ZeroPaid.com » firefox

How to Master Email Encryption

Hannah — Thu, 09 Feb 2012 17:10:50 +0000

Keep your personal data safe by taking the time to encrypt your emails.

With the government threatening to do all kinds of things to the internet, and stories about email and phone hacking surfacing all over the world, there’s never been a better time to start protecting your online privacy. Email encryption is one way of keeping your personal data safe. Encryption services or third-party software encrypt emails by making them unreadable to anyone other than the intended recipient. When you encrypt your email, you have a public key (usually a mixture of numbers and letters) that others can use to send you encrypted email, and a private key, which you then use to decode the email. When sending encrypted email to someone else, you need to know their public key in order to keep the email secure. You can either get this from them personally, or find it by searching the online key servers. Encrypted email isn’t widely used outside of sensitive situations - such as political or business dealings - however, it can help protect your personal and financial information from prying eyes. Below are some of the tools you can use to encrypt your email and protect your personal privacy. Hushmail Hushmail is a stand-alone email service that enables users to send and receive encrypted emails through their Hushmail address. If you are new to the concept of encryption or aren’t very tech-savvy, Hushmail does all the leg work for you: once you’ve set up a Hushmail account, all you have to do is remember your passphrase. Enigmail (Thunderbird) Enigmail is a plug-in for Mozilla’s Thunderbird email application. Once you’ve downloaded the extension, create your public and private keys, and a passphrase. You can also generate a revocation certificate, which invalidates your public key in the event that your private key is compromised. Gmail Encrypt (Firefox) The Gmail Encrypt extension for Firefox only works with Gmail accounts, and you need to install Greasemonkey before you can use it. Once installed, the extension works in a similar way to Enigmail: you create public and private keys, as well as your own passphrase to access the Gmail Encrypt service. GPG (Apple Mail) This open-source plugin for Apple Mail encrypts, signs and verifies emails sent and received through the Apple Mail client. The plugin is compatible with Lion and has an integrated update mechanism, which means you automatically receive GPG updates using Apple’s software update system. GnuPG and PGP GnuPG and PGP are two types of software you can download onto your hard drive. After installing the software on your computer, you can use it to create keys and encrypt messages sent through certain email clients. Email encryption only works with the computer on which you have installed the encryption software, add-on or plug-in. If someone sends you an encrypted message through Gmail and you try to read it on your phone or another device, you won’t be able to decode it. Although it’s not impossible to decode an encrypted email, using this service will help secure your personal information. To make your email encryption as fool-proof as possible, always check the recipient’s public key before sending - if you get the key wrong, the information inside the email could end up in the wrong hands. Some encryption services don’t encrypt the subject line so include sensitive information only in the body of the email. hannah@zeropaid.com

Guide: How to Enhance Your Web Privacy with NoScript

Drew Wilson — Sat, 27 Aug 2011 21:06:46 +0000

Privacy while surfing can be serious business for a number of web surfers. Some use a number of tools like NoScript to block unwanted scripts on websites they visit. This can help stop websites from tracking who that user is that visit that webpage, thus enhancing their privacy. This guide will show you how to download, install and use NoScript.

