt-get install auto-apt build-essential sudo auto-apt update-local sudo auto-apt update sudo auto-apt updatedb Now make sure you got both tcl8.5-dev and tk8.5-dev installed sudo apt-get install tcl8.5-dev tcl8.5 sudo apt-get install tk8.5-dev tk8.5 Some users are reporting problems on Ubuntu 14.04. sudo apt-get install tcl8.6-dev tcl8.6 sudo apt-get install tk8.6-dev tk8.6 libgcj15-dev The 'x' refers to the current release: e.g. 4.9.tgz download scid vs pc: http://sourceforge.net/projects/scidvspc/files/source/scid_vs_pc-4.9.tgz/download tar -xzf scid_vs_pc-4.xx.tgz cd scid_vs_pc-4.x sudo auto-apt run ./configure sudo auto-apt run make sudo auto-apt run make install

OsmocomBB - Hardware and Software Setup - Tutorial (Motorola C118)

OsmocomBB is an Open Source GSM Baseband software implementation. By using the sofware on a compatible phone (e.g. Motorola C118), you are able to make and receive phone calls, send and receive SMS, etc. based on Free Software only.       Hardware PL2303HX USB Serial To RS232 TTL Chip 2.5 mm audio jack Motorola C118 (E88) This is a typical pin-out of a 2.5 mm audio jack: L (Left Signal) Tip 1 Green R (Right Signal) Ring 2 Red GND (Ground) Sleeve 3 Bare Copper You need to soldier the 2.5mm audio jack to the USB Serial To RS232 TTL Chip, whereas TxD is at the tip of the plug RxD is at the middle contact GND is the outer contact  Software Connect the phone to your PC and check if it is being recognized. dmesg | grep tty user@user:~$ dmesg | grep tty [    0.000000] console [tty0] enabled [ 6522.143379] usb 3-2: pl2303 converter now attached to ttyUSB0 To make sure everything is working, install cu and c

Automatically Reconnect WIFI (Debian, Ubuntu etc.)

The Problem For several reason I do not have access to LAN and thus have to rely on WIFI for my mining rigs. It is fine for most of the time, but the shit hits the fan, when the connection drops for one reason or another. The Solution #!/bin/bash wlan=`/sbin/ifconfig wlan1 | grep inet\ addr | wc -l` if [ $wlan -eq 0 ]; then service network-manager restart else echo WIFI IS UP fi Note: It's either wlan0 or wlan1. Check with sudo ifconfig . Save the script and make it executable. sudo chmod +x filename.sh Now there are several ways of making sure that our script is being executed every x minutes. The easiest way of accomplishing that I think is by using the command watch . sudo su watch -n 600 sh filename.sh What it does is execute our filename.sh script every 600 seconds. Or you implement a so called cron job   sudo crontab -e Add the following PATH=/usr/sbin:/usr/bin:/sbin:/bin */5 * * * * sh /home/username/filename.sh */5 * * * * means that