Hacker News new | comments | show | ask | jobs | submit login
A Tutorial on Anonymous Email Accounts (eff.org)
248 points by Garbage 1783 days ago | hide | past | web | 104 comments | favorite

Don't overlook the Google-related footnote at the end:

"Google keeps logs of IP addresses for 18 months, after which they keep logs of three-quarters of the IP address. Three-quarters of an IP address may be still enough to breach your pseudonymity in the case of an FBI investigation."

Contrast this with the explanation from Google's own Privacy FAQ[1]:

"We strike a reasonable balance between the competing pressures we face, such as the privacy of our users, the security of our systems and the need for innovation. We believe anonymizing IP addresses after 9 months and cookies in our search engine logs after 18 months strikes the right balance."

I'm quite surprised to learn that Google equates "anonymizing IP addresses" with "chopping off an octet". I suppose I'm a bit naive.

[1] http://www.google.com/policies/privacy/faq/

EFF didn't cite a source regarding the 3/4 claim in their article. I'd be curious where they got that information since it does conflict with their privacy policy.

I believe the chopping of the octet is separate to the anonymization, unless they haven't updated their docs:

What does it mean to anonymize the logs?

We will change some of the bits in the IP address in the logs as well as change the cookie information. We're still developing the precise technical methods and approach to this, but we believe these changes will be a significant addition to protecting user privacy.


Edit: I think I'm wrong about this.


After Google announced its log retention policy update in 2008, C. Soghoian asked Google for details about the log sanitization process. He then published the following response from Google [34]:

After nine months, we will change some of the bits in the IP address in the logs; after 18 months we remove the last eight bits in the IP address and change the cookie information (emphasis our own). It is dicult to guarantee complete anonymization, but we believe these changes will make it very unlikely users could be identi ed."

Here is the better [and shorter] version of this tutorial: 1. Download Tor 2. Signup and use tormail.org 3. Done.

I surprised eff.org didn't even mention tormail.org - this email forces you to use Tor, essentially forcing you to never make mistake of using non-Tor browser.

And who is to say tormail is not a honeypot?

Use tor+gpg and does it matter?

If one is using tor+pgp I don't think the venue really matters all that much. I'd personally use a pastebin-like place (public or .onion, doesn't really matter) than an email server. Anyone know if there's an active NNTP network in onion land?

Agreed (unless you exchange the keys in a way that is traceable by honeypot owners).

Use an email provider wholly owned and hosted in a country that's non-cooperative with your country, preferably one with an official language that differs from your country's. That alone will help you avoid standard subpoenas / legal requests.

Add Tor and encryption on top of that and there is almost no chance of government interference, unless you're a terrorist / subversive.

Why use email? I know some drug dealers who are pretty IT savvy and they simply setup Pidgin with OTR on their computers. Some had Macs with Adium.

Then they would message each other to go on OTR.

That's all you should send in an e-mail or text message, "go on OTR".

If I understand correctly, the key feature of OTR is its plausible deniability; the messages you send do not have a digital signature that a third party can use to verify their integrity, but the other party in the conversation is able to verify them.

Is that really going to hold up in court? Surely by the same token I could dismiss absolutely everything there is any record of me sending or receiving over HTTP because it could theoretically have been forged or tampered with in transit.

The most useful feature (of course, not a unique feature) of OTR is perfect forward secrecy. This means that, unlike GPG, you can lose your private key and not give up everything you have ever encrypted.

The plausible deniability stuff is probably not that useful in court, as you note.

If the 'plausible deniability' is not that useful in court, that means it isn't plausible deniability. It's better to say that OTR doesn't provide plausible deniability, even though it claims to, if that's what you believe. (I don't have an opinion either way.)

It's plausible deniability, but that alone isn't sufficient to avoid prosecution in most jurisdictions.

The standard in most jurisdictions is proof beyond reasonable doubt. I don't think the OTR plausible deniability would be considered reasonable doubt, especially if the content of the messages is corroborated by other evidence.

I always thought the term plausible deniability implied reasonable doubt, and that if it didn't, it wasn't plausible deniability. I mean, there's not much point in claiming something offers plausible deniability if it isn't a valid defense in court. Or is there?