Before we start with the guide, we should offer a reason why someone would use something like NoScript. Many websites these days employ different tracking techniques. These website tracking techniques can tell the web owner a number of things about its users. The bits of information that can be obtained include type of web browser, country of origin, ISP, operating system, screen resolution, age, gender, marital status, type and level of education, which site you came from, which webpage you left on on the website and sometimes even the webpage you went to to name a number of these examples. I'm not entirely sure how some of these statistics are gathered, but such statistics can be made available by sites like Alexa which can give you a sense of what the traffic is like for a number of websites. On the other hand, usually, website owners track data on a more cumulative level. This means that, sure, it can detect you are from country 'X', but all the web owner typically sees is, 'X' number of users from from country 'X' Unless you are doing something that warrants individual attention, a website owner probably won't care about web hits on an individual basis. Even when you warrant their attention on a moderation level, chances are, it's a case of seeing a particular users IP address more than anything else. Having said all of that, tracking of your internet activity isn't (or, should I say, shouldn't be) compulsory when you've done nothing wrong. In a way, using NoScript can be your way of saying, "Hey, count me out of your statistics gathering". If you want to be one of those individuals that would rather opt out of being tracked using NoScript, then read on. For this guide to work, you need to be using the internet web browser FireFox. Step 1: Download NoScript As with many FireFox plug-ins, downloading and installing this plug-in is very straight forward. First, you need to the NoScript website. Under the NoScript logo, there's a green button that says "Download". Click on that button. When you do click on that link, you'll see a little pop-up message asking you if you really want to install NoScript. Since we want this plug-in, click on "Allow" Step 2: Install NoScript After you've allowed this plug-in to download, you'll get a pop-up window that asks you if you want to install this. Since we know this is not a malicious plug-in, we can go ahead and click on "Install Now" Step 3: Restart FireFox As with most other plug-ins we've encountered, you must restart FireFox for the installation to be completed. If you are ready, just click on "Restart Now" in the little notification window. Step 4: Test NoScript When your browser restarts, you should see one or two things. The first is that NoScript appears right next to your address bar as shown below: If you are on a website that uses scripts, you should see a bar along the bottom notifying you of any scripts the website you are viewing uses. As a test, we decided to browse to YouTube and see how NoScript behaves out of the box. This was our result: As we can see, there is a total of 24 scripts and no objects are present. By default, some scripts are automatically allowed on YouTube through NoScript. This can easily be changed through the NoScript menu that can be found either by clicking on the NoScript button or, as we demonstrate below, on the "Options..." button on the bar along the bottom of our browser: From this menu, we can easily pick and choose whatever set of scripts we want to allow. We can allow all scripts, block all scripts or allow and block different scripts. The thing to remember is that some scripts are needed to run many parts of a website. So, blocking all scripts may result in you not being able to view a website properly. Blocking and allowing scripts is more of something you have to feel your way through. You can block scripts that exists in the website itself and see how the website functions without it and then unblock it afterwards if you suddenly are unable to use a website in whatever fashion you choose. Experiment around with it is my best advice. Final Thoughts I think NoScript is a nice plug-in because it can tell you more about a website then you would just by loading it without any extra plug-ins. Sure, some websites seem simple, but then you can find out that a simple website can have two dozen scripts running in the background. It is also an added layer of security. While a light layer of security, it's better than nothing at all I think. Some malicious websites might use scripts to do a lot of nasty things to its users. I'm sure someone immersed in the field of back-end web coding would say it's entirely possible to create a whole variety of nasty stuff with scripts. NoScript can block websites that use malicious scripts which is a nice bonus. Overall, I think it's a nice thing to add to your plug-in collection.

Adblock Video for Firefox Blocks Video Player Ads

Jared Moya — Mon, 22 Aug 2011 06:26:11 +0000

Firefox add-on blocks annoying ads on popular video streaming sites like Hulu, CBS, ABC, NBC, Fox, and more.

Internet users have long had browser add-ons like Adblock Plus to block annoying ads, but up until now video player ads have been left unscathed. Enter AdBlock Video, the Firefox add-on that block video player ads on popular video streaming sites like Hulu, CBS, ABC, NBC, Fox, and more. The developers of the AdBlock Video emphasize that it "Blocks repetitive and annoying ads, allowing you to enjoy your favorite shows without unnecessary interruptions!" Anybody who's ever used Hulu, for example, has to have been annoyed with the "limited commercial interruptions" that last 30 seconds at a time. It may not sound like much in the scheme of things, but it is when you're forced to listen to listen about the wonders of a brand of soap, or how a particular brand of coffee will allegedly change your life. I just wish Adblock Video was out for Chrome. Stay tuned. jared@zeropaid.com _____________________________

8 Technical Methods That Make the PROTECT IP Act Useless

Drew Wilson — Sun, 07 Aug 2011 11:04:49 +0000

We've been running a series of guides that show just how easy it is to bi-pass general DNS censorship. It's general DNS censorship that has been proposed in the PROTECT-IP Act among other things. Rather than simply debate philosophically on why the PROTECT-IP act will do absolutely nothing to deter copyright infringement, we decided to do one better and prove it instead.

Hiding your IP address, using a proxy, using the onion router and obtaining an IP address to a website so you won't have to rely on a public DNS server - these seem like a very intimidating tasks for the unprepared. To be honest, when I first chose to try and figure these out, it seemed intimidating even to me - especially given that I don't really even make use of proxy servers (or do any of the above for that matter). So really, I felt that I could relate to a number of moderately informed users on these topics. Certainly, being able to remain anonymous online is something that can benefit many people - especially those who are marginalized by their own government in various ways - but I personally never felt that motivated to use any tools as it seemed to be an unnecessary layer of security when I simply browse news articles and listen to Creative Commons music among other things. So, a vast majority of the guides I've written over the last few weeks have been quite a learning experience to me. The PROTECT-IP act has given me motivation to figure out how all of these methods work mainly due to the arbitrary nature of it all. If Hollywood doesn't like that fan edit of a short clip, they can make that whole website disappear. If the RIAA thinks that a site like SoundClick doesn't need to be seen by anyone else, they can erase easy access to that site almost with the snap of their fingers. So, how does the PROTECT-IP act work? Just look at the following from Wikipedia's entry:

The Protect IP Act says that an "information location tool shall take technically feasible and reasonable measures, as expeditiously as possible, to remove or disable access to the Internet site associated with the domain name set forth in the order". In addition, it must delete all hyperlinks to the offending "Internet site".
At a technical level domain name servers would be ordered to blacklist the suspected websites. Although the websites would remain reachable by IP address, links directing to them would be broken.[9] Also search engines—such as the already protesting Google—would be ordered to remove links in their index of the web of an allegedly infringing website. Furthermore, copyright holders themselves would be able to apply for court injunctions to have sites' domains blacklisted.

To me, the scarier part is the fact that DNS servers would be affected by this. Forget search engines censoring websites based on copyright complaints, that has been happening for years through the DMCA. What I was more concerned about was the DNS servers because it would affect every internet user that uses that given server. So really, the taller order was figuring out how to make DNS censorship useless. What struck me when writing these guides was just how easy some of these methods really were. In some instances, the only way to make defeating such censorship easier is to have a really big red button on the side of your computer that you can press to make DNS censorship go away. As such, I am convinced, at this point, that the PROTECT-IP Act will do absolutely nothing to curb copyright infringement. Sure, it'll hamper free speech, sure it's probably unconstitutional, sure it is politically unsound, sure it'll probably hurt small and medium business, sure it's probably anti-competitive, sure it'll probably cause some security headaches, but stopping copyright infringement? Not by a long shot. Not with such methods I found that would be useful in circumventing such censorship anyway. So, without further ado, the list including pros and cons of each (each method links to a corresponding guide we wrote):

1. Using a VPN Service

Quick Explanation: A security tunnel that protects your data as it travels from your computer to the VPN server before letting it out on to the internet. As long as that VPN service is outside the United States, it'll be very difficult to stop users using such services to circumvent DNS censorship. Pros: Very good security benefits. For the most part, it's reliable. Plenty of technical support to go around depending on which VPN service you choose. Access pretty much everything on the internet. Very good for privacy. Cons: Costs money. May include bandwidth caps. Reliability of service isn't consistent for every VPN service (though frontrunners are generally easier to spot in terms of reliability). Reportedly, you may need to install software you aren't completely familiar with (depends on which service is being used).

2. Using Your HOSTs File

Quick Explanation: For most users, there is actually a hosts file on their computer that can be used to connect domain name to server IP address without the use of a public DNS server. If a website is censored through a DNS server, one can simply use the HOSTs file so that a public DNS server isn't even used in the first place. You just type in the domain name in your URL and the website would still appear. Pros: Completely removes the need to use a public DNS server when accessing specific websites. Prevents links from breaking due to DNS censorship. Enables you to have greater power over how you view webpages. No installation or downloading of software. Cons: Requires maintenance. Not always easy to find in your system (solved by our guide). May raise security issues on a LAN with multiple users (difficult to see how in a number of cases since one can use the HOSTs file to increase security for others). Side benefit of having an effective way of blocking ads on the web (hint: Use 127.0.0.1 for domains that deliver ads). You also need to find accurate IP addresses in the first place (solved by two other guides we have in this list.

3. Using TOR

Quick Explanation: TOR is more or less a network of proxies. One person accesses a proxy and that proxy forwards that access to another proxy, trying to erase the users tracks. That proxy sends that stream to another proxy and the stream keeps going through these steps until it finally reaches what is known as an "exit-node". That exit node then accesses the internet on the users behalf and acts as an intermediary in the process. As long as that exit node exists outside of the US, there is a very good chance that it won't be affected by DNS censorship imposed by the ISPs onto their DNS servers. Pros: Added bonus of a very secure source of anonymity (not 100% chance of anonymity of course, but close enough). An interesting way of seeing the internet through the eyes of someone not in your country. Cons: You might not be able to get everything your want from the internet through this network (there may be way of making things not break through this, but it isn't without the risk of compromised security). Requires downloading content to run (though installation is minimal)

4. Using a Web DNS Tool

Quick Explanation Just by using publicly available DNS look-up tools, one can easily obtain server IP addresses for later use. If a domain is censored, one can simply replace the domain name part of the URL with the IP address and still access the website. Pros: Potentially obtain multiple IP addresses for later use. Free. Obtain the addresses once and you don't have to worry about losing access to the site for as long as the server IP address remains the same. Cons: Preferably, the IP addresses must be obtained before the site is actually censored (there may be a brief window between when the domain is censored and when DNS records are updated, but there's no telling how long that window is for sure). If the website obtains a new server and changes all of its IP addresses and you don't have the new addresses, then you could lose the ability to use the website. There's no guarantee this will always be an option should ISPs start blocking IP addresses as well.

