ZeroPaid.com » privacy

How to Master Email Encryption

Hannah — Thu, 09 Feb 2012 17:10:50 +0000

Keep your personal data safe by taking the time to encrypt your emails.

With the government threatening to do all kinds of things to the internet, and stories about email and phone hacking surfacing all over the world, there’s never been a better time to start protecting your online privacy. Email encryption is one way of keeping your personal data safe. Encryption services or third-party software encrypt emails by making them unreadable to anyone other than the intended recipient. When you encrypt your email, you have a public key (usually a mixture of numbers and letters) that others can use to send you encrypted email, and a private key, which you then use to decode the email. When sending encrypted email to someone else, you need to know their public key in order to keep the email secure. You can either get this from them personally, or find it by searching the online key servers. Encrypted email isn’t widely used outside of sensitive situations - such as political or business dealings - however, it can help protect your personal and financial information from prying eyes. Below are some of the tools you can use to encrypt your email and protect your personal privacy. Hushmail Hushmail is a stand-alone email service that enables users to send and receive encrypted emails through their Hushmail address. If you are new to the concept of encryption or aren’t very tech-savvy, Hushmail does all the leg work for you: once you’ve set up a Hushmail account, all you have to do is remember your passphrase. Enigmail (Thunderbird) Enigmail is a plug-in for Mozilla’s Thunderbird email application. Once you’ve downloaded the extension, create your public and private keys, and a passphrase. You can also generate a revocation certificate, which invalidates your public key in the event that your private key is compromised. Gmail Encrypt (Firefox) The Gmail Encrypt extension for Firefox only works with Gmail accounts, and you need to install Greasemonkey before you can use it. Once installed, the extension works in a similar way to Enigmail: you create public and private keys, as well as your own passphrase to access the Gmail Encrypt service. GPG (Apple Mail) This open-source plugin for Apple Mail encrypts, signs and verifies emails sent and received through the Apple Mail client. The plugin is compatible with Lion and has an integrated update mechanism, which means you automatically receive GPG updates using Apple’s software update system. GnuPG and PGP GnuPG and PGP are two types of software you can download onto your hard drive. After installing the software on your computer, you can use it to create keys and encrypt messages sent through certain email clients. Email encryption only works with the computer on which you have installed the encryption software, add-on or plug-in. If someone sends you an encrypted message through Gmail and you try to read it on your phone or another device, you won’t be able to decode it. Although it’s not impossible to decode an encrypted email, using this service will help secure your personal information. To make your email encryption as fool-proof as possible, always check the recipient’s public key before sending - if you get the key wrong, the information inside the email could end up in the wrong hands. Some encryption services don’t encrypt the subject line so include sensitive information only in the body of the email. hannah@zeropaid.com

Fight Back: Speak Out Against ACTA, Sign the Petition

Jon Kaykin — Sat, 04 Feb 2012 15:21:46 +0000

Learn more about the Anti-Counterfeiting Trade Agreement and sign the petition against it. If you don't know what the Anti-Counterfeiting Trade Agreement (ACTA) is please see this: [embed]http://www.youtube.com/watch?v=xoW26CwhcR8[/embed] ACTA can be more dangerous than SOPA and PIPA and can potentially create new legal standards of intellectual property enforcement, meaning that Internet distribution and information technology would be highly monitored and constantly reported to law enforcement agencies. We must not let this bill pass, we must continue to preserve the freedoms granted to us by the Constitution. Please sign the below petitions and speak out against this bill, stand up and protest while we still have that freedom. Learn how to act against ACTA. Petitions -

U.S. anti-ACTA White House Petition: sign it
Canada - Petition: sign it
Canada - Take 1 minute to send a letter contesting Bill C-11: here
Ireland - anti-SOPAIreland Petition: sign it
Poland - ACTA Referendum: here
Global anti-ACTA Petition: sign it

