Sure, it will be easier for the powers that be to take down something you posted on Tumblr than to take down a Tor hidden service. But that's a completely different matter from publishing anonymously in the first place.
The author also seems to think that publishing images and videos anonymously is harder than publishing ASCII text anonymously. This may be right, but not because of the reasons he cites. If you already have a medium where you can publish ASCII text anonymously, nothing stops you from publishing your media in a base64-encoded form. The real problem with publishing images and videos anonymously is that those media files often contain lots of entropy that could help identify the author, such as location information. No amount of Tor trickery will keep you anonymous unless you thoroughly scrub your media files.
But anyway, they don't have the power to seize your US-based VPS as you cross the border. That would require an actual warrant which requires actual probable cause.
The author focuses on the US, UK, Australia, New Zealand, and Canada as the countries to avoid, but this seems crazy to me. The only common thread I can identify is that they all speak mainly English (sorry Quebec). There are lots of places I would avoid in addition to those; Iran, China, Syria, Libya, ... the list is nearly infinite.
I'm not sure how well TOR hidden service would work behind a NAT though.
EDIT: another way would be to go to the dark side, and get your own botnet.
Just as well as tor works normally.
There are cameras everywhere. If they really want to find you, they will see your face.
Please, please, explain this.
(1) Exif meta-data (Exchangeable image file format) which are things like resolution and dates, but can include serial numbers as well. Here's a handy list of cameras (usually high-end ones) that betray your privacy by embedding a serial number:
(2) IPTC meta-data (International Press Telecommunications Council), though I have yet to see a photo "in the wild" that uses it.
(3) XMP meta-data (Adobe Extensible Metadata Platform). This is added by Photoshop for example. It's two long numbers (DocumentID and InstanceID) which are different for each image.
(4) DRM and anti-counterfeiting stuff that might be added by image editing tools. (Many color copiers do this in the case of paper prints, for example.)
If I were being truly paranoid, I'd use some steganography software to write random "data" across all the low-order bits of any images I _really_ didn't want traced back the the sensor in my camera/phone/videocamera...
Exif is the one everyone knows, but don't discount #3 and #4 (i.e., identifiers added by image editing tools).
To keep a photo untraceable:
Delete the Exif data using a tool like IrfanView.
To edit the photo, download a fresh copy of an open source editing program or a commercial editing tool that does not need registration or activation. After you're done working on the photo, delete the editing program.
For a higher level of security (to guard against the possibility of a GUID or hostname from the OS being embedded in the image), do all of the above on a computer that is not traceable to you, or on a fresh install of the OS, which you wipe after you are finished.
That isn't a danger that you'll be identified from the photo, but it prevents plausible denial at a later date.
cat imagefile | strings | less
However, I disagree with the author about the impossibility of buying bitcoins anonymously. Bitcoins can be purchased anonymously via local dealers and over-the-counter venues. One sends cash along with a Bitcoin address; one gets bitcoins delivered to an address in the blockchain in return.
Examples: http://www.tradebitcoin.com/ , http://localbitcoins.com/ , http://bitcoin-otc.com/
ps. I'm the author of localbitcoins.com, thanks for linking to it :)
The first, is to do as the author attempted: that is to find every way possible to hide your identity. It's a lot of work, and maybe impossible.
The second is to put yourself out there. Be a public figure, unafraid of what you are publishing. Allow people to know who you are and what you stand for. Use your fame to your advantage. Call me an optimist, but the powers that be will have a tough time keeping you quiet if you represent a populist movement. In fact, it's eventually to their advantage to support the cause if it's meaningful and popular enough; the game of politics is won by catering to the masses.
At the end of the day, if you want to be a muckraker you can't be scared to get in the muck. I realize there can be repercussions. But it's far easier to support a face than it is some anonymous text.
When you're publishing things about the Mexican drug cartels, you have to expect that you're going to piss off the gangs. That's part and parcel with what you're doing. Unfortunately, it's sort of how progress is made; if you publish something and get jailed, beat up or even killed, that becomes part of your message. I'm not trying to sound flippant. It's reality. What passes for "anonymity" won't save you, and true anonymity makes it unlikely that what you publish can make a difference. Besides, did truly anonymous publishing ever really exist?
When it comes to getting your message out to make a difference (which I assume is the underlying point), fame and anonymity are opposite sides of the same coin. If you can't achieve one, you're best bet is to focus on the other.
You seem to be saying "getting yourself beaten, imprisoned, tortured, and killed is just part of exposing corruption, get over it".
I don't see that comment as particularly constructive.
Most? That is utterly untrue. I bet you'd be hard pressed to name any.
Besides, if you write under a pseudonym, and participate publicly under that pseudonym, you are no longer anonymous.
Would you like it if people could anonymously publish and distribute hate speech? It's tricky.
I'm making an assumption, but in most scenarios it's the powerful few controlling the masses, and doing so through controlling the flow information.
"It never occurred to either the enemies or the apologists for slavery, that if no one would employ the free laborer, his condition was infinitely worse than that of actual slavery--nor did it occur to them, that if his wages were less than the allowance of the slave, he was less free after emancipation than before." --George Fitzhugh
Can one argue for the return of a more civilized form of slavery without being called evil, a racist, bigot, hate monger, etc.?
It's because so many views that "don't represent a populist movement" and "don't cater to the masses" also don't fall straight into a single bucket ("hate speech", "encouraging violence", "ignorant flaming", "hard truth", "trolling", "devil's advocacy") that I like the American view expressed by geuis. If you're not being forced to listen (because while one may have the right to speak, one doesn't have the right to be heard), change the channel. Starting from this point lets us discuss the potential exceptions like whether we ought to allow television personalities to ask the public to kill someone, and if we do, if someone acts on it does the asker receive some amount of punishment? I think it's important in having a useful discussion to start from a solid position rather than starting from "it's tricky".
Words have an impact on the world. If you call for violence against a group of people, you can be held accountable for that in Canada. Nobody is saying you can't say "I hate <group of people>", but when you say "<group of people> should be killed" you've crossed a line and can be held legally accountable.
It's a tricky issue, but personally I think our system is more in line with most people's natural sense of morality. If I call for violence, and violence happens, am I not at least partially culpable in that violence? Especially if I am a community leader, or other person of influence.
That's an opinion, and precisely why it's tricky. I understand "freedom of speech" is a fundamental representation of liberty, especially to Americans. There is also a school of thought that believes in looking at the normative angle of policy; when things can be determined, objectively, to be hateful or vile, why allow them? I'd rather live in a world that didn't allow hate speech than a world that does. Of course, how do you determine "hate speech" objectively, at the margin? That's the tricky part.
And what is the objective criteria used to determine hatefulness and vileness? I am interested in how such a thing can be formulated in a definitively objective way.
I think by "objective" you probably mean "almost universally agreed", not actually "objective", because I don't think that any truly objective measurements of hatefulness and vileness are known.
Just get a fake account in wordpress, blogger or whatever and post using a public wifi. They will do the hosting for you for free and you will be virtually untrackeable. If you need to publish some video, post it on youtube or a clone using the same procedure as before.
You can even use facebook for hosting (!) if you fake the email.
I really don't get why this guy needs to purchase a VPS to publish.
That's a great way to get out a single message, like a video or a photo or document. If you wanted to publish regularly and develop a following, you wouldn't be able to do that on these sites without constantly being taken down and having to re-find your audience. I think that might be the kind of anonymous publishing he is talking about.
He tried to use a prepaid credit card, paid for in cash, but since the PATRIOT act, prepaid credit cards only work in person (and not even always then).
You can't use prepaid credit cards online without supplying your address and SSN to the prepaid credit card provider first, which most prepaid card providers don't even support in the first place.
Question: doesn't Bitcoin provide for anonymous transfers? Or no?
The problem seemed to be the lack of a billing address -- what are you supposed to put? Nothing worked. On another site that processed their credit cards via PayPal, it didn't work either. I called PayPal customer service and they explicitly told me they don't support cards that don't provide a means to verify a valid billing address and 3-digit security code.
Now, it's not like I don't have other identifiable information on my amazon account (a real credit card, a previously used shipping address, etc), so it's not anonymous, but they do accept prepaid cards.
I run pretty much everything through these cards online to avoid fraud / identity theft issues and prefer the ones that are easiest to register for online purchases.
Bitcoin transfers are anonymous but not untraceable, eg. with enough circumstantial evidence surrounding the transfer you can be fairly certain who made it... if you use a wallet service then its not really anonymous at all if you have access to the wallet providers database.
Here is a thought though: what if you got a prepaid credit card in another country? I suspect somewhere in Europe would be your best bet.
Also, how would the card company know that the transaction was online? It would be shady as all hell, but couldn't the merchant open a cornerstore and ring up all the online orders as chips and a smoothly?
I wouldn't be surprised if by breaking or even nudging their rules comes with a high enough price to kill the whole thing. You would be open to being ripped off painfully and your merchant account would probably be shut down pretty fast.
The legitimate but non-US prepaid card is still something I think could work though. I tried googling about it and didn't really find anything at all though.
The problem with anonymous publishing in a world where you have an authoritative server and DNS is clear. Some server is serving a file. And that server's operator apparently wants to know things.
What about uploading static content to various sites under free accounts?
The only difficulty is having DYNAMIC server generated content, i.e. executing programs to handle a request.
That's not a problem if your recipients are OCR'ing or transcribing the document and make sure the original is destroyed.
Regarding self-reliance: theoretically, there is no self-reliant way to "get data out". Every method requires at least the involvement of the recipient. This sounds pedantic but it's a serious point. If you really don't want to rely on anyone, why are you bothering sending people messages anyway?
If the message is persistent, then some lasting mark on the world has to be made - and there will always be a non-zero chance that that mark can be associated with you.
Methods requiring computers require an unusually large amount of reliance on others, actually. You rely on the hardware and software one is using, up to and including all of the infrastructure between you and your recipients. Computers are fundamentally microscopic phenomena, and yet controlled by other humans: how do you know that your hardware and software is doing what you think it's doing? Without an electron microscope and a great deal of time, you cant. (And even then, the microscope is subject to manipulation, so you can't be fully certain).
There's another problem with persistent distribution of anonymous data, which is the denial of service attack. An entity wishing to stop another from speaking can either stop the speech, or they have the option to parrot the speech, but altered enough to constitute noise, and weaken the opponents position, generally confuse the issue. No system is going to prevent a noise counter-measure, since presumably the system is available for anyone for anything.
Breaking the law:
Break into someone's house, use internet.
Just crack their wep key :)
Coupled with a free VPN over port 443 and you can get access to the whole web.
1) Choose a suitable pseudonym. Heinlein, Orson Scott Card, or Orwell references in the pseudonym get you extra cool points.
2) Generate a gpg key pair and publish the public key.
3) Write stuff. Sign said stuff with your private key.
4) Using Tor, free wifi four towns away, a small computer stashed in a coffee shop set to log in when you aren't there, or whatever methods make you feel safe, post the signed material to several dozen file sharing, pastebin, or other suitably public sites in several different countries.
5) If anybody cares about what you've written, it won't die there. It'll get passed on from person to person long after anybody gets it taken down from anywhere you originally posted.
You can purchase SIM cards from most supermarkets in the UK for around the £1-5 mark and a basic Nokia handset for £10-15. You can top these up using cash at any supermarket checkout with "topup vouchers".
If you top up £15 that gives you 100% unlimited O2->O2 calls and texts for a month.
I reckon with a one time pad system such as the one described at , it is the most reliable, anonymous, secure point to point country-wide messaging system that you can create and it's not expensive or complicated.
I might write the whole thing up as an experiment and hopefully I won't get chucked in jail for doing so!
2. Change MAC address?
3. Create new account on Blogger/Tumblr/etc.
Yes fuck Chinese government, but 5 years later western governments will follow this way
I don't want to minimize the assault on our privacy and anonymity from all directions, but the one positive trend in the US and Canada has been toward less ID or no ID for using Internet cafes.
