Anonymity, privacy and security

 Introduction:

1. Privacy:

- State in which one is not being observed by others

2. Anonymity:

- State where acting person name is unknown 

(Note:- To be private on internet it is very difficult because we are using the resources that are created by others. So it is impossible to be private.)

Our all activities are visible to:

1. Employees

2. Hackers

3. Government Agencies

So the best solution for this is to be as anonymous as possible.

So if anybody manage to intercept our data they wont be able to link it to ourselves or to our identity.

To improve privacy and anonymity, we need two things:

1. Anonymizing service

2. Private online service

You cannot be private and anonymous without being secure because instead of using best anonymous server, best VPN, private service and so on, if the attacker manage to hack you device then all these things are useless.

- All the website like Facebook, google, twitter and so on can trace or can view your each and every details. They can also see your details if you are using other website because in today's time almost all the website have link for Facebook, Instagram, twitter, and so on. So when they have link then they can observe you in that respective webpage also. 

** There are several reports reporting that website like Facebook creates ghost profile (i.e. The profile for people who don't have Facebook account(They will add some name or some identity to it and they will have all things related to you like what you like, what website you visit, what did you purchase recently and so on)). Most of people think i don't have Facebook account so they cant track me. But this is not 100% true because they still have the profile about you.

Now what is the solution??

- Tor is pretty good idea to prevent from this.

When you are using TOR, even ISP can see you are trying to access TOR but they are not being able to see the website you are trying to access.

Problems in internet:

1. Internet speed will dramatically drop

2. Difficult to prevent leaks

3. Web browser can also leak information

4. Data leaves the exit node un-encrypted

Solution:

1. Tor Browser: Simplest but not best

2. Tails: Great

3. Qubes with whonix: Best

TOR BROWSER:

1. Modified version of Firefox ESR

2. Uses Tor network by default

3. Fully patched

4. Disables insecure features/plugin

5. Forces all connections over HTTPS( Using HTTPS-everywhere)

6. Disable scripts (Using no script plugin): This prevents JavaScript from running in your website because JavaScript can be used to de-anonymize you)

How to bypass TOR being blocked?

- Here network administrator or your Internet Service Provider can block you form using TOR, if they wish

- When you try to connect to TOR the first thing you need to do is you need connect to TOR network and send your traffic to random TOR node.

- Here the problem is before you actually connect and send data to this node your network administrator and internet service provider can easily intercept you before you connect first node or before you try to connect. Here ISP can easily identify all the nodes available in TOR because they all are publicly available in network and they can block them all(Because they have rule to do).

Solution 1: The simple solution is to use TOR bridge as a first node

TOR bridge: They are normal nodes similar to all other nodes but they are not publicly available due to which ISP cannot block them because they don't know about this nodes. This is good solution until firewall and service provider became smarter to implement more advanced methods.

But if they start to use deep packet filtering (Known as API) to identify tor network and block it.

Note: When using TOR they won't be able to identify which services you are trying to use but they can determine you are going to use TOR network.

Solution 2:The again new solution for this deep packet filtering is to use plug gable transport to obfuscate traffic. plug gable transport will make your tor traffic look similar to other normal traffic.

This solution 2 will work almost in all instances but it may still fail in some instances. But in worst case scenario if it fails, the ISP will be able to know you are using tor but they won't be able to know which website you are trying to access unless they run more sophisticated attack. 

 

VPN:-

- VPN will be encrypted if the services you are connecting to use are encrypted otherwise it is not encrypted

Benefits:

1. Extra layer of encryption

2. More privacy and anonymity

3. Bypass censorship

4. Protect from hackers

- Because after using VPN if they access your file then also they won't be able to see your data or modify data because all data will be encrypted.

Note: If the TOR bridge and plug gable transport is still being blocked then the better solution is to use VPN

-Once you connect to VPN then ISP cannot see what your are browsing all they can see is some encrypted data going to some server in internet.

In Tor bridge and plug gable transport in worst case:

Government or ISP or network admin can see you are connecting to tor.

But in VPN in worst case:

They can only see you are connecting to VPN

Note: In worst case scenario details are visible to ISP or Government or Network administrator in tor bridge or plug gable transport. So the best solution for all these can be use of VPN

Notes:

1. Use reputable VPN

2. Avoid free VPN

3. Make sure they keep no logs

4. Use HTTPS everywhere

 

A Primer of Information Theory and Privacy:-

If we ask whether a fact about a person identifies that person, it turns out that the answer isn't simply yes or no. If all I know about a person is their ZIP(Zone Improvement Plan) code, I don't know who they are. If all I know is their date of birth, I don't know who they are. If all I know is their gender, I don't know who they are. But it turns out that if I know these three things about a person, I could probably deduce their identity! Each of the facts is partially identifying. 

There is a mathematical quantity which allows us to measure how close a fact comes to revealing somebody's identity uniquely. That quantity is called entropy, and it's often measured in bits. 

if there are two possibilities, there is 1 bit of entropy; if there are four possibilities, there are 2 bits of entropy, etc. Adding one more bit of entropy doubles the number of possibilities. there are around 7 billion humans on the planet, the identity of a random, unknown person contains just under 33 bits of entropy (two to the power of 33 is 8 billion)

There is a formula for this

 ΔS = - log2 Pr(X=x) 

 Where ΔS is the reduction in entropy, measured in bits,and Pr(X=x) is simply the probability that the fact would be true of a random person

 Starsign: ΔS = - log2 Pr(STARSIGN=capricorn) = - log2 (1/12) = 3.58 bits of information
Birthday: ΔS = - log2 Pr(DOB=2nd of January) = -log2 (1/365) = 8.51 bits of information 

 TOR Browser:

- it is simple and easy

- Access website/dark-net with relative anonymity

But this is not the best method Because:

1. We install tor in normal OS like Linux, windows or Mac: This collect data regularly about you to improve user experience or they can collect for other reason also.

2. Many OS will have some programs installed inside them which will collect regular data about you to improve user experience or can collect for other reason also

So all these data can be used to de-anonymize you and profile you

3. Only tor browser is using tor network but except this all other software are using normal network. So when they leak information you they will leak every details about you.

4. Installed program and OS can leak your data

5. Programs and OS can be exploited to hack your computer and de-anonymize you.

Tails:

- Stands for The amnesic Incognito Live Operating system

- It is Linux based operating system

- Live: It runs entirely from portable storage

- Incognito: all the content will go through tor network. (Private and anonymous). Here all system will works over the Tor network. it is away from the fear of data leak by other programs. 

- Amnesic:Tails never touch other storage device except RAM. So once you shutdown your computer all the traces will be wipe out. And there will even not be traces inside the computer even you had use tail operating system inside that computer or if someone manage to inspect your device than after shutting down everything will be flush out.

First option:Tails as Virtual Machine but it loses most of benefits:

1. Not fully live

2. Leave traces: Because in virtual machine it is going to share resources with host machines(Like it can be Linux, Windows or Mac)

3. Not portable: Because you will be able to use only in one device.

4. Not private

5. Not as secure as live

Second option: You can use Tails in DVD and run on any operating system. With this again it will gain all its features like it will be live, leaves no traces and everything will be private

Disadvantages of using by DVD

1. Not portable

2. Not persistence

Third Option: Use in USB stick

- It is the best option because it overcomes almost all the problems faced in above two options.