Do you have an example from actual case law? All I have is Wikipedia:

"Plausible deniability is also a legal concept. It refers to lack of evidence proving an allegation. Standards of proof vary in civil and criminal cases. In civil cases, the standard of proof is "preponderance of the evidence" whereas in a criminal matter, the standard is "beyond a reasonable doubt." If an opponent lacks incontrovertible proof (evidence) of their allegation, one can "plausibly deny" the allegation even though it may be true."

However, deniability becomes less plausible when there's other evidence that makes deniability harder... i.e. Someone claims to have had a conversation with you, the logs of the conversation exists and that person can corroborate that the person on one end was them. Of course you can claim that someone was impersonating you, but what if later you had a recorded phone conversation referencing the OTR conversation, etc.

In and of itself, a piece of evidence is plausibly deniable. In the face or corroborating evidence, it may not be.

Alas, however, I do not have an example from actual case law.

EDIT: I knew I had seen some case law sort of related to this before and it was in re Boucher and US v. Fricosu. They are not directly related to "Plausible Deniability", rather they compelled defendents to decrypt their hard drives. Certainly in the Boucher case there was reason to believe that the contents of the drive were incriminating (the file names were the giveaway, I believe) so perhaps this does not fit in to the exact facts we are trying to recreate, but those are the only two cases that relate that I can recall.

Thanks for elaborating, I better understand the claim that OTR plausible deniability is not that useful in court now.

Is plausible deniability an actual legal concept at all?

I see it used here and on other technical forums in topics like this, but aside from that I've only ever heard of it in political, not legal, contexts.

Any lawyers able to shed light?

Of course, if you use Adium with OTR, absolutely remember to disable logging which is on by default (http://trac.adium.im/ticket/15722).

While OTR might encrypt contents, isn't there still an IP trail at either end plus all the providers in between? A list of associates of a drug dealer is probably more harmful than what was said.

Yes, but the IP trail is from dealer A to gmail.com and dealer B to gmail.com. Along with non-dealer C through everyone else in the world.

Holy shit, seriously who is running the EFF these days? I haven't checked in since the 1990s. This was the absolute WORST article on privacy I've ever read in my life.

FUUUUUU... did they just advocate for people to use Hushmail? The same proprietary, for-profit organization that when contacted by the FBI they present the user with a decoy login screen so they can capture your password in the clear and then decrypt your entire history to hand over to the feds?

Nobody should be using hushmail in 2012, not after multiple court cases that have detailed exactly what hushmail has done for the feds. Hushmail has sold their users out so many times I can't count. It's useless cloud encryption nonsense.

If you really want to send an anonymous email, you use mixmaster, torrified. Period.

If you need a method to be contacted by people who are clueless you then sign up to privacybox.de a free service provided by the German Privacy Foundation and you upload your public PGP key and have it forwarded to a tormail account. Reply through mixmaster encrypted

If you're really paranoid you have mixmaster post encrypted emails to alt.anonymous.messages and skip centralized email servers like tormail all together


This is how send email torrified with Jondo live privacy CD, or just install mixmaster on your own linux/bsd computer and use full disc encryption + pgp.

Screw the EFF after reading that tutorial. It should be burned to the ground and an entire new organization built if this article is their best advice.

I was going to down-vote this, but if you skip out your insults, your information is likely worthwhile. Your comment would have been far better without all the extra attacking gumph, which adds nothing and makes you less likely to be taken seriously.

Much easier to use is Bitmessage:


It works similar to Bitcon, is decentralized and does not rely on trusted third parties (e.g. for signing).

Whitepaper: http://bitmessage.org/bitmessage.pdf

Would like to give this a try, but I don't use Windows. Should it work on Linux? I imagine a lot of early adopters of such a system would not be using Windows...

It works perfectly fine on Linux. You need Python2, PyQt and Sqlite for it to use though.

(run: python2 pybitmessagemain.py)

In many cases, hard core security around email isn't necessary. For light privacy, where you simply don't want the other party to immediately be able to google your address (i.e. craigslist or online dating) I want to recommend Gliph Cloaked Email. https://gli.ph

I run Gliph and am happy to answer questions about the level of anonymity you can achieve if anyone has any.

> We encrypt data with 256-bit SSL in transit and AES-256 encryption before it hits disk.

Your website copy does not inspire confidence in your ability to properly implement cryptography software.

