Doctor Who's security & encryption FAQ v21.4

Discussion in 'Computer Security' started by, Oct 10, 2007.

  1. Guest

    Security and Encryption FAQ - Revision 21.4

    by Doctor Who

    "No one shall be subjected to arbitrary interference with his privacy,
    family, home or correspondence, nor to attacks upon his honour and
    reputation. Everyone has the right to the protection of the law
    against such interference or attacks."

    Article 12 Universal Declaration of Human Rights

    This Faq/Tutorial is offered in good faith and is intended to be an
    encapsulation of my knowledge and experiences gained over the many
    years that I have been a computer/Net user. There are many roads to
    security and privacy on the Net, this is one that I have personally
    pursued and can recommend from experiences gained. I am not making any
    claim that it is the best or the only route to privacy and security,
    just that it works for me.

    There are countless reasons why someone may need the reassurance of
    anonymity. The most obvious is as a protection against an over-bearing
    Government. Many people reside in countries where human rights are
    dubious and they need anonymity to raise public awareness and publish
    these abuses to the world at large. This Faq is to help such people.

    Privacy and anonymity are very important principles associated with
    both freedom of speech and democracy.

    "Anonymity is a shield from the tyranny of the majority... It thus
    exemplifies the purpose behind the Bill of Rights, and of the First
    Amendment in particular: to protect unpopular individuals from
    retaliation - and their ideas from suppression - at the hand of an
    intolerant society."

    Justice Stevens, McIntyre v. Ohio Elections Commission, 1996

    Changes since previous revision:

    Now includes a method of anonymously obtaining a prepaid Debit Card.

    Unfortunately, since my last Faq, e-Gold has been compromized by the
    FBI. All accounts are now subject to their scrutiny, so it is very
    inadvisable to use e-Gold for the foreseeable future. This revision is
    a holding, meaning temporary, revision and I will update with
    alternative ways to fund an anonymous prepaid Debit Card as soon as I
    am able. References to the use of e-Gold within this Faq should
    therefore be treated with great care or ignored.

    Part 1 offers an overview approach to achieve security and anonymity.

    Part 2. In the second part will be the practical implementations of
    some of the programs mentioned in Part 1. In some cases this will
    include detailed setup instructions to help achieve the goal of true
    computer and Internet privacy and anonymity. I assume a basic
    understanding of computers, such as the ability to copy and paste and
    a general knowledge of how to install programs and follow setup

    Part 1 (Questions 1 to 30)

    1. How does encryption work?

    Essentially the plaintext is combined with a mathematical algorithm (a
    set of rules for processing data) such that the original text cannot
    be deduced from the output file, hence the data is now in encrypted
    form. To enable the process to be secure, a key is combined with this
    algorithm. The key is protected by a passphrase. Obviously the process
    must be reversible, but only with the aid of the correct key. Without
    the key, the process should be extremely difficult. The mathematics of
    the encryption should be openly available for peer review. At first
    sight this may appear to compromise the encryption, but this is far
    from the case. Peer review ensures that there are no "back doors" or
    crypto weaknesses within the program. Although the algorithm is
    understood, it is the combination of its use with the passphrase that
    ensures secrecy.

    Thus the passphrase is crucial to the security of the data.

    2. I want my Hard Drive and my Email to be secure, how can I achieve

    You need PGP (Pretty Good Privacy) for your Email and DCPP (DriveCrypt
    Plus Pack) version 3 and/or TrueCrypt version 3 for your hard drive
    encrypted files.

    Both DCPP and TrueCrypt are known as OTF (On-The-Fly) type programs.
    OTF means the encrypted data is only decrypted into RAM (Random Access
    Memory) and remains at all times encrypted on the drive. Thus a crash
    close will not leave packets of plaintext on your drive. A very
    important feature.

    PGP is available for all versions of Windows, Linux, Unix, Mac and
    others. The source code is available for compiling your own version
    should you wish.

    DCPP is Win2000/NT/XP compliant but not compliant with Win98 or
    earlier. Regrettably, no source code is available. It has two unique
    advantages over other encryption programs. (a) It is a whole boot
    drive encryption program. (b) It offers a form of very good plausible

    TrueCrypt is a relatively new, free and open source program of great
    promise. It does not display any file header info to help a snooper
    identify the file's purpose. The header is encrypted and shows as
    random garbage. But it will identify which type of format was used to
    create the Truecrypt volume. Despite Windows and other programs
    claiming the partition is not formatted, Truecrypt will itself rather
    unhelpfully tell the world that it is obviously a Truecrypt created
    volume. I am at a loss to understand the logic of this, but there it

    It allows the encryption of a whole partition or drive. The source
    code is freely available so it means anyone with the ability can
    compile the same program. The importance of this cannot be too
    strongly stressed. It means the risk of a hidden back-door is
    virtually eliminated.

    If the sighting of the source code is important to you, I suggest
    using PGP and TrueCrypt. In all cases you must check the PGP
    signatures of these files, after downloading from a trusted site. I
    would never advocate using any hacked version of a critical security
    program, or one sourced from a warez or other dubious site. Certainly
    not if you are truly serious about your privacy.

    Note 1: PGP, although excellent at ensuring Email privacy, does
    nothing for anonymity. The difference is crucial.

    I will assume that anonymity is also very high on your list of needs
    and so will concentrate on that issue further down the Faq.

    3. What is the difference between these encryption programs?

    One of the difficulties before asymmetrical key encryption was
    discovered was how to get the key to the person wanting to send you an
    encrypted message. In the past trusted couriers were used to get these
    secret keys to a distant location, maybe an overseas embassy. Nowadays
    this is unneccessary because of the discovery of what is called public
    key cryptography. Two different keys are used. One key is secret and
    the other is made public. The most widespread program of this type for
    private use is PGP, invented by Phil Zimmerman. In fact it has become
    the de facto standard on the Net. This program is ideal for Email.

    Anybody sending you mail simply encrypts their message to you with
    your PGP public key. The public key is obviously not secret - in fact
    it may be spread far and wide so that anybody can find it if they wish
    to send you encrypted Email. The easiest way to ensure this is by
    sending it to a public key server. On the other hand, some prefer not
    to share their key, except within a small closed group. Your choice.

    The only way to decrypt this incoming message is with your secret key.
    It is impossible to decrypt using the same key that was used to
    encrypt the message, the public key. Thus it is called asymmetrical
    encryption. PGP is simplicity itself to install and use. It even
    offers to send your newly generated public key to a key server.

    For your normal hard drive encryption, you will need a symmetrical
    type of encryption program. This means the same key is used for both
    encryption and decryption. DCPP and TrueCrypt are of this type and
    especially good because they are OTF (On-The-Fly) type programs.

    DCPP and TrueCrypt use the passphrase to encrypt a randomly created
    key. DCPP stores an encrypted copy of this key in the keystore which
    is a separate entity to the encrypted disk. TrueCrypt stores an
    encrypted copy of the key within the headers of the encrypted device.
    It is the plaintext of the key that is used to encrypt (and decrypt)
    the contents of the disk or container on an as needed basis into RAM

    With PGP a public key is chosen to encrypt the message. PGP will then
    generate a one time session key which it uses to encrypt the message.
    This session key is then itself encrypted with the public key of the
    intended recipient of the message. This encrypted copy of the session
    key is then wrapped in the headers and sent along with the encrypted
    copy of the message to the recipient. Only the recipient has the
    private key which can decrypt this session key. If there are multiple
    recipients, then this session key is encrypted to the public key of
    each recipient in turn. All these different encrypted versions of the
    session key are then wrapped in the headers of the message. Each
    recipient can decrypt his version of the session key, which will then
    be able to decrypt the message. PGP also has a keystore. The keystores
    for both PGP and DCPP are protected by the passphrase.