Attend a local Protest -

Pan-European Map of anti-ACTA protests: here
Denmark
Netherlands (Amsterdam)
Czech Republic (Prague)
England (London)
England (Nottingham)
Ireland
France
Scotland (Glasgow)
Germany (Berlin)
Germany (Bremerhaven)
Germany (Hanover)
Germany (Hamburg)
Germany (Mainz)
Germany (Minden)
Germany (Munich)
Germany (Trier)
Germany (Regensburg)
Germany (Stuttgart)
Sweden (Stockholm)
Sweden (Helsingborg)
Sweden (Goteborg)
Poland (Gdansk)
Poland (Wroclaw)
Poland (Katowice)
Poland (Krakow)
Poland (Bialystok)
Poland (Szczecin)
Poland (Lodz)
Poland (Bydgoszcz)
Italy (Porto Vecchio)
Portugal (online)
Malta (Valletta)
Slovenia (Ljubljana)
Bulgaria (Sofia)
Romania (Bucharest)
Romania (Bucharest)
Romania (Cluj)
Romania (Timisoara)
Latvia (Riga)
Austria

Stand up, Speak out. Learn more about ACTA here. Jon@zeropaid.com | @jkaykin

Really?! The FBI May Soon Monitor Social Networks

Jon Kaykin — Fri, 27 Jan 2012 09:20:34 +0000

The FBI has submitted a request for the creation of software that will search through "publicly available" information on social networks in order to discover emerging threats. After shutting down Megaupload, it seems as if the FBI isn't quite satisfied, they want more control over information. So what's their next plan? A social media application. You heard right; the FBI has posted a Request For Information (RFI) regarding the development of a social media application that can monitor online activity. "The application must have the ability to rapidly assemble critical open source information and intelligence that will allow the SIOC to quickly vet, identify, and geo-locate breaking events, incidents, and emerging threats." Although the RFI is lengthy and its jargon is technical, it isn't hard to understand and I recommend you read it. But if you don't feel like reading it, here are some important features that the application should have:

Provide an automated search and scrape capability of both social networking sites and open source news sites for breaking events, crisis, and threats that meet the search parameters/keywords defined by FBI SIOC.
Ability for user to create, define, and select parameters/key word requirements. Automated search of national news, local news, and social media networks. Examples include but are not limited to Fox News. CNN, MSNBC, Twitter, Facebook, etc.
Provide instant notifications of breaking events, incidents, and emerging threats that have been vetted and meet the defined search parameters.
Ability to immediately access geospatial maps with coding in addition to providing critical infrastructural layers. Preferred maps include but are not limited to Google Maps, Google 3D maps, ESRI, and Yahoo Maps.
Ability to instantly search and monitor key words and strings in all “publicly available” tweets across the Twitter Site and any other “publicly available” social networking sites/forums (i.e. Facebook, MySpace, etc.).

While I believe that it is great that the FBI would like to use social media to discover possible threats, the idea of a "spider" searching through online interactions doesn't appeal to me. The FBI says that it would monitor "publicly available" information but with 67% of online social networking account owners having concerns about privacy on social networking sites (ESET), I think that a lot of people would add strict privacy settings to their accounts, thus making that information private. Lillie Coney, the associate director of a Washington-based privacy group commented on the FBI's request calling it "ridiculous. "Get a warrant," she said. "You don't know half the people you communicate with on Twitter. They are going to launch investigations and start looking at all sorts of people that they have no right to be investigating. There is no accountability, no transparency and no oversight." It's true, the FBI doesn't have the right to investigate our private interactions but unfortunately it's the FBI and they can do whatever they want. With tight privacy settings on many social networks, a lot of information is considered private, so I don't know how viable this will be. It could cause many court cases and civil liberty actions. I guess we will have to wait and see how the application turns out. Any thoughts? Jon@zeropaid.com | @jkaykin