For us crypto-ignoramuses, what's wrong with what you quoted?

>> We encrypt data with 256-bit SSL in transit and AES-256 encryption before it hits disk.

> For us crypto-ignoramuses, what's wrong with what you quoted?

First off, it is very easy to get cryptography wrong. I wouldn't trust most people with being able to implement cryptography software correctly.

Buzzwords like AES and SSL are used to convey a sense of security. Their 256-bit SSL uses AES-256 to encrypt data in transit. While using AES-256 to encrypt a file doesn't mean it is secure. The mode of operation is very important. The following wikipedia page has a picture that was probably encrypted with something like AES-256. I will let you guess what the original picture was.


Another issue not discussed is key management. To encrypt the files with AES-256 they need to have the key. If someone breaks into their server, the server will have the key and the files. It becomes easy to break the security.

How do you encrypt data stored on your severs?

Also, the gli.ph https certificate will expire in less than two weeks. You may want to renew.

Of course Petraeus could not exactly have installed tor and started visiting hushmail.org without instantly being considered suspect.

From work maybe, but would that have been the same from home?

if all you want is to receive mail, the CCC offers anonymous one-time adresses: https://anonbox.net/index.en.html

What about something like mixmaster[1]? Obviously more complex than using tor browser bundle with a webmail provider, but is it still viable for geeks? What are the risks?

[1]: http://www.debian-administration.org/articles/483

Mixminion[1] is the next generation anonymous remailer that was designed to fix some problems with mixmaster. You might want to use that instead, if you can.

[1] - https://en.wikipedia.org/wiki/Mixminion

It seems to me that a government sponsored virus would look for a fingerprint for something like Tor. Whose to say the virus isn't a virus but rather a part of a retail product placed there in cooperation between industry and government.

If you want true security you need to use open products.

What about Opera's FastMail.fm? They are not even based in US, so that might help. I see it's not free anymore though, but it also has no ads, so no tracking for that either.

They could've also used RetroShare for both encrypted chats and mail, and it should've been pretty anonymous as well since it's P2P. This is not something most people would be willing to do, but for someone like Petraeus, it could've been useful.

For most people using something like Jitsi for encrypted chats and video-calls is much more bearable, although you still have to watch-out where you sign-in from and where you create the account, so you'll probably have to follow the whole Tor browser part EFF mentioned in the beginning, if you want anonymity as well.

Regarding FastMail and the US.

* FastMail have their servers in New York City (as well as on Iceland).

* Opera Software do have an office in the US.

I have no idea to what extent that puts FastMail under US juristriction.

(Disclaimer: I work for Opera Software, but not on the FastMail team.)

I2P's mail system may be safer than this (certainly much more anonymous since you don't have to transfer any money at any point in the process), depending on the content of your mail and the level of trust you feel for the person running I2P's mail system.

There is also Tor Mail as an anonymous email service.

Nobody knows who runs the Tor Mail service. This is good because nobody can order them to give up information about you. However, it's also bad because you've no idea if it's being run by responsible people, a government agency, wikileaks, or just a few nosy kids. You should still definitely use PGP encryption if you're using it.

Shouldn't you always be using pgp anyway? Its not like you should trust someone like hushmail either.

Speaking of, has a replacement for firepgp (an awesome Firefox pgp plugin from some years ago) ever cropped up? It was so idiot-proof it was beautiful, and had the project not closed down, I probably would have rallied friends and family to use it.

The problem is that it was not reasonably secure. As I understand the complaint, you can't integrate PGP into an extensible, skinnable interface securely. There's not firefox or OS support for making that kind of thing doable. You'd want to have some sort of OS and app support for being able to encrypt a message in a widget on a GUI layer above the browser and then transferring it in, so that PGP and Firefox never come into direct contact. Qubes OS has a rough mechanism for keeping different security-level apps separated, and identified via a colored window border. I wonder if something similar to this is the correct solution.

I don't think that the problem was that Firefox or the OS weren't secure enough. Afaik the problem was that FireGPG worked inline with the original page, and thus a hostile JS on the page could intercept the plaintext.

I think something like the "It's all text!"[1] addon with GPG enabled editor should be reasonably secure.

