Slashdot Mirror
Dissidents Seeking Anonymous Web Solutions?
DocMurphy asks: "I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes. Many have in-home Internet access, but think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites. Dissidents not only want to remain anonymous themselves, but also wish to not compromise the sites they access. Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime run Internet access?"
Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites.
I would think that Internet Café "spies" would be more useful than keyloggers to the authorities looking for dissidents. Unless these connections are somehow routed through multiple anonymous/encrypted proxies and hopping through open WAPs I really don't believe that a public terminal is in any way "safe".
A stalker that I had earlier this year was easily located via tracking his IP and figuring out which coffee shops and libraries he was using. The libraries all went through a single county-wide proxy and narrowing his location down on a Sunday was easier than you could possibly imagine (all satellite locations in the county were closed except one).
If I could track someone down that easily imagine what the members of a Gestapo looking to do more than end some harassing emails could do, especially when they might have a network of spies watching public access locations in person.
Your parents' basement is not an oppressive regime.
Love,
People suffering under the oppressive regimes of employers
write it in advance, take it to the cybercafe on a floppy, pgp it, email it to someone you trust (or an automated publisher)
$ strings FTP.EXE | grep Copyright
@(#) Copyright (c) 1983 The Regents of the University of California.
PeaceFire distributes a free program called the Circumventor which can be used (by running it on a server in a free country) to safely and securely proxy out of a firewalled nation like China.
Jason.
...cause there isn't enough tinfoil in the world for guys like this.
There are 01 kinds of cars in the world. The General Lee, and everything else.
If you've gotten to the point where you're really worried about being caught and persecuted, perhaps the internet is not your safest bet, due to every reason being posted here, ie: keyloggers, etc. As much as you'd like to change your world, the "system" isn't going to make things easy for you to overthrow it. And the internet is very much a part of the "system." Unless you're ready to string up your own network and create a rebellion intranet, you're out of luck.
Just do what they do on the Sopranos: keep it low tech, use payphones, meet in person. If your cause it that important and you need to spread information, may I suggest a major leaflet campaign?
Bill Clinton: Pimp we can believe in. - The Shirt!!!
If you want to communicate with your fellow dissidents in secret, just broadcast it through a UPN affiliate. I guarantee NO ONE will ever see what you're up to.
Texas Democrats? Exiled in New Mexico? :)
Olvesay the oblempray.
"It's a wonderful idea. But it doesn't work." -- Tad Danielewski
Beacuse:
A. Repressive regimes may not have a lot of unsecured open hotspots.
B. Repressive regimes may not have an abundance of wireless enabled laptops, and possessing one would draw attention.
C. Going from "inside the internet cafe" to "within 150' of the internet cafe" doesn't get you that much. Repressive regimes are pretty good with triangulation.
"Best not to risk your life if a regime is that oppressive."
That's an excellent time to risk your life. Rolling over and "playing nice" is exactly what lets oppressive regimes exist.
Neat idea.. perhaps there should be a Tor-Over-Steganography platform, to prevent the identification of Tor usage or some other method of information hiding. Otherwise, a regime can just shut down Tor(-ish) traffic.
I guess the best way to get your message through the iron (red?) curtain is to piggy-back it on whatever the highest-volume public information stream is. That way the baddies would have to shut down all of that traffic and risk a large public pushback.
In the case of China, I hate to say it, but if it's true that a lot of spam is outbound from their country, that would be an ideal place to hide information. Lots of spam has randomly generated text, so altering the frequency of that text in a fashion known only to sender and receiver could be used to encode an information channel, over which you could run a simple unicast stream, or something more decentralized, like TOR.
Even better:
1. Have a PC with a CDROM drive.
2. Rent or borrow an SSH account outside the country.
3. Boot PC using KNOPPIX (do not load hard drive)
4. Open a connection through SSH that forwards a local to an anonymous proxy at the far end.
5. Use 127.0.0.1 as your proxy address.
6. Surf away!
When done (or if the government busts in!), reboot your computer - no traces left. (Knoppix stores everything in RAM).
Keyloggers do not work against you, because you are booting from known media. (On the other hand, if the NSA REALLY wants you, they will hack your bios - but no one else is probably that anal).
while (sig==sig) sig=!sig;
Spoken like a true Westerner I'm thinking.
In countries where you can stand up and say your government is a bunch of idiots, there is no harm in not being anonymous.
But if this can lead to prison, death, torture, disappearance, or all sorts of ahem inconvenience cough, then anonymity is what you want.
What good is saying "if you have anything of value to say, be public about it" if everyone is eventually dead and too afraid to say anything?