5. Changing Your DNS Server

Quick Explanation: Since we are talking about censoring DNS servers in the US, one can always just use a DNS server over seas (like ones used by ISPs overseas). By changing a your DNS server, you are no longer relying on a server that could be censored by the US government and/or corporate interests. Pros: No installation or downloading of additional software (everything you need should be on your computer already). Just a few menu clicks away. Can always be changed again at a later time without too much hassle. Cons: Can be a security risk to your computer if not done properly. Difficult to obtain DNS server IP addresses that will guaranteed be available for the foreseeable future. No guarantee that ISPs won't start blocking this type of activity.

6. Using Command Prompt

Quick Explanation: In Windows at least, one can simply open up command prompt (explained in tutorial) and simply type in "ping [insert domain name here]" and obtain a server IP address for later use. Pros: No installation or downloading of any software (use what you already have on your computer). Probably the fastest way to shield yourself from censorship. Only one command is technically necessary before you get what you are after. Cons: Obtaining this information through command prompt must be done before the domain is censored. Only one IP address can be obtained this way. If the website changes IP address for their server, you'll lose access to the site unless you have the new one as well.

7. Using Foxy Proxy

Quick Explanation: It's a simple plug-in for FireFox you can download and install. After getting a nice list of simple proxies that preside outside of the US, you have a better chance at accessing the website that has been censored by the US government and/or corporate interests. Pros: Easy to install. Being able to access censored websites can merely be a click away. A fast fix with minimal effort if you have access to a decent size list of proxies (provided in guide). Cons: Reliability is no guarantee. Based on the technological aspect of this method, it's not that secure since you are relying on one proxy. Not able to use this method for all kinds of web traffic. Confined to FireFox.

8. Using MAFIAAFire

Quick Explanation: A simple plug-in for FireFox (or Chrome) you can download and install. If a website has had it's domain seized, then you can be redirected to an alternate domain and still access the website. Pros: Easy to install. Is maintained for you through updates. Cons: Uses DNS servers that can be censored. Depends on there being an alternative domain name being used in the first place for access (if an alternate domain doesn't exist, then the site might not be accessible in this fashion). Technically, the site could be censored and block all possible updates as well. Final Thoughts By no means is this list comprehensive in any way. Still, I think some of these methods go way beyond circumventing types of censorship as suggested by the PROTECT-IP act. It'll be interesting to see how some services respond both who support internet censorship and those who are against internet censorship. I have a feeling it will be extremely difficult to stop these already existing methods to defeat DNS censorship. If, say, ISPs find a way to stop all of the above, a combination of some of the above or any enhancements to any of the above, I'll be very impressed. Good luck to the ISPs on stopping this, they are going to need it. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com. Update: Your e-mails are greatly appreciated. Thank you everyone for the supporting notes!

Guide: How to Defeat US DNS Censorship (Using Foxy Proxy)

Drew Wilson — Tue, 02 Aug 2011 16:59:59 +0000

Our guide series continues with another FireFox plug-in called "Foxy Proxy". It's a bit like Tor only you are not connected to a huge network of proxies, but rather, using a single proxy to access the internet. While arguably less secure than using Tor, for using it simply to bi-pass DNS censorship (or even using it to bi-pass geo-blocked websites for that matter), it can be sufficient enough to accomplish simple browsing tasks.