[1] https://addons.mozilla.org/en-US/firefox/addon/its-all-text/

It's may be more secure than accidentally messing up because you were cut/pasting into a text box. A 0-day on firefox could extract your key which is bad. So could a keylogger + ftp that was installed via a 0-day on firefox if you were using an external application.

Actually this was just released!


Related - Does anyone know of a good tutorial out there for setting up PGP?

What mail client are you using?

If you're using Thunderbird or mutt, it's really easy and there are several tutorials out there that will be helpful.

If you're using webmail (particularly Gmail), it's easy to do badly, and I'm not aware of a way to do it properly (short of manually encrypting everthing and copy/pasting it).

Setting up the keys, though, is really easy on Linux: http://www.enigmail.net/documentation/gpgsetup.php#generate

And I wrote a blog post about something similar, but it hits a lot more bases than just using Tor. Tor has issues of its own.


Under your Public WiFi heading, you should add a warning about surveillance cameras, POS credit card trails, and employee memories. These days, cameras are everywhere, and video storage has gotten very cheap. Assume investigators will visit each shop from which you surfed and act accordingly.

Best to buy your coffee at coffee shop A and do your surfing from near but not in coffee shop B.

Also, if, for instance, you are on a book tour to hype your biography of P4, be aware that, even if you follow WiFi best practices, you will still be leaving a geographic trail that investigators could find very interesting.

It makes me wonder why the government works so hard to get new powers of investigation. It seems easier to catch someone now than it ever has, despite the preponderance of new privacy tools. Using good old fashion police work like warrants, subpoenas, plea bargains, surveillance, etc, police can put together a lot of pieces that add up to a whole (I make a comment elsewhere in the thread about the problem of plausible deniability in the face or corroborating evidence). Why the hell do they need more tools?

Perhaps someone in law enforcement could shed some light on this. After all, I am looking at this from the outside.

Or the inside, depending on how you look at it.

That is a good idea. Mind if I include this post as a block quote, citing your username?

Probably easier and more secure to just boot in a tails live system (usb, cdrom). This system uses tor and has everything installed and configured to protect your privacy.


Good suggestion. Also as a warning, don't (!) just use TOR as a proxy, through your everyday browser. Your everyday browser has probably enough configuration to be easily identifiable. That's why the torproject now emphasizes the use of the whole tor browser bundle.

For more information:

http://browserspy.dk https://panopticlick.eff.org/

You still need to create an email account with a host who is at least semi-aware of the importance of privacy and cryptography (e.g., not Google). You can't make new Google Accounts from Tor nodes without additional verification (your phone number); same is likely to be true of all major email services.

Accessing your Gmail through Tor and thinking that makes you "anonymous" is just going to tell everyone that you failed at being sneaky.

>Accessing your Gmail through Tor and thinking that makes you "anonymous" is just going to tell everyone that you failed at being sneaky.

Thats a great slogan for a T-shirt :).

Oki, for a bit more seriousness... One could in theory create an account on google through tor, verify the account with a burn phone, and be rather unidentifiable. Its just kind of costly, so just bad guys with anonymous cash that can do this and not journalists.

I'd use Tor way more if it wasn't so damn slow. Of course security is a priority, but it's just not usable for me.

If security is a priority, then set up a Tor node! :)

Then brace yourself for a flood of DMCA requests and law enforcement attention in 3.. 2.. 1..

Not if you only set up a Tor node to be used as an internal relay within Tor network (you're doing a good job nonetheless), not as a tor exit (exit point to internet/clearnet). The latter ones are those that might get some heat. As long as it's an internal relay node only, traffic in/out is encrypted end-to-end, and I haven't heard of any problems in terms of law harassment etc.

Of course, I should have specified I was referring to exit nodes.

Without the exit nodes, the relay nodes are nothing; just a bunch of people playing hot potato with encrypted data and no one prepared to take the heat by attaching their details to it.

have you experienced this? i've run tor at various times over the years and the worst i've experienced is being blacklisted in a relay list.

(and i find it frustrating that there's always someone - apparently with no experience - who suggests the very worst when people mention this)

An instance of a Tor exit node operator being raided for child pornography is on the front page of HN as we speak.


come on. you know as well as i do that this is rare.

really, this is the height of technical cowardice. searching out exceptions for what is not only a good cause, but one that is statistically safe.

it happens regularly when tor is mentioned. there seems to be a certain kind of person that takes delight in looking for extreme examples to justify their own lack of moral fibre.

