I’m going to show you how you can remain anonymous online and protect information and communications. We have already gone through the purchase of a computer and its setup as well as establishing a virtual private network (VPN) and virtual machines. Now, let’s continue on our journey for online anonymity.
Don’t forget to have your VPN up and running as you continue to setup your virtual machine (VM). Now, download and install Firefox from mozilla.org. Open the Options and go to Privacy and Security. Under History, set it to Never remember history, and restart the browser. You’ll probably be prompted to set a default browser; instead, change it from Microsoft Edge to Firefox.
Go back to Options and Privacy and then uncheck Remember logins, address bar suggestions browsing history, bookmarks, and open tabs. Under Tracking Protection, select Always for both “block known trackers” and “send do not track signal”. For Firefox data collection and use, you should uncheck “Allow Firefox to Send Technical Data to Mozilla”.
DuckDuckGo, Default Search Engine
Now go to the search tab in the options window and change your default search engine to duckduckgo. Install the add-on NoScript for Firefox. Now you can use the same VPN testing sites, plus a few others under Browser Privacy to test your settings. If everything is working well, there should be very little identifying information, like your ISP and browser settings.
You can shutdown the VM and take another snapshot; I would name this “Stage1”. This would be an excellent way to work on your bank account, mortgage, and other information that you want to protect. After you are done with each use, revert it back to Stage1.
This way you have a secure VM and browser every time you want to work on important stuff that you want to keep secure. If you want to search the Internet for information that you would be embarrassed about being tracked to you, like “funny kittens”, this would also be a good way to do it.
Bookmarks, Snapshot, Stage2
You can take it a step further by creating bookmarks for your bank account and related information. Then create another snapshot and call it stage2. Then revert to stage2 for bank stuff, and stage1 for kitten searches. This is probably 99% unnecessary, but I said it’s for the paranoid.
Next we’re going to run Tails. Open Virtual Box, then select New, and name the VM Tails. Select Linux from Type and Ubuntu for the Version. Set it to 2048 for memory, unless you know you need more or less. Select “Do not add a virtual hard disk.” Then select Create. (Yes, you know it doesn’t have a hard disk.) Select the newly added VM and select settings. Then select Storage. Select Empty under the controller. Then click the disk image beside Optical Drive, and choose optical disk file. Browse to where you downloaded tails, and you can now start the VM. Select your language, and then click Start Tails.
You’ll get some notifications. The important one says you can browse the Internet. Go to Applications and then Tor Browser. Now browse to some of the sites to check your VPN and browser settings. You should not see your local ISP or ip address. It should even be different from your VPN, because you are now using TOR.
This is for secure browsing to all of those questionable kitten sites you don’t even want on your other virtual machine. The way this is setup, you are running from a ISO, an image of a CD/DVD. Nothing will be saved. However, this comes at a cost. TOR is pretty slow, since your traffic is being routed all over the globe. This is also how you access the “dark web”, but that is another post for another article.
To stay protected while using Tails, you need to ensure you have the latest ISO. I would check once a month, as a balance between security and the time it takes to download a new ISO.
Create New Email Using ProtonMail
With these two options, you probably need to do some online correspondence. However, if you use any of your existing accounts, they could associate you with your new setup. So I would recommend you create a new email using ProtonMail. Their servers are in Switzerland, which gives them some pretty good privacy protections. Additionally, the service was created with privacy in mind.
Creating New Accounts
When creating new accounts that you want to distance from your existing accounts, use a different name. If your email is johnsmith74@gmail and you create a new one of johnsmith74@protonmail, then it isn’t much of a leap to assume they are the same person. Some suggestions would be to create a randomly generated one. For this, you can google for services that will give you random usernames. You could also create a unique one for each thing you are corresponding about. For example kittenlover, survivingsurvivor, gunnut, et cetera.
Now, let’s say you create seven different emails. You’ll want seven different but good passwords. Maybe you decide you can’t remember all of them, because you only use them once a month. Back on your Windows VM let’s install 7zip, download the 64bit version, and install it. Then we’ll create a notepad document on the desktop and call it stuff.txt. You could call it passwords.txt or something similar, but that is exactly what an attacker would be looking for if they somehow got access to your system. In there, document all of the passwords you want to save. I would recommend that you don’t associate them with accounts. That would make an attacker’s job much easier. Just have a list of passwords line by line. Now save the file and close it. Right click on the file and select 7-zip, then add to archive. Once again, name the zip file something that isn’t too descriptive. I would recommend desktop.zip and then give the file a password that is different from your other passwords, but you have to remember this one.