It's entirely possible that you've seen the odd conversation here or there online that had someone say, "Oh, you can just use a proxy for that." Don't think you are alone if you felt that it seems easier said than done because you don't know where to begin. Don't worry, this guide should show you one way of connecting to a simple proxy. Using a vanilla proxy can do a few things. One thing is to defeat DNS censorship as suggested in the PROTECT-IP Act. The other is accessing a geo-blocked website. The only difference is that if it's a censorship thing, simply access a proxy outside of your country. If it's a geoblocked website, then simply find a proxy within a country that is allowed on that particular website. That's really the only difference. Don't worry, just read on if all this sounds confusing. This guide should cover it all. This guide presumes you are using FireFox. Foxy Proxy for other browsers is apparently in the works, but it appears to be only for FireFox at this time. Step 1: Download and install Foxy Proxy Since Foxy Proxy is a plug-in for FireFox, this should really be the easy part. Go to the plug-in download page. Click on "Continue to Download". On the next page, click on "Add to FireFox" You'll likely get the following pop-up window: Click on "Install Now" when the button allows you to. Once it's installed, you'll get the following pop-up: Clicking on "Restart Now" will restart your browser. Step 2: Find a Proxy Unlike Tor, you actually have to track down some proxies to use manually. Right now, you should be behind no proxy at the moment when FireFox restarts. Your Foxy Proxy plug-in should be found to the right of the URL (left of the Google search bar) It's the little blue fox icon: Right click on the blue fox and click on "Options" What you'll get is the following screen: The default proxy is merely you. You aren't really behind any kind of proxy at all. The next part is finding a proxy. There's to routs one can go here - either using a paid service (generally more reliable) or a free service (more convenient). Paid proxies can be found on the Foxy Proxy website. For testing purposes so we have an idea of what we are getting in to, we'll use a free one for now. So, we'll refer to a free proxy list found on Samair. On the website, we see lots of different IP addresses. There's really three pieces of information that you really need (two pieces are essential). You need the server IP address, the port and, optionally, the country it originates from. Let's, for example, select an Australian proxy. This is what we are looking at: I've underlined the two different parts of the numbers we want. The number being provided is "203.122.223.237:80". Note the colon sign towards the end of the number. The numbers before the colon is the proxy IP address. The number after the colon is the port number. I've also circled the fact that this is an Australian proxy. Just keep that part in the back of your mind for now. Step 3: Put the Proxy Details into Foxy Proxy Now that we have the IP address and port, we can start putting in the proxy details into Foxy Proxy. In the Foxy Proxy settings we opened up earlier, click on the "Add New Proxy" button: In the new window, click on the "General" tab. Once in that tab, you can click on the text box next to the "Proxy Name" and name the proxy. I think it's helpful to name them after the countries they come from. I was unoriginal and named it, "Australian Test Proxy". Towards the bottom of the window, you can modify the color you want to use for this proxy. Not only will it modify the color box in the proxy list in the preferences, but it will also modify the font color in the Foxy Proxy menu when you click on the blue fox icon in your browser. Since yellow, blue and red are already in use, I've decided to use green instead. Alternatively, you can just input the hex number of the color you want if you don't want to use the color picker. Ultimately, this is just a personal preference thing for what you want to see. Now, click on the "Proxy Details" tab. Next to the "Host or IP Address", type in the IP address for the proxy you've decided to use. In our example, it's simply "203.122.223.237". Now, next to "Port", put in the port number. In our case, it was merely "80". To avoid typo's, just use copy and paste to make things easier. That should be it. Now click on OK. You'll get a new dialogue box. Just click on "OK" In the remaining options menu. You'll probably notice the new proxy in the list. Just note that if you think you got something wrong with the settings, you can always go back to this window, click on that particular proxy and click on "Edit Selection" to change anything. If you're happy with your proxy, just click on "Close" Step 4: Test the Proxy Since we are using a free proxy, it makes sense to test it, right? Open a new tab in FireFox and type in the address bar, "http://www.google.com". You should be directed to the plain old Google you are use to in your own country. Now, right click on the little blue fox and click on your test proxy (this should make the Foxy Proxy icon spin around in circles) Now, using your test Google tab, re-type in "http://www.google.com" in the address bar and hit enter. The Google page that comes up should reflect what country the proxy you use originates from. Just remember, we are using public proxies. Not all will be reliable and some may be slow. You can always use a different proxy as well. Not all public proxies are reliable. Not all commercial proxies are perfect either. If you use a commercial proxy, shop around and look for user reviews to get a better idea of how good the service is. Some Final Thoughts Ultimately speaking, you are relying on someone else to cover your tracks and hide your identity. There is no guarantee of safety. Does the owner of that proxy scrub all data? Can the owner of the proxy hand over any evidence against you over to the police? I don't think anyone can say, for certain, "Yes" to the first question and "No" to the second question for all proxies in general. Still, if you want to get around website censorship in a given country or bi-pass geo-blocking for general browsing, then sure, this is probably a sufficient method. If you are expecting complete anonymity, I wouldn't recommend using this particular method for that. While the security aspects might be less than what you would expect for something like Tor, it does allow you to control which proxy you are using more directly. With Tor, it's a bit more like a lottery where you can, more or less, pick a random proxy. With Foxy Proxy, you get to manually select which proxy you want to use and use that proxy whenever you want (so long as the proxy is still running of course) So, really, the question is, do you want something with an aspect of anonymity or something with more direct functionality when it comes to using proxies? Both will defeat general DNS censorship, it's just really a matter of what "flavor" you want. For now, I would say this would be an effective way to defeat general DNS censorship on the ISP level. Further Reading: Foxy Proxy homepage Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Guide: How to Defeat US DNS Censorship (Using Tor)

Drew Wilson — Mon, 01 Aug 2011 20:56:37 +0000

We've been running a series of guides discussing various ways of defeating censorship - particularly US DNS censorship. Previously, our guides covered methods to defeat censorship including command prompt, using a DNS web tool, using a hosts file and, for those sites that merely had their domains seized, using the MAFIAAFire redirector. One question one might ask is, "What if the ISP merely censors the server IP address of a censored website?". Well, there's various ways of circumventing such methods as well - one way is to use a well-known application called Tor.

