A Guide For Protecting Your Online Privacy

F.A Hayek

Active Member
===================================================================
0 - Intro
===================================================================

I'm sure there are a lot of people on this forum who want to share pictures of both their personal plants and large grows, but are concerned about being discovered by various means of technological tracing or by those with access to their computer(s) or digital storage mediums. This guide will teach you how to stay anonymous and ensure your privacy when browsing, uploading pictures and storing any digital information on a block device.

I've decided to avoid discussing how each piece of software works in-depth, as I’m sure it's superfluous and a dry subject for most. I'm also assuming you're using the Microsoft Windows operating system.

===================================================================
1. Staying Anonymous While Browsing
===================================================================

There are multiple ways to stay anonymous while surfing the web, including proxy-chaining, VPN's and passing traffic through networks dedicated to anonymity such as Tor. For ease of use and automation I’ve decided to use Tor for this guide.

Head over to https://torproject.org/ and download the 'Tor Browser Bundle'. It's available for Windows, Linux and Mac. Open the executable and when prompted, extract the files contents to your desktop. Navigate to your desktop and open the newly extracted folder, double clicking on the 'Start Tor Browser' file. After Tor has finished initialising a Firefox browser windows will open. You're now connected to the Tor network!

Packets of information generated when browsing through the newly created Tor Firefox browser will now be encrypted, bouncing of multiple nodes all over the world before reaching their final destination. However, when the packets exit the final node before reaching their given destination, the information contained within each packet will be viewable to the person operating the exit node if the traffic wasn't originally encrypted before passing through the Tor network. To prevent this, always ensure you're using SSL when sending sensitive information over Tor by looking for 'https' in front of the URL in your address bar.

Now, before anybody starts complaining about the web browsing speed while using Tor, remember it's a free service provided by those kind enough to devote both their time and money to protect your privacy. Use it only when you absolutely have to, and be patient.

===================================================================
2. Shredding Metadata
===================================================================

Metadata is essentially data about data. When you take a photo using a digital camera, various pieces of information may be stored relating to the time and date, your GPS location and the make and model of your camera, among other things, directly in the picture file itself. This collected information is referred to as EXIF data.

Before you upload any photos, it's important to ensure you've completely erased all the EXIF data that resides in the picture file. Point your browser to http://www.easyexifdelete.com/ and download / install the piece of software. Simply open your pictures with the program and click 'Delete Exif' - it's as easy as that.

Now that the sensitive EXIF data has been removed, you can upload your photos anonymously utilising the Tor Browser Bundle to where ever you choose with peace of mind.

===================================================================
3. Storing Digital Information and Files Securely
===================================================================

Storing digital information and files securely is important, especially in the event the device used for storage is stolen or lost. To do this, we'll be using a program called TrueCrypt. TrueCrypt will allow us to create a container, analogous to an un-crackable safe, allowing for the secure storage of files and other digital information which can only be opened given the combination you set.

Before we start, I need to give an additional warning. Do not store any data in the container that you will need access to sometime in the future if you think you may forget the combination to the container. In the event this does happen, your files are gone.

Download TrueCrypt from http://www.truecrypt.org/downloads, it's available for Windows, Mac and Linux. Open the executable and follow the simple installation instructions; once installed, click 'Create volume'. Choose 'Create an encrypted file container' and click next. Choose 'Standard TrueCrypt Volume' and click next.

Now it's time to create our container. Click 'Select file' and locate the directory you wish the container to reside in; give your container a name and click next. From the drop down menus, choose 'AES-Twofish-Serpent' for the encryption algorithm and 'Whirlpool' for the hashing algorithm - click next. Assign however much space you feel your container will need and click next. Give your container a very strong password, and as I previously warned, make sure it's something you will remember and click next.

This next step is very important to the strength of your encryption keys. Move your mouse around randomly for at least a minute or two to significantly increase the cryptographic strength of the encryption keys - keep the rest of the options as defaults and click 'Format'. Our container is now created and we're finished with the volume making process, click exit.

