Slashdot Mirror
Dissidents Seeking Anonymous Web Solutions?
DocMurphy asks: "I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes. Many have in-home Internet access, but think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites. Dissidents not only want to remain anonymous themselves, but also wish to not compromise the sites they access. Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime run Internet access?"
Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites.
I would think that Internet Café "spies" would be more useful than keyloggers to the authorities looking for dissidents. Unless these connections are somehow routed through multiple anonymous/encrypted proxies and hopping through open WAPs I really don't believe that a public terminal is in any way "safe".
A stalker that I had earlier this year was easily located via tracking his IP and figuring out which coffee shops and libraries he was using. The libraries all went through a single county-wide proxy and narrowing his location down on a Sunday was easier than you could possibly imagine (all satellite locations in the county were closed except one).
If I could track someone down that easily imagine what the members of a Gestapo looking to do more than end some harassing emails could do, especially when they might have a network of spies watching public access locations in person.
With a name like Murphy he's clearly working for the IRA!
My 3D Texturing Skinning work (under construction)
No, Think about it this way. The Internet is made by humans, using human reasoning it has a method of communicating with your computer and an other computer at a different location. So if they really want to see where you came from they will follow your traffic. It might take time, money and legislation but it can be done, if they truly want to track you down. It is a question of are you worth the effort. The only good method is to take citizenship in a location which it is legal to say your point of view, if it is considered illegal around the world then you may have an other issue. While Free Speech is a human right it is by no means safe, to defend. And free speech is wrong when it is used to hurt people, or in danger other people. Such as Yelling fire in a crowded area, when there is no fire, because the riot could kill or injure people.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Your parents' basement is not an oppressive regime.
Love,
People suffering under the oppressive regimes of employers
First posting on a Friday evening. Sheesh, my life is dull :)
Move?
Open wireless nerworks wouldn't work because?
Philosophy.
write it in advance, take it to the cybercafe on a floppy, pgp it, email it to someone you trust (or an automated publisher)
$ strings FTP.EXE | grep Copyright
@(#) Copyright (c) 1983 The Regents of the University of California.
Your saying that some Americans want to get the word out?
Sorry, couldn't help myself...
On Arrakis: early worm gets the bird. Magister mundi sum!
http://tor.eff.org/
You could get a foreign vpn account.
http://illhostit.com/ - Webhosting
I can see it now:
Chekov: Excuse me I'm looking for the nuclear wessels
Chekov: Nuclear wessels.
Humor from a Genetically Molested Mind
...but what about Metanet?
(I'm not even entirely sure if its for real, but hey!)
Freenet is the only solution I can think of, although it seems much slower than the common internet, and I'm not up to date on what content's available, but this is what freenet was made for.
http://freenet.sourceforge.net/
Rollofolloecopter .....FAILED!!
Use the MailBoxes Etc over by the Watergate. Tell'em George sent you.
PeaceFire distributes a free program called the Circumventor which can be used (by running it on a server in a free country) to safely and securely proxy out of a firewalled nation like China.
Jason.
Congratulations, Carnivore just found a new snack.
I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes
Sounds like you're in the US, correct?
Between IP-Addresses, MAC addresses, and dial-in-numbers, there is no anonymity on the internet. Any feeling of anonymity is an illusion. Best not to risk your life if a regime is that oppressive. Not even encryption is safe, because as you mentioned, keyloggers and silent listeners can capture passcodes and keys. If you must pass information, try it the old fashioned way - person to person or with a trusted intermediary.
...cause there isn't enough tinfoil in the world for guys like this.
There are 01 kinds of cars in the world. The General Lee, and everything else.
"Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime run Internet access?""
Try fax nachines. It worked for the chinese.
Seriously any encrypted traffic will automatically make you suspect. Doesn't need to be decrypted or anything.
Google for free ssh connections, and chain a few of them together just to be sure. I run a free shell service myself (but its currently down for upgrading).
------ Take away the right to say fuck and you take away the right to say fuck the government.
Has anyone considered something like a MUTE type of solution? If such a thing existed, I would allow a small percentage of my cpu time and network bandwidth to be used to route messages.
Qybix ----- I do not have a belief system; I'm an Anti-theist and proud of it! Saying that not believing in anything i
Get a server outside the regime. A dedicated linux or windows server is perfect for this.
Then simply connect to this server using an encrypted connection such as SSH, X over SSH, Windows Remote Desktop, or whatever.
Use the remote box for all your activities.
Try GNUnet. They claim to allow for the promulgation of files in an encrypyted, anonymous environment.
www.gnunet.org
If you've gotten to the point where you're really worried about being caught and persecuted, perhaps the internet is not your safest bet, due to every reason being posted here, ie: keyloggers, etc. As much as you'd like to change your world, the "system" isn't going to make things easy for you to overthrow it. And the internet is very much a part of the "system." Unless you're ready to string up your own network and create a rebellion intranet, you're out of luck.
Just do what they do on the Sopranos: keep it low tech, use payphones, meet in person. If your cause it that important and you need to spread information, may I suggest a major leaflet campaign?
Bill Clinton: Pimp we can believe in. - The Shirt!!!
I'm surprised that repressive regimes allow Internet. Or wait, am I thinking of oppressive regimes. Or surpressive regimes... Damn I always get my regimes mixed up.
Anyways, tell them to play EverQuest - that will make them forget about the regimes. Although then they'll have to worry about repressive clans and PK'ers.
On behalf of the Anonymous Coward community, allow me to welcome you here. You may indeed post anonymously here. Of course, it takes a while to post our messages. "Frist Psot" = A, "I for one welcome.." = B, and so on. You'll get the hang of it pretty quickly.
If you assume that any "public" PC is infected with a key logger, then you can NOT guarantee any level of protection, as they can always find the names of sites you type in, etc. You must have some level of trust on the PC before you can consider any solution. Beyond that, you would want to make use of an encrypted connection to a proxy or vpn outside the control of the regime, then access the content from there.
If you want to communicate with your fellow dissidents in secret, just broadcast it through a UPN affiliate. I guarantee NO ONE will ever see what you're up to.
http://tor.eff.org/
It is free software from the EFF. It is an anonymous socks proxy.
jabber: johnynek@jabber.org
http://www.anonymizer.com/ ?
Dear DocMurphy, Next time, please submit stories as AC. Posting your email address on the front page of slashdot is a poor way of achieving anonymity.
http://openvpn.net/ It's an alternative. Difficult to get going but might help... It is like the Zion of the internet
As other posters have pointed out, if you can't trust anything about the machine your using - then that settles the matter. Your number one goal if this is the case, should be to obtain trusted hardware and a method of getting it online. It goes without saying that everything depends on the level of hostility that you're up against. If getting caught means that you get imprisoned or executed, priority number 1 should be getting out of that country - not getting web pages uploaded.
Even the methods of using proxies to hide your IP only really works by trusting the party that's running the proxy.
that's the point of the "internet". Tt is a public network. Traffic gets routed through other peoples routers. Almost any "interent" traffic can be subjected to man-in-the-middle attacks at the routers. Even if it is encrypted, they can go to one end (source or destination), break in, and install a keylogger or listener to capture the key and decode a message after the fact.
I work for an oppressive government's ISP monitoring administration. Do you have any suggestions for proxy websites we should block? Any particular ports we should be examining, or traffic patterns?
Thanks in advance,
Elwood P Dowd
There are no trails. There are no trees out here.
Anonymous PROXY!!! "Cunning Stunt"
Haha. All you complaining about the US, I'd bet have never actually lived under a repressive regime. Bet you don't know what real slavery feels like either. Or ethnic cleansing. Just sit home in front of the TV, and think you know what the real world is like.
I recommend the Ak-47 as the tool for people in oppressive regimes.
forty-two
Olvesay the oblempray.
"It's a wonderful idea. But it doesn't work." -- Tad Danielewski
A stalker that I had earlier this year was easily located via tracking his IP and figuring out which coffee shops and libraries he was using.
Bullshit. Nobody is going to believe that you had a stalker, garcia. You ain't anything special.
"I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes."
Where, in the U.S.A., exactly?
I'm not sure that I want to share such information with someone who uses the Arabic spelling of Jehovah in their email address.
Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime...
Which oppressive regime, the RIAA or MPAA?
-- If god wanted me to have a sig, he'd have given me a sense of humor.
I'm surprised I haven't seen a mention of steganography yet in this discussion.
Properly implemented, stego can be used quite effectively to communicate secretly on the Internet.
____
~ |rip/\/\aster /\/\onkey
they can't keylog clicks
This are so far some of the best anonymity tools:
Tor: http://tor.freehaven.net/
Freenet: http://freenet.sourceforge.net/
And, yes, we still need some smart guy/girl to come up with an even better anonymity software.
At this rate with the yahoo's in office, we will be looking to do this exact same thing in the United States soon. This will be a police state with the secret MPAA and the RIAA double private secret police.
