Step 1 - Pseudonyms
Essentially, this involves setting up an anonymous email account with Hotmail, Yahoo, or Hushmail (which is new to me, but looks very good). Note: Yahoo (and maybe some others) will ask you for an alternative email address, however, so be sure not to give them one if anonymity is your goal. After that, you'll want an anonymous blog service. Ethan recommends Blogsome (free WordPress blogs), Blogger, and Seo Blog (can't find a good link for this, anyone?).
Step 2 - Public computers
Rather self-explanatory: use internet cafe's and other computers that many people use, so authorities can't trace the IP address back to you personally. Not fool-proof obviously, and certainly not convenient, so...
Step 3 - Anonymous proxies
Ethan explains that this way, when you use your webmail and weblog services, you'll leave behind the IP address of the proxy server, not the address of your home machine... which will make it very hard for anyone to find you. You might need some geek help to do this, but here's Ethan's list of reliable public proxies:
- publicproxyservers.com - anonymous and non-anonymous proxies.
- Samair (http://www.samair.ru/proxy/) - only anonymous proxies, and includes information on proxies that support SSL.
- rosinstrument proxy database (http://tools.rosinstrument.com/proxy/) - searchable database of proxy servers.
This will also slow down your browsing speed. But once you're up and running (you really need to read the document for the technical details), you can test where the internet thinks you're coming from at noreply.org. More oppressive governments block the popular proxies too, so you might have to search for a while to find one they don't know about. Ethan also recommends bloggers switch proxies regularly.
Step 4 - This time it's personal!
Rather than using a public proxy though, you can use a personal approach, otherwise known as a friend's computer (preferably a friend outside the reach of the oppressive government) as a proxy. They need some tricky software (Ethan recommends Circumventor from Peacefire.org), but, of course there are potential problems with this as well, including the friend's computer changing IP addresses, or the oppressive government realizing the blogger is spending all their time at one IP address and getting suspicious anyway. And so, the plot thickens, as does the technology...
Step 5 - Onion Routing through Tor
I'll just let Ethan explain this one:
Tor, a relatively new system...provides a high degree of anonymity for websurfing. Onion routing takes the idea of proxy servers – a computer that acts on your behalf – to a new level of complexity. Each request made through an onion routing network goes through two to 20 additional computers, making it hard to trace what computer originated a request. Each step of the Onion Routing chain is encrypted, making it harder for the [oppressive] government...to trace...posts.
At this point, however, you're virtually into hacker territory. Oddly, though, this "cloaking" technology is reported easy to install: Tor. Downsides include some sites, like Wikipedia, recognizing cloaked visitors and not letting them add comments, as well as, expectedly, slower browsing.
Step 6 - MixMaster, Invisiblog and GPG
If all that's not anonymous enough for you, enter the world of spook (aka paranoid) blogging:
[There's a] new option: Invisiblog (http://www.invisiblog.com/ [note, this URL returns an XML error message,]). Run by an anonymous group of Australians called vigilant.tv, it’s a site designed for and by the truly paranoid. You can't post to Invisiblog via the web, as you do with most blog servers. You post to it using specially formatted email, sent through the MixMaster remailer system, signed cryptographically. [...]
GPG (http://www.gnupg.org/) - the GNU implementation of Pretty Good Privacy, a public-key encryption system (http://en.wikipedia.org/wiki/Public-key_cryptography). In two sentences: Public-key encryption is a technique that allows [you] to send messages to a person that only [you] can read, without...needing to share a secret key with you that would let you read messages other people send..... Public key encryption also allows people to “sign” documents with a digital signature that is almost impossible to forge.
[and] MixMaster, a mailing system designed to obscure the origins of an email message. MixMaster uses a chain of anonymous remailers – computer programs that strip all identifying information off an email and send it to its destination – to send email messages with a high degree of anonymity.
Again, all this is much slower, but obviously untraceable. Technically, setting this up involves more details than make sense to simply copy here...see the document, pp. 60-61. But you're safe to say what you want/need to this way.
Ethan ends his text with perhaps the most important advice for the would-be-anonymous blogger:
And remember not to sign your blog posts with your real name!
You might want to step away from your computer. This post will self-destruct in 30 seconds....
helping folks set up anonymous weblogs and avoid censors in places where blogging can be dangerous to one's employment or even health.
But will this keep me safe from the Federal Election Commission?
Posted by: Ugh | September 22, 2005 at 02:04 PM
And remember not to sign your blog posts with your real name!
don't forget the corollary: don't disclose your alias to anyone you work with.
Posted by: cleek | September 22, 2005 at 02:13 PM
I use tor all the time. I'm pretty tech-savvy, but I think it would be easy to install even if I weren't. The biggest down sides I've noticed: (1) Wikipedia, indeed, blocks editing (not reading) from tor nodes, (2) Google appears in many languages, and (3) it's slower.