To access the files within our container, we will first need to mount it using TrueCrypt. Click 'Select file' and navigate to the directory you created the container and double click on the file. Choose and drive number in the TrueCrypt main window, in this example we'll choose 'N' - click 'Mount'. Type in the password you set for the container and click 'Ok'.

Open 'My Computer' and you'll noticed a newly created drive with the number you selected in TrueCrypt before you mounted your container. This is your container mounted as a virtual disk, double click to open it. To add files to your container, simply drag and drop the files into the mounted virtual drive. When you're finished, open TrueCrypt and again select the drive number you chose when mounting the volume and click 'Dismount'. This ensures those with access to your machine won't be able to view and browse the files located in your container.

===================================================================
4. Conclusion
===================================================================

I'd just like to dedicate this information to those who have been subject to imprisonment, humiliating public searches or police harassment for exercising their liberty of choice.

Thank you for reading.​
 

F.A Hayek

Active Member
I just realised I may have posted this in the wrong forum subsection. If so, mods, please feel free to move it to its right location!
 

F.A Hayek

Active Member
If any body is interested I'll use some of my spare time this week to write another guide on communicating securely through email.
 

billy4479

Moderator
Online Privacy that's a good one what do you call that . words like jumbo shrimp, original copy ,exact estimate, only choice I can think of them but I cant remember what you call them .
 

F.A Hayek

Active Member
As I mentioned in the introduction, I avoided adding superfluous information to the guide. Yes, in the event you are a terrorist or pedophile utilizing the Tor network there are ways you can be traced by the spooks. Although, I somehow doubt the NSA or the DoD is going to commit resources to target individual cannabis growers, even if you think you're that big of a fish.
 

RockstarEnergy

Well-Known Member
Online Privacy that's a good one what do you call that . words like jumbo shrimp, original copy ,exact estimate, only choice I can think of them but I cant remember what you call them .
I LOVE the fools on here with the ridiculous "Everything I post is fictional, I do not condone of take part in growing blah blah blah" disclaimers in their signatures. Like in the next to 0% chance that some group of the DEA was lurking our forum hell bent on busting members AND the 0% chance they would actually come to your house and arrest you, the judge would see that and say..."well he said its all made up right there...case closed I guess". What a joke.
 

Cobnobuler

Well-Known Member
It might be worth mentioning that TOR can be mighty slow for practical purposes. I've been there before. ( Just to browse over the wares at SR )
 

RIKNSTEIN

Well-Known Member
I have news for everybody...if someone has the skills to write those programs...someone has the skills to hack them...I know I have been working on computers since the IBM DataPoint 2200 and the days of DOS...in other words...a looooong time...lol...
 

tekdc911

Well-Known Member
the only true way to be anonymous online is to use a public computer under a false ID if or when you are asked for one

your IP and ISP is logged regardless if you use a proxy
your ISP is still the one in possession of the data you are sending
 

F.A Hayek

Active Member
It's on tor's website. Most of their funding is from governments. But i guess you have to have your eyes open to see?
Your point being? Projects like Tor are utilized by governments for a myriad of different reasons. You're speaking as if the state itself retains ownership of all the nodes operating on the Tor network, when it's actually a distributed network with the the vast majority of nodes being operated by individuals dedicating their time and resources to protect your privacy.


OP is a n00b and knows NOTHING about "security" or "anonymity"
I actually have a Bachelors in Computer Science and have experience contributing to projects like Tor. I suggest you stick to giving advice on how to grow cannabis, and avoid starting arguments when you can't even support your own.
 

F.A Hayek

Active Member
the only true way to be anonymous online is to use a public computer under a false ID if or when you are asked for one

your IP and ISP is logged regardless if you use a proxy
your ISP is still the one in possession of the data you are sending
False.

The traffic passing through Tor is wrapped in multiple layers of encryption before it passes through your ISP. Yes, they can identify that you're using Tor, but they can't pry into the packets to actively monitor what you're doing. Anyway, even if what you were concerned about your ISP hording the information passed through their servers, you could just operate a Tor exit node to completely obscure your traffic from your ISP.
 
Top