43

I recently saw this post on reddit: How to be completely Anonymous online (June 2012).

But the majority argument, both on reddit and on comments on that post seems to be that it is not possible to be completely anonymous.

Is it possible to be completely anonymous? How credible are the tips on that post? How can I have a complete anonymous setup?

Tsundoku
  • 127
  • 1
  • 5
wannabe-anon
  • 431
  • 4
  • 3
  • I direct you to [this](http://security.stackexchange.com/questions/16412/how-to-trace-malicious-hackers) question i asked recently, which does have some useful information. –  Jun 25 '12 at 15:27
  • 1
    Your connection to the internet is hardly anonymous. Your service provider knows exactly who is using their service because you pay them. – Ramhound Jun 25 '12 at 17:29
  • @Ramhound proxies and secure protocols are pretty useful. – cutrightjm Jun 25 '12 at 18:37
  • 2
    The [9th Immutable Law of Security](http://technet.microsoft.com/library/cc722487.aspx#ECAA) covers this. – Iszi Jun 25 '12 at 18:53
  • 1
    @ekaj - So your ISP has logs of your use of a proxy. At which point your proxy can be connected to you. – Ramhound Jun 25 '12 at 19:58
  • @Ramhound "_So your ISP has logs of your use of a proxy._" which ISP keeps logs? – curiousguy Jun 25 '12 at 20:59
  • @Ramhound how does it matter if your ISP knows your connecting to a proxy? I don't see that as a security compromise. – Celeritas Jun 26 '12 at 20:05
  • I tried http an socks5 proxies with high anonymity but http://mylocation.org was able to detect my real IP anyway. – user26184 May 22 '13 at 07:22
  • @Celeritas => NSA - META DATA COLLECTION - NUFF SAID. Analysis of this can link you to activities. – Fiasco Labs Sep 10 '13 at 17:49
  • 7
    Best way to stay anonymous: Shut down your machine. Never turn it on again. Ever. – TheRookierLearner Sep 10 '13 at 20:56

5 Answers5

20

To answer your question about whether it's possible, I will say it is next to impossible to be completely anonymous online. I will address the major issues that lurk outside the realm of technology.

  1. People make mistakes and even the slightest mistake will break the "completeness" of anonymity. Mention the weather or forget to enable your proxy and you're done for.
  2. Behavior can be analyzed (e.g. slang and idioms may locate you).
  3. Behavior can be correlated (e.g when you are home vs online)
  4. You have to connect somehow. Everything between your body and your means of anonymity is exposed.
  5. Some offline threat may out you.

I also have a philosophical objection to the concept of complete anonymity. Any behavioral pattern/tendency - no matter how subtle it is and no matter how many aliases you have - exists. That is your identity and it is out there for all to see. This doesn't just include having a public social presence either. What type of links you click, what sort of things you download, etc. per session may not be able to be easily correlated with other session, but it is still a potentially consistent pattern and you.

For advice on staying anonymous, I direct you to "How do hacking groups register domains remaining anonymous?". The concepts there can be applied to other transactions.

Community
  • 1
chao-mu
  • 2,801
  • 18
  • 22
  • "_I will say it is next to impossible to be completely anonymous online._" to be online doing what? Exchanging ideas, or just downloading stuff? – curiousguy Jun 25 '12 at 21:02
  • @curiousguy Both. Some of my examples mention language, but all the concepts still apply to just downloading. – chao-mu Jun 25 '12 at 21:24
  • "_or forget to enable your proxy_" You can use packet filtering (aka "firewall", but I prefer "packet filtering") to block the HTTP and HTTPS TCP ports on exit. This will make normal browsing impossible, but connecting to a proxy possible (and if the proxy uses either HTTP or HTTPS ports, you can make an exception for just its IP address). – curiousguy Jun 25 '12 at 22:45
  • I was giving an example, hence the e.g. I'm pointing out that things can be forgotten, packet filtering rules can have bugs, etc. I am just trying to illustrate that people make mistakes and that was (I felt) an accessible example. – chao-mu Jun 25 '12 at 23:40
  • 1
    "_I'm pointing out that things can be forgotten, packet filtering rules can have bugs, etc._" I understand. I was not trying to disprove anything you wrote in your answer. I was pointing-out that **packet filtering can protect against stupid configuration mistakes**. And I also believe that packet filtering (which is difficult to get right) should be used mostly this way as a protection against misconfiguration, not as a protection against attacks. – curiousguy Jun 26 '12 at 00:00
  • Brilliant idea, really. It would be an interesting topic for an article. Lot's of things to talk about, e.g. DPI alone. People talk about ways to prevent corporate data leakage, but I bet some of those same methods are applicable to the individual. – chao-mu Jun 26 '12 at 02:29
  • We should focus on trails of electrons and their metacontent. Your phone, bluetooth, a wireless router, they are all threats. The phones of people around you. Patterns of behavior. You have to cut trails of electrons, and that means turning things off, which is itself a nice piece of metacontent. Then you are ready to get onto the big collection platform and type away. – Patriot Jun 07 '19 at 02:14
13

Yes, it's technically possible, but you have to really, really know what you're doing. In other words, if you have to ask, then the answer is no.

Every connection on the Internet can be tracked, but it can only be tracked so far. When tracing a connection, the person goes host by host, following clues, reading logs, working with whatever data he can get. But if there are no more clues, then the trail ends.