I remember the early days of Internet cafes in North America, and they very often wanted to see ID.
These days there are lots of public wifi hotspots, where at most they ask for an email address (a throwaway email address works fine). The purpose of collecting an email address appears to be CYA -- they get some assurance that you've agreed to their Terms and Conditions.
Some of the "western" bars even have a vpn running so you can browse facebook when connecting to their wifi.
The danger of retaining your real MAC should be obvious; it's a unique identifier specific to your machine that will at least significantly narrow the scope of the machine/owner your adversaries are looking for if it doesn't give the investigators a direct link back to you (e.g., manufacturer records MAC addresses next to serial numbers, adversary gains access to manufacturer's data and sees "MAC X / Serial No Y sold to consumer Z online").
Depending on the configuration of the router on the open access points, it may be possible to retrieve a list of all connected MACs over the whole lifetime of the router. Then they simply have to correlate, "OK, which machines had a lease when the access from this machine was made?", and then investigate the 5 matches that come up.
This is not very safe, clearly.
That aside, MAC addresses can be easily changed and spoofed.
If one was really concerned, a throw away USB WiFi dongle could be used.
As he said: "No bitcoin service accepts any anonymous funding source; most only accept bank transfers." The problem here isn't bitcoin per se, but the initial trading of bitcoin for USD.
Every bitcoin trade can be traced through the blockchain. So if he does use his true identity to buy bitcoins, they will be able find the seller. And you never know how easily the seller will reveal your identity…
Does anyone know if this was a deliberate political choice in designing Bitcoin (so it wouldn't solely turn into a network for money laundering), or if there just wasn't any way to make the cryptography work for truly anonymous transactions that could still be verified?
2. That said, it is possible to use bitcoin anonymously, you just have to be careful and use some of the techniques described above: buying btc anonymously with cash, buying bitcoins via regular channels and "mixing" them via some online btc mixing sites, and/or generating your own btc but taking care to keep the client on a trusted vpn (like Mullvad, for example). Also, it's interesting to note that -- as far as I'm aware -- none of the perpetrators of the large bitcoin thefts have been tracked down, despite the best efforts of many smart people. And these are people that can be clearly tracked to very specific bitcoins. This may have changed in recent months, but it's certainly not a trivial task to track down even someone who has not used the techniques I describe above.
It's certainly a hell of a whole lot more anonymous than Paypal or credit cards.
For anyone reading this thread, I highly recommend the original Bitcoin paper:
It easily understood by anyone with the equivalent of first year university courses in computer science and mathematics, and it is just nine pages long.
Bitcoin can be made anonymous by swapping coins of equivalent value between accounts; as there's nothing that connects an account to a person, you can muddy the waters enough so that it's impossible to know which coins belong to you.
I think that online laundry services have the potential to be much more effective than an individual operator in most cases, but then you have to decide if you trust btc mixers/launderers and most of them charge a significant fee.
There's no "who". There's a cryptographic hash that may or may not be under the control of a specific person at any given time. If you're smart, the only link an attacker can make is that you used your traceable money to purchase BTC sent to this wallet. Once that BTC leaves that wallet, the chain is broken, because you have no way of tying an identity to that second wallet.
Please take a look at the properties provided by a system based on http://en.wikipedia.org/wiki/Blind_signature for a perspective on the guarantees that Bitcoin lacks. (Unfortunately, such schemes require a Bank and are thus not practical for adoption. still it's instructive to see what other properties are actually possible rather than devolving into the technicalities of performing various degrees of untraceable btc transaction in the immediate future)
It's really a matter of time until all exchanges routinely report their customers and a list is made of all the major above-board merchants. For the sake of the naive users, let's hope this is done openly rather than covertly. FINCEN has decades of experience tracing pseudonymous transactions.
Those arguments could also be applied to Tor. In fact, I'd contend that bitcoin is easier to anonymise than a TCP connection, as you don't need to obscure the transfer in real time.
Yes, this is very insecure for various reasons, and your credit card statement will show up with something you didn't actually buy, but, anonymous payments could be achieved.
Of course, you would have to access the service with Tor for it to be completely anonymous.
 A team of players tryies to track down a solo player on a map with taxi, bus and subway lines. The solo player is invisible and has to give his location every five moves. The best place to be for this is on a subway station, because it means one can get away in many directions quickly.
Put on gloves
Stuff cash into an envelope
Send it to the guys at prq.se
The more you clean up, the more little clues you forgot to wipe out stick out to a forensic investigator. The best shot you have is to produce so much noise that it requires hundreds of forensic investigators working full time to find evidence that you were there among the noise.
Avoiding Echelon & DMCA
( response to http://cryptome.org/2012/06/anon-pub-dead.htm and I assume reader is in USA )
TL;DR: Emulate spammer ecom hosting techniques and/or look at the Privly project
To resist echelon style wire tapping one must use strong non-AES/DES crypto. Stego is a good idea, too. To resist DMCA style censorship and legal liabilities, publish on servers hosted in one of the BRIC countries (Brazil, Russia, India, China) -- China being the most resistant unless material is related to China. This should be a linux based webserver with a non-AES encrypted file system.
Set up a ‘workstation’ in a different BRIC country than where you publish. For less technical people, a MS windows VPS is easiest -- just connect with a remote desktop client. Then run your tools in the remote environment to manage the publishing server. Or just run a ssh server on linux, perhaps with port forwarding. ALWAYS delete the
'workstation' VPS instance when you are finished and create a new one for each use. ISP’s do not retain this type of log data for long and constantly restarting the VPS makes it hard to track because MAC and IP address info can change.
To connect to your ‘workstaion’, start at an internet cafe outside of the district you live in. From there get an account at a Canadian ISP to be your VPN server. Avoid accessing this VPN server from the same cafe/place twice or within 20 miles of your home. Follow published VPN server setup howtos.
On the publishing server, create a fake but plausible cover website for the casual browser. Create a sub-folder that is not linked to or indexed and publish your content here. Hide your content using public key non-AES/DES algorithms with non-standard key length. Publishing with stego inside of image files is one example. Publish
links to your stego encrypted files on public classified ad sites like craig’s list. Publish info on how to find the craigslist.org ads on forums your audience reads. Research ‘fast flux DNS’ as a way of mapping urls to your published content and/or use a publishing server that is configured via DHCP if possible. Configure the firewall to block all IP addresses on the 'anti-P2P' and government lists that are
Payment is tricky, but not impossible. Look into USPS international money orders as a form of payment. The longer a pre-paid cell phone number is active in the system, the more it is trusted by automated fraud services.
Use your ‘workstation’ and pre-paid cell phones to create free email accounts as needed, avoiding major services like hotmail, yahoo, and google.
One could also publish by uploading stego’d pictures to a free porn site via one’s ‘workstation’. The high volume of porn traffic is useful chaff.
Ideally, boot your mobile PC from a Linux live CD and use that environment to work from. Any stored data should be on removable media that has a non-AES encrypted filesystem like Trucryp.
Consider hiring forum spammers to publish links to your content. These folks will not be picky about your debit cards or friendly to law enforcement.
Four layer encrypted connection diagram as proposed:
[mobile PC at cafe, vpn & remote desktop clients] >>> [VPN server at outside USA ISP] >>> [‘workstation’ VPS at BRIC ISP] >>> [publishing server at Chinese ISP]
Essentially each legal jurisdiction one crosses makes government action very difficult. Beware, government corruption can be exploited in these countries if your opponents have enough resources!
I mean, I'm thinking that the hosting costs would be close to zero. (now, the phishing prevention... that is probably effort directly in proportion to how anonymous you let the users be, and could be quite expensive.)
But yeah; Yahoo shuttered geocities while I was there. Is there anything analogous now?
I realize access to binaries groups these days is 99% pay, but at least the stuff would be out there.
I don't see much point in ensuring that all the nodes are on Wifi networks.
One of the advantages of such devices is being somewhat proof against search warrants. (To use one café's Wifi, you might be next door or around the block on the next street.)