Slashdot Mirror
Dissidents Seeking Anonymous Web Solutions?
DocMurphy asks: "I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes. Many have in-home Internet access, but think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites. Dissidents not only want to remain anonymous themselves, but also wish to not compromise the sites they access. Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime run Internet access?"
Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites.
I would think that Internet Café "spies" would be more useful than keyloggers to the authorities looking for dissidents. Unless these connections are somehow routed through multiple anonymous/encrypted proxies and hopping through open WAPs I really don't believe that a public terminal is in any way "safe".
A stalker that I had earlier this year was easily located via tracking his IP and figuring out which coffee shops and libraries he was using. The libraries all went through a single county-wide proxy and narrowing his location down on a Sunday was easier than you could possibly imagine (all satellite locations in the county were closed except one).
If I could track someone down that easily imagine what the members of a Gestapo looking to do more than end some harassing emails could do, especially when they might have a network of spies watching public access locations in person.
I'm curious about this --- if in a nation like China all of the packets are routed through government owned machines, how would sending a proxy to a foreign machine circumvent them? All of your data still passes over the network in the country. The IPs of your foreign host could be blocked.
I'm not dissing you, I'm just not 100% sure of how easy it is to bypass that. On the surface, depending on how they implemented it, I should think that's kinda like bypassing the phone system in my country so I can use another --- I still need the phone system I'm wired into, no?
Lost at C:>. Found at C.
Would Blogger's post-by-email feature count as an automated publisher? A secure HTTP proxy, like MegaProxy, might be an alternative. I suppose that how anonymous it is depends on 1) how determined the regime is to know what you're doing, and 2) whether the remige is blocking proxies.
Neat idea.. perhaps there should be a Tor-Over-Steganography platform, to prevent the identification of Tor usage or some other method of information hiding. Otherwise, a regime can just shut down Tor(-ish) traffic.
I guess the best way to get your message through the iron (red?) curtain is to piggy-back it on whatever the highest-volume public information stream is. That way the baddies would have to shut down all of that traffic and risk a large public pushback.
In the case of China, I hate to say it, but if it's true that a lot of spam is outbound from their country, that would be an ideal place to hide information. Lots of spam has randomly generated text, so altering the frequency of that text in a fashion known only to sender and receiver could be used to encode an information channel, over which you could run a simple unicast stream, or something more decentralized, like TOR.
There are many posters on fark.com who tell of farkers getting intimidation visits from teh Secret Police (AKA the Secret Service) simply because they happened to make offhand comments about news stories involving assassination attempts on the President.
For example, the other day in Russia (Georgia, actually) someone supposedly threw a gernade in Bush's direction. THe grenade never went off, but some people posted saying stuff like they hoped it, or something like that. The Fark admins posted in the thread saying that they had personal knowledge of Secret Police requests for such posters' IP numbers.
So the terrorists hate u for our freedoms, huh?
LOL!
eat shiat and bark at the moon
Texas Democrats ... are Republicans anywhere else.
Speak truth to power.
A good way to combat a software or even a hardware keylogger is use the mouse to type in letters in random positions.
;)
For example, if you need to type in your email password in a webmail autentication form, you could type the first part, say "bud", then click on another part of the desktop, say the url bar of the browser, type in some random garbage, move the mouse again and finish the password, adding "rose" to "rosebud".
Since keyloggers don't track mouse movements or clicks, the phisher wouldn't be able to breakdown and harvest the password from the keylogger.
PS. It also helps not to use obvious passwords like "rosebud"
Hack your mind out of its sandbox.
Brief description of the Metanet and how it works:
... but with anonymity in mind.
It is a network of VPNs built on top of the plain ol' internet. Routing is done via BGP (the framework has been laid to do cost based routing -- but that is not there yet). We have web servers, ftp, irc, news (with one node donating an anon feed (read only for now) from the "real" Usenet with VERY large retention on binaries), IM (via jabber), AFS (this the the primary method of storing files), streaming media, email, dns (with special Metanet TLDs), a nice search engine...
Basically we rebuilt the internet from the ground up
We like people that join to have a basic understanding of internet protocols (we are NOT looking for leechs) but we make exceptions for people that would LIKE to learn.
Isn't it much easier then to open a random webpage and copy/paste the letters you need from the text with your mouse?
http://nms.csail.mit.edu/projects/infranet/
Technical paper (pdf)
An increasing number of countries and companies routinely block or monitor access to parts of the Internet. To counteract these measures, we propose Infranet, a system that enables clients to surreptitiously retrieve sensitive content via cooperating Web servers distributed across the global Internet. These Infranet servers provide clients access to censored sites while continuing to host normal uncensored content. Infranet uses a tunnel protocol that provides a covert communication channel between its clients and servers, modulated over standard HTTP transactions that resemble innocuous Web browsing. In the upstream direction, Infranet clients send covert messages to Infranet servers by associating meaning to the sequence of HTTP requests being made. In the downstream direction, Infranet servers return content by hiding censored data in uncensored images using steganographic techniques. We describe the design, a prototype implementation, security properties, and performance of Infranet. Our security analysis shows that Infranet can successfully circumvent several sophisticated censoring techniques.
http://www.keyghost.com/sx/
This device will happily log all your keystrokes whatever media you decide to boot from.
