How secure is my Internet connection?

This topic is part 2 of 4 parts series about Security and electronic traces

  1. Does OG log IP addresses?
  2. How secure is my Internet connection? :arrow_left:
  3. How to hide my location / IP address?
  4. How to post photos online anonymously?

Anonymizers
The internet is insecure - don’t put your faith in all this anonymizer/proxy/software crap. To determine about how secure something is, you have to take a lot of considerations:

1.Where are they located?
The US government could trace back what you did (let’s say you made a seed purchase online with a credit card like an idiot). The webserver of the seed place where you made a purchase will probably leave a webserver log that shows the IP address of your anonymous service. All the US government has to do is go to your anonymous service provider and subpoena your user information. Investigating agents get your e-mail address. They go to your ISP and under the United States Patriot Act, they can get your user information.

  1. What kind of encryption technology do they offer?
    The new version of OpenSSL (a popular SSL library) has been proven to be susceptible to a “timing” attack where a user could possibly snoop on the data that goes between a SSL session.

  2. How secure is your home computer?
    Even if you can get an encrypted overseas Anonymizer service (offers the greatest protection), there are ways for the Man to get around this. The FBI recently captured the PGP keyphrase of a Mafia guy by putting a keystroke logger on the guy’s computer. It is very possible if you have a large ISP for them to capture all the traffic between your computer and the Internet.

Internet structure
Traceroute counts the hops between you and your destination (and all the web servers inbetween) on the Internet. Go to
http://www.washington.edu/networking/tools/traceroute to see a web-based version of traceroute.

Example:
I want to trace the route from that website, as mentioned above, to overgrow.com

1 zinc-V13.cac.washington.edu (140.142.3.33) 1 ms 1 ms 1 ms
2 uwbr2-GE2-0.cac.washington.edu (140.142.153.24) 0 ms 0 ms 1 ms
3 prs1-wes-ge-0-0-0-0.pnw-gigapop.net (198.107.150.30) 1 ms 1 ms 1 ms
4 Peer1-PWAVE.pnw-gigapop.net (198.32.170.49) 1 ms 1 ms 1 ms
5 OC12POS3-0.van-gsr-a.peer1.net (64.69.67.157) 4 ms 10 ms 10 ms
6 r2-72-fe1-1-core-van.netnation.com (64.69.67.214) 11 ms 10 ms 10 ms
7 ip2.overgrow.com (64.40.108.190) 5 ms 5 ms 5 ms

As you can see, there are 5 routers/servers/hubs where LEO could possibly intercept my internet traffic. 5 possible people to pressure with a subpeona.

NOTE: for each person, a trace route will be different. one of the nicest things about the Internet is that it finds the fastest pipe available.

Packet Sniffing
Packet sniffing is the ability to grab packets of information over the network. It can be compared to a “network wire tap”. Packet sniffers capture binary data passing through the network, most decent sniffers (usually found on the Unix/Linux platforms for free) decode this data into a readable form for a system administrator. To make it even easier, another step can occur - known as “protocol analysis”. There is a varying degree analysis that takes place, some are simple, just breaking down the “packet” information. Others are more complex, giving “detailed” information about what it sees on the packet (i.e., highlights a password for a service).

How can I prevent my packets from being sniffed?
Many services on the Internet send data in plain-text. By default, POP mail, SMTP (for sending mail) send data in clear-text. The same applies for FTP, Telnet and News clients. ICQ, IRC, MSN and AOL Instant messengers send passwords in clear-text. In fact most services send passwords this way.

Start encrypting that password data! Many mail services offer encrypted logins. Ask your system administrator about secure mail. If you login securely, your data is still sent in clear-text. Install PGP from www.pgpi.org and send your e-mail securely. Also, try and login via SSL when you are making transactions via the Internet

(Note: always look for https in the location bar of your web browser, like http://www.example.com, or a lock at the bottom of your web browser).

Conclusion:
The Internet is a very complicated place. Internet security shouldn’t be a band-aid. If the man wants to get you, proxies, programs, and anonymizers will not save you.

Leaving electronical traces or not?

In general, visiting sites like Overgrow generates electronic traces at following places:

  • client PC with its OS and browser
  • routing internet nodes
  • Overgrow.com server (or other destination)

Lets look at what you can do about it in particular.

Your PC should be clean of viruses. Your operating system needs to be regularly updated, to prevent security holes and exploits. When you visit the site through www browser, site uses cookies to track your actions on the site.

In case you would like to wipe this cookies from the browser, you can do it manually through browser settings. In that case also clear history of browsing.

And there is also other way. Both Firefox and Internet explorer are offering “privacy mode” which doesn’t save any data into your client computer without your attention (off course if you don’t for example download some files yourself). After you close this private window all history is wiped out automatically.

From your browser your request goes through serie of nodes routing your traffic through the internet. Your data packets include your IP address, so each node knows where to return requested data. This also means that every router on the way can possibly “be aware” that you are communicating with some site. All data that you are communicating are properly encrypted using SSL. Overgrow.com does this as default and doesn’t offer non-encrypted connection.

Overgrow also cleans its database regularly and after 7 days since member’s last visit IP data about regular users are destroyed. We keep IP addresses only of active connections so we can serve them and also to defend our server against attack by blacklisting offending IP addresses.

In case you would still be interested in hiding your IP address you can use Tor project. This software package includes own mini www browser (based on Firefox) to give you encrypted and anonymous web browsing. It routes your connection through many other Tor nodes ensuring that destination routers will get some random IP address from any part of the world. The fact is that with increasing number of network hops decreases connection speed.

I just wanted to add that VPN services (Changing IP address location) are trend now and many established brands do offer them free.

Security company F-secure offer its VPN called Freedome: https://www.f-secure.com/en_GB/web/home_gb/freedome

Opera made VPN completely free available for Android and iOS. And they have plans to include it directly in Opera browser.

Download on Google Play:
https://play.google.com/store/apps/details?id=com.opera.vpn

iPhone version is available too…
http://www.opera.com/mobile/vpn/iphone?utm_source=Press&utm_medium=PR&utm_campaign=Opera_VPN_iOS

When your goal is maximum privacy, everything starts with clean and trusted computer. In real world, there are not many operating system which you could trust 100%. There were many cases of exploited Windows computers through malware or viruses. For connecting to dark net or cannabis forums smart way would be using another computer than you are using for regular work. In this case creating “temporary” computer is viable strategy. How to do it? Its pretty easy do use USB flash drive to create your own, free and secure system, boot it up, visit and post forums and then destroy this computer by shutting it off and removing USB.

There is linux distribution created with this goal in mind - TAILS. Its live operating system that you can start on practically any computer using USB or CD.

https://tails.boum.org/

Tails stands for “the amnesic incognito live system”.

Amnesic means that once you shut this system off, all data that you haven’t knowingly saved to hard drive are erased. System lives only in RAM memory and leaves no eletronic traces on your computer. Incognito means that Tails uses Tor as default option to connect to the internet. It forces all connections to go through the Tor network. Tails is system built with privacy and anonymity in mind. This makes it favorite operating system in countries which apply censorship on the internet. Great thing is that this operating system is actively developed and maintained.

Through this howto, you will create “virtual” computer using your USB flash drive. This computer can boot up TAILS from USB and use CPU and memory of your computer, leaving your HDD untouched.

Once booted, it is even possible to mount your internal harddrive (in case you wish to attach your photos from harddrive to forum posts) or insert another USB flash drive with photo images.

2 Likes