This topic is part 2 of 4 parts series about Security and electronic traces
The internet is insecure - don’t put your faith in all this anonymizer/proxy/software crap. To determine about how secure something is, you have to take a lot of considerations:
1.Where are they located?
The US government could trace back what you did (let’s say you made a seed purchase online with a credit card like an idiot). The webserver of the seed place where you made a purchase will probably leave a webserver log that shows the IP address of your anonymous service. All the US government has to do is go to your anonymous service provider and subpoena your user information. Investigating agents get your e-mail address. They go to your ISP and under the United States Patriot Act, they can get your user information.
What kind of encryption technology do they offer?
The new version of OpenSSL (a popular SSL library) has been proven to be susceptible to a “timing” attack where a user could possibly snoop on the data that goes between a SSL session.
How secure is your home computer?
Even if you can get an encrypted overseas Anonymizer service (offers the greatest protection), there are ways for the Man to get around this. The FBI recently captured the PGP keyphrase of a Mafia guy by putting a keystroke logger on the guy’s computer. It is very possible if you have a large ISP for them to capture all the traffic between your computer and the Internet.
Traceroute counts the hops between you and your destination (and all the web servers inbetween) on the Internet. Go to
http://www.washington.edu/networking/tools/traceroute to see a web-based version of traceroute.
I want to trace the route from that website, as mentioned above, to overgrow.com
1 zinc-V13.cac.washington.edu (126.96.36.199) 1 ms 1 ms 1 ms 2 uwbr2-GE2-0.cac.washington.edu (188.8.131.52) 0 ms 0 ms 1 ms 3 prs1-wes-ge-0-0-0-0.pnw-gigapop.net (184.108.40.206) 1 ms 1 ms 1 ms 4 Peer1-PWAVE.pnw-gigapop.net (220.127.116.11) 1 ms 1 ms 1 ms 5 OC12POS3-0.van-gsr-a.peer1.net (18.104.22.168) 4 ms 10 ms 10 ms 6 r2-72-fe1-1-core-van.netnation.com (22.214.171.124) 11 ms 10 ms 10 ms 7 ip2.overgrow.com (126.96.36.199) 5 ms 5 ms 5 ms
As you can see, there are 5 routers/servers/hubs where LEO could possibly intercept my internet traffic. 5 possible people to pressure with a subpeona.
NOTE: for each person, a trace route will be different. one of the nicest things about the Internet is that it finds the fastest pipe available.
Packet sniffing is the ability to grab packets of information over the network. It can be compared to a “network wire tap”. Packet sniffers capture binary data passing through the network, most decent sniffers (usually found on the Unix/Linux platforms for free) decode this data into a readable form for a system administrator. To make it even easier, another step can occur - known as “protocol analysis”. There is a varying degree analysis that takes place, some are simple, just breaking down the “packet” information. Others are more complex, giving “detailed” information about what it sees on the packet (i.e., highlights a password for a service).
How can I prevent my packets from being sniffed?
Many services on the Internet send data in plain-text. By default, POP mail, SMTP (for sending mail) send data in clear-text. The same applies for FTP, Telnet and News clients. ICQ, IRC, MSN and AOL Instant messengers send passwords in clear-text. In fact most services send passwords this way.
Start encrypting that password data! Many mail services offer encrypted logins. Ask your system administrator about secure mail. If you login securely, your data is still sent in clear-text. Install PGP from www.pgpi.org and send your e-mail securely. Also, try and login via SSL when you are making transactions via the Internet
(Note: always look for https in the location bar of your web browser, like
http://www.example.com, or a lock at the bottom of your web browser).
The Internet is a very complicated place. Internet security shouldn’t be a band-aid. If the man wants to get you, proxies, programs, and anonymizers will not save you.