Slashdot Mirror
Ask Slashdot: What's the Best Way to Browse the Web Anonymously?
An anonymous reader asks:
In an age of evercookies, zombie cookies, and always expanding efforts to track browsers, devices, and people -- is there any way to browse totally anonymous to the sites you are visiting?
With so many technologies quietly monitoring your activity, "How can a user today browse with confidence that they can't be tracked or identified, avoiding even being identified anonymously as a returning user or device?" Leave your best answers in the comments. What's the best way to browse the web anonymously?
With so many technologies quietly monitoring your activity, "How can a user today browse with confidence that they can't be tracked or identified, avoiding even being identified anonymously as a returning user or device?" Leave your best answers in the comments. What's the best way to browse the web anonymously?
or don't surf at all
"The only winning move is not to play."
Your anonymity is forfeit the second you connect to the web. Even Tor is not fool proof. You are anonymous by being lost in the masses, that is the best you can hope for.
The Internet is a piece of shit. Burn it to the ground, and humanity as well.
Depending on your level of paranoia...
Surf the web with the TOR browser through an anonymizer (IP Scrambler) through VPN on a device that you purchased with cash on someone else's wireless network.
Pick and choose to suit your level of paranoia.
Get off the computer, go outside.
At someone else's house.
iPod touch purchased with cash, used at local Starbucks/Panera/etc then smashed and trashed
Run your own DNS server (pihole is great) - point every device, router, etc you have at it - check with ipleak.net
On said DNS server make sure you use DNSSEC and only use servers that don't log and are DNSSEC enabled.
Run your own mail server (mail-in-a-box) - use let's encrypt on everything you can.
Use DNSOverride app for iPhone (A gem!) so your cellular doesn't get sucked up by ads and trackers
Root your android, run a custom rom - and use http://opengapps.org/ so you don't have to use all of Google.
Use Signal App for messaging on iPhone
Use Sudo App for iPhone to use temporary identities - it's free and awesome. Get free sms, phone number, email address, all in one click!
Running your own DNS server will protect you from most internet garbage.
Use lots of Sudo Identities with different emails to protect from password leaks. The more random your email is the less likely someone can correlate usernames of previously hacked accounts,
Burn Tails to a USB drive. Boot that for anonymous access.
https://tails.boum.org/
Purchase everything you connect with in cash (if you don't think a MAC address can't be linked to a specific model and the credit card used to buy it, think again). Never connect to a network you pay for. Use free WiFi wherever you go. Build a cantenna and pick off any insecure networks around you. Create a wireless backup close to home but hidden off the property for anything you need to store. If you can, run your browser under an OS in a virtual machine run off a ramdisk.
Use someone else's computer...
through your neighbor's window.
Tor.
Use a Linux Live distro which automatically connects through Tor. Don't want to build it yourself? No worries, it is already done for you! https://tails.boum.org/
https://www.whonix.org/
TAILS tries to provide anonymity within the context of kernel-based security, but browser and privilege exploits are quite plentiful and such malware can go on to reprogram your firmware and peripherals. Qubes provides better protection of the core system, and Whonix ensures that Tor is utilized in a way that's optimum for anonymity.
If you act as a "normal user" of your ethnicity, religion, etc., this is the best way to remain "anonymous".
You don't use an anonymizer, anonymous browsing function, etc. because most people don't use them.
Then, when you really need to be "anonymous", you go to a public library or any commercial place that lets you browse the web without registering your ID.
You go there dressed like everyone else or bit cleaner, being nice but not annoying and do what you need to do and leave.
Socially being anonymous is always better than using any technology to remain anonymous because people who are trying to track you are looking for "oddness", not "normalness".
Want to be anonymous on the web? Don't do anything that attracts any particular attention to you.
Chances are, you are painfully insignificant, so nobody is tracking or spying on you, other than through "lazy" mechanisms, i.e., cookies and logging. This is the digital equivalent of paying someone to write down a physical description of every person that entered the mall.
This form of tracking is rather benign, in a tumor sort of way. You can avoid most of it by not using Facebook, Google, Amazon, etc, and by blocking known ad and tracking domains. For all intents and purposes, you don't exist to them, hence, anonymity.
However, using tor, proxies, vpns and asking around "how to be anonymous" is a great way to pin a big bullseye on your forehead. Your traffic may be encrypted, but "they" will know that you are hiding something by virtue of what your are connecting to. Remember, your IP address is public, and between you and the VPN provider, there are dozens of places where your traffic can be monitored.