What would happen if something like the PROTECT IP act goes further and goes beyond messing with a public DNS list? What if they (corporations and governments) compel ISPs to block access to certain IP addresses? Such a method of censorship is actually quite easy to circumvent. There's a number of methods that can bypass something like this and this guide will show you how by using a network called Tor. Tor is sometimes referred to as the union router. While some are content with connecting to one proxy, TOR connects you through multiple proxies to help ensure anonymity. While nothing is 100% secure, using Tor is still a very good way of staying anonymous. The side-benefit to this is that it can get around something like a simple website block imposed by an ISP. Sure, it's entirely possible an end-node will connect through an ISP that might try and censor certain websites, but as soon as you find yourself connected to an exit node outside of the country, it's game over for an ISP trying to simply block a certain IP address. So, a method we used to get Tor working is using FireFox. While installing and using Tor is a little more complex than installing something like MAFIAAFire, it will offer a few benefits including a level of anonymity and security that you wouldn't get by browsing the internet with nothing more than a firewall and a browser. Step 1: Download Tor It's more than downloading a simple plug-in for FireFox. So, first thing we want is the Tor Browser bundle which can be downloaded on the Tor download website. If you're viewing the website and don't know what to download, here's a screenshot of the website (I've highlighted the link that would get the software we are after) Step 2: Extract the Files As the webpage says, this doesn't really even require installation. Once you've downloaded the package, double-click on the file to run the self-extracting archive. In the pop-up screen, click on "Run": In the next window, click on the button with the three dots. You'll see a file tree of the files on your computer. Find a convenient location so you know where to turn on Tor in the future. You get a button that will allow you to create a new folder if you have to, but select the folder you want that new folder to be in before you use that button. When you've selected the folder you want the contents of this package to be in, click on "OK" Now, you'll have the previous window with new content in the text area. This denotes where on the system you'll be extracting your files to. Simple click on the "Extract" button. Step 3: Open Tor Browser Now that you have the Tor browser bundle, you can turn it on and connect to the Tor network. When you browse to the directory you extracted the files to, you should see something like the following: Simply double-click on "Start Tor Browser". It might take a moment for it to connect, but once it does, you'll have access to the Tor network. You'll also have access to this handy window (below) which we will use later (note: if activating this opens a pop-up internet browser window, don't close it because, for some reason, it closes the Vidalia window as well. Simply minimize it) Step 4: Download and Install the TorButton FireFox Plug-in We're almost there. We just need one last component - a FireFox plug-in. Simply go to the Torbutton page of the Tor website. What we want is in one of the first lines of the site. Click on the link that is present in the line that says, "Install Stable: Click to install from this website." Follow the prompts to install the plug-in. When you get the following pop-up, click the restart button to restart the browser: Step 5: Test the Tor Settings If you have installed both the browser bundle and the TorButton successfully, you should see a new button in your browser next to the URL: Now, we want to test to make sure everything installed fine. So, for that, we need to right click on the button and click on "Preferences..." In the new window (typically, the default settings are fine), click on "Test Settings". You will most likely see this window pop up (click on OK): Wait a few moments. It will test what you have. Chances are good that if you have followed this guide all the way up to this point, the test will be successful. The main thing is that you left that "Vidalia Control Panel" window open (the window that you get when you opened up that "Start Tor Browser executable" file from earlier) so that you have Tor functioning in the background. If the test was successful, you'll get the following screen: After you click on "OK", just click on "OK in the preferences screen to get out of it. To start using Tor, right click on the TorButton next to the URL in your browser and click on "Toggle Tor Status" and wait for the red "X" on the onion to go away and the onion to turn green. Congratulations! You are now browsing with Tor! Step 6: Taking Tor Out for a Spin Technically not necessary, but a nice visual demonstration of what an affect browsing with Tor can do. If you have Tor running, open a new tab and type in "http://www.google.com" in your browser (the ".com" part of the URL is the important part) and hit enter. You might be redirected to the same old Google home page as seen in your country. Now, open up/click on the Vidalia window and click on "Use a New Identity" Now, go back to your Google window. Wait a second for Tor to do it's thing. Re-type in "http://www.google.com" (again, the important part is the ".com" part). When the page loads, you should see that the Google webpage has changed to display what Google looks like in a completely different country. Pretty cool, eh? Google is simply detecting what country you are from. When you change to a different proxy or identity, Google assumes you are from a different country based on your IP address and displays their webpage accordingly. That's how others will very likely see you if they attempt to trace you - they will only get whatever the exit node (the last server that is accessing the internet) you happen to be using instead of you. Some Final Thoughts There is one unavoidable drawback to using Tor. It will very likely slow down your connection. Pages will take an extra moment to load because your webpage requests are being routed through multiple servers instead of you accessing the page directly. That will, unfortunately, be a fact of life on the Tor network. How much slower will probably depend on how much the Tor network improves itself. Log-in sessions and certain things like viewing YouTube clips might be more difficult. This is simply a security thing implemented in to Tor to avoid any chance of a user being traced. So, you might find yourself logging in more frequently as well. All-in-all, this is a very good way of defeating any DNS censorship the US (or any other country for that matter) might throw at you. If Tor winds up not being a one tool solution, I have a hard time believing that it can't be a key tool to defeating DNS censorship. If you have any further questions, feel free to consult the Tor Tor FAQ or comment below. Further Reading: Official Tor homepage Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Guide: How to Defeat US DNS Censorship (Using MAFIAAFire)

Drew Wilson — Sun, 31 Jul 2011 23:16:26 +0000

We've been writing a series of guides on how to defeat US DNS censorship - mainly as suggested by the PROTECT IP Act. Those guides were using command prompt, using DNS web tools and using a hosts file. There is one form of DNS censorship that the United States has been known to do, and that's simply seizing domains. So, in this guide, we'll show you an easy way to circumvent the seizing of domains.

We've covered MAFIAAFire before. When the MAFIAAFire redirector was released, we covered that development. When the feds attempted to remove the MAFIAAFire redirector from the Mozilla website and Mozilla refused, we covered this as well. So, for those who are less familiar with a plug-in like the MAFIAAFire redirector, we thought we'd show you how to install and use the MAFIAAFire redirector. What is the MAFIAAFire Redirector? The MAFIAAFire redirector is a web browser plug-in. If a websites domain is seized, the people maintaining the plug-in will try and find websites that are just like the domains that are seized - preferably another domain run by the same people of the original domain. By doing this, the only thing that is technically needed is a new domain once the original is seized. This is because there are two parts to a website - a domain (which points the users to the correct website server) and a server (which contains the website). In this guide, we'll show you how to install this plug-in using Mozilla FireFox (which means this guides assumes you are using FireFox - although there is a Google Chrome version plug-in available as well. Step 1: Download MAFIAAFire Redirector In FireFox, visit the MAFIAAFire Redirector plug-in. On this page, you can either download, donate to the developer or do both. To download it, click on "Continue to download" On the next page, just click on "Continue to Download". You'll be brought to a screen that contains an end-user license agreement Read through and/or click on "Accept and Install" Step 2: Install MAFIAAFire Redirector Since this is a plug-in, Firefox will detect this and ask you if you want to install. When the install button allows it, click on "Install Now": When it's finished installing, you'll get a small pop-up window in FireFox that looks like this: Click on "Restart Now". This will restart your browser (you won't lose any tabs doing this - and, if you're like me, it will have to load the bajillion tabs you already have open) That's it! If a domain is seized and you try to access it, the plug-in should redirect you to the known domain that seems to b a replacement (it will let you know when you are being redirected. If you would like to know what the plug-in is currently redirecting, you can view the site list, or take a look at the following page (note: in the XML page, the site between the "realdomain" tags is the actual domain that was seized. The links in the "FilterDomain" tags are the domains the plug-in redirects to) Some Final Thoughts While this is way more user friendly than maintaining a hosts file, it is, in some ways, less effective too given that maintaining a hosts file is getting direct server IPs. It also is no guarantee, by itself, to defeat any ISP-level filtering because, barring anything else the user has done to defeat any form of censorship, it will depend on the DNS server provided by the ISP. If a user lives in the US, then it can be subject to ISP-level censorship imposed by industry or government. Of course, this plug-in is still in early days in some respects and, no doubt, if it came to ISP-level censorship, something else can be programmed in to the plug-in. As it stands, the plug-in presumes that another website domain will pop up to take its predecessor's place - not always a sure thing. Also, while testing this plug-in, we noticed that it freezes FireFox for a couple minutes whenever FireFox is reset. This doesn't have anything to do with multiple tabs running given that I personally restart FireFox irregularly by killing the task in the task manager (whenever it uses too much memory). This enables the browser to simply list all the previous tabs in one tab, rather than loading every single one of them on restart. It might have something to do with the message that says that the latest list was downloaded and installed. If you experience this as well, wait a few minutes for FireFox to "unfreeze" first as it will eventually start running smoothly again if you give it time. This was really the only hick-up we encountered with the plug-in. For now, a good way to defeat some forms of DNS censorship - namely domain seizures. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Mozilla Releases Firefox 5.0

