21
21
What is the best, fastest, safest way to surf the web anonymously, and how much anonymity can you really achieve?
Nick
Posted 2009-07-15T13:58:29.957
Reputation: 491
Surfing the web anonymously
Answers
27
- Use Tor
- Use Firefox with Adblock and Noscript
- Uninstall all plugins and extensions you don't need, things like Flash, Silverlight, Java, etc.
- If a site offers a HTTPS version, use it. (HTTPS is encrypted, unlike HTTP)
- Delete your cookies between sessions.
- Don't give any personal information away.
- If your ISP offers a dynamic IP address, use it. Release and renew your IP between sessions.
- Enable Firefox's private browsing feature.
- Install the RefControl addon and set it to block HTTP referrers.
- Use the User Agent Switcher to send a blank user agent, or spoof a completely different browser. (For example, if you're running Firefox on Vista, send IE7 on XP.)
MiffTheFox
Posted 2009-07-15T13:58:29.957
Reputation: 3 032
10
Installing the Tor Bundle includes the TorButton Firefox extension, which won't allow plugins like Flash - these plugins could leak your identity, even when using Tor. For example, a Flash app could determine the local IP and send that information back to the server, so even if it's being sent over Tor, you're still hosed. So use Tor, Tor is good, but don't use any unsafe plugins.
To be certain that browsing history isn't saved on a hard disk, you can boot from a Linux Live CD and run Tor from there.
Ben
Posted 2009-07-15T13:58:29.957
Reputation: 1 014
5
Not a direct answer to your question, but: when using Flash, then read some details on How to automatically remove Flash history/privacy trail? Or stop Flash from storing it?...
Arjan
Posted 2009-07-15T13:58:29.957
Reputation: 29 084
5
I would imagine you mean not keeping your information from being stored on your computer, but being stored on everyone elses. For the former, just use private browsing mode, which is now in every major browser.
For the latter, there are a few things you can do.
- Encrypt your connection
- When asked to be "remembered" by sites, don't
- Use proxies
- Don't have a Facebook/Twitter/whatever
Other than that, I do not know.
Peter
Posted 2009-07-15T13:58:29.957
Reputation: 191
4
If I wanted to surf the web anonymously, I'd focus on 3 main areas:
- concealing my identity
- concealing my offline identity (physical location, ISP accounts, billing info, etc.)
- concealing my online identities (email address, forum account, social media accounts, etc.)
- concealing my activities online
- server logs
- forum messages, messages posted by facebook apps, etc.
- tracking cookies and other user tracking/profiling technologies
- packet sniffers and untrusted networks
- concealing my activities offline
- browser cookies, browser caches, web history, autocomplete, saved passwords, etc.
- bookmarks
- keyloggers, trojans, etc.
The main ways to achieve these goals (in order to preference) are:
- don't leave a track in the first place
- Not creating any evidence of your activities at all is practically impossible in most circumstances, however, using throwaway accounts, disabling tracking cookies, and not using services known to have poor privacy policies (or help governments illegally spy on their users) is a good start.
- Also avoid using public terminals you can't be sure are clean of keyloggers, spyware, etc. Need to use a public terminal? How about booting up a live CD/SSD? If you're even more paranoid, bring your own USB keyboard.
- Anonymous proxies and anonymity networks like Tor are good tools since your physical location (and thus your physical identity) is never connected to your online activities. Though you can still leave an online trail and potentially do something that reveals your offline identity, such as logging into an account tied to your offline identity.
- hide yourself using encryption
- If you can use end-to-end encryption, and especially if even the service provider at the other end is unable to access your data, then there may be evidence that you were online, but no one can tell what you were doing. Here I'm using the term "encryption" generally. You can even disguise your data so others can't tell what you're really doing. But don't do something stupid like use HTTPS everywhere but then transmit your password in plain text when using FTP or send an email over an unencrypted connection.
- You can even use encryption to hide your activities offline by using full-disk encryption. Even if you don't save browser cookies/histories, you probably still keep bookmarks and so on. If you use a password manager for your online passwords, it might be a good idea to keep the password database in a separate hidden volume.
- cover your tracks after the fact
- Obviously you can't break into a data center to erase your online tracks, but you can still use private browsing/incognito mode so that your browsing history/cache/cookies/etc. are erased as soon as you close the browser. (Note: this doesn't work with Flash cookies. And although many companies, including Clearspring, Quantcast and Hulu were sued for using Flash cookies for tracking, it's still used by many, including Hulu.)
- hide yourself in the crowd
- Most website operators enable basic logging out of necessity. However, the sheer volume of traffic they receive can provide a certain level of privacy if you don't stand out from the crowd. That's why Panopticlick measures your browser's uniqueness. Likewise, if you use a public internet connection that lots of people use and your usage patterns are ununique, then it'll be very hard for others to identify your tracks amongst the noise.
- Shared public accounts can be handy for this as well. Usually such accounts are simply a way to bypass compulsory registration, but if thousands of people are sharing a single account, it's hard to tie one person to a specific activity.
Lèse majesté
Posted 2009-07-15T13:58:29.957
Reputation: 3 129
1
1c.) When using IPv6, ensure you're not transmitting your MAC address.
– Arjan – 2012-04-13T17:12:55.213
Steven A. Lowe
Posted 2009-07-15T13:58:29.957
Reputation: 386
2
Different anonymity services exist for what type of anonymity you are looking to achieve.
Want to change your IP?
- Use Proxies and Tor
- Free Public internet hotspots
Want to surf on a machine without leaving a trace?
- Use the measures that MiffTheFox mentioned
Also something that has not been mentioned yet is VPN services. These usually cost $$$ and money can always leave a trail back to you depending on how you spend it. It all depends on how much you trust your VPN provider.
There are some other ways of getting anonymity but these cross the lines of what most countries consider to be illegal.
Qwerty
Posted 2009-07-15T13:58:29.957
Reputation: 1 759
1I would second 'use a public/unsecured wifi hotspot' – Tim – 2012-04-13T11:22:46.890
2
There is no real way to be completely anonymous on the internet.
You can use Tor, change your IP all the time, delete all data left behind, but given enough time, it can always be traced back to you. So yes, for simply hiding one or 2 sites you visit, a proxy and all these other good idea work fine.
But if your not supposed to be doing it, legal reasons or whatnot, just remember, they can always fun you given enough time and enough subpoenas will always find you.
alpha1
Posted 2009-07-15T13:58:29.957
Reputation: 1 638
1You use an anonymous connection like open wireless networks or prepaid mobile internet cards, strong encryption, and secure services (service providers that either don't keep or anonymize their logs) so that there's no one to be subpoenaed. Perfect security may be impossible, but good enough security is possible, even against governments. – Lèse majesté – 2012-04-13T11:25:38.903
1Even with that, browser plugins, IP address, fonts even can provide a unique identifier for almost any computer in the world. Yeah it might be anonymous for the most part but if someone can test your computer versus a known ID, your screwed. – alpha1 – 2012-05-21T15:37:01.273
1
Use TAILS, The Amnesic Incognito Live System from https://tails.boum.org/ via either burning the ISO file to a Live CD or a USB flash drive. It incorporates all apps such as email for use over Tor, and appears to release every couple of months. It uses a Debian Linux release with a Firefox derivative (version 10+) that is heavily modified to protect privacy along with the Ad Block Plus and NoScript Firefox add-ons and uses Vidalia, a GUI controller for Tor. They are working on producing a persistent storage (USB related) in a future release.
Tom
Posted 2009-07-15T13:58:29.957
Reputation: 56
1
You can use TOR + your internet provider proxy + web proxies. You can also try freenet but its more like a private network.
mnml
Posted 2009-07-15T13:58:29.957
Reputation: 1 391
0
I'll add Privoxy to the list.
Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.
pgs
Posted 2009-07-15T13:58:29.957
Reputation: 3 153
0
If you're talking about not identifying yourself, your IP address and browser, etc, to websites, then Proxify may be of use.
Steve Melnikoff
Posted 2009-07-15T13:58:29.957
Reputation: 204
0
UltraSurf is fast, free, and very easy to use.
Contango
Posted 2009-07-15T13:58:29.957
Reputation: 1 099
-2
Using a virtual machine could help out; though it doesn't really hide your ISP, it just produces another one... Could be something you could try out though.
Deniz Zoeteman
Posted 2009-07-15T13:58:29.957
Reputation: 1 001
No. A virtual machine, by itself, will do nothing to hide your ISP (ISP = Internet Service Provider). It will also do nothing to hide your public IP (Internet Protocol) address, although it will change the one used internally on your local network. The most that would do is allow you to tear down the virtual machine to erase any traces of activity on your hard drive, but it would have to be used in conjunction with other methods to hide your IP (such as Tor or UltraSurf). – Contango – 2013-01-31T09:54:25.010
6I always thought the MAC doesn't propagate after the first routing device? – Arjan – 2009-07-23T21:16:34.263
1
Expanding on point 4, this can be automated now for some sites by using the addon HTTPS Everywhere from the EFF.
– Turix – 2012-04-13T11:20:05.180I would add Ghostery and Redirect cleaner, to this list. Also check EFF's Panopticlick to check your uniqueness. As a last solution: use different profiles in Firefox to separate privat browsing and using gmail/facebook/twitter.
– Tim – 2012-04-13T11:28:43.2631@Arjan: I think you're right; TCP/IP doesn't transmit MAC addresses, otherwise most online apps like forums would use MAC address bans instead of IP bans since most internet users have dynamic IPs. – Lèse majesté – 2012-04-13T13:48:55.713
Using a blank user agent is less anonymous than using something like Firefox that has lots of users; likewise with disabling JS. It seems like you're more anonymous if you disable JS and don't let Google track which search result you click on. But anonymity is ultimately about not identifying yourself, not hiding non-self-identifying information. Doing things that cause you to stand out from the crowd would make you easier to track. – Lèse majesté – 2012-04-13T13:56:37.310
I would consider timing considerations if you are really paranoid/"tinfoil hat". From a residential connection, one thing an adversary might do is compel your ISP to cut off your connection for a time in order to correlate whether connections made to a remote system are from you. Try not to do anything on a predictable, regular schedule over Tor, such as software updates. – LawrenceC – 2012-04-29T15:10:39.527
Also disable Microsoft's NCSI if you are using Vista or Windows 7. It contacts Microsoft's servers every time your network adapter goes up or down. – LawrenceC – 2012-04-29T15:13:45.683
5>