    The sender of a PGP message may choose to sign a message. The message
    may or may not be encrypted. PGP will then encrypt the hash of the
    message contents using the senders private key. His public key can
    then be used by the recipient to check that his hash of the message is
    identical to the original, thus proving it was made using the sender's
    private key. Only one private key, the sender's, can encrypt the hash
    such that it will check out correctly with the sender's public key. If
    even a white space between two words is closed up in a message, the
    signature will show as bad. This offers a very secure method of
    checking both the accuracy and the authenticiity of a message.

    Truecrypt and many other symmetrical encryption programs store the key
    within the headers of the partition or container. One question often
    asked by newbies is whether the passphrase is also stored somewhere
    within the encrypted file. No. The passphrase is passed through a
    hash. It is the hash output that is stored within the headers of the
    encrypted container. The program will compare this hash with the hash
    it produces from your passphrase that you type in to mount (open) the
    container. If they are identical, the program will use your passphrase
    to decrypt the key that the program generated to encrypt the disk or
    container. It is this key that will then be used to decrypt the disk
    or container on the fly.

    Hashing is a one way action only; it is impossible to derive the key
    from the hash output. The hashing process is simply a way of checking
    that the correct passphrase has been input. If the program was somehow
    altered to force it to use an incorrect passphrase, the output would
    be garbage. There is no shortcut or fix, without the correct
    passphrase the output will be junk.

    4. I have Windows, am I safe?

    Windows is a closed source operating system which is a law to itself.
    Each new update that is released by Microsoft seems to need further
    updates to fix the security holes discovered in the previous releases.
    It has been an ongoing process over many years with no end in sight.
    These weaknesses can manifest themselves as security holes when on the
    Net. A further problem with this operating system is its seeming
    determination to write to your hard disk all sorts of information that
    may be hidden from your view in all sorts of places that could be
    found by a forensic examination of your computer.

    Thus we have a two fold problem. Firstly, the problem of Windows
    having the potential of security holes that might be exploited by
    snoops and hackers using the Net and a different security problem of
    writing all sorts of information to sometimes hidden folders that
    might not be obvious from a cursory check by you, but easily found by
    a forensic examination.

    If you wish to protect yourself from these potential weaknesses you
    need to have an effective firewall, an effective anti-virus and an
    anti-spyware program. That will hopefully help to minimize the threats
    from outside. That is only the start. You also need to replace your
    Windows Internet Explorer browser and your Outlook or Outlook Express
    Email client for something a lot more secure. I like FireFox and
    Quicksilver. Even these need support from the use of specialist

    Even with Firefox or any other Web browser it is imperative that you
    disable Java and Javascript. More about the reasons why later in the

    Secondly, you are well advised to encrypt your whole drive to protect
    yourself from what Windows will write to your hard drive. There are so-
    called wipe and cleaner programs to remove cookies and many other
    files that Windows will save to your hard drive for future reference.
    But at the end of the day, the only truly effective counter measure
    against these potential weaknesses is to encrypt your whole boot

    In some countries, even this might not be enough. Such countries can
    force you to hand over your passphrases to these encrypted drives by
    threatening imprisonment. As more and more judicial systems seem to be
    leaning ever closer to this sort of injustice (injustice because the
    culprit is being forced to self-incriminate himself which is in direct
    violation of Article 5 of the Bill of Rights; the right to refuse to
    be a witness against oneself), so it is more and more important for
    the individual to protect himself.

    Because of these encroachments on our liberty I propose in this Faq a
    method of plausible deniability. This means you can justify every one
    of the files and folders that are on your computer.

    5. Which program do you recommend for this whole drive encryption?

    Unfortunately, there is at present no modern whole boot drive
    encryption program for the Windows operating system with open source
    which also allows a hidden operating system accessible on boot. Of the
    many different boot drive encryption programs, I like DCPP. It is easy
    to install. But its single greatest benefit is it offers a form of
    truly excellent plausible deniability for its presence on your system.

    It encrypts the whole partition. So if you want to keep part of your
    drive in plaintext you will need to divide your hard drive into
    independent partitions or better, have two separate hard drives.

    A further major advantage over previously recommended encryption
    programs is that the passphrase is input at Bios level, before Windows
    is loaded.

    The importance of this is difficult to over-emphasize.

    This means it is impossible for any software key-logging program that
    may be on your computer to detect your passphrase. Such programs are
    sometimes picked up on the Net or arrive via Email and could
    circumvent all your efforts at security. It is even conceivable that a
    snoop or hacker could steal your passphrase as you type it in, if this
    is done whilst the operating system is running. I am sure someone will
    mention that there are hardware keyboard logging devices, which could
    grab your passphrase when you start up, before the operating system is

    However, common sense local site security should minimize this risk.

    A Bios level input of the passphrase in conjunction with whole boot
    drive encryption is just about the Holy Grail of security - without a
    hardware keyboard logging device, very difficult to intercept and

    6. Are there other OTF programs?

    There are several. But so far as I know only DCPP operates from boot
    and includes the opportunity of creating a second (hidden) boot
    operating system.

    Others, such as TrueCrypt only encrypt data files, not the Windows
    operating system.

    TrueCrypt offers strong plausible deniability because it allows you to
    encrypt a partition that appears to be unused and without a drive
    letter. The method of ensuring this is simply explained in the Help
    File that accompanies TrueCrypt. The latest version also allows you to
    create a hidden encrypted volume within the first. This further
    improves its appeal and prospects of plausible deniability and in
    conjunction with DCPP should be excellent for your backup data.

    7. How difficult is it to break into one of these programs?

    Very difficult, in fact for all practical purposes, it is considered
    impossible. In most cases, the weakest link will be your passphrase,
    or being compromised by a hardware key-logger through not having good
    security on your desktop.

    Your passphrase should be long. Every extra character you enter makes
    a dictionary search for the right phrase twice as long. Each time a
    bit is added it doubles the number crunching time to crack into the

    Each keyboard character roughly equates to 8 bits, and is represented
    on the drive as two hexadecimal characters. This suggests a 20
    character passphrase is roughly equal strength to the encryption. In
    practice, probably not. A keyboard has around 96 different
    combinations of key strokes, thus multiplying this number by itself 20
    times is a hugely large combination, ensuring a high probability of
    defeat at guessing a passphrase. But few people can remember a truly
    random 20 character passphrase. So most people use a less than random
    one. This means it should be longer to help compensate for this lack
    of entropy.

    You should also use at least part of both lines of the passphrase
    input screen with DCPP. If you like, two passphrases.

    8. Why?

    Because any passphrase cracker cannot find the correct key until it
    has exhausted a key search as wide as the last character you enter. A
    strong hint that you should make sure the last character of your
    passphrase is well along the bottom line! For higher security you
    should spread it around on both lines.

    Although TrueCrypt has a single line entry it will accept a long
    passphrase of at least 57 characters from my simple tests.