RIAA’s VP of Strategic Data Analysis Issues Statement On Megaupload Shutdown

Jon Kaykin — Thu, 26 Jan 2012 01:46:19 +0000

RIAA's VP of Strategic Data Analysis believes that the shutdown of Megaupload and other P2P file sharing sites is mandatory and will decrease file sharing. Truthfully, it will upset many. Megaupload's shutdown by the Justice Department has caused a lot of controversy regarding piracy and whether file sharing sites like Megaupload should exist. One of the major supporters of the shutdown was the Recording Industry Association of America, naturally because they handle copyrighted music and want to make sure that no "unauthorized content including music, movies, and other copyrighted works" is shared. The shutdown led the RIAA's Vice President, of Strategic Data Analysis, Josh P. Friedlander, to issue a statement on their blog, titled Why Closing Megaupload Matters. Although, the post is aimed towards Megaupload, it mainly points out why they believe closing P2P services is important, alluding to Limewire's shutdown. Supposedly, the shutdown of Limewire, according to the NPD group, decreases the use of P2P file sharing but really, with all the P2P file sharing sites out there, I find it hard to believe there is a decline in use. Friedlander also points out, "Digital music sales that had been flagging jumped in the month immediately after the Limewire shutdown, and have remained stronger ever since (note that while the Beatles did go on iTunes in November of 2010, they only account for a small portion of that sales increase, and current music sales went up even more than catalog). When Billboard looked at the data after the Limewire shutdown it said “The spike in sales was immediate, noticeable and lasting." A chart of the sales spikes in 2011 can be seen below. While this evidence may support the shutdown of P2P file sharing sites, the problem is that it doesn't matter. Shutting down these sites will not, as Friedlander says, "encourage users to go to legitimate sites," rather it will make them upset and angry, as in the case of Pirates of Catalonia, a political party in Catalonia that supports intellectual property reform, open access to culture and knowledge, transparency and Direct Democracy. They have announced a collective civil action in Spain against the FBI because the shutdown has caused many users to lose files containing personal information and this may have violated Articles 197 and 198 of the Spanish Penal Code. It's understandable that many artists (and there record labels) want to be compensated for their hard work but in the case of many Megaupload users who lost their important personal files, action against the unlawful seizure of those files must be taken. Many have spoken out regarding the shutdown of Megaupload and many P2P file sharing sites such as Filesonic, Fileserve, FileJungle, UploadStation, 4shared, VideoBB, VideoZer, UploadBox, and Uploaded.to have shutdown their services to the U.S. As I stated above, regardless of the shutdowns, people will continue to use P2P file sharing sites and they will collectively rise up to keep the sites around. See Also: 10 Alternatives to LimeWire Jon@zeropaid.com | @jkaykin

Ghost Incognito: Chrome Extension Maximizes Web Browsing Privacy

Jared Moya — Wed, 07 Dec 2011 18:21:02 +0000

Extension for Google's Chrome browser offers one-tap web browsing in incognito mode, and is set to default for all pornographic .xxx domains.

Web browsing privacy is very important these days as the number of sites we visit on a daily basis rises, and those sites keep track of your usage for marketing and research purposes. Companies use cookies for online tracking so that they can provide users with targeted advertising, and unless your vigilant marketers can harvest your personal information and retain it for an indefinite period of time. Where you go, what you look at, search, buy or browse, can all be collected and used to better target you for advertising, and for many this is a scary proposition. Luckily Google's Chrome browser has an extension called "Ghost incognito" that makes sure selected domains always open in incognito mode, especially the new pornographic .xxx domains which are all added by default. Incognito mode helps protect your privacy by deleting all new cookies after you close all incognito windows that you've opened. It also doesn't record any files you've downloaded or sites that you've visited in your download and browsing histories. The way it works is that you simply tap the Ghost incognito button in the upper right-hand part of the browser toolbar whenever you want to keep your browsing private. The site will open in incognito mode in a new window, and it'll be added to your list of sites so that it will always open in incognito mode in the future. To remove a site from the list, allow the Ghost incognito extension to run in incognito mode (Tools > Extensions > Check "Allow in Incognito"), then click the Ghost incognito icon when visiting that page. With the Ghost incognito extension you can finally take back your privacy (or at least surf .xxx domains in peace), and it's just another reason why you ought to consider switching to Chrome if you haven't already. FYI - Our friends over at FoxyBay.com have a free Chrome eBay Extension that makes searching eBay fast & easy. Stay tuned. jared@zeropaid.com | @jaredmoya

ZeroPaid Speaks to Executive Director of Tor Project About PROTECT-IP Act

Drew Wilson — Wed, 07 Sep 2011 15:39:40 +0000

We've discussed the PROTECT-IP Act at length here at ZeroPaid. While we have plenty of ways of examining the PROTECT-IP Act, we've decided to talk to Andrew Lewman, the Executive Director of Tor Project, about Tor, and the PROTECT-IP Act.