Wait, did you just suggest that I have a lack of morals because I referred to a link on the front page of HN? Kindly go fuck yourself.

Also, it doesn't matter if there's a one in a million chance that running a Tor exit will get you raided for child porn -- the vast majority of people will not take that risk to help others remain anonymous on the internet.

Do you mean as a relay or exit node? Exit nodes are the ones that take the heat.

I would be very surprised if you've run a Tor exit node for a considerable period of time without incident, even if it's just abuse notices from your upstream provider.

Sorry for the perhaps extreme naivety, but does this actually happen to people who set up Tor nodes?

In germany some servers were collected by the police but relatively promptly returned once they figured out that they were tor exit nodes. Still, you're the first person that the police can get a handle on, so at least expect some questions once in a while.

I don't know about any other country, but you might just consider hosting the tor exit node in a country with more friendly laws and then use a VPN to connect there.

Indeed, you're probably protected by safe harbor/mere conduit laws in most jurisdictions, but you're still liable to become the subject of law enforcement investigations and have your equipment seized.

More hassle than it's worth.

It can happen if you run an exit node, because your IP is visiting bad sites. If you run a relay node without exit, this should never happen because all you're doing is moving around encrypted packets to other Tor nodes.

What about running my own e-mail from my residence or contained within a data center on a computer that I personally own (that is, not leased from the hosting provider) and connected to the Internet via a subscription in my own name? I'm rather curious about what legal areas this might fall into.

> connected to the Internet via a subscription in my own name

I thought the article was about anonymous e-mail. Anonymous as in, nobody can tell who you are, not even the Feds. Anything you paid for with your credit card is probably not going to meet that criterion.

Good point. I was more wondering about this as an alternative to purely anonymous e-mail in light of one of the reasons why people try to avoid having e-mail tied to them (government having a peek).

There was an article on HN a while back about a server removed from a DC by the feds; that's one risk.

If you have the server at your home sending emails, it will be trivial for law enforcement to figure out where you are and show up at your door with a warrant to sieze your computer.

Yes, I'd like to hear about what other people are doing for private email too. Anonymous is pretty special case. How is everyone protecting day-to-day communications?

They say that Hushmail keeps your mail in plaintext. But does it?

From what I heard, they encrypt your mail even on their servers.

However what kills the service for me is the need to pay if you don't use it reguralry - and there is no way to pay for hushmail anonymously (read: with bitcoin).

Hushmail is encrypted, but not anonymous. As you say, your details are tied to hushmail when you pay for it. Your account and data are all tied together.

Hushmail complies with validly formed legal requests - to the extent of crafting a backdoored version of their Java software and pushing out to the target user.

Some regions have laws compelling people to make the plaintext available.

Hushmail is useful for secret communications but only if you understand the limits.

Secrecy, privacy, and anonymity are trivially easy to break completely and hard to get right.

It doesn't really matter whether they encrypt it on disk: the scenario here isn't that their disks get stolen, but that law enforcement makes them decrypt your mail. The only way to get in the way of that is to encrypt it yourself, see GPG etc.

Also: isn't a bitcoin transaction really difficult to anonymise, with the global transaction record available to the whole world?

About bitcoin: It depends.

Yes, it is not fully anonymous, but you can make it reasonably anonymous quite easily (infinitely more than any credit card). Just trade it for cash with someone you know in the first place, then send it to MtGox and back, then send it to something similar with online wallet and back, and the result is reasonably anonymous.

Also the default client does what it can to obfuscate all the transactions - with every outgoing transaction, the "change" goes back to you, but at completely different address. This causes that after a few transactions, it's basically untrackable.

There are some bitcoin launderers that can simplify it, but it should be clarified that much like PGP, anonymity/security is not just as simple as downloading a client and using it. You need to understand the model and its implications, or it's pretty easy to make links in the blockchain that'll give you away to an interested, resourceful party.