Anyway, I recommend it.
Posted by: Kyle Hasselbacher | September 22, 2005 at 02:44 PM
Why do you use Tor Kyle? What are it's non-paranoid applications?
Posted by: Edward_ | September 22, 2005 at 02:47 PM
If you really have to upload pictures, MS office documents, or basically anything other than text, make sure you carefully strip out all the meta-data. Pictures from digital cameras have all sorts of data embedded in them, as does your average word document.
Don't leave cookies, or anything else, on your machine from suspect web-sites. Also, don't add said suspect web-sites to the block-cookies list in your browser.
Remember that everywhere you visit logs the fact, even if you don't post anything.
Posted by: Duane | September 22, 2005 at 02:53 PM
Just 'cause you are paranoid, Edward_, doesn't mean they aren't after you. :)
Frankly, for non-professional non-cat bloggers, I don't understand why ANYBODY would be non-anonymous. A half-dozen or so virtual people know my real name, and two flesh-and-blood people know my bloggonym. Sometimes, I wish even they didn't. Unless you are being hired (introduced, offered an apartment, bought from, etc.) based on having opinions, why court trouble?
Posted by: angua | September 22, 2005 at 03:01 PM
I don't care angua.
The kind of trouble blogging might bring me is the kind I'm totally capable of dealing with, I believe.
Sure, psychos exist, several right on my block, but at a certain point there's nothing I say on a blog I won't say to someone's face, so I don't understand the anonymity issue really.
Posted by: Edward_ | September 22, 2005 at 03:04 PM
Mind you, I'm perfectly happy to not be proven wrong about that. ;-)
Posted by: Edward_ | September 22, 2005 at 03:07 PM
I suspect that's the difference between spending your formative years in the evil United States, evily controlled by the oxymoronic moral majority vs. the freedom-embracing Soviet Union :)
More seriously, the world is full of stupid people, some so stupid they cannot tell the difference between online ranting and real life. You cannot go broke by overestimating people's stupidity.
Posted by: angua | September 22, 2005 at 03:24 PM
so I don't understand the anonymity issue really.
i've probably told this story here, but i'll tell it again:
a long time ago, i told my Slashdot alias to someone i work with. years later, i was laid-off. i was angry and posted some rant about the situation on an outsourcing thread on Slashdot. i didn't say anything specifically about the company, and i didn't say anything offensive or give away any secrets; i just said something along the lines of "talk to me about cost savings of outsourcing after your job has been moved to India so your company can save 2/3s of the cost of your salary", etc..
over a year later, i was then brought back in to interview at that same company for a short-term contract. during the interviews, two different people referred to my Slashdot posting: a pseudonymous post i made over a year prior that had no specific details about the company, myself or the situation.
unfortunately, i have many many years of usenet and CodeProject postings under my real name. what i post as 'cleek' is really tame compared to the kind of flame wars i've been in under my real name.... alas
Posted by: cleek | September 22, 2005 at 03:26 PM
Why do you use Tor Kyle? What are it's non-paranoid applications?
This depends on your definition of "paranoid."
Tor encrypts everything until the "last hop" to the web site itself, so local listeners (i.e., my ISP) can't read, regardless of SSL. You can (probably) push your IM through it if you want. I've always been a lot more worried about nearby intruders than someone "out there" listening, so tor takes care of that nicely.
I've also remarked that I like the peace of mind of being able to do things that are innocent even when they look suspicious.
Some site owners have contacted the employers of a visitor to express their displeasure at the visitor's behavior. I don't always want to tip-toe around a confrontation because someone knows where I live and isn't afraid to use it against me.
Those people playing referrer games are only playing them with other people (though this is a feature of Privoxy, not tor--they go together like Batman and Robin).
In short, it's liberating.
Posted by: Kyle Hasselbacher | September 22, 2005 at 03:37 PM
Hmm. Aren't there places that outlaw civilian use of PGP? And don't those places tend to be in countries with repressive governments?
Posted by: pdf23ds | September 22, 2005 at 03:45 PM
Why do you use Tor Kyle? What are it's non-paranoid applications?
Depends on where you are blogging from, I guess. Definitely need it in China -- in case yahoo sells you to the highest bidder.
(That's the other thing -- don't leave any email address, even free hotmail/gmail account, on your blog or comment -- no telling when these companies decide to send you to a labour camp.)
Posted by: weco | September 24, 2005 at 07:54 PM
This is really help full thanks
Posted by: jim | September 27, 2005 at 02:30 PM
www.nooneknowswhatthisisat.com
Posted by: Bob | July 27, 2007 at 02:13 AM