Security, Privacy and Anonymity on the Internet
Contents
- Introduction
- Firefox / IceCat
- Cookie Monster
- External IP
- FoxyProxy
- NoScript
- Quick Locale Switcher
- User Agent Switcher
Tor
- Privoxy (Optional if FoxyProxy is installed)
Passwords PGP (GnuPG)
- Key for Signing (4096-bit RSA)
- Sub-Key for Encrypting (4096-bit RSA)
- Export public keys in ASCII
Enigmail Hushmail Real-Time Communications
- IRC (SSL)
- SILC
1. Introduction
With the growing popularity of the Internet, our privacy has became an increasing concern. Peronal e-mail, banking, and e-commerce are a few areas targetted at random for profit, or targetted because you are the specific target of a malicious individual, or organisation. This guide is not meant to be the only and final solution to internet privacy problems, but it should help you get started in the right direction.
2. Firefox / IceCat
Mozilla Firefox (also available as GNU IceCat) is probably the most versatile available on the market today, and is freely available for many operating systems. Not only are updates frequent and automated, but it follows modern standards and has a great API which allows many different applications/plugins and extensions to be written for it (even an IRC client!).
The first step you should take when securing Firefox/IceCat, is to make sure all private data is removed on exit (and when you press CTRL+Shift+DEL). Go to Preferences->Privacy and select the following options under "Private Data":
[ X ] Always clear my private data when I close {FireFox,IceCat}
[ ] Ask me before clearing private data
Then click the Setting button for Private Data, and make sure you select every option listed.
We will be installing some pre-written extensions to aid us in the quest for privacy!
a. Cookie Monster
Cookie Monster allows you to manage which sites you wish to receive cookies from, and also if you want to accept all cookies or only session cookies. Install this extension, and from Firefox->Preferences->Privacy, make sure "Allow Cookies from sites" is not checked. From now on, you can enable session cookies on a per-site basis by left-clicking the little icon at the bottom-right of your Firefox/IceCat window and selecting "Accept Session Cookies from ~". Many internet advertising (see: spam) companies use cookie-based trackers to monitor what you do and see online, and to provide you with more targetted advertisements.
b. External IP
External IP is a simple extension which sends an HTTP request to a site, and the result is the IP address you are connecting from which can be displayed at the lower-right part of your firefox window. This can be useful for a variety of reasons, but I find it useful for remembering I'm using a proxy or Tor, and which.
c. FoxyProxy
FoxyProxy is a great proxy management tool designed to replace Firefox/IceCat's Proxy/Connection configuration menu. It allows different proxies to be set for different target hosts and enables you to "white-list" hosts which you do not wish to use a proxy for. I recommend you do not install this extension until Tor is installed as on first start-up, it will execute the configuration wizard which asks questions you may not know the answer to yet.
Once tor is installed, tell FoxyProxy that you won't be using Privoxy (unless you are... ;) and will be using Tor directly instead (Firefox now supports SOCKS 5). The configuration is quite straight-forward, but if you want FoxyProxy to connect through Tor for all URLs when enabled, add wildcard (*) to the whitelist and remove Gmail's entry. Now when you want to disable FoxyProxy, just right-click on its icon and select "Completely disable FoxyProxy". An alternative extension which you may prefer is TorButton.
d. NoScript
NoScript, probably one of the most popular security-related extensions, allows you to control which sites are allowed to have Java Applets, JavaScript, Macromedia Flash, Microsoft Silverlight and other plugins on their site from their own domain, or external domains. This helps prevent XSS attacks as well as a variety of other malicious code. Please not that Macromedia Flash is not blocked by default for untrusted sites, you should change this from the options menu.
e. Quick Locale Switcher
Quick Locale Switcher is a handy little extension for changing the application's locale and also changes the HTTP accept-language environment variable. One problem with this is that it asks you to restart the browser in order to display the new locale, however, we only require the environment variable changed so you can safely continue without restarting. This can be a little annoying, and I'm sure there are more effecient ways or extensions to do this - but this is what I currently use.
f. User Agent Switcher
User Agent Switcher allows you to change the user-agent environment variable. This is used as a browser identification string which many httpd servers and/or web applications use for a number of things, including which CSS to send etc. Many servers log this information in their access logs, so sometimes it may be a good idea to change this (additionally, some services such as Microsoft's new server suites disallow access from browsers other than IE 7). This plugin comes with a few presets, but you'll probably want to create your own from the configuration menu.
3. Tor
Tor is a BSD licensed, software implementation of Onion Routing. Using its SOCKS 5 interface, it connects end-users to the network over an encrypted connection and allows access to end-point much like a proxy. Tor must never be confused as being a perfect solution for data security and anonymity as it has some weaknesses; These include DNS leaking, Traffic Analysis and more recently but unsurprisingly - Eavesdropping. Even if such revelations hadn't been made, it would still be recommended to use SSL everywhere possible to help retain your privacy.
An extra layer of security used by anoNet internally and for external sites, is to run Tor servers within a VPN/Darknet. Of course, for this to work properly - many people would need to participate as servers.