Most places, having a copy of Knoppix is pretty explainable - and won't get you arrested by itself.
On the other hand, in a regime where crypto is illegal, don't you think they could arrest you without cause anyway? Why bother with the crypto argument?
All this does is allow you to hide what you are doing within reason.
while (sig==sig) sig=!sig;
"key loggers in the keyboard"
Something similar to this: KeyGhost
I remember some software that could hide messages in graphics files, by subtly editing the values of some pixels. Then, if the other side has a copy of the image, they can subtract them to find the difference, and decode the image.
So, your scheme would be to send an image, and then, some random time later, to send some information using this image. Double encrypting might work too. As long as you aren't already under suspicion, I doubt anyone has the time to check for people sending duplicate graphics files.
Couldn't agree more. As nerds, it's easy to recommend gimmick after technological gimmick. It's not so easy to imagine ourselves in a repressive regime. Consider that the very possession of cryptographic software, or even a computer, in some countries marks a person, if not as guilty, at least as under deep suspicion. I have heard that in North Korea, probably at this point the most repressive regime on the planet, radios are forbidden to all but a select few for fear that the populace might hear Voice of America or something. With restrictions like this, arguments on whether the dissident should use FreeNet or Tor suddenly sound pretty stupid.
As the parent poster quoth, movies about the Mob show an excellent example of information security. The top people only talk to a few guys, who talk to a few more. In "The Godfather" (the book), Don Corleone won't even use a telephone because he's afraid the FBI will be able to splice together tape to frame him even if he reveals nothing over the phone. Now that's paranoid.
The best way not to get busted is not to fall under suspicion (in a truly repressive country, once you're suspected, you're already tried, convicted, and headed for prison or worse). And if you get caught, the next best thing is not to know your fellow dissidents, so the authorities can't make you sing.
There's no sig like this sig anywhere near this sig, so this must be the sig.
They (the freenet devs) are currently working on making it possible to run freenet as a large-scale darknet. That means it will be very hard to impossible to find out whether a given host is a node or not or even get an incomplete list of nodes.
At least that's the idea. As far as I can see, the most obvious result of their current course of development will probably be that the vast majority of people, even those in "free" countries, will not be able to use freenet at all.
If it's so secret, then how come I've never heard of it?
use different cybercafes in a random manner... don't use the same machine at any cybercafe.
Bad idea.
If you naively use the same cybercafe each time, the police will be able to watch the cybercafe, observing who is attending whenever the suspicious stuff happens, therefore you will be found quite easily.
If you visit different cybercafes each time to avoid this, the police will simply watch a few local ones. You will show up at each one when the suspicious stuff happens. It takes a few more policemen, but you actually get caught quicker.
Another solution is to use the same cybercafe each time, but do so during lunch hour, and use one near to a school or something. Basically, you want to have your visits coincide with a lot of people at the same time, and the same people each time.
Of course at this point, the government will simply run a check on each observed person and find that you have a computer and internet connection at home, which means that there's no reason for you to be visiting a cybercafe.
The problem is that the police can predict your visits. If you wait a few months in between suspicious activity and there is no CCTV, then you can be reasonably certain the police won't be able to find you, as long as you don't use the same one each time. Presumably the police don't have the resources to track who uses which cybercafe at any given moment.
The only trouble with freenet is that a very large portion of its userbase uses it for what most thinking-people consider distribution of immoral material. Unlike the Internet at large, by virtue of participating in the freenet you help propgate this material -- whether or not you choose to ignore it. If you are, say, a dissident with religious convictions, much of the material on freenet will offend you greatly.
Destruction of property is a terrorist act? So are you saying that a high school kid who breaks a window is a terrorist? Or, do you mean bigger dollar amounts (meaning the difference between petty vandalism and terrorism is only a question of dollars)? Personally, I can't see how any property crime could even be stretched to fit the definition of terrorism.
I understand this. however your idea is flawed. Many OSS encryption programs exists, but they are not useless simply because they are OSS. They are less likely to have flaws because of peer review.
It is my hope that the best ideas found here will give me a starting point to develop a better answer.
Texan democrats are as wacked out as they were in the north east. Maybe not as screwed up as Californian democrats, but California is Speshul. I've lived in all those places, for the record.
/. average but this wasn't intended as a political post. I was referring to the Dale (from King of the Hill) kind of Texan that's anti-government, pro gun etc. You know, republican before republicans got born again.
/. orthodoxy. There's some irony: /. squelching perceived (and incorrect!) right wing politics on an article abount free internet for government dissidents.
I probably lean righter than the
I got modded down for almost, but not quite breaking