There's been plenty of discussion about the PROTECT-IP Act. One way we've examined it is the technical side of it. The main question we asked a little while ago is essentially, is it technologically possible to actually stop alleged piracy on the internet through the PROTECT-IP Act. Our findings were really an overwhelming "no" after we explored 8 technical methods that, in theory, could easily circumvent DNS censorship. We even picked apart and debunked a piece by Don Henley who supports the PROTECT-IP Act late last month. One of the technical measures we suggested would be likely effective against DNS censorship was using Tor which is sometimes referred to as the onion router. It can be described as a network of proxies one can use to better protect their online privacy among other things. Since then, we asked Andrew Lewman, Executive Director and press contact of the Tor Project for his take on a few things. We mentioned to Lewman that there was some debate over which solution was best to bi-pass internet censorship. Is one solution better over another? This was the subject of some debate in our comments section and websites linked to our article. Lewman had an interesting take on that. "The first issue with the story is that there is no best solution for everyone. Censorship circumvention is very localized. Generally, using the least sophisticated method to circumvent is all you need to do." Lewman also explained, "The arms races with the censors proceeds slowly, in some cases by design, so as to not accelerate it for little gain on either side. The general population cannot keep up with the technical arms race, at least from our experience. It takes time for people to understand the risks and act accordingly." I think that is a very important point to make. It's one thing to say one person will start using tools to better protect their privacy, but it's quite another for the general population in a given country to start using such tools. In our e-mail conversation, I said to Lewman, "one person [in the debate over whether or not one technical measure is better than another] said that officials would start creating honey-pot nodes in the Tor network. To me, that doesn't make any sense because Tor uses multiple proxies, so it would make such an effort be almost a waste of time." "Law enforcement organizations already create 'honey pot' servers on many networks, including Tor. These servers fully log all accesses at a service, network, and ISP level. If the core, underlying protocol is correctly implemented, then the users have little to fear. Law enforcement agencies around the world are known to run Tor, I2P, Freenet, and generic socks/http proxies servers as part of a dragnet to catch criminals. While this statement may get you lots of page views, anyone that has thought about this for 30 seconds will realize this is of course the reality. Whether protecting someone's audio/video bits is equivalent to murder, rape, extortion, bribery, and slavery is for individual societies to determine." It is interesting that Lewman brought this up given one of our more recent reports noted that, in France, someone could get the same legal punishment for manslaughter as they would for online copyright infringement. We asked Lewman, "looking at what lawmakers are proposing in the PROTECT-IP Act, do you think that the proposed law is a threat to the internet? If DNS censorship is one way the government wants to remove remove copyright infringement, do you see that as being effective or do you see potential pirates simply routing their way around it?" "PROTECT-IP will break the American Internet." Lewman told ZeroPaid. He said, "It will simply move innovation elsewhere and drive the arms race towards an alternate domain name system not controlled by the US government. It may temporarily quell some sorts of piracy, but that victory will be short lived. In the beginning, there were many DNS root servers, not one single set. AlterNIC and many universities ran their own DNS root servers for their own purposes. Having spoken to various agents, they privately wonder why protecting someone's commercial bits is now equivalent to stopping child pornography, human trafficking, and other heinous crimes." ZeroPaid also asked, "if governments like the US government decide on trying to censor the internet, do you see it being possible that users will start using things like Tor more so than before because of a perceived threat to something like free speech?" It's already happening. See [Tor Metrics Portal - User Statistics] Lewman explained, "Our top ten countries by users is filled with "free democracies" that have started to either censor the Internet or implement Internet traffic data retention in some way." We would like to thank Andrew Lewman for taking the time out of his busy schedule to speak to us. To learn more about Tor Project or download and try out Tor project or otherwise support Tor in general, you can check out their homepage at TorProject.org. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Guide: How to Enhance Your Web Privacy with NoScript

Drew Wilson — Sat, 27 Aug 2011 21:06:46 +0000

Privacy while surfing can be serious business for a number of web surfers. Some use a number of tools like NoScript to block unwanted scripts on websites they visit. This can help stop websites from tracking who that user is that visit that webpage, thus enhancing their privacy. This guide will show you how to download, install and use NoScript.