Tor is quite simple to install, either compile from source - or install a binary package for your system. For most users, the default configuration will suffice - so just rename torrc.sample to torrc.
a. Privoxy (Optional)
Privoxy is a web proxy with advanced filtering options not offered by many other proxies. These include content filtering, cookie management, and the removal of unwanted "nasty" content such as advertisements. I won't explain how to use all these features here as they are not required, and our browser extensions can perform many of these actions more easily on a per-site basis.
To use Privoxy with Tor, add the following line to the top of the main configuration file "config":
forward-socks4a / localhost:9050 .
This will allow you to connect to tor through applications which do not support SOCKS connections by instructing them to connect to localhost:8118 (default port for Privoxy). For applications which don't support any proxies, you may be interested in using Socat.
4. Passwords
For well over 10 years, you would have thought password security would be a high priority... however, even in 2007 - with online banking, shopping and the amount of malware around at an all-time high, many people are still very careless with their passwords. I won't go into detail about protecting your password as such, but I'd like to go over the selection process a little. Why re-write something commonly known, I hear you ask... well, it seems that many people favour easy-to-remember rather than secure passwords. It's unbelievable the amount of civil servants and even Comp. Sci. lecturers(!!) who use the names of loved ones or pets as passwords for everything.
Many places and people recommend a length of at least 8 characters, this may be suitable depending on the password - but personally I use over 10 or sometimes even over 30 characters for anything important (good luck brute-forcing that!). Of course, this isn't practical for everything or everyone - so here are some generic tips on choosing and managing your passwords:
- Use more than one password for each site/application
- Never leave your password written down somewhere (like a post-it note on your monitor!)
- Size is important (right, girls?) - 8 or 10 minimum, or 25+ if you're more paranoid.
- Never use words found in any dictionary, including profanity
- Never use proper nouns
- Use a wide variety of characters: a-z,A-Z,0-9,#,@,!,$,%,^,*,� etc
- Never let anyone know your password, not even loved ones
One method which was considered earlier today, though may be impractical, is to take your already-secure password and create an MD5 hash of it.. then inserted additional characters and change the case of letters at set intervals, for example:
m4Fkp5t79X�L2d8f0aV4@k04B6s8 = 4b1e9c048c346332383f57a241d56e60 (MD5)
4b1@e9c@048@c34@633@238@3f5@7a2@41d@56e@60 (Add '@' after every 3 or more chars)
4b1@e9C@048@c34@633@238@3F5@7a2@41D@56e@60 (Change every 2nd letter to upper-case)
[+more letters]
This is actually a pretty bad example - as the original password is already long and difficult to remember, but would work well with an easier to remember word as "word3@2^" - which would translate as your easy-to-remember word in MD5, then @ after every 3 chars, then change every second letter to ^upper-case^. This needs a little more thought into it, especially as some hashes will have too many numbers for it to be secure.
Now that we've covered passwords, I think it's save to move on to topics which will make use of them!
5. PGP (GnuPG)
GNU Privacy Guard is a free implementation of PGP. By default, it doesn't integrate with OS context menus or applications - but there are many third-party applications and plugins which do. These instructions are best followed on a UNIX-like operating system, but should be easily adapted to Microsoft Windows. As with the other applications listed here, install GnuPG from source, binary or distro-specific package. I will be using RSA for these examples, you may use DSA if you wish; If you live in a country which is not allowed to import RSA from the USA it's upto you if you want to use RSA or not, I'm not going to lecture you on following export laws.
a. Key for Signing (4096-bit RSA)
It is possible to both sign and encrypt data with PGP, however - seperate keys are needed to perform both using RSA. More information about RSA is available here.
Follow these commands to create your signing key (using your /own/ data):
int16h[~]$ gpg --gen-key [enter]
gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 5 [enter]
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096 [enter]
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) [Enter]
Key does not expire at all
Is this correct? (y/N) Y [enter]
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: int16h
Email address: int16h@hsuh.moc
Comment: CyberArmy
You selected this USER-ID:
"int16h (CyberArmy) <int16h@hsuh.moc>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O [enter]
You need a Passphrase to protect your secret key.
Enter passphrase: [uber password here] [enter]
Repeat passphrase: [repeat it] [enter]
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
At this point, I recommend opening a new terminal and running "tree /", moving your mouse rapidly and pressing random keys until it is complete. It may be wise to run tree in a large directory which doesn't have any sensitive information in it.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 4096R/61BA5FDD 2007-12-09
Key fingerprint = C1DB 15AD 1235 2423 07C0 2A73 8283 93F7 61BA 5FDD
uid int16h (CyberArmy) <int16h@hsuh.moc>
Note that this key cannot be used for encryption. You may want to use
the command "--edit-key" to generate a subkey for this purpose.
Well done! You now have an RSA key which can be used for signing. If you use a keyserver, and even if you don't - it's probably wise to set an expiration date or create a revocation cert for your keys. This is akin to changing your password frequently.
b. Sub-Key for Encrypting (4096-bit RSA)
Next we have to edit our key(s) to add a new sub-key for data encryption. This is also quite simple, so it shouldn't be too stressful for your CLI-phobes out there:
int16h[~]# gpg --edit-key int16h [enter]
gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
Secret key is available.
pub 4096R/61BA5FDD created: 2007-12-09 expires: never usage: SC
trust: ultimate validity: ultimate
[ultimate] (1). int16h (CyberArmy) <int16h@hsuh.moc>
Command> addkey [enter]
Key is protected.
You need a passphrase to unlock the secret key for
user: "int16h (CyberArmy) <int16h@hsuh.moc>"
4096-bit RSA key, ID 61BA5FDD, created 2007-12-09
Enter passphrase: *your-pass* [enter]
Please select what kind of key you want:
(2) DSA (sign only)
(4) Elgamal (encrypt only)
(5) RSA (sign only)
(6) RSA (encrypt only)
Your selection? 6
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096 [enter]
Requested keysize is 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) [enter]
Key does not expire at all
Is this correct? (y/N) y [enter]
Really create? (y/N) y [enter]
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.........+++++
...+++++
pub 4096R/61BA5FDD created: 2007-12-09 expires: never usage: SC
trust: ultimate validity: ultimate
sub 4096R/399E3028 created: 2007-12-09 expires: never usage: E
[ultimate] (1). int16h (CyberArmy) <int16h@hsuh.moc>
Command> quit [enter]
Save changes? (y/N) y [enter]
Now we have a sub-key which we can use to encrypt data (as indicated by the 'usage' field - "E").
c. Exporting public keys in ASCII format
If you plan on allowing people to verify your signatures etc, you will need to give them your public key. The default action of the --export switch will export your key in binary format, this isn't really suitable for publishing your key on websites or emailing it, so we use the --armor switch like so:
int16h[~]# gpg --output int16h.pub --armor --export int16h
This command will export the public key for 'int16h' in ASCII to a file named int16h.pub, ready for distribution. It's wise to have seperate PGP keys and e-mail addresses for different 'personas', More about that later.
6. Enigmail
Enigmail is an extension for Mozilla, Mozilla Thunderbird/IceDove and SeaMonkey which provides an integrated interface to GnuPG. Installation and usage is pretty straight-forward, for Thunderbird or IceDove for example, just save the .xpi file to disk, and from the Tools > Addons menu, select Install.. and select the .xpi file.
From now on, all mail received which is PGP-signed or encrypted will be automatically verified and decrypted. If you wish to sign or encrypt an outgoing message, use the OpenPGP menu from the Compose window.
7. Hushmail
Hushmail is a (now controversial) secure web-mail solution provider, founded in 1999 by Cliff Baltzley. Recently, under the Mutual Legal Assistance Treaty - Hushmail have handed over clear-text e-mails and other data on 12 CDs to the US Government. In addition to this, according to Hushmail - "Hushmail.com does log IP addresses to analyze market trends, gather broad demographic information, and prevent abuse". This is indeed a great shame, as Hushmail is a great idea. However, I believe it can still be used - as long as you use your own encryption methods rather than the built-in method.
The following steps should help ensure your usage of Hushmail is kept both private and anonymous:
- Use tor or a chain of proxies to use Hushmail.com
- Make sure Java is also using the above
- Generate keys for your Hushmail address off-site
- Encrypt and decrypt mail off-site, then paste into hushmail
Real-Time Communications
Now that web-browsing and e-mail have been covered, Real-Time Communication is next up! I won't cover Instant-Messaging clients here, as I don't personally use them and you can just enter your Privoxy or Tor address:port into their connections settings.
a. IRC (with SSL)
First I'd like to say that anyone who uses IRC without SSL may as well use Internet CB (ICB). There's no excuse for people not to use SSL nowadays. Irssi, BitchX, XChat, mIRC(Tutorial) and Colloquy.
(If using x-chat, select "Accept invalid SSL Certificate")
b. SILC
SILC was designed in 1996-1999 by Pekka Riikonen. It is a a communications protocol which provides real-time chat like IRC, but unlike IRC it was built with security in mind. A number of SILC-capable clients exist, but due to abandonment and other reasons, some no longer work with the current protocol revision. Clients which are reported to work fine without problems include: SILC Client (built with irssi), irssi SILC plugin, Colloquy and possibly Pidgin (formerly known as GAIM).
- silc.cyberarmy.net (Round-robin currently down..)
- cais.cgx.org.uk (77.75.105.130)
- 72.232.55.124 (72.232.55.124)
I hope this article has been a useful and/or informative read for you, but please remember to regularly research encryption algorithms as with the speed technology is growing at - and the amount of study into them, many are quickly becoming deprecated/broken. I would also like to advise that if you are backing up your key-rings or any other sensitive data (encrypted or not) to use TrueCrypt. I will write a small tutorial for this next time.
This article was originally published by CyberArmy.net in the CyberArmy Library. |