"The word "genius" isn't applicable in football. A genius is a guy like Norman Einstein," - Joe Theisman
http://www.metropipe.net/
although as someone previously mentioned, any encrypted traffic will make you suspect
And just google his question?
In my opinion, the Internet is largely inclined towards Democracy and Democratic ideals, because it originated from the USA, and was invented by Al Gore!
Seriously though, the only real danger of having your identity exploited in a serious manner, coupled with a negative consequence, is when corporations get hold of your personal details...So ironically the finest place to have the internet identity protection wise is in China or another Communist regime - there are simply a lot less corporations checking up on you.
And the State? Well as we can deduce from the recent RealID scheme, are close to having all the information they'll ever need for us plebs.
Just get a laptop and leech off other peoples internet connection, if its anything like the US you wont have to walk far to find an open linksys router. Or you could set up a remote system ONLY for your family and encrypt the traffic.
Can they use their own computers in the inet Cafe?
something like a webbrowser in your webbrowser...
but there will be still the problem of banned ips etc...
maby p2p webbrowsing with dynamic ips (and dyndns)or so...
Sounds like you're in the US, correct?
Of course he is. Most of the rest of the civilized world doesn't care at all about people trapped in oppressive regimes. In fact, they'll stonewall you in the UN if you try to do anything about an oppresive regime, and don't mention the word genocide, they've never heard of it.
All movements for social change begin as missions, evolve into businesses, and end up as rackets.
There is no point in being a dissident if you choose to remain anonymous. How is anyone supposed to know what your motives are if they don't know who you are. And if you really care about the things you say, then you should be willing to take a stand for it. Any anonymous "dissention" is on par with raving on usenet and somewhere beneath private grumblings. Anonymous action, yes, can produce results. But anonymous words aren't worth the electrons they're displayed with.
Try reading the book "Persepolis." Easy graphic novel, about a young woman from Iran -- you'll finish it in a night. It's absurd, you're right, but not that funny.
"Fundamentalism" isn't about divine morality. It's about human authority.
Fscking hilarious.
Are you in Detroit? Just curious
How can one make sure that a perfect system will not be used by terrorists and human smugglers, child pornographers to hide their activities. This may be classified as "choose between the two devils"
geoaxis
SSH everything, pgp any and all email. If you're looking to stop anyone from seeing what sites you're visiting, I suppose you could try using some kind of local / remote proxy tunneled through SSH. Set up a box at your home to tunnel all http / https requests to a remote box in a secure (non-monitored) location. There are plenty of ISP's in the USA that do not monitor anything.
If you wanted to disguise everything, simply set up an encrypted tunnel to one of the aforementioned friends, and pipe PPP through it, and use that as your gateway. Might be a good bit slow(er) than using local access, but if it saves you from political opression... Google for ssl tunnel, and the first link listed is http://www.stunnel.org/
Don't forget the obligatory tin foil hats.
i2p is exactly what you are looking for. However it is still in a very very early stage of development.
Once it is done though you will be able to do everything on the internet anonymously, like download television torrents
So to speed things up some of you Java developers should volunteer.
just because your a schizophrenic doesn't mean people arn't really out to get you
You and your "terrorists" are obviously in the U.S. So the answer is no. Please report to the Dept. of Homeland Security for re-education.
1) Satellite Phones: Use an Iridium phone while driving around to avoid location. They are very slow, but should work find for text based sites--assuming you download them for latter reading. 2) USB WiFi adapters. In the Internet Cafe, quietly slip a Usb Wifi adapter onto the pc and activiate internet sharing. That way you can park along side the cafe and surf, without anyone know who you really are. 3) Hidding information in Jpegs. Have an outsider hide the information in harmless seeming websites. Does the county restrict satellite dishs? If not there might be some options with Ku band internet access 1/2 way or satellite data services.
Tie little notes to pigeons and send them on their way! Ah, damn, it shit on the note again!
Are YOU soft on terrorism?
DocMurphy you are an idiot. You are talking about working with people to commit treason against oppressive regimes. Maybe you don't understand what an oppressive regime actually is or something but here is a hint: they don't have and problems killing people. You are not only proposing to work with these people across international lines but then you post a question to slashdot about how to help them. Assuming you think you are serious and not just posting the question to generate responses, do you even have a fucking clues how something like this would actually work. You are not going up against your high school typing teacher here. Not only do virtually all regimes have computers they also have people that know how to use them. If you don't know this stuff you are going to get these people killed and really run the risk of getting yourself killed in the process (or imprisoned depending on US geopolitical concerns. If you have to ask slashdot and expect a bunch of pasty teenages reading the anarchist cookbook to give you advice on assisting an insurgency you have no business doing this. You don't think that suggesting they use some sort of encryption from their internet cafes isnt going to get them killed. Wouldn't an oppresive regime monitor communications coming out of an internet cafe? Please do not continue to try this. Giving any advice like this is akin to leading a children's crusade and every baron along the way is going to fuck you in the ass and all your children are going to get killed. You really need to learn how things work first in international smuggling of goods and information and being a technical advisor to an insurgency you are not part of is no fucking place for some stupid idealistic kid. You will, in all likely hood, end up in jail for this if you are lucky. Really, they will probably just kill you.
I have written an extensive article on how to set up HTTHost + HTTPort (in conjunction with VNC, putty, and SSHd) on client/server side to be able to get past a restrictive firewall. I have tested this set up successfully.
Here is a link
http://www.slyck.com/news.php?story=786
I don't think BitTorrent sites qualify as "dissidents" exactly.
bemis
BTW, if you really can't be bothered with a key but you still want to protect yourself from the IT department, then you can use gmail: log in with https and the connection remains in https.
Although, to refute my own suggestion, this doesn't get rid of the problem that there are most likely monitors running at a higher level, in which case they're going to know at least WHERE you're going no matter what. But if the only fear is keyloggers, it seems like those would be simple enough to work around...
Knoppix! Or any other bootable CD will get past any keystroke loggers that are not hardware based.
Restore America: Dr. Ron Paul for President!
When I want almost total anonymity I use Knoppix. Granted, you must have access to the CD drive, and the computer must have a fair amount of memory, it is almost 100% secure. There are many different flavors of knoppix out there, even the CIA has its own distro.
I found the "Any" key.
Neat idea.. perhaps there should be a Tor-Over-Steganography platform, to prevent the identification of Tor usage or some other method of information hiding. Otherwise, a regime can just shut down Tor(-ish) traffic.
I guess the best way to get your message through the iron (red?) curtain is to piggy-back it on whatever the highest-volume public information stream is. That way the baddies would have to shut down all of that traffic and risk a large public pushback.
In the case of China, I hate to say it, but if it's true that a lot of spam is outbound from their country, that would be an ideal place to hide information. Lots of spam has randomly generated text, so altering the frequency of that text in a fashion known only to sender and receiver could be used to encode an information channel, over which you could run a simple unicast stream, or something more decentralized, like TOR.
There this neat little one-floppy-distro, Tinfoil Hat Linux (The site seems down @tm, so here's the Google Cache Version of it). Though it comes without networking support, due to its very paranoid approach to guarantee security. Beefed up with the things your mates need, they'd be virtually immune to (hardware) keyloggers - freeing their way to a on the box outside via ssh or something like that.
:%s/Open Source/Free Software/g
YTARY!
Just speak in code that makes your communications look banal.
Hey, Joe what's up? I'm walking my dog in the park tomorrow at noon...
Why do you promote such behavior? If someone in another country encouraged a US citizen to formulate plans to overthrow the government, then would the US citizen be a terrorist? Just because you disagree with their laws doesn't mean you should find ways to enable them to break the laws.
Haha. All you complaining about the US, I'd bet have never actually lived under a repressive regime. Bet you don't know what real slavery feels like either. Or ethnic cleansing. Just sit home in front of the TV, and think you know what the real world is like.
And you have experienced ethnic cleansing and slavery of course? Take your own medicine asshat and get out there and learn what anyone that isn't a fat white american actually has to put up with.
By the way you lost you just lost both bets. Apologies for rising to the flamebait but ethnic cleansing and slavery are genuine issues with real and strong emotional resonance. Something posters like this really need to learn.
Don't know how prevelent wireless is there, but if I was to do something like that here, i'd just log onto one of my neighbors open wireless AP's and go to town.
I'd hope I got the AP of the noisy pricks upstairs so when the secret police come and round them up for reeducation I could get some peace and quiet. Two birds with one stone and all that crap.
You live in the USA and want to communicate with someone in Iraq? Or maybe in China, or Siria or Cuba. Or Russia or Iran. Or your neighbor from the communist party.
Well, sorry sir. Since you are obviously a terrorist, slashdot cannot help you. All your logs are belong to US(A).
What they need is pseudonymity. This way they can build up reputation and credibility etc.
A distributed weblog that has pseudonymity.
Sorry, if you want to change the world you are required to sign your name to your work. You might be jailed or killed, but those are the risks you have to take if you want change. No one is going to pay serious attention to "Kilroy was here".
However, even this will leave you open to IP tracing (should a stream of encrypted traffic raise any flags), as well as wandering busybodies/spies/anyone willing to report your ass for a reward. Just a thought.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
In repressive regimes, terrorizing people is the rule. They have physical access to every PC including the private ones. In Syria, and only a couple of years ago, you needed a "License" from the intelligence to use a "Fax machine" or a "Fax Modem". Only recently they started allowing non-govermnetal access to the internet.
By the way, do you guys ever wonder how these people access the internet and use Windowz when every software license mentions Syria, N Korea and other terrorist countries as a nono?
I don't care what you think. The US and its present president is not a repressive regime! I wish you damned democrats would just get over yourselves already. If you can post on Slashdot, you're not repressed. Obsessed maybe, possessed possibly, but not repressed!
Cybercafes are becoming something of a cottage industry here in India and the vast, vast majority run on cheap, assembled white boxes running pirated versions of Windows 98. I've heard that that's the scenario on most other developing nations.
:)
VERY IMPORTANT FACTOR: THEY ALL HAVE CDROM DRIVES! - (Since they need to be reformatted frequently, and the most easily trainable way to install Windows is to use the install CD)
Carry a KNOPPIX CDROM with you that you boot from - instant freedom from Windows based keyloggers. Run KDE with the Redmond9x theme and a browser with an IE theme so that to the casual observer you are running Windows.
You can also use FlashLinux to boot the computer from a USB key (quite cheap these days). Remember to store sensitive data on it using an encrypted loopback device (Should be supported by FlashLinux).
Use the excellent list of anonymising proxies and ssh tunnelers given above... they'll really help.
Contact me if you need help... I like interfacing between human beings and technologists
I think your best bet is to move north, like to canada. or south to mexico to escape your repressive regime :X
while the anonymous access problem is interesting, it seems that the larger problem here is avoiding compromising the sites to which you would publish the information. If the goal is to publish dissident information so as to form a resistance, then the residence time of the publication on the internet will be a major factor.
It all depends on what they want. If it is just getting information abroad then i'd suggest to encrypt the message in an image or mp3 and send it to a friend. Hide the message in a nice family picture. The friend will for sure be interested in the health and prosperity of his dissident friend. And let him send a picture of his family back. In short hide the information in a conversation that seems harmless. Be creative, and don't use anything that is obviously encrypted.
If someone really wants to participate in discussions on a forum, well i don't know. That probably isn't a very good idea. Most dissidents want to stay in their country, in order to make a change there (that is why they are called dissidents). But if they really want to live in a free country, they should try to go there. And - how crazy that may sound - that isn't that hard. Just make sure that they are well known as a "political prisoner" and most regimes will happily let them go to avoid further international trouble. Well, it depends a bit on how harsh life in prison is (and how big the chances to survive a couple of years there) under that particular regime. Also many countries have large unwatched borders, which might take a hill or two to cross, but it might be worth it.
The Reg has an article that points out a soft spot in the supposed anonymity provided by Freenet.
"Academicians are more likely to share each other's toothbrush than each other's nomenclature."
Cohen
There are programs out there that hide text in bitmaps. The way they work is you get an image, say of Stalin. Then depending on the text they change the image coloring very slightly, so Stalin's face might get a little unnoticably darker and someone who has the original image can convert it back. Depends on what kind of information your sending though. Doesn't work too well if its a huge about of data (So don't try to encrypt anything like Doom 3 ISOs)
There are many posters on fark.com who tell of farkers getting intimidation visits from teh Secret Police (AKA the Secret Service) simply because they happened to make offhand comments about news stories involving assassination attempts on the President.
For example, the other day in Russia (Georgia, actually) someone supposedly threw a gernade in Bush's direction. THe grenade never went off, but some people posted saying stuff like they hoped it, or something like that. The Fark admins posted in the thread saying that they had personal knowledge of Secret Police requests for such posters' IP numbers.
So the terrorists hate u for our freedoms, huh?
LOL!
eat shiat and bark at the moon
the EFF has a nice program called TOR that routes traffic from your pc through a network of annon. nodes, similar to freenet but to access regular internet sites. Anything that can use a proxie can pipe the data through the tor network.
http://tor.eff.org/
You want to use IP datagrams on avian carriers. Have your dissidents encrypt their messages memory cards, strap them on a pigeon and send them over to a friend outside who acts as a bridge with the internet. The friend does the reverse. This is actually a high bandwidth network. Just make sure you run like hell if the pigeon doesn't make it, you never know...
What are the difficulties and security problems with setting up
an encrypted proxy program and also having a friend
in another country do the same?
I wouldn't mind providing an encrypted proxy for ONE person, provided they set up the same service for myself in return.
Any ideas???
Hey all, I don't post much, and since I lost my old account (can't even remember the username I was using), I ended up posting as AC...
In any case, I thought I'd actually post a potential solution instead of a "you can't do that" thread...
How about www.anonymizer.com ? They've been around for a long time, and I personally used them back in '97 or so. Seemed like a good service at the time. Their page claims they now support secure encrypted data transfer from your system to theirs and back, and they do all your posting, fetching, and searching for you, making any trail of IP addresses or packet scans deadend at their servers.
I suppose an opressive regime would still be able to see that there was traffic between your system and anonymizer, but they could not determine any specific activity you were taking, nor view any of the data in transit.
How about it? Does this seem like a potential possability to Slashdotters, or just a lot of hype?
-Ryan
(ryanm6 (at) shaw dot ca)
Comment removed based on user account deletion
Oh sure, USsians may not think of Chinese dissidents as terrorists but, in China they are terrorists. It's no different than the way that you USsians look at US dissidents. US dissidents are terrorists by definition. In fact, all dissidents are terrorists!
I'm sure all those iraqies are happy that instead of being oppressed by Saddam, they are now oppressed by good ol' US of A. Well, all except those 100k who have been killed. Then again, I guess the dead don't care.
I'm supprised nobody suggested knoppix at an intenet cafe. Combine that with ssh and some free websites, never use the same place twice(website or cafe). Someone also suggested wardriving... come on, we can come up with some ideas that mitigate the risks can't we? Actually combine the leflet campaign as well, each new leaflet publication refers to a new free website, that is never accessed after initial publication... As for a hardware keyloger, they would log scan codes right? so us a non-standard layout, but that would be vulnerable to statstical attacks if there was any substantial amount of text, any suggestions here?
codohundo
http://sourceforge.net/projects/peekabooty does what you want but I'm not sure how well. I'd imagine it's better than triangle boy since symantec bought safeweb and kind of buried it.
closed minded is as closed minded does
The oppressor's of the poster's dissidents will be very interested in reading whatever's posted here!
If there excisted an secure proxy which featured an online keyboard with randomly placed letters - which you operated via your mouse - couldn't that be a possible solution? It'll be slow going, but at least you'll defeat the keyloggers. A local bank here in SA uses a keypad like this to for online banking login. If screen output is recorded somehow, your efforts will still be traceable, but with the amount of system resources that will consume you should be able to notice that on the PC. And yes, fancy gadgets exist to record screen activity clandestinely ( outside the PC on the vga cable; magnetic emsions from the screen etc. ) - but it will take a lot of manpower & money to monitor thousands of PC's in this way.
Freenet may be good at anonymous information posting and retrieval, but it's pretty easy to tell when someone is running a freenet node. It may not be safe to draw attention to yourself by running freenet, even if the authorities can't tell what you're using it for.
Liberty is not a safe hobby. It might be more productive if people could assist increasing liberty without risk, because more people might participate. But then more people, without anything to lose, might also interfere with complicated efforts. Liberty is a very valuable goal, possibly the most valuable one, and is worth a great deal of risk. Living under tyranny without resistance is somewhat risk-free: you're fairly guaranteed to stay under tyranny, unless someone else takes the risk to increase the freedom.
I don't know any people who have gained liberty by merely waiting for others to provide it. And those who receive liberty without risk seem more able to lose it: witness the erosion of liberty in America as its defense has been relegated more exclusively to specialists, like politicians and activists. When we want liberty, we've got to lay it on the line. And when we get it, it's truly ours - because we've changed our environment as much as we've first changed ourselves.
--
make install -not war
Some thoughts off the top of my head.
Cyber Cafe
Using Knoppix CD as a boot disk (if they let you) you can bypass any software keyloggers, be sure to check for their their hardware based cousins (especially the new "macro" keyboads with built-in logging...and make sure the keyboards aren't wireless.)
Hushmail
http//www.hushmail.com/
Using a secure webmail client using (RFC 2240) OpenPGP end-to-end security.
Long-distance wireless (repeaters)
(a bit obvious for its implementaion, but used correctly can buy some more time to CYAN.)
Using a (pair of) 24_in grid attenas as a repeater, you can setup a pseudo public access point away from a wireless cyber-cafe. (Note, this setup should be fingerprint clean should it need to be abandoned, perhaps a phase grid array of pringle cans would suffice in bringing the costs down; be sure to use pringle cans from the trash barrels of the secret police for maximum counter-counter-intelligence value. =B)
Disclaimer
I don't represent that any of this is a complete guarantee of anonymity (short of not using the Internet.)
The Roman Rule: The one who says it cannot be done shall not interrupt the one who is doing it.
If encrypted traffic raises eyebrows and stegnogrpahy is too sensitive why don't you embed PGP into JPEG comments? then if you do a string search all you get is more numbers and if you look at the traffic you just get lots of jpegs and they vary in size depending on quality and codec so the size bloat should be covered well. And I find that I often get crap in my comment for jpgs or random numbers in my mp3 tags so even then there is plausible denibility. Keep the messages short and away you go! Though if they are onto you then the amount of jpegs with comments will be suspicious... but by that point they'll be torturing you in Guantanimo or whatever.
Your CPU is not doing anything else, at least do something.
You're a Canadian Liberal aren't you?
Forgive me that I've forgotten the technique, if it even existed (it may have just been in a sci-fi movie)..
But I'd swear it would be possible to take a simple string of text, and modify the color values of a known image such that the diff of the image is the text of the message. The image would appear normal, as the color values would only be slightly altered.
Then you simply find a site with cute pictures of kittens to use as your cover.
You take a real picture from the net, encode your message to it, and email that picture to your contact.
Your contact then finds the original, and decodes the message from your altered picture.
If this technique already exists, please tell me what its called!
A friend and I had an idea to do this with Audio CDs back in highschool. This was before mp3s or anything like that, so we felt pretty damn cool for thinkin it up.
no comment
Run sshd on some linux box outside the country, run it on some nonstandard port. Then if they prefer using windows you can set your friend up with putty, set up a dynamic tunnel using socks 4 or 5 or whatever it offers (haven't had to use putty in quite some time as I'm on linux 99% of the time). Once they log into the ssh box through putty, tell them to set the proxy in firefox to localhost and the port to whatever port you chose in putty. Then they can safely surf without fear of being caught. I'd do this from their home so noone is looking over their shoulder.
Using windows with putty though is a pretty crappy solution and when the authorities see all sorts of encrypted traffic coming out of some awkward port they'll come and take your computer away, then they'll pull things off of your harddrive and shoot you. Dont worry there is a solution, and an excellent one at that. Download a knoppix cd (or your favorite live distro), boot knoppix entirely into ram so you can remove the cd after its booted (i'd recomend having a gig or two of ram, unfortunately liberty and freedom is expensive), create a tunnel through ssh (read the man pages, its easy), then set firefox to localhost and the proxy port. Everything will be encrypted when your browsing the web through firefox, and if the authorities come knocking because they are suspicious, turn off the computer.
Everything is in ram so when you turn off the computer any history of what you've done is gone, and there is no cd in the computer so if the authorities come rushing through they won't catch you trying to remove a cd. You just have to hit the power, pull the plug, or cut the power to your house if its all you can do, regardless they'll have no evidence of you running an alternative operating system and they'll boot into windows see everything is okay ask about that traffic (just play dumb, say maybe your infected or something, infact you might want to purposely get a few viruses on the machine so your story is believable, as long as you only run the machine from knoppix, the viruses wont affect you, but when the authorities boot into windows it'll look like you were owned). Best of luck, unforutnately all of this depends on you having a box outside of the country with ssh, and also assuming that their firewalls only block by port and dont do any kind of protocol checking... if they do there are other ways around it but they are more complex.
Regards,
Steve
Wearing a tinfoil hat is one thing but, even I would have to question the legitimacy of a person's actions when that person has links to that many anonymizers and obfuscators.
What the hell are you doing? Nevermind, I don't want to know.
"I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes. Many have in-home Internet access, but think it too risky to participate in pro-freedom activities on home PCs. "
I knew the liberal democrats were getting paraniod, but geez, isn't this is a bit too much?
Comment removed based on user account deletion
The live linux distros offer complete anonymity. Reboot, and it's gone.
antipaucity
The webserver for Cuba runs IIS as well last I checked. I figured if anyone would be using Linux it would the commies down there...
Freedom is merely privilege extended unless enjoyed by one and all.
Actually this post should read: My buddies and I are tired of getting caught on porn sites, so we want to know how to totally turn off all tracking so our girlfriends won't find out. Thanks for all the help.
Nothing is foolproof, and any communication is interceptible. The two weakest points in any private communication system are when it's initially set up, and the risks of social engineering.
Conversations like this always remind me of The Moon is a Harsh Mistress by R. A. Heinlein.
This space for rent.
"Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet."
http://tor.eff.org
Get a WebTV email address and communicate via the comp.sys.unix USENET newsgroup.
I guarantee you that nobody will pay any attention to your communications.
__ Someday, but not this morning, I'll finally learn to use the preview button.
I can just see it now. Email's about somebody's Grand Uncle who left 10 bazillion dollars in some account they need your help getting access to. Except now they use an anonymizer to send them.
:-)
:-)
I can understand why they want to hide
FYI... Yes, this was a joke. Laugh. It's Friday and time to go home
Has Comcast disconnected your Internet account? Same here. You can read about it at http://comcastissue.blogspot.com
Turn your killfile inside-out.
As a bonus, you may eventually get to meet Rei Toei.
I can see how dictators do it, it's so easy. - Easy2RememberNick
Don't forget also that repressive regimes probably read Slashdot.org... so if you give away methods, they better be practically foolproof and untraceable, so that even if they know the method, it ends up being impossible to trace with mechanical methods! :O
Why not find a way to transmit under their noses? Make whatever you're sending look like something else, like breaking up an encrypted message into small pieces and hiding it in packets for something that looks ordinary.
Look at this article... http://mikz.hopto.org/mikz.php
Repressive regimes use keyboards with built-in loggers.
Take 2 a well-known, pro-regeime web postings (could be pics, pages, whatever). Work out a stego key that will decrypt 1 said pro-regeime website to a pro-regeime letter condemning subversives while at the same time will decrypt the second to what they were wanting to send. That way, if they were to be questioned by [insert despot regeime] about what this garbage file is they were posting was, they have an "out".
Surely, Slashdot has some stego experts that can critique this approach.
I'm by no means a stego expert, but if I were starting from scratch, this would be where I'd start.
DISCLAIMER: This post was not checked for speling and grammar- if you complain- you're a whiner
Except that over throwing a good size goverment won't work from a single act of disobediance. A good revolutionary has no intrest in getting caught because it means you screwed up enough to get caught. Which means your cell is compromised. Which means contacts with other cells could be compromised.
http://nms.csail.mit.edu/projects/infranet/
Technical paper (pdf)
An increasing number of countries and companies routinely block or monitor access to parts of the Internet. To counteract these measures, we propose Infranet, a system that enables clients to surreptitiously retrieve sensitive content via cooperating Web servers distributed across the global Internet. These Infranet servers provide clients access to censored sites while continuing to host normal uncensored content. Infranet uses a tunnel protocol that provides a covert communication channel between its clients and servers, modulated over standard HTTP transactions that resemble innocuous Web browsing. In the upstream direction, Infranet clients send covert messages to Infranet servers by associating meaning to the sequence of HTTP requests being made. In the downstream direction, Infranet servers return content by hiding censored data in uncensored images using steganographic techniques. We describe the design, a prototype implementation, security properties, and performance of Infranet. Our security analysis shows that Infranet can successfully circumvent several sophisticated censoring techniques.
If the shop owner is "cooperating because he has to" he may tell you what is and is not being monitored. Use this to your advantage.
If he's part of the regime, go elsewhere.
Finding out if he's part of the regime may be hard.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
"If you're not willing to die for freedom, you don't deserve freedom."
So why did you post anonymously?
I heard somewhere of a group that got ahold of a spam email address database and sent their stuff to everybody in the country. Since everyone gets it, there is no danger of being arrested for recieving it. The spam could even have a web bug in it that pulls over more payload.
This is sort of like the numbers stations on short wave radio - you multicast downstream and use secure in-group communications upstream.
If nothing else, maybe the government involved will finally give a darn about the spam problem!
Check out http://freenet.sourceforge.net/, home of the Freenet project, which was developed for anonymous sharing of information.
sneak into a internet cafe Hook up a hidden wireless router.
use once.
The Kruger Dunning explains most post on
KIM asks: "I'm working for a repressive regime which is looking for ways to control the use of Internet in its country. Many have in-home Internet access, but, luckily, think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine is infected with keystroke loggers that give us access to and knowledge of 'banned' sites. Obviously, not only we want to identify the dissidents themselves, but also the sites they access. Any suggestions for products/procedures/systems out there making overwatching access & publishing a reality under our own run Internet access?"
Here's the concept: A service with no central server (possibly like Kazaa) that tracks users who volunteer to allow use of their computers for port 80 proxy. A user in China would just need to find one open address on this network to get onto it and from there the software would scan for IPs that aren't blocked. If enough cable-modem users used this then the IPs would change so often that it *might* be impractical to block them all. I know there are problems with this such as: abuse by people anonymizing themselves for illegal activity, DDoS from some Chinese entity sending massive requests to everyone on the network thus killing their upstream bandwidth, etc. I think it could be done, though, as long as there were enough people volunteering to overwhelm the governments filtering capabilities. Especially if a lot of prominent technology companies ran the software on their networks (probably wouldn't happen for legal reasons).
keep in mind that for many the only access is through computers on which software cannot be installed (eg: internet cafes).
-- 'The' Lord and Master Bitman On High, Master Of All
Then you have only yourselves to blame.
Anyway here's the American's homework for today.
Draw up a list of all the things you did yesterday.
Now cross out all the things that a repressive regime wouldn't allow.
My, my. It does appear that despite all the complaints that Americans still live in a freeer country than most others enjoy.
Now instead of making cracks about how the RIAA/MPAA is repressing you, and all this other stuff.
How about you all actually turn off the computers and actually get out and...DO SOMETHING ABOUT IT?
Coward fight! Coward fight!
Simple... leave the country. Or the geek way would be to use an anonymous proxy, like these for example.
This is a test. This is a test of the emergency sig system. This has been only a test.
"JAP makes it possible to surf the internet anonymously and unobservably."
you had me at #!
-
"I am a patient boy. I wait I wait I wait. My time is water down the drain..." Fugazi
Q: What's the difference between a dissident and a terrorist?
A: Only your point of view.
No Comment.
Sorry, the government controls the machines. Your computer only accepts one certificate authority, the one that government proxies generate as needed for any site you connect to. The government proxies then decrypt/re-encrypt everything before forwarding it to whoever.
Spyware companies have already done this. See the slashdot article a couple weeks back.
I dont think you really can avoid snooping if its done by people with enough resources. Your best hope lies in masking the traffic as legit normal traffic. The problem with all of this is that someone can monitor your crt/lcd monitor and collect the keystrokes wich leaves all software based cloaking useless. If you are a dissident chances are high that people knows about this.
My best bet anyway would be to not use the internet at all since its so heavily monitored, even by the US and the EC.
HTTP/1.1 400
Tell me what websites you want to see, and I'll print them out and send them to you. Circle the links you want to visit and send the pages back to me.
:)
And you thought 56K was slow.
He is a NSA (or other of that kind) agent investigating how clever /. geeks are...
Don't tell him anything... you will be busted.
I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes. Many have in-home Internet access, but think it too risky to participate in pro-freedom activities on home PCs.
First, realize that the Net inside the US is being watched.
Second, move to Canada.
Third, live free.
.
[what, like it's not?]
.
-- Tigger warning: This post may contain tiggers! --
what if you use a dvorak keyboard layout. they'll basicly get gibberish.
My advice for those tring to avoid such opression is to move to Iraq. We have spent many millions there setting them up free access Internet that is much private than our own citizens enjoy.
I'm an American. I love this country and the freedoms that we used to have.
Where are they supposed to move? All countries restrict who can immigrate in. (some are worse than others) Many restrictive countries will not let you leave.
...Sealand. Which is an independent monarchy just off the East Coast of the UK.
It runs as its (only) business, Havenco which is a totally anonymous secure web data center.
Tubby or not tubby. Fat is the question
Just found out that GWA site is blocked by WebSence as a proxy avoidance support site. Hmmm.. Now I see a reason to keep GWA even though it often crashes nightly Firefox....
1.)
Make contacts in a bordering state. Run point to point low power wireless ethernet links across the border and daisy chain them to wireless hotspots . change configuration often, use low-cost equipment, and come up with some novel idears for power.
2.)
Buy your own satellite and broadcast information en-masse. Can combine with option 1 above to bring it to the people.
There are many systems that provide strong anonymity in a public network. These include Herbivore, Crowds, Tarzan, Tor, P5 and many others. Some have even been deployed and used in practice.
Somebody suggested TOR, and while it is good for surfing somewhat anonymously, there is a better solution called I2P. Though still in beta mode, it provides an amazing level of security that you can use to not only browse the web, but also to host your own website anonymously and also have free anonymous email. I will warn you right now that it is very slow, but if your need for privacy is as necessary as you make it seem than it's perfect for you. Cheers.
You have to remember that in some countries, it is illegal to use encryption software. Unless the message is worth the risk, you may very well get caught red-handed. It is always a risk/benefit ratio.
Is it "legal" for non-US citizens to use high grade encryption software inside the US?
We have our lead on slashdot, guys, time to silence him.
This sig no verb.
Your Resistance is futile! All your base belong to us
> every machine may be infected with keystroke
> loggers that give governments access to and
> knowledge of 'banned' sites.
Maybe it would be easier if we just asked the American companies building spyware and censorware for the Chinese government to stop it!
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Yeah, right.
Let's see. Based on the last Presidential election results, I'd say just under half of politically active in the US are dissidents.
Last I checked we only have a very few bona fide, home grow, blow up civilians, terroists.
Sorry if I don't buy the new definition of terrorist, which does seem to mean dissident.
I suppose booting form a USB drive fully firewalled and then using PGP and VPN/SSH tunneling is just too simple?
I'm sure we could come with a nice nerdy hard way if you would prefer, but the above works just fine.
- Adam L. Beberg - The Cosm Project - http://www.mithral.com/
[SPAMMER] asks: "I'm [a spammer] who are looking for ways to use the Internet from within [increasing hostile net.] Many have in-home Internet access, but think it too risky to participate in [spamming] activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give [anti spammers] access to and knowledge of 'banned' sites. [Spammers] not only want to remain anonymous themselves, but also wish to not compromise the sites they access. Any suggestions for products/procedures/systems out there making anonymous access & [spam run] a reality under [watchful eyes of anti spammers monitored] Internet access?"
You can hide it, you can encrypt it, or you can send it through a different medium.
Hiding it aka steganography is relatively easy to implement and easy to use. The problem is that all the dissidents have to agree on a protocol without the idea getting into the hands of the enemy. And if the enemy ever catches on everyone has to stop using it simultaneously and immediately.
Encryption is good. If its legal where you're from. And if you implement it right from secure environments. And you don't mind the idea that maybe someone might get suspicious at all these encrypted packets you spew out all the time.
Now a different medium... that's starting to sound pretty good, eh?
Satelite internet is pretty good these days if a little expensive. You might even be able to disguise it as a TV receiver dish. But you'll always have a nice big dish outside advertising that you are able to receive information from the outside world. May not be the best idea...
Various wireless options including cellular and wifi exist. But if you strongly suspect your home PC is not safe, these probably aren't safe either. Unless you're close enough to the border to get a signal from across the border. In oppressive regimes, noone gets to live comfortably close to a border, however, so I'd rule that out.
Alternative wired transport options don't have any advantage so...
What would I do?
Get AOL. It's ubiquitous and AFAIK they try to respect the privacy of their subscribers (though that doesn't mean you're not being watched... only that your ISP didn't make it easy)
Setup a server in an external country. Make ALL your traffic go through this server, encrypted. Use a PKI solution and either memorize your key or keep it on removeable media. Preferably the removeable media is hardware password protected and includes self destruct features. Run something that includes tons of traffic. If there are any legitimate P2P programs that only trade in legal files I'd pick that. Otherwise a ton of RSS readers or hell just a program to download and discard random images found through Google Images.
The key is to fill the channel with enough noise that traffic analysis trying to match encrypted packets coming from your computer to intercepted unencrypted traffic (that they got through whatever legitimate or illegitimate means) is doomed to failure.
Even then expect to get caught. Change your keys often. Change the location of the remote server often. Don't save files to your local hard drive. If you're paranoid enough boot from a LiveCD. You might also want to consider optical and em tempest defeating strategies... an LCD monitor will take care of optical tempest. em tempest can be defeated through a careful choice of fonts and colors.
I am disrespectful to dirt! Can you see that I am serious?!
Me? I'm hiding under my bed until this blows over...
- - -
The force of public opinion cannot be resisted when permitted freely to be expressed. The agitation it produces must be submitted to.
-- Thomas Jefferson
openvpn to a u.s. or swiss server and traffic tcp over vpn.
Or, to save some time, just travel to the recpient's home and tell them the information.
I have large facility with many good computers and access to evil western sites. Please, if so kinds, forward names and addresses of dissidents to me so I may contact them for their helps.
I might know what I'm talkin' about, but then again, this is Slashdot...
We're talking about the USA, right?
Back before the handover of Hong Kong back to China in 1997, people could easily dial into Hong Kong ISPs. It may be more expensive now though if they have to call Russia or something.
I remember some software that could hide messages in graphics files, by subtly editing the values of some pixels. Then, if the other side has a copy of the image, they can subtract them to find the difference, and decode the image.
So, your scheme would be to send an image, and then, some random time later, to send some information using this image. Double encrypting might work too. As long as you aren't already under suspicion, I doubt anyone has the time to check for people sending duplicate graphics files.
...that is exactly what it is there for.
Get Mixmaster and read about the network.
Move
Really, it should be required reading in grade schools across the world...
Can we have the names and addresses of these dissidents?
Just get back to work and ignore the "Websense" warning you get every time you try to access "Live Video Feeds"... sponsor an employee event: bring your pics to work day
Viva la revolution!
Open a connection through SSH that forwards a local to an anonymous proxy at the far end.
AFAIK, many proxies don't forward DNS requests. It may be safer to just run lynx/links on your shell account, as long as you disable all history/caches/logging.
They should grow some testicles, strap on come C-4, go visit their oppressor, and demand redress of the grievances.
and:
How do you want to publish if you also want the sites to remain anonymous? Granted, Tor can support anonymous web sites, but if you can get collaborators in free(er) regimes to host the sites for you and communicate securely/anonymously with them, you only have to solve the (somewhat) simpler problem of secure, anonymous one-way communication from you to them.
Unless of course you're asking about how to communicate between yourselves securely, which is different from publishing...
I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes.
I think it's high time the Democrats stood up and spoke out openly. For every man who falls, two more will rise in his place. You can kill a man, but not an idea!
When all you have is an axe, everything looks like a grindstone.
The cleverest and latest in wireless technology may not be the best approach in this context. There are methods for using ham radio to transmit and receive tcp/ip. (check out hfterm on sourceforge) Clearly there is not sufficient bandwidth for normal browsing, but if you want top publish say the "how my government is oppressing me this week" blog all you need is a host in a less oppressive region that will run a tcp/ip radio gateway for you. Of course getting ham equipment may be tricky in those regions, but it's still a self-contained system that's not insanely difficult to operate.
Remain at your computer, citizen, a friendly officer of the Truth Department will arrive shortly to assist you in correcting your doubleplus ungood attitude.
Ever thought that these countries aren't really terrorist nations at all, but simply labelled by a few countries because it serves their own agenda?
Do you fault 'Written By An Englishman' for not using his real name? He got a good revolution going without it. Or how about 'Publius,' 'Forester' and 'Cato'?
There is one strong use for non-anonymous writing, which is when founding reactionaries change their minds. In this case the use of argument from authority might be more than just taking advantage of human psychology, if the mind change is accompanied by reasons / evidence / data. Otherwise naming names early on mixes the quality of ideas with the fame of the author. [Think about how the "Darwin recounted on his deathbed" idea is used as a pro-creationist argument. Not only is this idea false, its irrelevant. Peer-reviewed research, not famous names, corroborates science.]
Have a friend who lives in a non-repressive regime? Does your friend have broadband? Ask them to set up a VPN server. Just connect to it when you need to blog/whatever.
Next?
Synergy is your friend
1)Rent server space in USA or other country where folks may speak their minds.
;-)
2)Boot Knoppix on the local machine and SSH to the server.
Can boot from CDROM, USB device, floppy to bootstrap parallel port connected device. Floppy to boot from some other server out on the internet. It's probably not a good idea to boot from where they publish
http://tor.eff.org/index.html
1.) Boot Computer 2.) Print blank piece of paper 3.) Write message on paper 4.) Place message in envelope 5.) Use trained pidgeons 6.) Profit!
And I'm sure it's been said a dozen times already, and I'm just too lazy to look.
So, which State are these Democrats located in? Or they could be judges, I guess.
(No disrespect to those who really DO live in oppressive regimes throughout the world. I can only imagine what it's like to live in places like that; and contrary to what my fellow liberals and Democrats might think, the US is not one of those places.)
-- The reason it's called the right wing? Irony.
Nope, they run FreeBSD, according to Netcraft.
there's an experimental RFC that deals with encodings of IP traffic over Ebay ads. basically you treat ebay as a two-way data channel where ads are posted and act as outgoing messages, and replies are sent back also as ads, with threaded links back to their parent message.
its very slow, but it can be done.
can't remember the RFC number off hand. google for it.
--
"It is now safe to switch off your computer."
I would say that encryption wouldn't help, as when the regime notices a dissident using encryption on messages, they'd then subject that person to intense review. I'd think the best way to pass messages would be to disguise them as other types of files. Perhaps utilizing a previously agreed on code and storing the message inside the ID3v2 tag on an MP3, to then be shared at an agreed upon site (acid.com, mp3.com) perhaps a better way: isn't there a method for encoding tex messages inside an otherwise normal looking JPEG file? This could also be combined with another code for the message itself. I'd imagine someone clever with a good knowledge for the JPEG format could devise a code that would appear to just be artifacts in the JPEG file
Oops, this article is no longer relevant. Sadly, the submitter of the article was pronounced dead on the scene. The 8 gunshots to the head have been described by the state-run medical crew as "the worst suicide we've seen in days."
--Jim (me)
others have said it, but that's what I'd suggest. if it's a closed network of folks wanting to contact each other, i2p might be a good idea. for an even smaller network, openvpn is great.
with any of these, I'd suggest using truecrypt (or the knoppix solution mentioned elsewhere in this discussion). it'd be important to make sure than all your webcache directories are located on the bestcrypt volume.
Encryption in the US is considered, for some cockeyed reason, "munitions", so no, no more legal than it is for me, a proud Canuck, to mosey on down past the border bearing claymores and a howitzer.
I'll be honest, we're throwing science against the wall to see what sticks. -Cave Johnson
Not yet mentioned here is a commercial product: Primedius webtunnel.
This is an encrypted proxy system for browsing etc.; there are multiple proxy servers available worldwide and I've never had difficulty logging on to a tunnel from inside most Asian regimes, though my primary reason is to get around site restrictions, not avoiding traffic snooping.
Unlike TOR, Primedius' product (servers) does not seem routinely blocked, even in China, though my take is that WebTunnel is so rarely used that the "regimes" have better uses for their time than following/blocking it. If WebTunnel was regularly used then it might get more attention, and I am not sure if Primedius would be interested in working around that problem.
WebTunnel traffic is encrypted, but you would likely wish to examine that issue -- that is, how secure they really are -- in depth if you were to use it vs. a regime.
On a separate note, a more effective strategy might simply be to use VNC or Terminal Services etc to make connections to a server in a "free" country, doing all your work on the remote machine. Many companies offer such services at about $50/year/user and you may find them willing to offer a discount for "political" purposes, especially if the company can get free press by supporting you. Then you simply need a way around keyloggers if you want to use public terminals -- Knoppix etc if you are sure keylogging does not occur on a hardware level.
Another "trick" around keylogging that I didn't see above is to have a non-standard (random) keyboard layout installed on the remote terminal-- frustrating to learn, but your traffic will look incomprehensible. However note that (even if you keep switching layouts) this can be defeated by serious analysis of your traffic: it's just a matter of testing which ASCII code matches which character...
Burma, North Korea, and the United States have just banned tin foil and removable media. Film at 11.
They say the mind is the first thing to
http://tor.eff.org/
I have to ask...at some point there's diminishing returns. For example, what web sites does "person under regime" want to access and what good will it do?
Even if someone in China reads about the philosophy of democracy, wouldn't it be better to simply talk it over with fellow countrymen? Howabout anonymously leaving printed material around the neighborhood?
In the end, it's not getting the information thats important, it's doing something with it. For current day changes, I don't advise a protest, but slowly working up inside the system and dismantling it. However, either can work.
Easy Campesie: Open Source. The Open Source Definition has a clause that reads "The license must not discriminate against any person or group of persons.". So, if you want to call your software license an open source license, you can't put the "No Bad Guys" clause in there. Since there's plenty of software out there being released under licenses that are Open Source Initiative (OSI) approved, I'm thinking getting on the net legally (for western values of "legal") is easy.
Take that, and the likely complete disregard for Western Capitalist Pig software licenses that probably exists, and they can use all of the same software we use, only free-of-charge even for the commercial stuff!
I find your ideas intriguing and I wish to subscribe to your newsletter.
Bill, I thought you might appreciate this site:
http://www.100pieces.ca/main.html
"In April of 2005, I placed 100 pieces of clay sculpture along the coastline of Nova Scotia. Lost or found, they will be left to nature or chance. Hopefully for someone to find. The sculpture is all figurative fragments or small busts. Each piece is fitted with an identity tag directing the finder to this web site which will then describe the origins of the piece that they have found. I put these sculptures in places that would not be inaccessible but not immediately obvious. Many of the pieces are designed to blend into their environment. The project is monitored over time and open ended. There is no precise way to determine the end point."
I tried to find an email contact at your site but no luck, so I'm sending it here.
I have no relationship with the artist in question, I just saw it on the CBC TV news and thought of your hobby.
- Paul
If I were stuck in the questioner's position, I'd be seriously considering malware as a publication method. After all, having your political message spamed by dictator@repressive.gov might carry some weight with your target audience.
What does this button d$#%* NO CARRIER
The only way is wireless / satellites. As long as it can be tracked, it will be tracked. China, for example, has proven that it more than willing to go to the effort to suppress dissenting voices.
What is needed is access via a medium that is untraceable or out of their realm of influence.
I personally do not know the real details, but I was talking to someone a few years ago and they were telling me about how the missionaries going to South America from the US were taking laptops with satellite hookups and Solar Cells. The satellites were being launched for free by NASA because they were designed to be exactly the same dimension and mass as some equipment that was normally ejected as ballast or something. (Again, I don't really know the details.)
I can tell you, if I honestly felt that there was a place that I could donate money too that would help to allow a level of free speech to people within repressive governments, I would do it.
Diplomacy is the art of saying, 'Nice doggie!' till you can find a rock.-- Wynn Catlin
What would be really cool is if you could hide your SSL web proxy traffic by disguising it as jpegs or mp3s or other such things. Even better, disguise it as normal, valid http traffic! With this no-one would even suspect you were using an encrypted connection, much less see what you are sending and receiving. As long as the server and client both know the procedure for stegging and de-stegging (maybe the first time this could be done in person, and thereafter each change in procedure could be both stegged and pgp-ed) it would be ok. Together with a (custom?) knoppix cd with the 'noswap' option this could be a winner. Anyone know of anything like this that exists?
One good turn - gets all the covers.
Hah! You got a flamebait. If they only knew...
>> Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime run Internet access?
1. Slashdot is a public forum. You need to assume that anything posted here is compromised. I.e., the people your friends want to hide from are reading this, too. That means anything anyone recommends here is not safe to use.
2. If the "other side" controls the "last mile" that connects your friends' computers to the net, they have access to every bit that leaves their machines.
3. Do you know if the idea you adopt wasn't deliberately posted here by the "other side"? No, you don't.
Good luck.
-- Slashdot: When Public Access TV Says "No"
Syria is a terrorist country. Look what they did in Lebanon.
I was wondering, is there a possibility to create an unbreakable anonymity solution. Kinda like public key encryption - something that relies on mathematical laws to be practically unbreakable.
It would be great if there was a possibility to inject encrypted messages from many sources in a processor, have this processor do some math and come up with the messages without knowning who was the source of which. Is this possible? Do we know that it's impossible? Can this be possible? Is someone working on this? Any ideas?
Future Wiki -- If you don't think about the future, you cannot have one.
It be best to buy the satellite internet reciever, hardware,etc. in the USA (or other free country), and then ship it into the country in question. You could then set up the reciever almost anywhere (including middle of the desert, rooftops,etc.), and still be able to get to the internet. Best of all, the company that owns the satellite is the one that is providing the internet, and therefore would probably not filter it. Also, it is almost impossible for the oppressive govnerment to know that you are using satellite internet, as long as you keep your interent presence anonymous (and you keep your physical location a guarded secret).
An excellent website that shows satellite internet coverage around the world is: http://www.satsig.net/ivsat.htm.
How many government databases do you think everyone posting in this thread has just gotten themselves into?
I'm glad you think so. Pepper is still just as spicy when it is hidden amonst dirt.
Just mail a floppy disk with a picture on it... but a very high-res picture. And at the bottom-right, just a few pixels are changed to read the message. It could work with a number of images, or one image in a number of places. That way, it is unbreakable unless the images are viewed directly.
A key idea can be taken from spread spectrum radio. Such a radio transmits for very short periods then switches to some other random frequency. Call it "frequency hopping". Anyone listenig that does not know the pattern of frequency hops hears what sounds like background noise. In fact the transmitter's AVERAGE power in any one channel in below the noise background. Applied to the Internet you would chop up the message and send the small parts out over a long period of time appended to data packets that you would normally send out anyways. Many Internet protocols have unused fields that sometimes get filled with random "trash". You replace this "trash" with little bits of the encrypted message.
So for example your e-mail is hidded inside DNS querries or HTTP "Get" requests or whatever.
Going one step further, don't put encrypted email in the packets. Use the space to transport the bits for a VPN. Then you have a low bandwidth invisable IP network piggybacked on the public Internet. Who knows? Someone maybe doing this now.
Your post is a public service message to humanity. Kudos.
-kgj
-kgj
Because the hypothetical government probably also controls (or can gain control upon order) of the routers, you will always be vulnerable to man-in-the-middle attacks. Not even a SSH or SSL connection can be trusted in that kind of situation. So, if they are suspicious of you to begin with, they will intercept your traffic from the beginning .
As a forensics specialist for Homeland Security, I've been exposed to a number of interesting software products and hacks. One that continues to impress is VM ware. The user can not only spoof an IP, he/she can spoof the MAC address, so that the captured MAC by the repressive government in question is not real, and therefore is not tracable back to the user. Hope this can be useful. Good Luck!
When there are places in the world where merely being suspected of doing what the parent poster mentions can get you and your whole family summarily shot, those anencephalic dolts who claim "Bush is worse than Hitler" or similar sure sound like prepubescent brain-damaged trolls who have lost their bridge.
I'm one of the developers of Kenosis a p2p RPC system, and this is a problem we've pondered from time to time. If anyone has ideas for practical steps that we could implement to make the software generally useful to actual dissidents, please feel free to join our mailing list and let us know. http://kenosis.sf.net/
Can your IM do this?
While it wont get around using a 'compromised' machine, on a safe machine using freenet would let you post ( and read ) safely.
---- Booth was a patriot ----
Tor sez: "This is experimental software. Do not rely on it for strong anonymity."
Besides, as already said, the gov might know you are using tor and block it, etc...
Homing Pigeon always worked for me.
Oh, you mean like the PATRIOT act?
Historically dissidents always wrote very obscurely, essentially in code. For example, the Book of Revelations is believed by many scholars to be a political commentary.
Then, even if they decrypt and keylog they still have to prove that what you've written is actually dissident.
The best obscure language would be something that looks innocent and common for internet, such as gaming or porn.
How does that take into account the "revisionist" and "post-revisionist" trends in historical research?
-- No matter how great your triumphs or how tragic your defeats, approximately one billion Chinese couldn't care less.
You'll need a LiveCD, a modified keyboard, and mouse. The keyboard will need to have a key generator and a LCD readout. The LCD readout will display a generated key. This will be used as the initial seed value. The LiveCD will need to have special keyboard drivers and software. The goal is to allow the user to enter the initial cipher key using graphical mouse input. The encryption generator in the keyboard will periodically rotate the key. To prevent statistical analysis attacks the keybard should send a continuous stream of data.
This should prevent key loggers. You'll need to bring you're own keyboard though.
Write it on a box that is never connected to any network and that you have checked the hardware for. Boot knoppix with noswap, write it, encrypt and "hide" it, drop it on a keydrive, take it to a random net cafe youve never been to, act like a moron and ask someone to help you email grandma your "pictures"... ...Or...
Build a cryptex (complete with vinager vial), write the note on parchment (perferably encrypted using ceasers box or some stronger method), place the note in the cryptex and strap it to a carrier pigeon.
--
Dersursine
no way i'm reading this whole thread but isn't this question asking for information that would be dangerous in the hands of criminals or terrorists?
if so an unfortunate downside.
Certainly one can't claim that these people weren't willing to fight for their ideals. And they thought anonymous writing was a valid (useful / legal / legitimate) way to bring about democracy and political change.
I run a cgi proxy server for all of my fellow country men of Belarus, to help the democratic fight. http://byelarus.com/members
but has your friend considered using l33t5p34k ? It's uncrackable, and using it automatically makes you the most haX0r d00d since Che Guevara!
133t5p34k , it's not just for script kiddies anymore!
HOWEVER, it would abviously be a danger in the hands of people 'like you', and most agents of the worlds government (who are the ONLY 'REAL' terrorists) :)
I will gladly loose all of life's battles.. in order to win the war..
dont' support your country(s) (arswhole leaders & supporters), but run them out, and stay :)
I will gladly loose all of life's battles.. in order to win the war..
if u really are a fed, then i suggest you prepare for a different job and otherwise cya.. cuz 'we' (ie they, ur bosses) can't have our men helping individuals gain acess to tools for 'freedom's' sake, now can we ;)
I will gladly loose all of life's battles.. in order to win the war..
DO use /public/ wireless access points (preferably multiple). /multiple/ proxies and maybe privoxy. /any/ hardware produced in your home country - it is probably compromised.
DO keep moving (prevent them from triangulating your position.
DO keep changeing your IP and MAC.
DO use encryption - preferably a method which does not look like garbage.
DO use
DO use crowded areas - ppl moving from A to B behave different then ppl looking for something/someone.
DON'T keep your contact listings and documents on your computer or on a computer in your nation - if you get compromised, your contact list and/or documents won't be compromised.
DON'T use linux, freebsd or windows - they are too main stream.
DON'T buy
DON'T use your home computer and/or public terminals for "dissident activities". Assume them to be insecure and compromised.
Paraphrase from george bush; "..you are either with us, or you are with the enemy..)
Thought police! THOUGHT POLICE!! OVER HERE, GET THIS MAN!!!
I will gladly loose all of life's battles.. in order to win the war..
No.
-ccm
Too much Law; not enough Order.
It's only public-key SSL that is vulnerable to MITM.
If you use client certs, that goes away.
-I like my women like I like my tea: green-
and google (with the quotes on): "radio over tcp" to geta bunch of data on this alternative way of acessing the InterNet :)
I will gladly loose all of life's battles.. in order to win the war..
i guess it's the weekend :)
I will gladly loose all of life's battles.. in order to win the war..
What; you afraid your mom is going to catch you looking up p0rn again? Give your secret-agent handshake a rest, d00d.
Do not confuse authentication, confidentiality, and tracability.
authentication: third parties cannot alter your communication; the party you are talking to is who you expect.
confidentiality: third parties cannot read your communication
tracability: third parties cannot determine who you are and/or with whom you are communicating (i.e. they can't map to meatspace)
The most critical factor for dissidents is tracability.
While ssh provides authentication and encryption, it does NOT, on its own, decrease tracability. Most governments (and in the US, corporations) can easily trace a basic IP connection, even if they can't read or write the traffic on it. Just follow the wire.
Remember: who you talk to can be at least as sensitive as what you say.
Use a mobile with ssh (which you can proxy), that way the only thing that is revealed is the first node the dissident is connecting to. There exists java and symbian clients.
Assuming the remote proxy isn't logging the details of your session and your originating IP.
If you have a phone, just dial them up! If you are worried about them tapping your phone then:
Taking off on what else I read, always talk as if you were doing something very ordinary: "I'll send you a picture of my grandbaby [| godchild | whatever relative that you actually have], she's such a sweet child."
Just mail a floppy disk with a picture on it... but a very high-res picture. And at the bottom-right, just a few pixels are changed to read the message.
Encoding/encrypting a signal inside another 'plaintext' signal like this to hide the fact that there's an encrypted signal is called steganography, but your description is a really crude method of doing it. Google it to find out better methods. It was also mentioned in another comment.
it is unbreakable unless the images are viewed directly.
If it's good it will be unbreakable by being viewed directly (and hard to break with much more sophisticated techniques).
Tag lost or not installed.
Although it sounds easier said than done.. what they already are trying to do-- in finding ways to speak freely on the net, is only leading the masses into further enslavement.
By trying to 'hide everything' and acting like they are doing something wrong (which they are.. legally.. at least in the eyes of the opressive leaders), they (disidents) are ALLOWING the leaders to crush their ability to speak.
soooo, instead of going through all the trouble (and risk) of 'speaking ones mind' over the net (secretly).. why not 'cooperate' in large numbers, which will turn the tables on the scumbags, when they see; 'The People' rising up in unison (power) to topple the bad leaders.
after all, the farther you go down the 'leadership' pole, the closer the (army personal, etc) will be to the 'common man', which is good. The ONLY way (like doc implies) to have and keep 'Freedom of Speech', is to CONTINUE to exercise ones ability to do it NO MATTER what!! Guns will not grant everyones right to speak (not even the ones with guns, because someone always has a 'bigger gun')
if we start to 'sneek around', we will eventualy believe the bad-guys, and decide that it is not worth it any longer to try and speak freely (publicly). :(
I will gladly loose all of life's battles.. in order to win the war..
Any Linux distro that boots from CD tould aliviate fears of keyloggers, etc in inet cafes... All other potential issues (tracking traffic/ eliminating / blocking undesirable sites) would still be in place, however.
Get a palm treo 650 or something similar and use websites using that crappy browser. Yes, typing manifestos will get annoying. Yes, you can be tracked with it. Buy one with a false name in another country but make sure you get global service coverage.
Basically the obvious answer is avoid the local ISP. Then switch phones and accounts often.
I was under the impression that encryption was an export munition, so it could be sent (downloaded?) by citizens of/in counties on the US shitlist. (Irag, Afghaistan, Cuba, Lybia etc.)
could NOT...could NOT
I previewed twice and I still missed it...
ugh...
Well, the best solution may be the illegal one. Find a wifi hotspot, free is best if possible, but if you have to pay oh well. If it's a pay for use hotspot, either take the time and effort to hack it and create an unrestricted account, or if you're lazy just snag some else's (provided you don't have to worry about encryption of course). Use MAC changing software (in the past I've been satisfied using SMAC 1.2) and avoid spending large amounts of time at the hotspot to avoid notice. To this end I suggest buying or constructing a wireless antenna so that you can access the hotspot from some distance out of sight. To avoid raising the ire of the general public as possible, I'd suggest hacking the hotspot itself. Make sure to keep it low key, don't drop any virii, trojan's, etc. if you can help it, or do anything that might set sysadmin's on a hunt for a hacker in their vicinity (because even if they can't find you, they can probably still shutoff access to the hotspot). Finally, operate behind anonymous proxies, or proxy-chains, encrypt EVERYTHING (I'd suggest buying a large encrypted harddrive and putting everything except the OS on it). If you're looking to run a website use free services, like Angelfire or, shudder, Geocities, even though that will indeed make you look very much like an amateur. Finally keep the 'Freedom computer' you're using to do all this, seperate from everything else. Don't use it for anything, but you're illegal activites. Play you're games, movies, office documents, whatever you've got, SOMEWHERE ELSE. Obviously, this is not a cheap method of operation. You will need a decent sized cash base to purchase hardware and software. It's also probably not completely fullproof either. Avoid buying anything online that is going to require you to give out your credit card number, or any sort of verifiable ID (of course in some countries card fraud would be a neglible offense compared to some of this stuff so weigh the risk). Avoid anything that might give away your real ip/MAC, either locally or remotely. Don't associate with the clerks/other people at the hotspot, don't get involved with anything in the area. If you can don't even be seen in the area at all. Keep the lowest profile you can. All of this dialog is written with the utmost paranoia. Adjust to suit the level of persucution of freedom in your country. For maximum effect (which I'd personally recommend if your living in a repressive country) I'd suggest closely following these guidelines. Oh btw, if there is someone planning this sort of thing somewhere, I'd suggest running through your plans step by step (numerous times) to check for problems that may get you caught. This was just a quick write-up, I've probably missed a few things, so use commonsense as well.
Nope, they run FreeBSD, according to Netcraft.
So, Netcraft confirms it?
When you go to an internet cafe, you have to put glue on your fingertips. It keeps the fingerprints off the keyboard....and try to flirt with the receptionist so she won't turn you in if she catches you....and always wear a hat is good for hiding the tin foil.
woah, it is too late.
Qxe4
...then use I2P?
http://www.i2p.net/
Better than SSH, as with SSH you need a place to SSH to.
Oh yeah, that worked so well for those chinese students who stood in front of tanks. Publicly stood up for their cause, died for their cause, on international TV even. Their cause? No better off, but westerners felt sorry for them for a few weeks.
That's because you're one of dubyas favourite types of people; The mindless drone, who accepts and follows unquestioningly.
General anonymity application look also http://www.anonymous-p2p.org/rodi.html http://board.planetpeer.de/index.php is anothe place
Can people work out how much 'dissidence light' is allowed and get everyone line up at this frontier?
[A table giving what form of collectiveism is allowed could be maintained, anyone prepared to give it a try, what is 10% of the population ready and able to do which would not get them locked up/reprimanded, in various countries from A to Z including the USA and Venezuela.]
My own idea of dissidence light is to disseminate the IRA methods and procedures as part of a novel, giving people the capability to go beyond what I am prepared to do personally. This is of course illegal and may be even treason and sedition, [I have a British passport as well as an Irish one] if one takes things literally like I do (it is a geek thing, allegedly).
VÀCLAV HAVEL did it so much better in the Czech republic, gathering a dissident light community, through absurdist theatre, to build up a civil society that he thought was a necessary precursor to a freer democracy.
In Estonia there were lots of Choirs that travelled and disseminated information and news across the country before it became independant of the USSR.
It is interesting to not that mildly repressive regemes may stay in place because old people vote for the current state as they are afraid for their pensions, and it is the minority of young people who are on the streets, ie democracy of a kind is in place it is just that young people are outvoted.
My 2 cent..
http://www.swp.ie/ member
Be Free: Free Software Tuition
If you can get the hardware it might be possible to use some kind of satellite internet service that is based outside of the country in question. Iridium is slow and expensive but should be fairly safe an anonymous if your careful (ie, make sure the signal is shielded in all directions but up)