    Be sure that if any serious snooper wants to view your secret data,
    they will find a way without wasting their time attempting a brute
    force attack upon your DCPP or TrueCrypt container. In some countries
    rubber hose cryptography may be the rule. In some "civilized"
    countries there are more sinister methods, such as tempest or the use
    of a trojan.

    Fortunately, tempest and trojan attacks are far less likely to succeed
    against DCPP than all the other encryption programs. Hence my strong
    and enthusiastic support for this program.

    9. What about simple file by file encryption?

    I recommend either PGP Tools which comes free with PGP or Kremlin. Of
    course this is not necessary for files within your encrypted drive.
    But is essential to clear files off your computer that are outside
    your encrypted drive.

    PGP Tools is a long winded process just to encrypt a single file, as
    it asks you to first choose a key before entering the passphrase.
    Kremlin is quicker because it allows you to right click on the file to
    be encrypted, a password box opens and that is it. It also similarly
    allows you to wipe any file by right clicking. This can also be done
    by PGP. Another recommended program to erase individual files is

    10. Can I encrypt files on a floppy?

    Yes, use either TrueCrypt, DCPP, PGP Tools or Kremlin.

    11. Does using Encryption slow things up?

    Negligibly on any modern computer. The length of your passphrase is
    immaterial to the speed of decryption. But different encryption
    algorithms vary significantly. One of the fastest is Twofish and
    probably the slowest is 3DES (triple DES). This applies only to
    symmetrical encryption programs. PGP uses RSA or Diffie-Hellman
    generated keys, which in turn are used to encrypt/decrypt a randomly
    generated session key. The RSA key is very slow, but as it is only
    used to encrypt/decrypt the 128 bit CAST5 or IDEA session key its
    slowness is not noticed. TrueCrypt offers a range of ciphers, of these
    I recommend AES as it is a 128 bit block cipher with a 256 bit key. It
    offers a good compromise between speed and security.

    12. Do I need a PGP passphrase if I store my keyrings within my
    encrypted drive?

    Definitely. Just because you have encrypted your drive does not
    relieve you of the necessity of protecting yourself whilst online.

    13. I use Mac, OS2, Linux, (fill in your choice), what about me?

    Use either BestCrypt (by Jetico - do a Google search) or PGPDisk.

    There are many others, but I know nothing about them.

    14. How can I ensure I do not leave traces of unwanted plaintext files
    on my system?

    If you are using DCPP this should not be a problem. But you must
    disable the Windows hibernation (power saving) feature. When Windows
    goes into hibernation it will dump everything that is in RAM memory
    onto the boot drive, by-passing the DCPP drivers. By-passing these
    drivers means it writes everything to disk in plaintext including the
    keyfile data which unlocks your most secret partition. This will
    defeat the whole purpose of having encryption.

    Although your whole drive will be encrypted I would still install a
    program to clean out bloat and cookies. My recommendation for this is
    Windows Washer.

    To wipe unused space on your drive I recommend Zapempty. Although a
    Dos based program, it runs easily even within Win XP. This is a part
    of a zipped file of wipe utilities called Extract
    Zapempty onto the drive you wish to clean up and double click it. But
    do not use it or any other disk wipe tool on your encrypted drive or
    it may be a pointer to where the hidden container lies.

    15. What programs do I put in my newly Encrypted Drive?

    All your usual programs that you need to use your computer normally,
    plus the more specialised ones to help you achieve anonymity. See
    further down the Faq.

    16. How do I "cover my tracks"?

    Never surf naked. Always, always use a proxy. There are now easy ways
    to use a proxy. In the early days it was necessary to find and hand
    select the proxies you wished to use. This was a laborious process and
    needed expert knowledge of which programs to use to find and exploit
    them. Some still prefer to do it this way. I call it rolling your own.
    It has the distinct advantage of user choice and control over each
    proxy to be used in a chain. However, this may offer anonymity, but
    not necessarily privacy. Meaning no encryption. I like privacy and
    anonymity, so I use other methods. The method I propose also has the
    merit of ease of use and total transparency once the programs are set

    17. Earlier on you mentioned plausible deniability, what is it?

    Plausible deniability is the ability to offer irrefutable
    justification for every single file, folder, container, partition and
    drive that might contain encrypted data. DCPP version 3 (now version
    3.5) offers a world first because it allows dual booting into either
    of two entirely separate boot operating systems, each invisible to the
    other with both using the same drive partition. One of these may be
    called your honeypot operating system, meaning it contains encrypted
    data that you are prepared to show under duress. The second (hidden)
    operating system will contain your most secret data that you never
    release. Its presence can only be deduced by correctly guessing the
    second most secret passphrase for that operating system. No other way
    exists to prove there is a second operating system. Examination by
    forensics of your encrypted boot drive can only show the usual random
    data that is associated with an encrypted drive. Nothing else.

    This must mean excellent plausible deniability.

    18. What if encryption is illegal in my country?

    I used to suggest using TrueCrypt. But as the program discloses which
    type of format was used, thus negating any claims of it being random,
    it might be difficult to justify. Actually DCPP offers some (slight)
    hope, if the MBR (Master Boot Record) of your drive is restored to
    normal. Hope only because it does not disclose what it is. But if you
    have a multi megabyte or worse gigabyte partition, it is not going to
    sound very convincing if you claim it is random garbage. It will need
    to be small, a few megabytes at most and at the end of a drive.

    It will have to be run off a floppy and you will still need to hide
    the floppy effectively in the case of a search. I am sorry I cannot
    help you here. It must be down to your own initiative.

    19. Are there any other precautions I should take?

    Make copies of all your PGP keys, a text file of all your secret
    account numbers and passwords and the other details for your E-gold
    accounts, full details of your Virtual Debit Card account, copies of
    INI files for critical programs, your anonymous Email account details
    plus anything else that is so critical your life would be
    inconvenienced if it were lost. All these details should now be stored
    in a folder called "Safe" on your encrypted drive. A copy of this
    folder should be stored on an encrypted CD, preferably within the
    hidden part of a TrueCrypt container and stored off-site.

    If you are going to rely on any variation of the ploys suggested here,
    then you should keep this Faq within your hidden encrypted drive.

    You will need to take further precautions whilst you are online
    against threats from hackers and snoops.

    20. What are these threats?

    They are known as Tempest and Trojan attacks.

    21. What is a Tempest attack?

    Tempest is an acronym for Transient ElectroMagnetic Pulse Emanation
    Surveillance. This is the science of monitoring at a distance
    electronic signals carried on wires or displayed on a monitor.
    Although of only slight significance to the average user, it is of
    enormous importance to serious cryptography snoopers. To minimize a
    tempest attack you should screen all the cables between your computer
    and your accessories, particularly your monitor. A flat screen (non
    CRT) monitor offers a considerable reduction in radiated emissions and
    is recommended.

    22. What is a Trojan?

    A trojan (from the Greek Trojan Horse), is a background program that
    monitors your key-strokes and then either copies them to a secret
    folder for later recovery or sends them to a server when you next go
    online. Sometimes referred to as spyware. This may be done without
    your knowledge. Such a trojan may be secretly physically placed on
    your computer or picked up on your travels on the Net. Perhaps sent by
    someone hacking into your computer whilst you are online, or whilst
    visiting a Website.

    23. How do I do avoid these threats?

    First of all you must have a truly effective firewall. It is not
    sufficient for a firewall to simply monitor downloaded data, but to
    also monitor all attempts by programs within your computer that may
    try and send data out. I suggest installing Zonealarm. This firewall
    very cleverly makes an encrypted hash of each program to ensure that a
    re-named or modified version of a previously acceptable program cannot
    squeeze through and "phone home". Zonealarm version 6 also
    incorporates both anti-virus and anti-spyware checking, making it an
    excellent choice.

    That is but the start. You also need a Web browser that does not leak
    information, plus a method of passing data across your ISP's servers
    strongly encrypted to prevent prying eyes from watching all that you
    do on the Net.

    24. I use the Net for Web browsing, Usenet and Email, am I safe?

    Whilst you are online anyone could be monitoring your connection. They
    do not need access to your computer to do this. They need only have
    access to your ISP. To minimize these risks you must encrypt the data
    passing across your ISP's servers.

    My suggestion is to use a combination of several programs. Each is
    easily set up (see Part 2). Between them you will be secure and
    anonymous. The best news, all these programs are free and open source!

    25. Which programs do you recommend?

    You need four main programs besides the news client such as Agent (my
    favorite) and the Web browser such as FireFox (again my favorite) and
    the Email client such as Quicksilver, (yes, another favorite).

    Quicksilver will ensure that only text is displayed; all HTML is
    banished. This is important because it prevents you being caught by
    Email marketeers and perhaps snoops and hackers that use linked
    graphic files as a means of tracking "live" Email addresses.

    You can still receive HTML and attachments with Quicksilver, it just
    protects you by putting them into a separate folder, where you can
    view them at your leisure when offline.

    Other programs are: Stunnel, Freecap, Privoxy and Tor.

    They are all very easy to use and really can be setup by a newbie if
    you follow the setup instructions I offer in Part 2. They are totally
    transparent to the user. Once setup there is no maintenance or
    searching for proxies, etc. It is all done in the background with no
    further unput required from you.

    26. Tell me more about these programs?

    Stunnel encrypts the data between you and your news server and is very
    simple to use.

    Freecap is also easy to setup and acts as the bridge between Stunnel
    and Tor.

    Tor is a connection-based low-latency (meaning fast) anonymous
    communication system that protects TCP (Transmission Control Protocol)
    streams for Usenet, web browsing, instant messaging (IM), internet
    relay chat (IRC), Secure Shell (SSH), etc.

    In basic language Tor is a socks server that accepts and encrypts data
    from any program that is "socksified", meaning set up to communicate
    with it.

    Tor is a new program and is still in Beta development mode. But it is
    still a fully functioning Socks proxying system that offers the
    promise of great anonymity and privacy. It is free and open source. It
    is supported by the Electronic Freedom Foundation, a web based charity
    dedicated to freedom of speech online.

    Tor will build automatically and transparently to the client (you) an
    anonymous and encrypted route across the Net. It uses multiple layers
    of encryption, each node only knowing the previous and next node, so
    with several nodes your data becomes anonymized. The principle is like
    an onion with many layers of encryption and anonymity. Thus it is
    called onion routing.

    Remember, the data is encrypted both by Tor which uses TLS (Transport
    Layer Security) and by Stunnel which uses SSL (Secure Socket Layer) as
    it leaves your desktop through your ISP and on into the Tor network.
    Where it exists the Tor network it continues onwards as SSL encrypted
    data on its way to the news server or wherever.

    For Web browsing we need Privoxy. This again acts as a bridge between
    your browser and Tor.

    A web proxy is a service, based on a software such as Privoxy, that
    clients (i.e. browsers) can use instead of connecting directly to the
    web servers on the Internet. The clients then ask the proxy to fetch
    the objects they need (web pages, images, movies etc) on their behalf,
    and when the proxy has done so, it hands the results back to the

    There are many reasons to use web proxies, such as firewalling
    (security), caching (efficiency) and others, and there are just as
    many different proxies to accommodate those needs.

    Privoxy is a proxy that is solely focused on privacy protection and
    junk elimination. Sitting between your browser and the Internet, it is
    in a perfect position to filter outbound personal information that
    your browser is leaking, as well as inbound junk. It uses a variety of
    techniques to do this, all of which are under your control via the
    various configuration files and options.

    Privoxy will bridge the connection between your browser and Tor the
    Socks proxy host. It will minimize pop up ads, etc. But its main
    advantage is it will help prevent information leakage from your
    desktop to any third party trying to sniff your data. Used in
    conjunction with Tor it ensures all your Web browsing is totally

    There is no need to close Privoxy if you wish to use your news client
    or whatever. These programs are totally transparent to you once they
    are running.

    Full setup instructions for these programs are offered in Part 2.

    27. Is the data encrypted after it leaves the remote server and Tor?

    Yes, providing you are using Stunnel. The only precaution you must
    take to ensure both privacy and anonymity, is to use Stunnel in
    combination with FreeCap, which ensurres it routes all data over the
    Tor network.

    It is possible to use Stunnel alone, but not recommended.

    28. How do I subscribe anonymously to a news provider?

    In this Faq I offer more choice. You can send cash, a postal order or
    use a prepaid Debit Card.

    There are now at least 4 news servers offering SSL (Stunnel) encrypted
    connections through port 563. These are: Easynews, Newscene, Octanews,
    and Meganetnews. Thus I strongly advocate you choose one of these
    four. It costs no more to enjoy this extra level of security, so why
    accept anything less?

    There are also remailers that accept an SSL encrypted connection,
    which significantly improves your Email security.

    Privacy.Li will act as a sign-up proxy, meaning they will sign you up
    anonymously to your choice of news provider, or indeed any other
    service you wish. They accept many types of payment, including cash
    and E-Gold. They have their own news service, but do not offer an SSL
    connection, but as it is only accessed via their SSH connection and
    Tor, it should be very safe. To maximize your security, you must sign
    up anonymously and only ever access their servers via Tor. This hides
    your IP address from Privacy.Li.

    E-Gold is not intended to be anonymous, unless you take steps to
    ensure it is. By signing up using your choice of discrete details and
    (most importantly) on first access immediately disabling the security
    protocols which sense your IP address. With anonymous access from
    different IP addresses using Tor, it is very important to do this or
    you will find your account access blocked. I recommend opening a
    second E-Gold account and transfering funds from the first into the
    second on an as needed basis. Any spending of your E-Gold should then
    only be done from the second account. This doubles the difficulty for
    anyone trying to do a backtrace. Obviously the accounts should not
    share any information. Meaning different bogus names, addresses,
    passphrases, etc.

    29. How do I create a secure/anonymous Email account with Quicksilver?

    Previously I have recommended creating a Nym using one of the
    remailers. Because of the huge amounts of spam I was receiving, I have
    had to revise my recommendation about this. I now recommend opening a
    simple POP3 account with one of the many sites offering a free Email
    service. Provided you only ever access them via Quicksilver and Tor,
    you should be safe.

    One example of this is Hotpop. There are many others. Take a look

    All these are only soft anonymous, but they can all be hardened by
    using Quicksilver and ensuring it routes only through Tor. You could
    use Hotpop as your Email incoming POP3 account and send or post
    through Tor and the Mixmaster remailer network.

    Both Hotmail and Hushmail (and the latest version of Yahoo) insist on
    you having both Java and Javascript enabled before they allow you to
    open an account. This is unacceptable to me. I would never recommend
    using any Email service with such a requirement. Explanations follow
    in Part 2.