A high number of "this IP address connected to a known tor entry point" should be enough to pique "their" interest.
Best course of action is to hide in plain sight and keep your nose clean.
Using Huma Abedin's computer
Install Qubes OS on a spare SSD, preferably on a computer that supports vt-d properly (older business class notebooks can be really good here if you're on a budget.) Choose KDE or XFCE for your DE, and decide whether you want to use Debian or Fedora for your templates[1]. Configure your DispVM to use a ProxyVM for connectivity using commercial VPN, paid for using bitcoin/giftcards/prepaid credit cards if you're feeling paranoid. (This will be something like $3 / month, depending on who you're buying with.) Make sure you configure the ProxyVM to fail-hard if you lose your connection to the VPN, as opposed to connecting over clearnet in the event of a VPN failure.
(Optional: use a Tor ProxyVM instead of a commercial VPN ProxyVM. Qubes does ship with Tor and Whonix VMs for this very purpose but this is tricky business... Tor exit nodes are definitely not to be trusted. If you did this, I would advise using a VPN layer in addition to Tor in order to protect yourself from the exit node... just make sure the VPN hop is coming AFTER Tor, not before. Also, expect plenty of transient performance hits.)
Next, customize your DispVM's browser to include extensions such as uBlock Origins[2], self-destructing cookies[3], and a user agent randomizer (which you should configure to only change to the more popular browsers currently in use.)
The result of all of this? Your DispVM is a stateless VM; all data is lost every time it's shut down (Joanna currently has it set to auto-shut down every time you close the browser, which I find annoying as hell but I guess it's handy for a lot of people.) Your browser extensions will help guard against tracking in-between DispVM restarts. And by configuring it to use the ProxyVM, you'll never using your real IP address (and ideally you should alter your exit point from the VPN as well.) Unlike most VPN setups, a bug or exploit in the browser or in anything else in the DispVM's operating system will not leak data over the un-VPNed internet.
None of what I just said is trivial to set up, but guides are available and this setup would be extremely robust and easy to use (once configured.) The core of the Qubes UI/UX is in fact quite user-friendly, with an emphasis on GUI tools. It's also a pretty nifty hypervisor even if you don't give a toss about the increased security. It's damn fast, easily portable between different physical machines, templates are handy as hell, and all of your windows from all of your VMs (including your Windows 7 VMs) can appear in a single desktop with a single taskbar, alt-tab menu, etc. (KDE or XFCE; your choice.)
1. You could also built your own template using some other distro (like Ubuntu) if you really wanted. Templates allow you to have multiple VMs with different personal files but with the same apps and configuration (installing anything to the template instantly installs it on all VMs based on that Template.) Also, they're stupid fast.
2. This is basically Adblock Plus done right, with a dash of Request Policy and Noscript tossed in for good measure. You can easily toggle between blacklisting and whitelisting philosophies; it's awesome. (Note that uMatrix is available from the same author for people who want even more fine-grained control.) Note your whitelists / blacklists will be lost every time you shut down your DispVM, so if you've done a lot of tinkering be sure to export them and send them to another stateful VM to merge back into the DispVM image eventually. (This can be done with a simple right-click in a file browser.)
3. Not the best general purpose cookie manager but it's the easiest to use, particularly in a DispVM setup
use someone else's computer ... or don't surf at all
Nah. Just use a burner laptop.
That you bought with cash.
At a suppler that doesn't have security cameras.
And walk to your car parked beyond traffic cam range.
Then use open WiFi - again while parked outside a free-WiFi providing business where you can approach and leave without driving near traffic cams.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Don't fucking browse at all. Especially if you need to do searches for "how to kill my kid by leaving him in a hot car"
Throw your computer in the ocean. Probably not a bad idea to hang yourself as well. Eliminates chances of those pesky subpoenas and depositions
Buy a laptop off of craigslist and go to starbucks
Also:
Pull the battery before driving away and insert it just before using it. (Don't have it powered when driving past a webcam.)
And NEVER use it with any user I.D. associated with you (or put any identifying info on it, to be grabbed by malware.)
Nothing to it! B-)
(Or follow the original poster's advice.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
I am developing a browser for Android and Chrome OS called Privacy Browser that is designed to provide as much anonymity as possible. For example, JavaScript, cookies, and DOM storage are disabled by default, which mitigates many of the tracking techniques used by websites. It also integrates with Orbot (Android's official Tor client). https://f-droid.org/repository... https://www.stoutner.com/priva...
Log onto Jill Stein's web site and make a donation?
Tor Browser is a good start.
So is Tails.
Finally, try to keep your facebooking to under 15 minutes.
-------------------
This is my SIG. There are many like it, but this one is mine.
It's a setting in your browser. Super easy to use.
bill@clintonemail.com
..at your local library.
Many libraries have computers than can be used with a login/password obtained at a desk. No library card or identification is necessary.
Don't want to be in a library, just because? Find one with WiFi and sit outside. This is less common, but some libraries do take advantage of their purpose and provide open/anonymous WiFi connections.
Or, you know, incognito mode via a prepaid cell phone that you bought cash... that should be good enough for most people.
If you're ultra paranoid, you could set up a relay with two more cell phones so that the websites you are visiting trace back to the relay's cell tower instead of your physical location, but that seems like more trouble that could possibly be justified - unless you're doing something illegal.
You'll probably need to hangout in high-traffic areas, like airports.
Of course a cell phone can be traced to a particular location. Better do it from somewhere far from home.
With one hand.
is there any way to browse totally anonymous to the sites you are visiting?
there is actually a very simple way to do this, don't visit the site! however, to see the content of the site without visiting it, just plug the address into archive.org and you can see a snapshot of the page at certain dates. to ensure that a sneaky javascript isn't phoning home, use "noscript" or just use a browser without javascript execution capabilities.
Anons need not reply. Questions end with a question mark.
Web pages are arbitrary software and can fingerprint you by your keystroke cadence, patterns of mouse movements and vocabulary choices. This, combined with detailed profile of your hardware and software, can be later matched when you enter your credit card on Amazon.
You can make big brother's life a bit more difficult by getting a second laptop, booting it from a live USB distro that never saves anything to disk and using it some distance away from home on a public WiFi hotspot. But make sure you dedicate it to just your secret web browsing and never use the same hardware to read slashdot.
Using a tor browser, on a stolen laptop connected to some old ladies open wifi
Is the poster using an anonymous browser to post his anonymous post to ask about anonymous browsing, hmm?
And ride there on a stolen bike.
Wearing a mask.
With pebbles in your shoes.
And he's operating the computer for you. And you pass bits of paper back and forth, Go read up on how Compaq created the IBM compatible computer.
Have your computer browse the web semi-randomly, so when they do track you, what is you and what is automated.
Fuck Microsoft, Google, Facebook, and any browser that doesn't explicitly try to set up best practice for securing and maintaining your need to privacy!
Also, fuck anyone that made the internet and all politicians that thinks that "privacy" is a mere consideration for them to dictate, and not a personal need.
Onion routing is owned by the US by federal police level at a per case budget. Your ip will be tracked federally as a given just for using such services.
VPN can be tracked at a clandestine service level with no extra effort under collect it all.
Your MAC or any other unique computer number or browser details can be requested or stored.
So find a new computer, paid for with cash, wait a few months for any CCTV to clear.
When using this clean computer never do any of the things done on your normal account and never at the same time or in the same area or the same tools, OS, software..
Different OS, short bust encrypted messages only, become a numbers station.
Anything with text gives patterns, linguistics.
For an average user a VPN with router support and shut out on connect fail is good. Every connection is then via a router. Anything done to the OS should be under that VPN ip.
VPN payment is the tracking option for a federal case.
The problem with browsing is so much data is requested, collected and patterns build up.
Most people then fall back into habits and visit that one old site again, or post in a very unique style.
Domestic spying is now "Benign Information Gathering"
Same goes for Flash, Silverlight and whatever other executable stuff. Active content: Just Say No.
Whoever thought it was a good idea to download random executable crap off the 'net and *let it run in your computer* is an idiot and didn't learn the lesson of the '80s (remember Word macro viruses?).
1. Go to library.
2. Find a book on the subject.
3. Read at the library.
4. Afterwards go to bar and have a drink that pay for with cash (optional).
Don't get why people don't do this
Botnet ops rent pcs at damn cheap prices
You will never be anonymous on the internet. The best thing you could do is to hide in the mass. Using things like tor is like walking around with a mask. You will act suspicious. "What has he to hide?". I use the internet, but I don't use those tracking services like Facebook, Google Drive, Twitter, LinkedIn, ...
I still don't need social media, although I've noticed more and more potential employers want you to apply for a job through either Facebook or LinkedIn. And that's a depressing evolution. I still don't want to have anything to do with social media, and once it becomes mandatory I will prefer joining those weird people with a 'the world is doomed' plaques over joining Facebook or LinkedIn. So that's basically the answer: join and accept being tracked, or don't join and keep the alternative alive for the non always connected people.
Lower the signal to noise ratio by adding suitable random chaff to your DNS and web queries. Make sure that your real traffic is only a small fraction of the total traffic going through your line.
Instead of a nice list of truly visited websites Big Brother gets a random collection of websites that might or might not be related to your activities. Make sure that the chaff is not easily separated from real signal both in time and in content. Make the chaff trails realistic by automatically following links on the web pages after delays that correspond to time spent on reading a web page. Make sure to have a lot of red herrings included in the selection of "random" targets.
Publish the source code of your chaff robot in suitable forums. There is strength in numbers when you are trying to hide in a crowd.
Incognito has noting to do with tracking. That just hides your history from other people who might share your browser (ew).
All these "use this program" or "use this hardware" suggestions are a waste of time, just go to the local public library and sit down next to your local homeless sex offender, and surf away. If you log in to anything while online you don't care about anonymity anyways, so as long as you don't intentionally associate what you do there with a known persona of yours, you can remain largely anonymous. All those "behavior" tracking algorithms only work with a ton of input data and when looking for someone specific. If you are actively avoiding someone (a state actor) who is trying to track you, stay off the net entirely.
Use a botnet to get others to do your browsing for you. Include lots of noise in the botnet's behavior so that it's difficult to tell what among the information it retrieves is the information you want. Make the botnet appear to be a failure at accomplishing some different goal, so that the people who investigate botnets pass over investigating yours in favor of investigating one of the ones that appears to be doing something successfully.
Alternatively, use mind control to get a billionaire to put a network of free tor nodes in low earth orbit. You'll be harder to pinpoint if the size of the "parking lot" where you pick up the free wifi is a couple hundred km across.
And use Linux, but set your user agent strings to the most common OS and browser.
And load an add-on that allows you to change the other browser fingerprint stuff.
And very important... generate a random MAC address for your wired/wireless each time you boot and before you connect.
Does it go without saying that you must never access any of your social media accounts when using this?
For the really paranoid, you need this on a boot DVD while your internal hard drive has your normal OS that you should use once in a while (but never insert the paranoid DVD while running the normal OS).
Or have an external hard drive instead of a DVD (never plug it in while running the normal OS).
In either case keep a way of destroying it handy. A hammer for a drive. Strong, stubby scissors to scratch then cut up the DVD. This level of paranoia isn't needed ... yet.
I just call the server admin from a burner phone and ask him what's on the screen.
Just cruising through this digital world at 33 1/3 rpm...
That is so wrong as to possibly be a shill.
Don't use any social media at all when using this boot. Assume the social media are (or will be) owned by the government.
Never use Windows, especially Windows 10. Never use any proprietary / closed source OS.
Why just Android? Are you going to do a PC version?
You ought to be arrested only for asking that question. The State watches and protects us all. Why do you want to hide? What are you doing that is so hideous?
Does a Samsung Galaxy 7 count as a "burner laptop" ?
And don't bring your existing cell phone with you. Or turn it off during the times you're using the burner.
You might not have all the pages online at any given time, but it shure is safe.
Remember to use do not track curtains.
This will keep your surfing absolutely anonymous.
For deepweb I suggest a telescope
shenanigans
S 7 or NOTE 7?
Only the models with thermite batteries.
Just remember to carry a sharp heavy rock to initiate the self destruct sequence.
Last night, my computer and Slashdot combined to throw away a 4 hour description on how to maintain anonymity when under omnipresent surveillance. That was frustrating. But, after a night's sleep and some reflection, I think it was for the best. The required skills and commitment are almost superhuman. Today, US citizens can expect little privacy in their purchases, travel, interpersonal communication or internet activity. We need better answers that will help everybody. If we train ourselves to defeat the current generation of surveillance and discovery, we will be faced with even more intrusive measures. We need to change the game in fundamental ways.
The initial problem seems to be that we don't trust each other or government. The cause of that distrust seems to be that we all keep secrets from each other. But, when you look at the cause of the secrets, you find that we have created incentives for secrecy and distrust. In our current laws and culture we benefit from keeping secrets from each other and from the government. Our government benefits from keeping secrets from us. We all have created an economy of discovering and exploiting each other's secrets. Thus, we have created incentives that motivate secrecy, deceit, surveillance, and betrayal. This is not a good way to live.
