Staying Anonymous


Physical: Laptop, debian install cd
Software: gcc, g++, make, libncurses5-dev, patch, srm, tor, proxychains, ssh, pidgin, pidgin-otr, wpa_supplicant, mac-address-changer

General ways of keeping yourself as secure & anonymous as currently possible. (feel free to update if I've missed anything or something is just incorrect)

You may be able to accomplish some of this on an apple computer running OSX as well however I have not tested hard disk encryption & you may still be vulnerable to any new safari vulns that come out; but you should be "mostly" safe provided you do a few things covered in an upcoming tutorial next month.

#1) Do not use an SSD, use a normal drive, look at raptors if you need speed

#2) use/install debian

#3) when installing chose to use encrypted LVM (for hard disk encryption), you will have to google the setup if you are not familiar with it, it is often used with raid but i think that is optional.

#4) Do not install any un-needed software or services (such as a gui) unless you absolutely have to & go for the most minimal in that situation. Examples of lightweight gui's: xfce, fluxbox, enlightenment

#5) Follow article here for building custom kernel to keep your box secure (don't forget to turn on grsec after installing):

#6) Make sure your own system is secure & has no services turned on or accessible from the outside.

#7) Use TOR, you can view some examples here but because the tutorial was written for a different linux distro you may have to do some googleing or ask questions here to avoid the dns caching issue.

#8) Route connections and traffic through tor or other servers using ssh or proxychains, or your favorite software for doing so, here is a tutorial on doing it with ssh:

#9) Preferably use open access wifi networks to hide tracks (if you are worried about developing a pattern you need to have a script which will change your laptops mac address & hostname each bootup) ***hint*** the farther you can be from the wifi access points (bigger antenna) the better.

#10) Only talk online using encrypted forms of communication such as: pidgin+OTR or apple's adium which has encryption builtin

#11) Use IPtables for blocking questionable IP addresses/IP ranges that you don't want hitting/talking to your box.

#12) Use an encrypted email service such as hushmail, or at least gmail but definitely not yahoo or msn.

#13) Use pgp

#14) If you don't like using lynx as a web browser and have to install a gui & decide to install mozilla or something as a browser, you should use something that blocks bad scripts such as noscript. Granted if you are worried about anonymity you shouldn't also be worried about seeing the latest youtube video & shouldn't have things like java installed, but noscript will help to block some of the adware. While the majority of the ads & malicious code is written for windows, it should help keep your box safer.

#15) Do not use the same alias for everything! Use different aliases for different things such as email, instant messaging, irc, etc... & do not tie them together by listing them as info for each other. (You may end up having a shit ton of accounts to keep things separate, but it's the best way)

#16) You may also want to look into removing yourself from various websites to include background information sites. We have talked about this in the forum & here are some links to help:

#17) Should you for any reason ever need to destroy anything, linux's SRM is the preferred method, as well as dban, both of those provide good software deletion capabilities but can take a while. Physical destruction of the ram first then the hard drive is an option too.