If you can tunnel your connection through enough intermediate hosts which do not keep any logs of your connection, through countries from which it is difficult to obtain records, through organizations which do not have the infrastructure to do sufficient record-keeping, then re-tracing that trail gets impossibly difficult. It is hugely more difficult to follow a trail after-the-fact than real-time because ephemeral connection data is simply not retained; once the connection ends, systems tend to forget everything about it.

But there are plenty of clues that could leak through even the most carefully constructed web of misdirection; if the tracker can determine your identity just by watching the conversation, then he doesn't have to follow the trail at all. And the misdirection only works if the tracker tries to trace you back the path you came. If suspicious traffic is seen coming from your house, then it doesn't matter how many hops it takes to get to where it's going.

And just as importantly, you are no longer anonymous if you start to establish patterns. You can be anonymous just once, and then after that you start to build an identity -- a false identity, perhaps; but that doesn't mean that the identity can't be matched to you one way or another.

If you intend to make any decision based on your ability to be anonymous on the Internet, then you will probably eventually end up disappointed with how it turned out.

And absolutely, definitely do not bet on consumer-grade anonymizing services and proxies. If it's popular enough for you to have heard of it, then it's a target for surveillance.

tylerl
  • 82,665
  • 26
  • 149
  • 230
4

Tor is considered to be one of the most anonymous networks. Put simply it works by encrypting the transmission with many proxies' public encryption key, then passing the data through the proxies in the order it is to be decrypted so that each one strips away its layer of encryption until the original data to be transferred is left and sent to the final destination. This way even if a proxy is compromised the data still has the remaining layers of encryption, also all but the first proxy have no contact with the sender. This service is free and you can find them here.

Also Torrent Freak had an interesting article on VPN providers who claim not to log.

By the way your link is broken.

Edit: I thought these were great anonymous P2P projects that didn't get enough attention

  1. http://mute-net.sourceforge.net/
  2. http://antsp2p.sourceforge.net/ and http://sourceforge.net/projects/antsp2p/
Celeritas
  • 10,089
  • 22
  • 79
  • 144
1

While security is the degree of protection against danger, damage, loss, and crime, being truly anonymous is a matter of view and perception. As Chao very well pointed out, things like behavioral analysis can be used to narrow down on an individual, but are insufficient to convict him.

Anonymous:

Not identified by name; of unknown name.

If we use that definition then just having behavior analysis experts cannot identify you as a particular individual. Only narrow the search area.

Therefore, the question to be asked is not "how to be completely anonymous online" but instead "How do hide from someone online". The reason is that different people use different tactics to find individuals.

Allow me to explain...

VPNs, proxies and Tor anonimise you to an extend that a particular 3rd party organization cannot later "backtrack" you. However, they do reveal your identity to the first node in case of Tor or to the proxy server itself.

If the node/servers keeps logs, you're identified then and there. If not, the telecom authority could hypothetically still have connection logs between your IP and the server, which could then get you identified.

What I'm trying to explain is your question is too vague in order to give a definitive answer. Just as security, anonymity is a degree of perception towards being anonymous.

To be frank, no one can be truly anonimous in real life or virtuality, since for any kind of communication an identity is required, and although we can give this identity any name we want, it is the core of our persona that cannot be faked, and therefore we cannot be anonymous.

lacking individuality, unique character, or distinction: an endless row of drab, anonymous houses.

If we apply the same concept in technical terms of TCP/IP, then without a unique IP we cannot communicate, and having anything unique is against the second definition of being anonymous.

Reference: http://dictionary.reference.com/browse/anonymous

Rohan Durve
  • 2,321
  • 16
  • 19
  • 1
    "_they do reveal your identity to the first node in case of Tor or to the proxy server itself._" **they only reveal an IP address**, which is an Internet access identity, not a personal identity. An IP address can be shared by many people. – curiousguy Jun 25 '12 at 22:17
  • 1
    That single IP can be tracked back to you if someone wanted to try hard enough. I mean, they would at least they the exact location it was leashed out to. – Rohan Durve Jun 26 '12 at 12:34
  • 1
    "_That single IP can be tracked back to you if someone wanted to try hard enough._" Not in general (not if the IP is shared by many persons) "_they would at least they the exact location it was leashed out to_" not in general (mobile) – curiousguy Jun 26 '12 at 19:09
1

The alternatives to attempting to hide your traffic directly is to run a tor exit node. Configure squid to transparently proxy that traffic and then surf entirely on Tor. Now some nodes will know your presence, but traffic analysis won't be 100% effective since you're caching your (and your visitor's) outbound requests. You are running the first node and if you only surf when your Tor node is being used to move other data around attribution will be incredibly difficult (but not impossible.)

curiousguy
  • 5,038
  • 3
  • 25
  • 27
Ori
  • 2,757
  • 1
  • 15
  • 29
  • 1
    Care to explain that caching thing? – curiousguy Jun 25 '12 at 21:01
  • A not terrible resource on squid transparent proxy: http://linuxdevcenter.com/pub/a/linux/2001/10/25/transparent_proxy.html – Ori Jun 25 '12 at 21:21
  • "_transparent proxy_" Why would you want a **transparent** proxy? – curiousguy Jun 25 '12 at 21:44
  • you send all the tor exit node traffic destined for port 80 out the transparent proxy. So anyone using you as an exit node would proxy through it, but their access would be cached when they go to visit sites. When you go to visit various sites, pieces, or their entirety may be cached, this makes timing analysis difficult for an outside observer. – Ori Jun 25 '12 at 21:58
  • 2
    "_you as an **exit** node_" this is a key information – curiousguy Jun 25 '12 at 22:04