Bottom line: Do NOT think bitcoin is safe for your usage until you've done sufficient research to ensure that you're using it the correct way. Bitcoin is NOT private by default, it's up to you to protect the identities behind the transaction endpoints, including nearby txs. If you get bitcoins and then immediately send them to your brother's public address, or launder these only lightly, or use a MtGox address that is linked back to a scan of your driver's license somewhere in the laundering process, or if you buy your bitcoins from your brother and HE doesn't launder very well, or the guy from LocalBitcoins got curious and did a bunch of research before your exchange and the feds contact him because the coins came from an address tied to his identity, or something else like that happens, you are going to get caught if someone is interested in catching you.

It's more complicated than just downloading the client and waiting four days for the blockchain to download. :)

IANA privacy expert but isn't the point of the OP that "reasonably anonymous" == "not anonymous to a major government"?

It seems better to think in terms of "anonymous" and "not anonymous", The End.

Isn't the point of bitcoin to have anonymized transactions, even though their record is available? AKA. you can know someone bought something, but you can't identify the parties?

It's not fully anonymous. Say my friend gets some bitcoins completely anonymously by doing something illegal. And then sends them to me completely anonymously. And then I go and spend those same coins on something like web hosting which ends up having some link back to me, eg I accidentally log in to it without using Tor one time.

The police can then trace that hosting account back to me personally from my IP, and then ask me who sent those coins to me. Even if I refuse to tell them, they can still look at my various contacts/friends/family to see if any of them are likely to have committed the original crime, and investigate further.

You can even connect to the bitcoin network via Tor. The risk comes when you spend them. If there's any connection between you and the recipient of those coins, then you're potentially screwed.

> The police can then trace that hosting account back to me personally from my IP, and then ask me who sent those coins to me. Even if I refuse to tell them, they can still look at my various contacts/friends/family to see if any of them are likely to have committed the original crime, and investigate further.

Has that ever happened? If there's no way to verify that a transaction was made it would not hold up in court. In the US for stolen property it's possession that's what gets you in trouble. If the cops find you holding a laptop that was stolen the day before it doesn't matter if you paid some guy off Craigslist for it, you're in trouble (at least out your money, but if you can't prove you paid for it you're looking at a felony). What they won't do is investigate everyone in your address book (no probable cause).

Is using something like iPredator [0] VPN secure enough for logging into a pseudonymous email account? If you never (ever) use a different IP address to log in to that account?

[0] https://ipredator.se

iPredator is using pptp which is very insecure. (The original authors of the protocol recommend that you shouldn't use it). It is also considered to be cryptographically broken as of last month. (http://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protoc...)

A list of reasonable VPN providers is available here: http://torrentfreak.com/which-vpn-providers-really-take-anon...

(If you are using a VPN, you have to be aware that there is a lot of snake oil. Finding a good VPN provider is very difficult, and then purchasing the VPN anonymously is even more difficult.)

Ipredator started supporting OpenVPN a few months ago.

It has to be setup to fallback to no connection, otherwise you will almost certainly accidentally hit the page at least once with your real IP.

Well, after reading this I realised that the first thing is to monitor and tame your outgoing traffic. So I renewed my Little Snitch license. And started to consider wiping the Skype off the machine.

Man, what a weak article. I was expecting some cool tutorial on setting up tormail or something equivalent.

Hushmail? Seriously? They have no qualms with cooperating with authorities at the drop of a hat.

Plug : If all you need is to receive an email Air Mail is right for the job - http://getairmail.com

You could use one of the several temporary mail boxes to exchange messages.

Presumably you'd save anything important on a flash drive or something remote.

What about sharing secure notes via LastPass?

worth mention that hushmail are known to turn over email accounts at the drop of a hat

The EFF is right, this is still way too hard.

Actually it's a little harder still. For instance, when your browser makes requests in your behalf, it provides the destination server with a lot of information which can be used to identify you (at least temporarily)[1]. To get a better level of anonymity, one should at least use a combination of Tor and privoxy [2].

[1] https://panopticlick.eff.org/ [2] http://www.privoxy.org/

Your information is out of date. The Tor project no longer advises the use of privoxy, and advises all users to use The Tor Browser Bundle. This is specifically configured to make all Tor users look the same, precisely because of browser fingerprinting.

Thank you for the heads up. I didn't know that the Browser Bundle also took care of fingerprinting.

I could have sworn there was a "Show HN" which was a basic implementation of the Panopticlick browser fingerprinting, but I can't find it...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact