[HN Gopher] The Hitchhiker's Guide to Online Anonymity
___________________________________________________________________
The Hitchhiker's Guide to Online Anonymity
Author : x14km2d
Score : 118 points
Date : 2021-03-30 17:28 UTC (5 hours ago)
(HTM) web link (anonymousplanet.org)
(TXT) w3m dump (anonymousplanet.org)
| m0ck wrote:
| Heh, I remember spending hours in college tweaking Firefox config
| flags and then checking which websites broke this time. Nowadays
| I just enable uBlock and call it a day. For ordinary people it's
| jut not worth it. Cool guide though, I will check it out.
| vmception wrote:
| I'm glad they made this chart on their website
|
| https://anonymousplanet.org/media/image6.jpeg
|
| But one should practically note that this is just a practical
| warning. The omnipotence of the Mossad and NSA etc is limited
| too, and their interest in things is also limited.
|
| Basically the attack vector from them is polluting the Tor nodes
| (so that they control enough of them to understand information),
| timing attacks on onion services to figure out locations of
| people accessing the hidden services solely within in Tor, as
| well as undeclared exploits, and feeding local law enforcement
| around the globe the information about you.
|
| But 9 out of 10 things you could possibly even do are not things
| that would have them bother with you, although it is accurate
| that over time you begin to have a problem if you are really
| trying to stay both private and anonymous _and_ are doing
| criminal violations (distinct from civil violations). So just
| keep rotating keys and move with purpose. Limit your Tor session
| to implementation and execution and consider using Tor just for
| casual reading or accessing RDP to actually browse clearnet from
| someone else 's computer.
| tomcooks wrote:
| Create rogue TOR nodes
|
| Use TOR for menial stuff to create background noise
|
| Regularly trade laptops and phones with like-minded individuals
|
| Assume you've been breached and that the government has full
| attention to you
|
| Be as paranoid as possible, any step towards lack of freedom
| for the sake of convenience is unretracheable
| geuis wrote:
| > Regularly trade laptops and phones with like-minded
| individuals
|
| That puts you into a group of people then. Groups are easier
| to infiltrate.
|
| In opsec, people are vulnerabilities.
| vmception wrote:
| yeah running 1 or 2 of your own Tor nodes seems to be pretty
| ideal. One of which being an exit node. Connecting to that is
| the move.
|
| providing an obfs4 bridge seems good too
|
| but I really wish there was a docker container for all this,
| the documentation is all over the place, most of it is just
| on forums that can only be accessed on Tor and those forums
| have unreliable uptime, it is really discouraging but it
| seems like there are some very competent people that are so
| comfortable doing this that one could just assume they all
| have this greater level of OPSEC and infrastructure
| jstanley wrote:
| I possibly misunderstand you, but why would connecting to
| your own Tor exit node _help_ your anonymity?
| vmception wrote:
| your traffic is mixed in with others using your exit
| node, and you control the data and logging of that exit
| node
| simonebrunozzi wrote:
| > Basically the attack vector from them is polluting the Tor
| nodes (so that they control enough of them to understand
| information), timing attacks on onion services to figure out
| locations of people accessing the hidden services solely within
| in Tor, as well as undeclared exploits, and feeding local law
| enforcement around the globe the information about you.
|
| Nicely explained, and AFAIK, pretty much correct.
| metters wrote:
| Mossad's gonna do mossad things
| unixhero wrote:
| Batshit nuts, but I love it.
| simonlc wrote:
| The first sentence of the guide confirms my suspicions
|
| > TLDR for the whole guide: "A strange game. The only winning
| move is not to play".
|
| What I extrapolate from this comment is that there is no real way
| to be anonymous online. So what's the point of the guide then?
| Slow_Hand wrote:
| To reduce your probability of having your identity compromised.
| Because, practically speaking, most of us will need to rely on
| the internet.
| 100011_100001 wrote:
| Making it much much harder.
| jmcqk6 wrote:
| Because people's threat levels are different. There is nothing
| you can do to escape from the NSA, for example.
|
| But there are things you can do to prevent advertisers, or
| other adversaries from just getting your data.
|
| And for most people, that's what they're looking for. I can't
| imagine I'm very interesting to the NSA, for example. But I'm
| probably very interesting to a large number of corporations and
| organizations competing for my attention.
| xioren00 wrote:
| "User > VPN > Tor > VPN"
|
| This suggests to me the author is giving advice based on paranoia
| rather than technical knowledge.
| Shared404 wrote:
| Why is do you suspect this?
|
| It makes sense to me that you would want to hide from your ISP
| and whatever service you're using that you're using Tor.
| xioren00 wrote:
| More complex =/= more secure. Tor, Whonix, Tails, et all have
| sections in their wikis covering potential tunneling setups
| and their thoughts on efficacy and rationale behind them.
|
| From the Tor wiki:
|
| > You -> X --> Tor --> X
|
| > No research whether this is technically possible. Remember
| that this is likely a very poor plan because [#You-Tor-X you
| -> Tor -> X] is already a really poor plan.
___________________________________________________________________
(page generated 2021-03-30 23:00 UTC)