|Oregon State Bar Bulletin NOVEMBER 2008|
Hiding from Prying Eyes
By Richard Abbott
This article describes some of the basic tools available to avoid being watched while online. This is not an article about picking good passwords, or not giving out personal information. This is an article describing tools for avoiding surveillance, be it illegal or otherwise. These tools allow you to play in the big leagues but they are also simple, free and totally open source. Some are good for everyday use, but most should be keep in your back pocket for that day you really need to not be watched.
Use Onions to Hide Your IP Address
The Onion Relay (TOR) is a network of encrypted proxy servers run by members of the public. TOR bounces internet traffic over random chains of these proxies to effectively mask the sender’s IP address from everyone involved. The use of a layered encryption protocol (the onion) means that anyone listening in on your internet connection will not be able to read your traffic. TOR users may access most all internet resources including web pages, IRC servers or even peer-to-peer networks without worry of wiretaps, packet shaping or other monitoring efforts by network administrators, ISPs or law enforcement.
The TOR network is sustained by those users who choose to donate bandwidth by hosting proxies, but anyone with the appropriate software may access the network. There are normally upwards of a thousand active TOR proxies. This vast distribution is key to frustrating any attempt to follow traffic across the network.
TOR offers users many unique abilities. Users may access Hidden Services, essentially secret websites accessible only through TOR. Existing outside of the normal internet, these pages and untraceable and answer to nobody. Additionally, having a choice of exit proxies allows TOR to circumvent censorship. TOR users may access websites not available in their home countries, or students may access Facebook.com from behind restrictive school firewalls. But perhaps TOR’s most powerful gift is the ability to investigate and test for the existence of censorship. Select a Chinese exit proxy and watch www.friends-of-tibet.org suddenly become unavailable.
But be warned! The configuration and safe use of TOR presents many challenges and requires some degree of skill. Do your homework before trusting TOR with anything important.
Use Encrypted E-mail
Spend any time discussing IT security and you will run across Pretty Good Privacy (PGP). GnuPG is an open source implementation of the OpenPGP standard. At its heart, all PGP relies on encryption key pairs. Each user keeps one secret key, and its matching public key is meant to be shared. PGP e-mails are encrypted with the public key of the intended recipient and are then decodable only with the recipient’s secret key. Conversely a sender may digitally sign an e-mail with their secret key so that others may thereafter authenticate it against the sender’s public key.
Getting up an running with GnuPG is relatively simple. Most all e-mail clients offer support natively or via plug-ins. PGP and GnuPG are not limited to e-mail. All forms of data may be encrypted or signed with PGP keys. The downside of the scheme is its reliance on encryption key pairs which make communication with people not already familiar with PGP problematic.
Send Anonymous E-mail
Windows Client: peculiarplace.com/mixminion-message-sender
Mixminion is an anonymous e-mail service that handles e-mail in much the same way that TOR handles general traffic. E-mail messages are encrypted, cut into pieces, bounced around several volunteer servers, then recompiled and sent to their destination. The e-mail arrives and is read just as any other normal e-mail. Mixminion e-mails, unlike PGP, are readable by recipients who know nothing about the system. This makes the system perfect for anonymous whistle blowing. Replies are possible without revealing the identity of the initial sender, but any such reply must be sent thought the Mixminion network. Even then, replies are only possible where the initial sender has taken the time to forward an appropriate Single Use Reply Block. Ongoing two-way conversations are labor intensive, so Mixminion therefore is best used for starting conversations or arranging more convenient methods of anonymous communication.
Hide Your Encrypted Files
There are hundreds of encryption tools out there, but TrueCrypt offers some unique advantages. TrueCrypt utilizes volume encryption. Rather than encrypt specific files, an single large file called an "encrypted volume" is created. Initially this large file is empty. TrueCrypt then opens this file and "mounts" it as a virtual drive on your machine. Users may then work with directories and files within this virtual drive as they would any physical drive. When the time comes, the encrypted volume is unmounted and the virtual drive disappears. The encrypted volume does not change in size as it is filled or emptied. An attacker in possession of the unopened volume cannot read the contents, but also cannot even tell if there is anything inside to read.
Good passwords are the secret to effective encryption. A 256-plus bit encryption protocol is worthless if you use "password" as your password, but perfect series of random characters is equally useless if you scribble it on a post-it note beside your screen. There is another way. TrueCrypt allows the use of Keyfiles. Instead of remembering a long password, one need only point TrueCrypt to the appropriate file from which TrueCrypt extracts a hash. Multiple keyfiles may be combined with or without an additional pass phrase, allowing for complex custom security protocols to be developed. For instance, give each partner a separate keyfile and partnership records may only be opened in the presence of all. Or destroys one file, and the records are closed forever.
TrueCrypt’s most powerful tool may be its use of Hidden Volumes. Any TrueCrypt volume may in fact accept two separate password/keyfile combinations. When one is used, the outer volume opens and the user sees some files, and some apparently empty space. Use the other password and the hidden volume opens to reveal other files, and some other apparently empty space. Importantly, the existence or absence of a hidden volume cannot be proven without both password sets. A user may therefore provide one password and effectively deny any use of TrueCrypt’s hidden volume feature.
This may all seem very cloak and dagger, it should. Some of these tools began life in the world of defense intelligence and they are commonly used to hide very illegal activities. But one country’s criminal is another’s hero. If you are a Chinese dissident, a corporate whistlerblower or a lawyer with a terrorist for a client, these tools will help you keep control over you and your client’s privacy.
ABOUT THE AUTHOR
Richard Abbott is an IT consultant turned attorney and can be reached at Rabbit@shaw.ca..