Before we start with the guide, we should offer a reason why someone would use something like NoScript. Many websites these days employ different tracking techniques. These website tracking techniques can tell the web owner a number of things about its users. The bits of information that can be obtained include type of web browser, country of origin, ISP, operating system, screen resolution, age, gender, marital status, type and level of education, which site you came from, which webpage you left on on the website and sometimes even the webpage you went to to name a number of these examples. I'm not entirely sure how some of these statistics are gathered, but such statistics can be made available by sites like Alexa which can give you a sense of what the traffic is like for a number of websites. On the other hand, usually, website owners track data on a more cumulative level. This means that, sure, it can detect you are from country 'X', but all the web owner typically sees is, 'X' number of users from from country 'X' Unless you are doing something that warrants individual attention, a website owner probably won't care about web hits on an individual basis. Even when you warrant their attention on a moderation level, chances are, it's a case of seeing a particular users IP address more than anything else. Having said all of that, tracking of your internet activity isn't (or, should I say, shouldn't be) compulsory when you've done nothing wrong. In a way, using NoScript can be your way of saying, "Hey, count me out of your statistics gathering". If you want to be one of those individuals that would rather opt out of being tracked using NoScript, then read on. For this guide to work, you need to be using the internet web browser FireFox. Step 1: Download NoScript As with many FireFox plug-ins, downloading and installing this plug-in is very straight forward. First, you need to the NoScript website. Under the NoScript logo, there's a green button that says "Download". Click on that button. When you do click on that link, you'll see a little pop-up message asking you if you really want to install NoScript. Since we want this plug-in, click on "Allow" Step 2: Install NoScript After you've allowed this plug-in to download, you'll get a pop-up window that asks you if you want to install this. Since we know this is not a malicious plug-in, we can go ahead and click on "Install Now" Step 3: Restart FireFox As with most other plug-ins we've encountered, you must restart FireFox for the installation to be completed. If you are ready, just click on "Restart Now" in the little notification window. Step 4: Test NoScript When your browser restarts, you should see one or two things. The first is that NoScript appears right next to your address bar as shown below: If you are on a website that uses scripts, you should see a bar along the bottom notifying you of any scripts the website you are viewing uses. As a test, we decided to browse to YouTube and see how NoScript behaves out of the box. This was our result: As we can see, there is a total of 24 scripts and no objects are present. By default, some scripts are automatically allowed on YouTube through NoScript. This can easily be changed through the NoScript menu that can be found either by clicking on the NoScript button or, as we demonstrate below, on the "Options..." button on the bar along the bottom of our browser: From this menu, we can easily pick and choose whatever set of scripts we want to allow. We can allow all scripts, block all scripts or allow and block different scripts. The thing to remember is that some scripts are needed to run many parts of a website. So, blocking all scripts may result in you not being able to view a website properly. Blocking and allowing scripts is more of something you have to feel your way through. You can block scripts that exists in the website itself and see how the website functions without it and then unblock it afterwards if you suddenly are unable to use a website in whatever fashion you choose. Experiment around with it is my best advice. Final Thoughts I think NoScript is a nice plug-in because it can tell you more about a website then you would just by loading it without any extra plug-ins. Sure, some websites seem simple, but then you can find out that a simple website can have two dozen scripts running in the background. It is also an added layer of security. While a light layer of security, it's better than nothing at all I think. Some malicious websites might use scripts to do a lot of nasty things to its users. I'm sure someone immersed in the field of back-end web coding would say it's entirely possible to create a whole variety of nasty stuff with scripts. NoScript can block websites that use malicious scripts which is a nice bonus. Overall, I think it's a nice thing to add to your plug-in collection.