It seems like we aren't valuing privacy enough. But, I think it is just the opposite. We value privacy enough spend resources to penetrate, subvert, and deny it. The answer isn't to increase the value of anonymity. That will just increase the incentive to destroy privacy. We somehow need to regain privacy and anonymity by devaluing the secrets. We also need to increase the value of trust, while we increase the cost of betrayed trust.
I can see how to accomplish this at the local level. If I am more open, honest and involved with my friends, family and community, then we increase in trust towards each other and know each other's secrets. At that point, our secrets have no value and there is everything to lose and nothing to gain from surveillance, deceit, or betrayal.
I've got no idea how the fix my broken relationship with the highest levels of government.
Local government is small and well behaved. I know them and they know me. We have no meaningful secrets. We have years of mutual support and trust.
I have no problem with telling my next door neighbor, the-city-councilman all the details of my life. We have lived next to each other for almost 4 decades. We have raised each other's children. I know several good policemen and women. I know a good FBI agent. But, somewhere at the top, it all goes sour.
The Feds seem to get great benefit from lying to me, and betraying my trust. I don't know how to make it stop. The CPI (Consumer Price Index) is a bad, blatant lie. I can't imagine why they feel they need to lie about things that are intimate knowledge to every American. It's embarrassing. And the lie damages almost every American. The published employment rates don't pass any kind of simple fact checking. We all nodded along for decades while the Feds inflated the dangers of marijuana. And, now that it is all revealed as an colossal fabrication, they refuse to admit error or correct the damage. All for no obvious reason. The Feds can't admit mistake. The Feds can't correct mistake. And, it appears that they can't tell fact from wild delusion. With that history, I can't stand the idea of giving them more power over me.
And the Feds keep trying to pass their bad habits to my state and local governments.
"And load an add-on that allows you to change the other browser fingerprint stuff."
how do you keep the browser from blabbing about its addons?
"Or have an external hard drive instead of a DVD (never plug it in while running the normal OS)."
what about the possibility that something mounts and writes changes to your normal os while you are running your live dvd. I have actually seen an exploit that seemed to use flash to search for another harddrive on my computer (guess i shouldnt have watched that nuke protest vid on youtube)
Heard a story about a guy accessing facebook through tor using tails. He was having an innocent conversation about making a potroast using onion soup when something took control of the messaging window and scrolled through the whole conversation history between the two people.
Seriously? If you are asking this then you haven't done much research. If you want to post bad things about people then don't do it from home and used a computer that can't be unencrypted. If you want to become a darkweb drug lord then buy a laptop at a second hand store, install TAILS on a USB drive and throw out the HD on the laptop you borrowed. NEVER turn on your new laptop within 100 miles of your home. ONLY connect to wifi that is free and change your MAC address every few days. Never use the same WiFi twice. Never use persistence. Never use the same screen name twice.
In other words, if you have to use it like this then how useful is it really?
I think he means the Galaxy Tab 7. It came out in 2010 and you can pick those up for cheap money and burn it when you are done with it.
It's a sandbox browser & VPN service for windows that makes all your browsing anonymous.
Once the features are fully fleshed out on Android, the goal is to develop a version for iOS, macOS, Windows, and Linux (probably based on the KDE framework). But right now it is only available for Android and Chrome OS.
Use someone else's computer - preferably the friend of a friend of a friend.
The Hardest Part isn't the routing or means of connection, it's the OS and Browser itself you choose to use.
What you need to do, is find an OS and a Browser you can use *with the default settings unchanged*. Making Configuration or Preference adjustment paints you with an identifiable combination of unique settings visible to the web itself as you surf.
I think this can quickly go defeatist if you try to be completely watertight.
Trying only to maintain some privacy enough to get cheaper flight tickets, less spam and less echo chamber circle jerking might be more reasonable than trying to beat the NSA.
I really think there ought to be a turn-key solution with all of the low impact stuff already enabled.
For example:
- cookies and cross site data (i.e. tracking pixels) to be permitted cross site only if approved... but always approved if on the same domain. Wipe pixels periodically
- cycle VPN access reliably and always within the same country
- locally run DNSCRYPT
The hassle in privacy IMHO is that the tech is too varied in what it can do. The usability isn't there. i.e Noscript is useful but it's hassle to use. The thing is, it should be hassle to use in a very secure way, but there should be more moderate ways to use it which is less work.
A blog I run for the wealth
15 minutes Facebooking, is that per lifetime, because if so, it seems like rather a lot. Perhaps it would a an acceptable amount if you divide that time across the planets population.