Slashdot Mirror
Dissidents Seeking Anonymous Web Solutions?
DocMurphy asks: "I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes. Many have in-home Internet access, but think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites. Dissidents not only want to remain anonymous themselves, but also wish to not compromise the sites they access. Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime run Internet access?"
Open wireless nerworks wouldn't work because?
Philosophy.
Freenet is the only solution I can think of, although it seems much slower than the common internet, and I'm not up to date on what content's available, but this is what freenet was made for.
http://freenet.sourceforge.net/
If you've gotten to the point where you're really worried about being caught and persecuted, perhaps the internet is not your safest bet, due to every reason being posted here, ie: keyloggers, etc. As much as you'd like to change your world, the "system" isn't going to make things easy for you to overthrow it. And the internet is very much a part of the "system." Unless you're ready to string up your own network and create a rebellion intranet, you're out of luck.
Just do what they do on the Sopranos: keep it low tech, use payphones, meet in person. If your cause it that important and you need to spread information, may I suggest a major leaflet campaign?
Bill Clinton: Pimp we can believe in. - The Shirt!!!
If you assume that any "public" PC is infected with a key logger, then you can NOT guarantee any level of protection, as they can always find the names of sites you type in, etc. You must have some level of trust on the PC before you can consider any solution. Beyond that, you would want to make use of an encrypted connection to a proxy or vpn outside the control of the regime, then access the content from there.
Dear DocMurphy, Next time, please submit stories as AC. Posting your email address on the front page of slashdot is a poor way of achieving anonymity.
"Best not to risk your life if a regime is that oppressive."
That's an excellent time to risk your life. Rolling over and "playing nice" is exactly what lets oppressive regimes exist.
There is no point in being a dissident if you choose to remain anonymous. How is anyone supposed to know what your motives are if they don't know who you are. And if you really care about the things you say, then you should be willing to take a stand for it. Any anonymous "dissention" is on par with raving on usenet and somewhere beneath private grumblings. Anonymous action, yes, can produce results. But anonymous words aren't worth the electrons they're displayed with.
The only issue I see with that is that it is possible to detect (though not decode) encryption. If a repressive government sees a particular pattern coming from a particular cybercafe, they'll start watching more and someone could still be in trouble under the "well why would you encrypt it? You must be a dissident!" assumption. That could be just as bad as if they were leaving it unencrypted....
...in bed
How can one make sure that a perfect system will not be used by terrorists and human smugglers, child pornographers to hide their activities. This may be classified as "choose between the two devils"
geoaxis
DocMurphy you are an idiot. You are talking about working with people to commit treason against oppressive regimes. Maybe you don't understand what an oppressive regime actually is or something but here is a hint: they don't have and problems killing people. You are not only proposing to work with these people across international lines but then you post a question to slashdot about how to help them. Assuming you think you are serious and not just posting the question to generate responses, do you even have a fucking clues how something like this would actually work. You are not going up against your high school typing teacher here. Not only do virtually all regimes have computers they also have people that know how to use them. If you don't know this stuff you are going to get these people killed and really run the risk of getting yourself killed in the process (or imprisoned depending on US geopolitical concerns. If you have to ask slashdot and expect a bunch of pasty teenages reading the anarchist cookbook to give you advice on assisting an insurgency you have no business doing this. You don't think that suggesting they use some sort of encryption from their internet cafes isnt going to get them killed. Wouldn't an oppresive regime monitor communications coming out of an internet cafe? Please do not continue to try this. Giving any advice like this is akin to leading a children's crusade and every baron along the way is going to fuck you in the ass and all your children are going to get killed. You really need to learn how things work first in international smuggling of goods and information and being a technical advisor to an insurgency you are not part of is no fucking place for some stupid idealistic kid. You will, in all likely hood, end up in jail for this if you are lucky. Really, they will probably just kill you.
You would connect to the proxy via SSL and hope that it is not noticed and then blocked.
You pretty much have hit on the problem.
Even if they can not read your data they will know it is encrypted. That could cause them to notice you.
If you are in a totalitarian country you can not be safe and a dissident. I do wish them luck.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Interesting suggestion, but pretty much undoable. You can't have both anonymity and keep the bad guys out, since if you have a way to ID the bad guys, you have a way to ID the good guys. It's a trade-off.
You really need at least two external servers. Here's why:
Suppose the authorities notice dissident activity from the first external server. If they then determine that I've been making connections to that dissident server, I'll be put under investigation. Yes my data may have been encrypted, but the connection alone is enough to raise suspicion.
However, if I have two external servers, I use the first as a proxy to the second, and use the second to conduct dissident work. Since both servers are beyond the regime's control, they have no way of discovering the connection between them and attributing the dissident activity to me.
However, even this will leave you open to IP tracing (should a stream of encrypted traffic raise any flags), as well as wandering busybodies/spies/anyone willing to report your ass for a reward. Just a thought.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
I don't care what you think. The US and its present president is not a repressive regime! I wish you damned democrats would just get over yourselves already. If you can post on Slashdot, you're not repressed. Obsessed maybe, possessed possibly, but not repressed!
It is real. Anyone interested in how to connect can send mail to bill.t.gates at gmail d0t com.
... you can do whatever you want. But I will tell you right now ... if you are looking for kiddie porn, look elsewhere. Most anything goes ... but a line has to be drawn somewhere. While the network is anonymous and you won't be busted ... we can disconnect bad nodes.
It is a network that is based on OpenVPN and Quagga (for BGP routing). The last time someone posted the connect details on slashdot, we were overwhelmed. If you are truly interested though, shoot an email over to that account and someone will shoot you back the instructions.
A variant of Unix or BSD with a dedicated connection is recommended -- but NOT required. The reason being, we would like as many people as possible to be permanent "nodes".
This is NOT freenet. It is fast and _extremely_ reliable.
One last thing, if you send mail to the above address, do it from an account that is NOT tied to you (webmail through a proxy).
Ok, one MORE last thing. Once you are on the Metanet
Guess what, if you live in a repressive reigime, the only crime they have to charge you with is illegal use of a cryptographic device (or something along those lines).
They understand the power of crypto, they will outlaw it. That's why the writeup for the article mentioned avoiding the use of personal PCs.
KIM asks: "I'm working for a repressive regime which is looking for ways to control the use of Internet in its country. Many have in-home Internet access, but, luckily, think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine is infected with keystroke loggers that give us access to and knowledge of 'banned' sites. Obviously, not only we want to identify the dissidents themselves, but also the sites they access. Any suggestions for products/procedures/systems out there making overwatching access & publishing a reality under our own run Internet access?"
Q: What's the difference between a dissident and a terrorist?
A: Only your point of view.
No Comment.
to add to that wonderful list... use different cybercafes in a random manner... don't use the same machine at any cybercafe.
also, try using one of those secure usb key's (lexar has one). and always do boring, mundane stuff while you're at the cafes, even when you go for the main purpose, start up a normal browsing session before you upload anything and flip back to it during the transfer.
please me, have no regrets.
Anecdotal evidence. The typical Texas Democrat supports the death penalty, opposes abortion, and owns guns. In majority Democrat states, such a person could be expected to vote Republican. A Texas Democrat may be a union worker, a trial lawyer, or a historically oppressed racial minority; these are all Democrat constituencies. You are correct that you ARE a democrat, but in other communities, you might find you have more in common with Republicans. By the same token, I would expect the typical Massachusetts Republican to vote Democrat in Texas.
If I may be permitted a tiny flame, I'd suggest that you don't distinguish between statistical statements about groups of people and categorical statements about each member of a group of people. While the latter is fallacious, the former is not. Granted, they are easily confused, and bigots often pretend to say the former when they mean the latter. However, in intelligent discourse, it is important to realize that statistical statements CANNOT be refuted by anecdotes. "The averate 4-year-old can't read" is true, no matter how many gifted four-year-olds you might find.
RAM isn't completely recovery proof.
Now... as for the original question, isn't this what freenet was supposed to be for?
In other words, the site is published by you, but hosted on some other freenet member(s) box.That was the entire point of freenet, to allow for truly anonymous publishing of material.
Oh yea, and don't forget to check the "Post Anonymously" box
[Fuck Beta]
o0t!
Disliking the president is one thing. Hoping for his literal death is something else altogether.
How long would such a person last in Saddam's Iraq, or KJI's North Korea? A 'request' to Fark for their email address? No. A threat to 'our beloved leader' would end up quite a bit nastier than that.
Ever thought that these countries aren't really terrorist nations at all, but simply labelled by a few countries because it serves their own agenda?
When done (or if the government busts in!), reboot your computer - no traces left.
:D Or even just buying a keyboard that you can't take apart might work. Have a look at this and this for ideas.
I'd be extra paranoid and make sure to power off the computer, not just reboot it, to be sure all the RAM is reset. If they're super-cunning they could salvage incriminating data from it.
You could also go one step further on the keylogger protection and have your own USB keyboard that you carry around with you. Keylog that!
One good turn - gets all the covers.
Actually, it is exactly what lets me sit here in front of a Starbucks, in my boyfriend's Lexus, sipping a latte and chatting on his laptop. That and the fact that he couldn't switch from IE to Firefox without three IT consultants - so he is never any the wiser ;) He probably thinks keyloggers are the guys you can't do without if you are cutting down a forest....
Do not confuse authentication, confidentiality, and tracability.
authentication: third parties cannot alter your communication; the party you are talking to is who you expect.
confidentiality: third parties cannot read your communication
tracability: third parties cannot determine who you are and/or with whom you are communicating (i.e. they can't map to meatspace)
The most critical factor for dissidents is tracability.
While ssh provides authentication and encryption, it does NOT, on its own, decrease tracability. Most governments (and in the US, corporations) can easily trace a basic IP connection, even if they can't read or write the traffic on it. Just follow the wire.
Remember: who you talk to can be at least as sensitive as what you say.