    30. Can you briefly summarise all the above?

    You need PGP and Quicksilver for your Email and DCPP and/or Truecrypt
    for encryption of your hard drive. These recommended programs should
    help you achieve a very high level of plausible deniability and

    You will need other programs to ensure you are anonymous whilst

    You need to be anonymous online for both browsing and whilst
    subscribing to any Web services. For this you need at least one, but
    preferably two E-Gold accounts and a pre-paid Debit Card. You must
    only access your email POP3 accounts using Quicksilver and Tor.

    Part 2

    31. How do I achieve maximum plausible deniability?

    You must have two separate bootable drives. Drive C is your regular
    drive, it should not be encrypted. Your second bootable Drive D is the
    one we shall concentrate on. I recommend leaving Drive C as your
    regular plaintext drive for ordinary usage. But there is good reason
    to have these programs also installed onto your Drive C.

    To achieve dual boot with your Drive C as the default, you will need
    to re-install Windows onto firstly your Drive D and then again onto
    your Drive C. This is because Windows always makes the last install
    the default. Alternatively, you can modify your boot.ini file,
    provided you know what you are doing.

    I recommend re-formatting both drives. Obviously you should backup
    essential programs and data before you do this.

    It should be possible to boot into either Drive C or D after you have
    created a dual boot system and at this point without any passphrases.

    You should then do everything from within the second Drive, D; meaning
    you first install Boot Authentication and immediately create an ER
    (Emergency Repair) disk. Choose the screen option with the Dos tools,
    just in case of future problems.

    Then check by booting into both drives (now needing the passphrase of

    You should then boot into D and encrypt D. At this stage you will
    still need to start DCPP from within Drive D to do this. Then
    immediately after encryption is completed, update your ER disk before

    Now re-boot into Drive D and again start DCPP from within Windows. You
    must now create a new keystore and key using your ultra secret
    passphrase. It is very important that this new keystore and key is
    stored only on a floppy. Now you can clone your encrypted drive.

    You should then check you can still boot into the first (original)
    encrypted drive on D. If this is successful, close down and re-boot
    into your D drive using the ER disk (to test it) using your most
    secret second passphrase. This should now boot into the hidden OS. You
    should once again open DCPP from within Windows and using your secret
    key and passphrase you can now encrypt this hidden OS using your most
    secret key.

    Before re-booting ensure you update both ER disks. You can also create
    an image file to create a bootable CD using a suitable CD burning
    software. This is identical in usage as an ER floppy.

    You must now remove Boot Authentication off your desktop. One easy way
    is to use the Tools facility on your ER disk. Just follow the onscreen
    instructions. They do sound very ominous about being sure you know
    what you are doing, etc. Just say Ok or YES and revert to the original
    MBR (Master Boot Record). Do not worry, you will still be able to
    access your encrypted secret drive by using either of the ER disks.
    But henceforth this will be your only means of access.

    Obviously you must not attempt to update your ER disk after doing

    32. So far, so good. What now?

    When booting you can simply boot immediately into your plaintext Drive
    C or by using the ER disk, input either passphrase and boot into
    either the honeypot encrypted drive or your hidden operating system

    Clever, very clever. Superb plausible deniability. Or is it?

    What happens when an attacker finds that the dates of all the files in
    the first encrypted partition have never been opened perhaps for

    My justification for this scenario is that Drive D is an encrypted
    backup of my Drive C. It is encrypted to minimize the risk of it being
    corrupted should my computer catch a virus. When dismounted (closed),
    my encrypted drive will be shown by Windows to be unformatted. As
    such, Windows will not normally write to it. Thus it offers a layer of
    security that should I lose all of my Drive C, I can recover by
    booting into my encrypted Drive D. I am not going to argue the fine
    print here. This is my justification for having encrypted my Drive D.
    If there are viruses which can cause Windows to format Drive D, so
    what? I will argue I am ignorant of such things.

    If doubts are raised they are impossible to prove without correctly
    guessing your second passphrase. Even if your attacker convinces you
    he knows DCPP offers the possibility of a hidden partition there is a
    plausible defence.

    Note: It is not a good idea to simply copy your Drive C installation
    to your Drive D, because all the registry entries will refer programs
    back to your plaintext drive C, thus undermining all your efforts at
    security. Far better to do two independent installs. There are ways
    around this, using software that forces Windows to give your drives
    specific drive letters. But do this only if you know what you are

    33. Is it as straight forward as this?

    Not quite. After creating the first encrypted partition on your second
    hard drive you have to avoid a couple of slight bugs.

    First of all it is essential to ensure the data are compacted to the
    front of your D drive. The easiest way I have found of doing this is
    prior to doing any encryption is to use Windows' backup tool to copy
    all the data on Drive D to another drive, perhaps a folder on your
    Drive C. Then do a quick re-format of Drive D (or delete everything
    but a quick format is so much faster). Now using Windows, restore all
    back to Drive D. Easy. You should find all your data is now compacted
    to the front of the drive which will allow you to easily create the
    hidden OS later on.

    However, another little bug raised its head when I tried again to get
    it to clone. I found that the password input screen DCPP displayed
    before it would clone only allowed a shorter passphrase to be input.
    There is no error as such, just that DCPP tells you it has found the
    keystore but cannot open it because either it is corrupt or it is the
    wrong passphrase. As long as this bug remains, it offers you the
    chance of further plausible deniability. The second bug sets a limit
    on the length of your seceond most secret passphrase of about 21

    The easiest work around is to use a shorter passphrase to clone and to
    change it to a longer one before encrypting the clone.

    Note 1: I would strongly urge you not to store this second keystore on
    your honeypot encrypted drive. I suggest creating and storing it on a
    floppy. Later, after cloning, encrypting and updating your ER
    floppies, you should completely destroy this floppy. This ensures this
    critical keystore was never written to your honeypot drive.

    Note 2: There is no requirement to keep a copy of this keyfile. If at
    any future date you wish to decrypt this clone or the original you can
    use the ER disk recovery tools to do so.

    The finding of a second keystore on your honeypot drive will totally
    destroy any attempt at plausible deniability. Or will it?

    Not necessarily. You could create a false keystore, one with a very
    long (and different) passphrase and most importantly, one with a
    different key to suggest you have been attempting to create a hidden
    drive but without success. You can prove this is feasible by
    demonstrating this keyfile cannot create a hidden operating system
    (naturally, only after you have already proven this to yourself with
    this particular keyfile). Ostensibly you have no idea why DCPP refuses
    to cooperate, but the passphrase opens the keystore, proving it is
    correct. This is vital.

    That is superb plausible deniability.

    34. Any other precautions?

    It is absolutely essential that no further data are added to your
    honeypot drive at the risk of destroying altogether your hidden drive.
    This is no idle threat. To (slightly) help in this regard, when about
    to clone the operating system, you are offered a choice of spacing
    between the two partitions, input at least 500 megabytes or more for
    this gap space.

    I would recommend that you initially test out both passphrases. But
    use your honeypot passphrase just once to test it works. Never again
    use it. Windows is a very pro-active operating system and it will do
    things you may not be expecting. Things such as automatic backing up
    of the registry, defragging, etc. Everyone must have noticed how their
    drive can sometimes be very active when they are not doing anything.
    This is Windows doing its thing. So mount once to test, then forget
    all about it. But do not forget the honeypot passphrase, it may be
    your credibility lifeline.

    35. Any more hints about this system?

    Another option that you should consider is disabling your C: drive
    from within your Hidden OS drive. To do this open Control Panel >
    System > Hardware > Device Manager > Click on Disk Drives to expand
    and select the drive you wish to disable. This will have the effect of
    hiding your Drive C when you are in your hidden encrypted drive, thus
    minimizing the risk of Windows writing anything to your plaintext
    Drive C. It also helps to minimize the risk of you saving or
    installing something to your Drive C accidentally.

    Note 1: the devices are shown using their boot identification, not as
    drives C, D, etc. You must check by looking in your boot configuration
    to correctly identify these entities.

    Note 2: This action will only be implemented when booting into the
    drive from which it is setup. By doing it from within your hidden OS
    you ensure you can still boot into Drive C normally.

    Note 3: You could do this from within your Drive C to hide your
    encrypted drive. But it will not fool a forensics expert for one
    moment, thus it foolishly red flags what should not be of any concern.

    36. What programs do I need and where do I get them?

    There are seven programs recommended for security and anonymity:

    DCPP, PGP, TrueCrypt, Stunnel, FreeCap, Privoxy and Tor.

    And three others recommended for Email, Usenet and Web browsing:
    Quicksilver, Agent and FireFox.

    In all cases where there is a choice of download, ensure you download
    the version that is compliant with your operating system, e.g. Windows
    XP or whatever.

    Get them here:



    Stunnel is used for NNTP secure connections to your news provider.


    Stunnel requires the executable file plus 2 others.

    stunnel-4.05.exe stunnel-4.05.exe.asc (digital signature file optional
    but recommended)

    OpenSSL Libraries (required files). These are put in the same folder
    as Stunnel:

    libssl32.dll libeay32.dll

    libssl32.dll.asc (optional) libeay32.dll.asc (optional)




    Not essential, but strongly recommended:




    Note: There are later versions of PGP. Ignore them. They are closed

    37. Where do I put these files?

    PGP should be installed onto your hidden operating system. It may
    offer to install onto your Drive C. Avoid that unless you want to
    deliberately offer a sanitised version on your Drive C.

    Actually there is good reason to install all of the above onto your
    Drive C. This may sound alarming, but consider, their presence might
    be deduced if any snoop has been monitoring your ISP data. It will
    always pass across as encrypted data. If an examination of your hard
    drive were to reveal the absence of such programs, how do you show how
    you were doing it? The presence of these programs is not illegal at
    all. On the contrary, there are very good and sensible reasons why you
    want to avoid both spam and having your privacy invaded. In fact, I go
    further and install Tor as a server. This is easy with the latest
    version. Just click on server after install - that's it. More about
    this later on.

    For the other files, create a new folder called Proxy. Open Proxy and
    create the following sub-folders: FreeCap, Stunnel, Privoxy, Tor

    Install by copying all of the downloaded files into their respective
    folders. Ensure the library files for Stunnel are in the same sub-
    folder. The latest version of Tor now includes a Windows install.

    Each program can then have shortcuts made and placed on your desktop,
    or wherever you choose if different.

    38. How do I configure Privoxy?

    Privoxy is used for HTTP secure connections to the Web. It works in
    conjunction with Tor. It is not used for Usenet or Email.

    The config.txt file looks daunting, but you just remove # from the
    beginning of any line to make that line active. The only change you
    must make is to ensure Privoxy routes through the Tor network. To
    ensure this, scroll down to section 5.2 in config.txt

    Copy and paste the following line exactly as shown, into section 5.2:

    forward-socks4a / .

    The spacing and the period at the end are important. You should leave
    the other lines alone unless you know what you are about.

    The above is mandatory, but optionally and strongly recommended once
    you have succeeded in getting privoxy working properly, is to stop it
    logging your actions. Do this by commenting out (using # at the start
    of the line) "logfile privoxy.log" and "jarfile jar.log".

    By default it will run on startup and minimize to the task bar.

    39. How do I configure Stunnel?

    Stunnel is required for an NNTPS, meaning secure, connection to

    Copy and paste all of the following in Notepad and save it in the
    Stunnel folder, name the file stunnel.conf:

    #Stunnel client configuration file # client = yes options = ALL
    RNDbytes = 2048 RNDfile = bananarand.bin RNDoverwrite = yes #
    #[Meganetnews_NNTPS] #accept = 119 #connect =
    #delay = no # [nntps] accept = 119 connect =
    563 delay = no # #[nntps] #accept = 119 #connect =
    563 #delay = no # #[Octanews_NNTPS] #accept = 119 #connect = #delay = no # #[putty_nntps] #accept = 119
    #connect = #delay = no # # End of config file

    Remove the # from the beginning of any bunch of lines you wish to make
    active. The above is setup to optionally allow (When the # is removed)
    routing through several news providers using a secure SSL connection.

    Note the lines:

    [putty_nntps] accept = 119 connect = delay = no

    This is an option to route your Usenet connection through a SSH
    (Secure Shell) host server using Putty.

    This option is strongly recommended for Usenet posting when used
    together with Tor for maximum anonymity and security.

    The file (stunnel.conf) does not exist until you create it. Stunnel
    cannot work without its presence. You will just get some server error.
    This might happen if you or Windows names it incorrectly.

    You may need to get Explorer to show extensions to known file types,
    otherwise Windows may save the file as stunnel.conf.txt. If you are
    not sure, go to Tools > Folder Options > View > uncheck "Hide
    extensions to known file types". Click on Ok.

    Note: In the previous Faq I had shown a long list of various
    remailers. I have omitted them all from the above config file as the
    latest Quicksilver allows direct connections into Tor and thence on to
    the remailer network. This means it is easier and quicker to send and
    receive mail using Quicksilver and Tor.

    If you want options I suggest creating several folders called Stunnel
    1, Stunnel 2, etc and copy Stunnel.exe plus the two library files and
    stunnel.conf into each. Now make active different combinations of the
    above in each folder. Ensure that only one option is active in each
    stunnel.conf file or you may get conflicts and problems. Create
    shortcuts to each stunnel.exe and copy to your desktop (renaming as

    40. How do I configure FreeCap?

    Go > File > Settings > Proxy Settings > Default Proxy. Type
    into the server window and 9050 into Port. Click OK. Under Protocol
    ensure SOCKS v5 is checked.

    With the program back at the opening screen, drag and drop the Stunnel
    shortcuts into the FreeCap window. You will immediately see the
    Stunnel icons position themselves along the top of the screen. As each
    is loaded, re-name it to easily distinguish it from the others. Do
    this by right-clicking on an icon and selecting Modify. Change the
    name on the top line to something self-descriptive, such as Easynews
    or Putty or whatever.

    You have now socksified Stunnel. That is all it takes. Whenever you
    run Stunnel you must start it by clicking on one of the icons from
    within FreeCap, which obviously means first starting Freecap. Stunnel
    secures the programs and by socksifying it with Freecap, ensures all
    data is routed over the Tor network. Just minimize Freecap after
    starting Stunnel. To close Stunnel, right click on its icon on the
    taskbar and select Exit.

    Note: Some may experience problems with FreeCap. If you do, an
    excellent, free for non-commercial use alternative, (but not open
    source) is SocksCap. It is here:

    41. How do I configure Tor?

    Nothing to do. Just click on its shortcut and watch the screen. Wait a
    minute for it to create its onion route across the Net. Once this is
    enabled it will display, "Tor has successfully opened a circuit. Looks
    like its working."

    minimize (not close) the program and that is it for Tor.

    The latest version comes bundled with Vidalia, a Windows installer.
    This now shows all sorts of goody information, such as a World view of
    the Tor servers and network in actual usage. It is very easy to make
    your system a server on the Tor network. Do not be alarmed. This is
    perfectly innocent. All data passing through will be encrypted. It
    helps to explain your operation. You are a firm believer in freedom of
    speech and the rights of freedom. This is your way to express your

    Note: I recommend checking back regularly for the latest version of
    Tor as it seems to be changing very frequently. Older versions may
    cause problems of incompatibility or other minor glitches. I also
    recommend you take the bother of reading at least the basics of how
    Tor works.

    42. How do I configure my Browser?

    To ensure your browser chooses to route through Tor you must now go to
    its Proxy settings Window. With FireFox this is > Tools > Options >
    Connection Settings.

    Input into each line except Socks Host. Leave that line
    completely clear. Input 8118 into the Port window for each line, but
    again leave the Socks Host line clear. This is because Privoxy listens
    for connections on port 8118 by default. Remember we have already
    configured Privoxy with the line: "forward-socks4a / ."
    This is telling Privoxy to pass on its connections to Tor which is
    listening on Port 9050 by default.

    Click on > Tools > Options > Web Features and uncheck "Enable Java"
    and "Enable Javascript". This is very important to ensure no remote
    site can take control of your desktop and invade your privacy. I would
    also disable "allow Web Sites to install software"

    You will find some Web sites will not now work correctly. This is the
    penalty of ensuring you do not give away your private details to any
    snooper who may be trying to sniff them.

    43. How do I configure my news client?

    You must now configure your news client by inputting into
    the window which asks for your news server name. If you have never
    used a proxy prior to this, go to the screen displaying "News Server".
    In Agent 1.91 this will be Options > User and System Profile > User.
    Enter for the server name. Click OK. The port is set in the
    Agent.ini file to 119, do not change that. Stunnel has already been
    configured to listen on port 119 anyway and to forward through port
    563. Yes, you could change this port, but only do so if you know what
    you are about.

    Note: Stunnel can only be used with a news provider that offers a
    secure (NNTPS) connection (by default on port 563). For other news
    providers Stunnel is useless. For these less secure sites I suggest
    socksifying Agent, by dragging and dropping the Agent shortcut into
    FreeCap. Not nearly as secure, as your data will not be encrypted
    after it leaves the Tor network on its way to the News provider. It
    costs no more to subscribe to a secure news provider than it does to
    one that does not offer an encrypted connection. So why choose
    anything less?

    Each of these four programs, Stunnel, FreeCap, Privoxy and Tor accepts
    connections from either your Web browser, into Privoxy and on to Tor,
    or from your News client into Stunnel, socksified by FreeCap and again
    on to Tor. Many programs can be socksified, not just those mentioned.
    The procedure is exactly the same, just drag and drop the shortcut of
    the program to be socksified into Freecap.

    44. How do I test these are all working?

    Let's check the Web first.

    Start Privoxy (which by default normally starts with Windows).

    Open your browser and input: http://p.p/

    You should see the Privoxy main page with the following:

    "This is Privoxy 3.0.3 on localhost (, port 8118, enabled."

    If you see that, be assured you have accessd via Privoxy.

    If you see "p.p. could not be found, please check the name and try
    again." You are definitely not accessing via Privoxy.

    Go back through the above and check everything very carefully.

    Note: This is an internal test, not via the Web. It just proves that
    Privoxy was invoked to display that page from its own folder, which
    you will see displayed if you click on "View and change the current

    You will then see a clear display of all the configuration settings.

    Do not change anything unless you have a backup file and know what you
    are doing.

    Let's assume your Web browser is functioning as it should and you see
    the p.p. page displaying the confirmatory message.

    You should now test your news reader client.

    45. How do I test my news connection is anonymous?

    Open FreeCap and click on the Stunnel icon in the FreeCap Window.

    Without opening Tor at this stage, start your news client. As a small
    precaution ensure you are in an appropriate newsgroup and attempt to
    download its headers. You should see connecting to displayed
    on the lower taskbar in Agent or wherever in the version you are
    using, followed by error reported by Winsock driver. Good. This proves
    Stunnel was attempting to connect to Tor which is offline of course,
    thus no connection was possible.

    Now start Tor. Try again. Hopefully this time you will have more
    success and it should connect to the news server and start downloading

    Note: It can sometimes take a considerable time to connect when using
    the Tor network. This is normal, but means patience is a virtue here.

    Go to a multimedia group and start to download a large file. While the
    download is in progress, close Tor. You should see an immediate error
    about connection to server closed unexpectedly. Good.

    Re-start Tor. Re-establish the connection with the server and start
    over. This time close FreeCap. Notice the download will continue. Do
    not panic! It is still accessing via Tor. Prove this for yourself by
    closing Tor and notice the download again stops immediately and there
    is the same Winsock error. However, do not normally close any of these
    programs until you are ready to go offline. Always close the news
    reader first to ensure no data is being accessed which might just
    possibly jump across and appear in the clear.

    The usual way to open each of these programs is go online with your
    ISP. Open Freecap, start Stunnel from within FreeCap. Open Tor, then
    last of all open your news reader. Test the system from time to time
    to satisfy yourself all is as it should be. Closing down is the
    reverse of this procedure.

    If you have got this far, you have succeeded in creating a secure and
    truly anonymous network connection for both your browser and your
    Usenet posting/downloading.

    Note: It is imperative that Stunnel be started only from within
    FreeCap and thus be socksified. Otherwise it will simply connect
    directly with your news provider, bypassing the Tor proxy network.
    Certainly it is an encrypted connection but totally useless from an
    anonymity point of view. Your ISP will know exactly where you are
    connected. Your news server could also log your ISP address!

    46. What if no exit server exists on Tor with port 563 (or 119)

    Unfortunately this might very well happen occasionally. Because of
    abuse or over-use (what is the difference?), admins are reluctant to
    open ports to Usenet. Of course, if you are a server, you have this
    option. But be aware, it might attract very heavy traffic through your
    computer as others find it open. Alternatively, check the box to
    ensure you are handling only traffic between Tor servers, in other
    words become a middleman server.

    If you do experience a problem one alternative is to subscribe to a
    Secure Shell (SSH) host, such as Cotse, Find.Not or Privacy.Li. There
    are others. I have only had experience with Privacy.Li. Rarely had a
    problem. Their servers seem very reliable. But using any of these
    services will add overhead and therefore slow things up considerably.

    Of course if all you want is to access the privacy groups you can
    configure your stunnel.conf file to include:

    [BANANA_NNTPS_563] accept = 119 connect = tyrndfbdb2x6g3vg.onion:563
    delay = no

    This is Banana's hidden service. Because it is a hidden service, it
    does not rely on any Tor exit server having ports 119 or 563 enabled.

    Note that only a very few news groups, those concerned with privacy
    are available through Banana. Panta offers a similar service, also
    with just a few news groups. Both are useful for posting to

    If you would prefer to subscribe to a Secure Shell host, then you need
    to use Putty as the SSH client.

    Putty is here:

    You will still need Stunnel to allow the NNTPS (encrypted) connection
    into your news provider and FreeCap to act as a bridge between Stunnel
    and Tor. Tor is the socks proxy that hides your true IP from the
    Secure Shell host server. As Putty will channel everything through
    port 22, you will have a lot more choice of exit servers with Tor.

