|
the specific term you're loking for is "opsec" since you were asking about government, here are army guidelines for opsec on social networks: http://www.lewis-mcchord.army.mil/des/OPSEC%20Training/SocialmediaandOPSECbrief1.pdf ultimately it's pretty difficult to be 100% anonymous, but here are a couple tips: 1) disable java and flash in your browser 2) use ghostery or a similar ad blocker 3) use a vpn or tor. either will encrypt your traffic, however it will be obvious you're accessing either vpn or tor (well, Tor has "pluggable transports" now that make the traffic look like non-Tor traffic but it's theoretically detectable still -- especially since antone can view the list of active Tor relays. Your isp could tell you were connecting to Tor very easily, for example (but probably not what you were accessing on it)). also, there have been Tor deanonymization attacks already, so it is likely to not be flawless. vpn providers have also been coerced into giving up subscriber information. also note that with Tor you are at the whim of relay operators. while any intermediary relay operator can't do much, if the same person owns both the beginning and ending hops it is theoretically possible for them to de-anonymize you. also, if the service you're accessing does not use https, the traffic will be completely visible to the person who owns the last relay. 4) don't use the same names or passwords on different services you also need to perform an exercise called "threat modeling" to be able to answer this question effectively. what exactly are you trying to avoid when you say you want to be anonymous online? from whom are you trying to remain anonymous, and how are they observing you? are you using networks (office, coffee shop, airport, whatever) that your adversary might be monitoring? are you trying to remain anonymous from service providers? are you trying to remain anonymous from other web users? and which services are you trying to access? the EFF has a lot of good resources on this as well, for example here is their guide on private email: https://www.eff.org/deeplinks/2012/11/tutorial-how-create-anonymous-email-accounts ashgromnies fucked around with this message at 03:33 on Mar 27, 2015 |
#
¿
Mar 27, 2015 03:26
|
|
|
|
| # ¿ Apr 28, 2024 15:50 |
|
|
also, note that if your computer has been owned, you're pretty much hosed there was just a proof of concept released of overwriting the bios through smm to create persistent exploit regardless of operating system -- meaning even if you reformat your computer or use live CDs it doesn't matter: http://www.se-eng.com/2015/03/uefi-bios-exploited-through-system-management-mode/ and if someone has direct access to your computer they can view wha you're doing very easily regardless of your attempts to encrypt or hide it don't use windows, that's important too.
|
|
#
¿
Mar 27, 2015 03:37
|
|
|
Mister Kingdom posted:If you post using somebody's WiFi anonymously, how could they track you down? if you're talking about these forums, they're all over HTTP so on un-switched networks or wifi networks it's super easy to view everything you post or steal your session cookie
|
|
#
¿
Mar 27, 2015 05:50
|
|
|
you're all stupid as poo poo
|
|
#
¿
Mar 27, 2015 13:28
|
|
|
Non Serviam posted:Did you wake up on the wrong side of the bed or something? I just made an effort post to actually try to be helpful then someone posts Mister Kingdom posted:But if it came right down to it, wouldn't they have to have physical possession of your computer for proof? Right after, which is directly related to the need for "threat modeling" like I said in my post, which OP still hasn't done, and, well, gently caress it. OP clearly doesn't care about what they're asking enough to actually put thought and exercise into it, so it's not rewarding to try to help them.
|
|
#
¿
Mar 27, 2015 20:21
|
|
|
|
| # ¿ Apr 28, 2024 15:50 |
|
|
Alder posted:Yes, and OP can't hide in the library even. It depends as I went to the NYC library and they wanted a card to use their PCs but on the bright side I can leech off their wifi if I just sit there in NYPL. On the other hand when I went to Queens library and I had to register for a card to borrow wifi. Encrypting everything is only good if your computer doesn't have malware keylogging you, or taking screen captures, or anything like that  it's certainly not foolproof.And remember DPR, the Silk Road guy, used full disk encryption and logged in from public libraries. The government actually had agents stage a fake lovers' quarrel at the library to distract his attention while another agent ran up and took his unlocked laptop.
|
|
#
¿
Apr 4, 2015 05:13
|
|