Opposition to Canada’s Impending Surveillance Legislation Grows

Drew Wilson — Sat, 13 Aug 2011 22:09:03 +0000

The Canadian governing party - the Conservatives - are planning an omnibus crime bill that would include surveillance legislation. While the bill is not yet tabled, opposition to this bill is mounting.

There has been suggestions that the Canadian surveillance legislation long promised, but never passes, may be bundled in to an omnibus crime bill and tabled soon. For those following this story closely, that isn't exactly news. What is news, however, is that experts, academics and organizations, among others, have stepped up to formally oppose such legislation. An open letter was recently sent to Prime Minister Stephen Harper expressing their concerns about such legislation. They cite previous bills that made up the surveillance legislation in the last government session and voiced their concerns about them. The letter (PDF) opens, "We are writing to you regarding your promise to introduce and pass within 100 days an omnibus bill incorporating a number of very different pieces of legislation." The letter continues, "We are particularly concerned that three of those bills will have serious negative implications for the privacy rights of Canadians, and that these aspects will not receive the scrutiny they deserve if rolled into an omnibus bill." "These pieces of legislation were former Bills C‐50, C‐51 and C‐52 from the last session of the previous Parliament, the ‘lawful access’ technical surveillance bills. We join Canada’s federal and provincial Privacy Commissioners in voicing our grave concerns regarding this invasive legislative mandate, as they collectively did in a letter to Deputy Minister of Public Safety dated March 9, 2011." Their main focus of concern:

The ease by which Canadians’ Internet service providers, social networks, and even their handsets and cars will be turned into tools to spy on their activities further to production and preservation orders in former Bill C‐51 – a form of spying that is bound to have serious chilling effects on online activity and communications, implicating fundamental rights and freedoms;
The minimal and inadequate amount of external oversight in place to ensure that the powers allotted in these bills are not abused;
Clause 16 of former Bill C‐52, which will allow law enforcement to force identification of anonymous online Internet users, even where there is no reason to suspect the information will be useful to any investigation and without adequate court oversight; and
The manner in which former Bill C‐52 paves the way to categorical secrecy orders that will further obscure how the sweeping powers granted in it are used and that are reminiscent of elements of the USA PATRIOT Act that were found unconstitutional.

The letter also contains a highly detailed list of concerns in the appendix section. The letter also warns that the costs of implementing such surveillance measures would ultimately be passed on to consumers since it is a new cost of doing business for ISPs. Indeed, this type of thing has precedent. In France, when the French government forced ISPs to adopt a three strikes law, the ISPs simply passed the costs of maintaining the warning system on to consumers. The letter was signed by the following:

Andrea Slane, University of Ontario Institute of Technology, Faculty of Social Science & Humanities Andrew Clement, University of Toronto, Faculty of Information British Columbia Freedom of Information and Privacy Association (BCFIPA) Canadian Association of University Teachers (CAUT) Canadian Civil Liberties Association (CCLA) Canadian Federation of Students (CFS) Christopher Parsons, University of Victoria, Department of Political Science Civil Liberties Association – National Capitol Region (CLA–NCR) Colin Bennett, University of Victoria, Department of Political Science David Lyon, FRSC, Queen’s University, Surveillance Studies Centre Ian Kerr, University of Ottawa, Faculty of Law International Civil Liberties Monitoring Group (ICLMG) Kate Milberry, University of Toronto, Faculty of Information Leslie Shade, Concordia University, Department of Communications Studies Lisa Austin, University of Toronto, Faculty of Law Michael Geist, University of Ottawa, Faculty of Law Michael Markwick, Simon Fraser University, School of Communications OpenMedia.ca Public Interest Advocacy Centre (PIAC) Samuelson‐Glushko Canadian Internet Policy & Public Interest Clinic (CIPPIC) Sharon Polsky, President, AMINACorp.ca; National Chair, Canadian Association of Professional Access & Privacy Administrators (CAPAPA) Teresa Scassa, University of Ottawa, Faculty of Law Valerie Steeves, University of Ottawa, Department of Criminology

I don't mean to sound overly pessimistic, but I think that there is one key difference between when Canadians fought very dangerous bills in the past and now. That key difference is the fact that the Conservatives have a majority government. That means that they can pass whatever bills they want without any fear of opposition. So, it wouldn't matter how much evidence or reason you present the government, Harper will simply legislate how he likes. If it drives the country in to the dark ages, it wouldn't matter because he has the power to stop any opposing voice on different debates as far as passing legislation is concerned. That's just the government Canada is stuck with. My personal hope is that Canada will have a Charter of Rights and Freedoms before Harper's term is up - or, at least a few shreds of it still intact. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Guide: How to Defeat US DNS Censorship (Using Tor)

Drew Wilson — Mon, 01 Aug 2011 20:56:37 +0000

We've been running a series of guides discussing various ways of defeating censorship - particularly US DNS censorship. Previously, our guides covered methods to defeat censorship including command prompt, using a DNS web tool, using a hosts file and, for those sites that merely had their domains seized, using the MAFIAAFire redirector. One question one might ask is, "What if the ISP merely censors the server IP address of a censored website?". Well, there's various ways of circumventing such methods as well - one way is to use a well-known application called Tor.

What would happen if something like the PROTECT IP act goes further and goes beyond messing with a public DNS list? What if they (corporations and governments) compel ISPs to block access to certain IP addresses? Such a method of censorship is actually quite easy to circumvent. There's a number of methods that can bypass something like this and this guide will show you how by using a network called Tor. Tor is sometimes referred to as the union router. While some are content with connecting to one proxy, TOR connects you through multiple proxies to help ensure anonymity. While nothing is 100% secure, using Tor is still a very good way of staying anonymous. The side-benefit to this is that it can get around something like a simple website block imposed by an ISP. Sure, it's entirely possible an end-node will connect through an ISP that might try and censor certain websites, but as soon as you find yourself connected to an exit node outside of the country, it's game over for an ISP trying to simply block a certain IP address. So, a method we used to get Tor working is using FireFox. While installing and using Tor is a little more complex than installing something like MAFIAAFire, it will offer a few benefits including a level of anonymity and security that you wouldn't get by browsing the internet with nothing more than a firewall and a browser. Step 1: Download Tor It's more than downloading a simple plug-in for FireFox. So, first thing we want is the Tor Browser bundle which can be downloaded on the Tor download website. If you're viewing the website and don't know what to download, here's a screenshot of the website (I've highlighted the link that would get the software we are after) Step 2: Extract the Files As the webpage says, this doesn't really even require installation. Once you've downloaded the package, double-click on the file to run the self-extracting archive. In the pop-up screen, click on "Run": In the next window, click on the button with the three dots. You'll see a file tree of the files on your computer. Find a convenient location so you know where to turn on Tor in the future. You get a button that will allow you to create a new folder if you have to, but select the folder you want that new folder to be in before you use that button. When you've selected the folder you want the contents of this package to be in, click on "OK" Now, you'll have the previous window with new content in the text area. This denotes where on the system you'll be extracting your files to. Simple click on the "Extract" button. Step 3: Open Tor Browser Now that you have the Tor browser bundle, you can turn it on and connect to the Tor network. When you browse to the directory you extracted the files to, you should see something like the following: Simply double-click on "Start Tor Browser". It might take a moment for it to connect, but once it does, you'll have access to the Tor network. You'll also have access to this handy window (below) which we will use later (note: if activating this opens a pop-up internet browser window, don't close it because, for some reason, it closes the Vidalia window as well. Simply minimize it) Step 4: Download and Install the TorButton FireFox Plug-in We're almost there. We just need one last component - a FireFox plug-in. Simply go to the Torbutton page of the Tor website. What we want is in one of the first lines of the site. Click on the link that is present in the line that says, "Install Stable: Click to install from this website." Follow the prompts to install the plug-in. When you get the following pop-up, click the restart button to restart the browser: Step 5: Test the Tor Settings If you have installed both the browser bundle and the TorButton successfully, you should see a new button in your browser next to the URL: Now, we want to test to make sure everything installed fine. So, for that, we need to right click on the button and click on "Preferences..." In the new window (typically, the default settings are fine), click on "Test Settings". You will most likely see this window pop up (click on OK): Wait a few moments. It will test what you have. Chances are good that if you have followed this guide all the way up to this point, the test will be successful. The main thing is that you left that "Vidalia Control Panel" window open (the window that you get when you opened up that "Start Tor Browser executable" file from earlier) so that you have Tor functioning in the background. If the test was successful, you'll get the following screen: After you click on "OK", just click on "OK in the preferences screen to get out of it. To start using Tor, right click on the TorButton next to the URL in your browser and click on "Toggle Tor Status" and wait for the red "X" on the onion to go away and the onion to turn green. Congratulations! You are now browsing with Tor! Step 6: Taking Tor Out for a Spin Technically not necessary, but a nice visual demonstration of what an affect browsing with Tor can do. If you have Tor running, open a new tab and type in "http://www.google.com" in your browser (the ".com" part of the URL is the important part) and hit enter. You might be redirected to the same old Google home page as seen in your country. Now, open up/click on the Vidalia window and click on "Use a New Identity" Now, go back to your Google window. Wait a second for Tor to do it's thing. Re-type in "http://www.google.com" (again, the important part is the ".com" part). When the page loads, you should see that the Google webpage has changed to display what Google looks like in a completely different country. Pretty cool, eh? Google is simply detecting what country you are from. When you change to a different proxy or identity, Google assumes you are from a different country based on your IP address and displays their webpage accordingly. That's how others will very likely see you if they attempt to trace you - they will only get whatever the exit node (the last server that is accessing the internet) you happen to be using instead of you. Some Final Thoughts There is one unavoidable drawback to using Tor. It will very likely slow down your connection. Pages will take an extra moment to load because your webpage requests are being routed through multiple servers instead of you accessing the page directly. That will, unfortunately, be a fact of life on the Tor network. How much slower will probably depend on how much the Tor network improves itself. Log-in sessions and certain things like viewing YouTube clips might be more difficult. This is simply a security thing implemented in to Tor to avoid any chance of a user being traced. So, you might find yourself logging in more frequently as well. All-in-all, this is a very good way of defeating any DNS censorship the US (or any other country for that matter) might throw at you. If Tor winds up not being a one tool solution, I have a hard time believing that it can't be a key tool to defeating DNS censorship. If you have any further questions, feel free to consult the Tor Tor FAQ or comment below. Further Reading: Official Tor homepage Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Denmark Police Wants to Ban Anonymous Internet Use

Drew Wilson — Wed, 29 Jun 2011 10:22:23 +0000

Should using the internet Anonymously be a thing of the past? That's what police in Denmark are hoping. They are currently recommending that identities be verified before someone is able to log on to the internet. But is it one thing to hope that internet anonymity be abolished and quite another to make it happen?

There's some interesting developments being pointed out by the Huffington Post. An article (Google translated, original) is suggesting that police in Denmark are hoping that internet anonymity be a thing of the past. How exactly do they propose to do that? From the translated article:

How people should make themselves known to the as yet open, anonymous connections are still unclear. Working with the Ministry of Justice mentions various possibilities such as Social Security numbers, electronic signature or SMS solutions. The requirement will, however, according to Politiken be that a network user "will not have access to the Internet before the information about the person's identity is registered and verified."

If this truly is the way the police in Denmark hopes to end internet anonymity in their country, then it won't work. What's to stop someone from accessing TOR? If someone accesses a website via TOR, then the IP address is different and it's extremely difficult to trace that person back to the original IP address. Really, even if the goal is not to end internet anonymity altogether, what exactly does this accomplish practically speaking. If someone wants to cover their tracks and they know what they are doing, they will. Also, you never want to mess around with things like social insurance numbers. If a social insurance number is used to verify someone's identities and it is used in such a way that allows third parties to trace the numbers, identity thieves are a big step closer to stealing people's identities. This could be an additional strain on the system, it could cost a lot of money to implement, and, at the end of the day, I fail to see how a proposal like that would end internet Anonymity if the report is anything to go by. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.