Now download and install Eraser. You’ll use this to securely delete any files you don’t want to leave remnants of. Right click on your text file, select Eraser, and then erase. Now, whenever you need to remember a password, just open your zip file with your passwords. You can also now ensure files that you delete are actually deleted. You might want to create a new snapshot of the VM, naming it Stage3, for example. When you want to email someone now with your secure accounts, restore that VM and use it.
A Few Other Privacy Notes
Let me share a few other privacy notes. You probably don’t want to be checking your emails from Tails using TOR. If you don’t have an option to use a VPN and have privacy concerns with your Internet access, then it will work and might be better than nothing. If this is the case, be sure you are using a provider that provides encryption with https; proton mail would probably be the best. While using TOR, it is possible to deanonymize you. I would recommend you do your research into TOR, if you determine that you might be at risk for a nation, state, or someone with deep pockets to be looking for you. If this is the case, you should probably at least get a free VPN provider, and then connect to TOR through the VPN. It is also possible to add one more layer with VPN > TOR > VPN, if you master the techniques and concepts described here. Then you can research doing this, if you feel it is necessary.
SurvivalBlog Writing Contest
This has been another entry for Round 76 of the SurvivalBlog non-fiction writing contest. The nearly $11,000 worth of prizes for this round include:
- A $3000 gift certificate towards a Sol-Ark Solar Generator from Veteran owned Portable Solar LLC. The only EMP Hardened Solar Generator System available to the public.
- A Gunsite Academy Three Day Course Certificate. This can be used for any one, two, or three day course (a $1,095 value),
- A course certificate from onPoint Tactical for the prize winner’s choice of three-day civilian courses, excluding those restricted for military or government teams. Three day onPoint courses normally cost $795,
- DRD Tactical is providing a 5.56 NATO QD Billet upper. These have hammer forged, chrome-lined barrels and a hard case, to go with your own AR lower. It will allow any standard AR-type rifle to have a quick change barrel. This can be assembled in less than one minute without the use of any tools. It also provides a compact carry capability in a hard case or in 3-day pack (an $1,100 value),
- Two cases of Mountain House freeze-dried assorted entrees in #10 cans, courtesy of Ready Made Resources (a $350 value),
- A $250 gift certificate good for any product from Sunflower Ammo,
- Two cases of Meals, Ready to Eat (MREs), courtesy of CampingSurvival.com (a $180 value), and
- American Gunsmithing Institute (AGI) is providing a $300 certificate good towards any of their DVD training courses.
- A Model 175 Series Solar Generator provided by Quantum Harvest LLC (a $439 value),
- A Glock form factor SIRT laser training pistol and a SIRT AR-15/M4 Laser Training Bolt, courtesy of Next Level Training, which have a combined retail value of $589,
- A gift certificate for any two or three-day class from Max Velocity Tactical (a $600 value),
- A transferable certificate for a two-day Ultimate Bug Out Course from Florida Firearms Training (a $400 value),
- A Three-Day Deluxe Emergency Kit from Emergency Essentials (a $190 value),
- A $200 gift certificate good towards any books published by PrepperPress.com,
- RepackBox is providing a $300 gift certificate to their site.
- A Royal Berkey water filter, courtesy of Directive 21 (a $275 value),
- A large handmade clothes drying rack, a washboard, and a Homesteading for Beginners DVD, all courtesy of The Homestead Store, with a combined value of $206,
- Expanded sets of both washable feminine pads and liners, donated by Naturally Cozy (a $185 retail value),
- Two Super Survival Pack seed collections, a $150 value, courtesy of Seed for Security, LLC,
- Mayflower Trading is donating a $200 gift certificate for homesteading appliances, and
- Two 1,000-foot spools of full mil-spec U.S.-made 750 paracord (in-stock colors only) from www.TOUGHGRID.com (a $240 value).
Round 76 ends on May 31st, so get busy writing and e-mail us your entry. Remember that there is a 1,500-word minimum, and that articles on practical “how to” skills for survival have an advantage in the judging.
This is an interesting article, even though I am not a computer geek. I have at least heard of many of the tools the author suggests in this article. One question that came up is, what happens if all these steps are taken and the user then uses Google maps, for example? Are the multiple levels of security then rendered ineffective? To this question, in the section “Creating New Accounts”, the author writes, ” For this, you can google for services that will give you random usernames”. Did the author intend this to mean “search for services…..” or did he actually mean “use Google to search”?
Great info. Now. I think the reality is that the snooping has been in process from the very earliest days of personal computers and that our right to privacy was compromised long ago. In my opinion all this amounts to is closing the gate after the cows have left the pasture. All it will really accomplish is drawing more attention to ourselves when a long-established trail goes dark. I am careful, and try to be secure, but come on! I refuse to live in fear, and if I get scooped up for reading articles and posts then I’ll be in company in whatever ditch I end up in.
I’ll be in – GOOD – company in whatever ditch I end up in.
Why Windows rather than Linux?
Windows, Linux, or what ever other OS, doesn’t matter anymore. The expectation of Privacy is Moot.
If you haven’t noticed what has transpired in just the past 10 years, then you are as blind as a bat.
lol actually most bats not all have pretty good eyesight.
Does anyone know anything about hushmail?
Claims to use PGP-encrypted e-mail, and, “If public encryption keys are available to both recipient and sender, Hushmail can convey authenticated, encrypted messages in both directions”
Its based in Canada… nothing against my Canadian brothers, but I wonder about Five eyes/PRISM surveillance sharing agreements.
found this regarding Hushmail privacy (note this info is about 6 years old):
“To quote from an article in The Register:
Hushmail has updated its terms of service to clarify that encrypted emails sent through the service can still be turned over to law enforcement officials, providing they obtain a court order in Canada.
September court documents from a US federal prosecution of alleged steroid dealers reveals that Hush Communications turned over 12 CDs involving emails on three targeted Hushmail accounts, in compliance of court orders made through the mutual assistance treaty between the US and Canada. Hushmail is widely used by privacy advocates and the security-conscious to send confidential emails.
Hush Communications, the firm behind Hushmail, previously claimed “not even a Hushmail employee with access to our servers can read your encrypted email”.
However an updated explanation states that it is obliged to do everything in its power to comply with court orders against specified, targeted accounts. Unlocking targeted accounts involves sending a rogue Java applet to targeted users that captures a user’s passphrase and sends it back to Hush Communications. This information, when passed onto law enforcement officials, allows access to stored emails and subsequent correspondence sent through the service.
The possibility that law enforcement officials can tap targeted accounts exists whether or not Hushmail users use the supposedly more secure Java applet option or a simpler web server encryption set-up. The updated terms of service explain:
“Hushmail is a web-based service, the software that performs the encryption either resides on or is delivered by our servers. That means that there is no guarantee that we will not be compelled, under a court order issued by the Supreme Court of British Columbia, Canada, to treat a user named in a court order differently, and compromise that user’s privacy.”
Where to start? Well, the START button – Windows 10 will listen to everything you say (Cortana), track your location (location services), rember your network information …
I use Windows 7 and it takes me over an hour to defang it. It would take me over a day to remove all the “phone home and tattle” in windows 10.
DO NOT USE TAILS IN A VM, BOOT FROM THE CD DIRECTLY.
I can’t emphasize this enough. Windows 10 tracks you as badly as Google and Facebook. You might use a VPN, but DNS lookups and other things are still tracked by Win 10, and can be passed to the VM.
ProtonMail is good provided:
1. You use 2 factor authentication.
2. Only communicate with another protonmail user.
3. Do so in a verified secure browser and environment (TAILS).
4. You do NOT give them your password so they have no way of recovering it or your encrypted data.
You can use PGP (GPG) to sign and send mail to verify it is the same identity since only you should be able to access your private key (sans spoofing, so it isn’t trivial)
Eraser will NOT work on SSDs. It can burn them, but not erase them. That would require something special (TRIM). The way SSDs work is they copy data to new blocks when modified and only erase when needed, but the old blocks still have the data. Even hard drives will find sectors that go bad but where 99% of the info is recoverable but mark them bad and map a “spare”. But that data in the “bad” sector isn’t erased. Nor are earlier copies of files, e.g. copy X.doc to Y.doc, delete X.doc, the contents of X.doc is still on disk, so you would have to scrub the “unallocated area”.
I know the intentions are good, and some of the tips are reasonable, but others are not and will result in something you think is secure but isn’t. Like a lock that breaks or is easily picked, or if you buy “insurance” but when you file a claim only then you find it is a fraud.
(I’m trying to write something on simple tech tip security and other tips for the contest, but it keeps expanding and I already have enough material for a weekly or twice weekly article until the end of the year).