Sometimes just making sure someone hears the words is important. As is making sure those who need to say 'em are alive to keep saying 'em. Deciding that anything that can't be said out in the open isn't worth saying is probably a real disservice to peoples who absolutely cannot do that.
Lost at C:>. Found at C.
A good way to combat a software or even a hardware keylogger is use the mouse to type in letters in random positions.
;)
For example, if you need to type in your email password in a webmail autentication form, you could type the first part, say "bud", then click on another part of the desktop, say the url bar of the browser, type in some random garbage, move the mouse again and finish the password, adding "rose" to "rosebud".
Since keyloggers don't track mouse movements or clicks, the phisher wouldn't be able to breakdown and harvest the password from the keylogger.
PS. It also helps not to use obvious passwords like "rosebud"
Hack your mind out of its sandbox.
It used to only be Blacks that were disenfranchised in the South. It's good to see that we have progress.
I read the internet for the articles.
http://www.keyghost.com/sx/
This device will happily log all your keystrokes whatever media you decide to boot from.
RAM isn't completely recovery proof.
Now... as for the original question, isn't this what freenet was supposed to be for?
In other words, the site is published by you, but hosted on some other freenet member(s) box.That was the entire point of freenet, to allow for truly anonymous publishing of material.
Oh yea, and don't forget to check the "Post Anonymously" box
[Fuck Beta]
o0t!
No, not quite.
A dissident (my definition, anyway) expresses dissent by speaking, writing, or other nonviolent activity.
A terrorist expresses dissent by violence, mayhem, murder, or destruction of property.
All you need to do is tunnel a local port over the ssh connection to a remote proxy.
For example, you could forward local port 8888 to a remote SOCKS server (port 1080 is SOCKS) like so:
ssh -L 8888:some-anon-proxy.com:1080 ssh-user@ssh-host
That forwards port 8888 on your machine to some-anon-proxy.com port 1080 via the ssh tunnel.
Then set your browser to use localhost port 8888 as the SOCKS proxy.
Note that most SOCKS connections still do DNS from your local machine so you need to protect that by some method. To do that you either need to use SOCKS 4a (I think), use a non-SOCKS proxy (like HTTP proxy), or use a local proxy like privoxy that itself fowards to another proxy via the SSH tunnel.
And there is always Tor.
The command is:
ssh -L proxyport:proxyIP:proxyport sshServerIP
for example:
ssh -L 8000:lvsweb.lasvegasstock.com:8000 shell.frogstar.com
Note that this is not untraceable - especially by the NSA. But other governments will have a difficult time with it.
while (sig==sig) sig=!sig;
> There are many posters on fark.com who tell of farkers getting
> intimidation visits from teh Secret Police
Yo, cornholio. This IS Fark, right? And you believe anything written there? Yea, right. All the zaniness of the Moveon.org crowd without the maturity. And that is saying something. Hint: don't lieten to what the tinfoil hat crowd says, they ain't sane. Not saying that the Secret Service doesn't at least keep an eye on even low threat sites like Fark, but I seriously doubt they would waste their limited manpower harassing a random leftist posting "death to Bush" threats there unless they had their profile linked with accounts on more seriously dangerous sites.
And besides, death threats against a President should be taken seriously, and shouldn't be protected by the 1st Amendment. It isn't like the odds of surviving being elected President of the US isn't already worse than being shot into space, lets not make em worse by inventing a constituitional right to make death threats against the poor bastards.
Lets review recent history, shall we? (Warning, flamebait)
Bush II: The Deaniacs are this >< close to launching suicide bombers against him. I'd be shocked if he makes it to the end of his term without somebody taking a shot. And depending on where that last airliner was bound and whether they knew he wasn't home at the time you could say Osama already give it a go.
Clinton: Somebody crashed a fscking airplane INTO THE WHITE HOUSE. Of course he left a trail of blood in his own minions. (Ron Brown, et al.)
Bush I: Ok, so nobody tried to kill him until he left office.
Reagan: Blamo. But they just don't make crazed gunmen like they used and he didn't succeed. For which the world should give thanks, otherise half the world would still be under the darkness of Soviet Communism.
Carter: I seem to recall a nutjob taking a run at him. Or was it Ford.
Ford: See above.
Nixon: Nobody tried to shoot him. Nobody even really wanted to, except some of John Kerry's more extreme friends. Which says volumes about how far public civility has sunk in the interveening time.
Johnson: Well he probably assumed by office by assination, but that doesn't count, does it?
Kennedy: Blamo. See above.
Democrat delenda est
Knoppix stores everything in RAM
Not entirely true. Knoppix searches for and uses existing unix swap partitions. To stop it doing this you should pass the 'noswap' option at boot. Look at the Knoppix Cheat Codes page for evidence, and for other boot options.
One good turn - gets all the covers.