It’s been said before, but it’s truer now than ever: the Internet can be a scary place. Performing banking transactions, filing taxes, paying bills, and buying and selling goods online—all of these things were unheard of in the early days of the Internet. However, as people and businesses have become increasingly savvy in the electronic world, so have the crooks that prey on them. In addition, the increased scrutiny of people’s online identities by governments, employers, and other organizations might make you think twice about what you say the next time you post on a public message board.
Because of this, it’s important to take precautions to safeguard your identity and take control of your information online. This chapter provides you with a few ways to do just that. In this chapter, you’ll learn how to protect your privacy and remain anonymous while using the Internet. You’ll also learn how to encrypt your files and email using strong encryption. Finally, you’ll learn how to guard against phishing attacks and how to easily use different passwords for each web site you use without struggling to keep track of them.
Use transparent onion routing to evade traffic analysis and protect your privacy.
Privacy is something most people value, or at least think they do, but in our ever-connected world it’s becoming quite a rare commodity. Every packet your computer sends out onto the Internet is ultimately traceable back to you (the Internet wouldn’t work properly if it weren’t), but that’s just the tip of the iceberg. Since all your traffic must flow through your ISP, it’s possible for them to build a complete picture of you from the web sites you visit.
One way to guard against traffic analysis is to use The Onion Router, Tor (http://tor.eff.org).
Onion routing is a technique for anonymous communication that involves randomly building a virtual circuit through several routers to obfuscate the connection’s source. Thus, someone monitoring your traffic will just see you communicating with the first hop in the circuit, and the final destination will think that it’s communicating with the last hop in the circuit.
Before the data is transmitted, though, Tor negotiates encryption keys with each hop in the circuit to protect your data along the way. It then encrypts the packet with the key for the last hop in the circuit, then the next to last, and so on until the packet is encrypted with the key for the first hop in the circuit. This process creates a packet encapsulated in multiple layers of encryption.
This is what makes the onion metaphor apropos for describing this technique. As the packet passes through each hop of the circuit, the outermost encrypted layer is peeled off. This also has the nice side effect of each hop in the circuit not having a complete picture of the circuit. An individual hop knows about only the previous hop and the next hop.
Before compiling Tor, you’ll need to have
Zlib and OpenSSL installed on your system. (Most systems should have Zlib and OpenSSL already.) Tor also requires
libevent (http://monkey.org/~provos/libevent/), which you can install by simply downloading the tarball, unpacking it, and doing the standard ./configure && make and running make install as root. Once those prerequisites are out of the way, you can install Tor.
Before doing anything else, add a user and group to run Tor as. Then, run ./configure and specify the user and group that you created:
$ ./configure --with-tor-user=tor --with-tor-group=tor
As the script executes, you might see the following error:
checking whether we need extra options to link libevent... configure: error: Found linkable libevent in (system), but it doesn't run, even with -R. Maybe specify another using --with-libevent-dir?
If you do encounter this, run ./configure again and tell it where to find libevent:
$ ./configure --with-tor-user=tor --with-tor-group=tor --with-libevent-dir=/usr/local
Once the configure script completes, run make, become root, and run make
install.
You’ll now need to create a directory for Tor to store its data in. For example:
# mkdir /var/run/tor && chown tor:tor /var/run/tor
If you plan to use
Tor with a web browser, you should also install Privoxy (http://www.privoxy.org). Most web browsers support only SOCKS4 or SOCKS5, which use IP addresses to initiate connections through the proxy. This means that your web browser will have to perform name lookups using your normal DNS server, which can reveal your web-browsing activities to others. Using an HTTP proxy such as Privoxy to browse the Web fixes this problem, by forwarding the DNS requests and traffic through Tor.
To install Privoxy, first unpack the tarball and change into the directory that it creates. Then, run the following command:
$ autoheader && autoconf
You can safely ignore most of the warnings you’ll see in the output. Just make sure that the ./configure file exists after autoconf finishes executing.
Now you’ll need to create a user and group to run Privoxy under (e.g., privoxy). Then, you can run ./configure:
$ ./configure --with-user=privoxy --with-group=privoxy
Once the configure script has finished, run make, become root, and run make
install.
Now all that’s standing between you and a working Tor installation is the task of configuring Privoxy. To do this, add the following line at the beginning of the /usr/local/etc/privoxy/config file:
forward-socks4a / localhost:9050 .
This line tells Privoxy to forward all requests to a SOCKS4a proxy at 127.0.0.1:9050, which Tor has been configured to act as.
Privoxy will log all requests by default, so you’ll also want to disable logging. You can do this by locating and removing the following lines:
logfile logfile jarfile jarfile
Now, start Privoxy and Tor:
#/usr/local/sbin/privoxy --user privoxy privoxy /usr/local/etc/privoxy/configApr 10 00:26:10 Privoxy(-1208432960) Info: loading configuration file '/usr/local/etc/privoxy/config': Apr 14 00:26:10 Privoxy(-1208432960) Info: Privoxy version 3.0.3 Apr 10 00:26:10 Privoxy(-1208432960) Info: Program name: /usr/local/sbin/privoxy Apr 10 00:26:10 Privoxy(-1208432960) Info: Listening on port 8118 for local connections only #/usr/local/bin/tor --user tor --group tor --datadirectory /var/run/torApr 10 00:27:50.023 [notice] Tor v0.1.1.18-rc. This is experimental software. Do not rely on it for strong anonymity. Apr 10 00:27:50.024 [notice] Configuration file "/usr/local/etc/tor/torrc" not present, using reasonable defaults. Apr 10 00:27:50.027 [notice] Initialized libevent version 1.1a using method epoll. Good. Apr 10 00:27:50.027 [notice] connection_create_listener(): Opening Socks listener on 127.0.0.1:9050 Apr 10 00:27:56.626 [notice] We now have enough directory information to build circuits. Apr 10 00:28:01.463 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
You can now configure your
web browser to use Privoxy as its HTTP proxy. When doing this, specify localhost as the hostname and port 8118. You can then test out your Tor setup by visiting the Tor test page (http://serifos.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1). If you’re connecting to it through Tor, you should see something similar to Figure 3-1.
Tor can be used for much more than just anonymizing web browsing, though. You can tunnel SSH through Tor [Hack #38] and use Tor with IRC clients, IM, and anything else that supports SOCKS. However, keep in mind that Tor does not provide end-to-end encryption. Any unencrypted traffic sent through Tor will only be protected until it exits the Tor network.
“Tunnel SSH Through Tor” [Hack #38], for information on using Tor to anonymize SSH connections
“Block Tor” [Hack #53], for information on blocking Tor for users on your network