Jared Moya — Tue, 21 Jun 2011 19:01:10 +0000

Includes added support for CSS animations, improved canvas, JavaScript, memory, and networking performance, and number of security and stability issues. Quick update from version 4.0 is part of Mozilla's rapid release development cycle.

It's been just three months since Mozilla released Firefox 4.0, and already it's pushing version 5.0. "The latest version of Firefox includes more than 1,000 improvements and performance enhancements that make it easier to discover and use all of the innovative features in Firefox," it said in a press release. "This release adds support for more modern Web technologies that make it easier for developers to build amazing Firefox Add-ons, Web applications and websites." Firefox 5.0 reflects Mozilla's shift this past April to a rapid release development cycle which it says is important to deliver "cutting edge Firefox features, performance enhancements, security updates and stability improvements to users faster." So what are some of the new features? Firefox 5.0 includes the following changes:

Added support for CSS animations
The Do-Not-Track header preference has been moved to increase discoverability
Tuned HTTP idle connection logic for increased performance
Improved canvas, JavaScript, memory, and networking performance
Improved standards support for HTML5, XHR, MathML, SMIL, and canvas
Improved spell checking for some locales
Improved desktop environment integration for Linux users
WebGL content can no longer load cross-domain textures
Background tabs have setTimeout and setInterval clamped to 1000ms to improve performance
Fixed several stability issues
Fixed several security issues

As part of Mozilla's rapid release development cycle it also offers daily downloads of the latest and greatest Beta and "Aurora" versions for those looking to test out the latest and greatest innovations Mozilla has to offer.

DOWNLOAD FIREFOX 5.0

Stay tuned. newstip? jared@zeropaid.com

Bypass Google Censors with “Gee! No evil!” Add-On

Jared Moya — Fri, 17 Jun 2011 18:32:21 +0000

Firefox add-on restores words filtered from Google's Autocomplete.

There's a new Firefox add-on called "Gee! No evil!" that circumvents Google's Autocomplete search filtering regime. Back in January, Google announced a four part plan for “Making Copyright Work Better Online” in order to “better address” what it calls the “bad apples who use the Internet to infringe copyright.” Part of the plan called for it to "prevent terms that are closely associated with piracy from appearing in Autocomplete." This meant words like BitTorrent, megaupload, torrent, rapidshare, and even uTorrent were all banished from Autocomplete. Enter "Gee! No evil!", a Firefox add-on that restores terms filtered from Google's Autocomplete. "Censorship on behalf a dinosaur industry is evil and it shall be killed with fire," says the developers. "Our plugin removes this “evil” and also serves the dual purpose of reminding the big G, hence we named it: Gee! No evil!" The "Gee! No evil!" add-on was created by the same developers responsible for "MAFIAAFire". That add-on allows you to “un-censor illegally taken down domains" by redirecting users to their new site wherever it may be. Stay tuned. jared@zeropaid.com _________________________

Firefox 5.0 Android Beta – 1st Mobile Browser With “Do Not Track” Privacy

Jared Moya — Mon, 23 May 2011 08:27:35 +0000

New Firefox 5.0 Android Beta enables private browsing with addition of Do Not Track feature. Also increase page load speeds for 3G network connections.

Mozilla has announced the release of Firefox 5.0 Android Beta, and the mobile browser adds a number of features that boost speed and privacy for users. "Firefox for Android is the first mobile Web browser to offer the Do Not Track privacy feature," said Mozilla in a blog post. "Mozilla introduced Do Not Track to give users more control over the way their browsing behavior is tracked and used online. It enables users to tell websites if they prefer to opt-out of online behavioral tracking." The Do Not Track feature is easy to configure, and prefrences behave in the same fashion as they would if used on a Do Not Track-enabled desktop browser. "The web on your phone should be the same web as on your desktop, so to provide this consistency we've put the exact same Do Not Track feature in both the desktop and mobile versions of Firefox," it added. Firefox 5.0 Android Beta also boosts page load speed, particularly on 3G networks. Grab the latest beta of Firefox for Android and check out the feature for yourself. What's your favorite mobile browser? Stay tuned. jared@zeropaid.com