    See the above example stunnel.conf file.

    The sequence is: Agent > Stunnel > Freecap > Tor > SSH server > news
    server (or wherever).

    This is the route to go for the strongest anonymity. It is especially
    recommended for hard anonymous posting to Usenet. For lurking, the
    requirements are not as critical and it is sufficient to just go Agent
    > Stunnel > Freecap > Tor > news server.

    Contrast that with the usual newby connection of Agent > news server,
    or worse, Outlook Express > server.

    47. How do I configure Putty?

    Open Putty. Load one of your SSH servers, but do not yet open the

    Go down left hand column to Proxy. Click on Socks5

    Enter into Proxy Hostname and 9050 into Port.

    Click on Yes for "Do DNS name lookup at Proxy end."

    Go down to Tunnels. Remove your existing news server which will be
    using port 119.

    Input 563 for local port. Then input "
    563" (or whatever name your news provider has assigned you) in the
    destination host box (without the quotes) and click on ADD.

    Your entry will then look something like this:


    Go back up to the opening screen in Putty and click on Save.

    Note: Despite suggesting Easynews in the above examples, I am not
    endorsing them as a news server. I prefer Meganetnews these days.

    48. Can I post binaries anonymously to Usenet with this system?

    Absolutely. If you choose to use Agent, it will always use your news
    provider as the posting host. This is why I recommended you subscribe
    anonymously to this news provider - see further down regarding
    anonymous subscriptions.

    If you are into heavy posting then you should use Power Post or
    something similar that allows you to choose whole folders of files for

    If you use Quicksilver for posting to Usenet it will always use one of
    the mail2news gateways. All data from your desktop is encrypted
    through to the first remailer and then on through the Mixmaster
    remailers and onto Usenet. The one and only down side is that the
    anonymous remailer network does not readily accept large files, such
    as binaries. Do not try and post as attachments, better to write it
    into the body of the message, if possible. Agent does this by default,
    even when you use its attachment feature.

    To post binaries, use Agent or Power Post or similar and post via your
    socksified Stunnel and Tor via your SSH server using Putty.

    A warning: If you post illegal material, you may find your anonymous
    account closed without warning and no possibility of any refund! Of
    course no such opportunity exists when you channel through the
    remailer network, which is precisely why so many choose to use it.

    49. what about sending Email?

    I recommend Quicksilver. Quicksilver now supports a direct route
    through to Tor, providing you specify it. To ensure this go > Tools >
    POP Accounts > Proxy > input in the Proxy Server window and
    9050 in the Proxy Port window and choose 5 for Socks Level from the
    drop down options. Obviously, you must also input your POP3 userid and
    password in the POP Accounts section.

    There is no need to worry about socksifying it through Stunnel and
    FreeCap. Here are sample templates for this. Just copy and paste them
    into a Quicksilver template.

    This one is for Usenet, name it Panta-news:

    Fcc: outbox Tor:,4a; nowhere.invalid; Host: panta- From: kwiktime < > From: Chain: panta,*,*,*; copies=2 References: To:


    Newsgroups: X-No-Archive: yes X-Hashcash: Subject:

    ....and this one is for Email, name it Panta-Email:

    Fcc: outbox Tor:,4a; nowhere.invalid; Host: panta- From: kwiktime < > From: Chain: panta,*,*,*; copies=2 To: X-Hashcash: Subject:

    Notice that in both cases truly excellent anonymity is assured because
    in addition to the anonymity offered by Tor, your messages are further
    anonymized by passing across the Mixmaster remailer network. It should
    be truly impossible for your ISP to be able to even discern that you
    are posting or sending Emails. This is because you are not using your
    ISP's SMTP server to sendmail or to post.

    Hashcash is a requirement for panta-rhei, banana and dizum. Without
    the Hashcash token your message will be either randomnly sent to
    another remailer or lost. To use Hashcash you must get the Hashcash
    zipped file from here:

    Unzip and install in a convenient folder. After installation go >
    Start > Programs > Universal Hashcash Minter and copy or drag and drop
    the shortcuts shown into your desktop, or wherever. Now all you need
    to do is click on the shortcut to mint tokens, copy one of these
    tokens to the clipboard so you can paste it into the header of your
    Quicksilver template. Then delete that token from the list of

    Hashcash is being forced on remailer admins to help minimize junk
    mail. Without it, some might simply close. We all benefit from the
    remailer network and this is the price we have to pay for this

    To read more about Hashcash go here:

    A further refinement when using Quicksilver is to ensure that when you
    ask it to update the remailer listing, it always uses Tor. To ensure
    this, on the Tool Bar go > Remailer Documents > Proxy > in Proxy Host
    type and Port 9050 and Socks Level 5.

    50. Why is the remailer network so secure and anonymous?

    Although not perfect (nothing is), it does offer a level of anonymity
    well above and beyond what simple anonymous services (such as Hotpop)
    offer. It uses the Mixmaster remailers and has protocols to ensure
    your messages are very difficult to trace and decrypt. Remember, by
    using Quicksilver in the recommended way, you are not just using
    Mixmaster, but also using the Tor network which then sends all data on
    to the Mixmaster remailer service.

    Mixmaster is the type II remailer protocol and the most popular
    implementation of it. Remailers provide protection against traffic
    analysis and allow sending email anonymously or pseudonymously.

    Mixmaster consists of both client and server installations and is
    designed to run on several operating systems including but not limited
    to *BSD, Linux and Microsoft Windows. It does not use PGP, but RSAREF
    with its own keys and key formats.

    In the above cases, this anonymity is further reinforced by using the
    Tor network to anonymize you from the panta-rhei first remailer in the
    Mixmaster network. Double anonymity - excellent.

    On the horizon is a new remailer system called Mixminion. It is
    available now, but only as a beta service, so by all means experiment,
    but be careful.

    51. How do I receive Email with Quicksilver?

    You can set up Quicksilver to look for Emails on any POP server such
    as or All your mail is then recovered via the
    Tor network which helps you remain anonymous.

    Go > Tools > POP Accounts > Proxy > for Proxy Server, 9050
    for Port and Socks level 5. Ignore the two lower lines. This will
    route your Email path through Tor. You can choose to ensure that
    quicksilver only downloads PGP encrypted mail and to delete or leave
    on the server. Very flexible.

    52. What about P2P and IRC?

    P2P using eMule or whatever is very risky from a privacy view point,
    unless you know what you are doing. I believe some have used it in
    conjunction with Find.not, but you will have to do your own research
    about this. I am sorry I cannot help as I have never tried it.

    The Tor Website claims you can use Tor for IRC and IM, but again, I
    have never used Tor in this fashion myself.

    53. How do I get access to the premium (paid for) services?

    Apply on their sites (e.g. ). But always access via
    Tor and ensure you subscribe anonymously. The easiest way is by means
    of a prepaid Debit Card.

    54. I want a Pre-paid Debit Car, how and where do I get one?

    Go here: But only after you
    have configured your browser to route via Tor - most important this!

    They will accept many forms of payment. E-Gold is my preferred way
    using two different E-gold accounts back to back. Why? Because it is
    much more difficult to do a back trace.

    The Debit Card is acceptable to many more web sites, especially news
    providers, than E-gold. Note this card is solely for Net use. It is a
    virtual card. You get Emailed the card details, you do not receive a
    physical card through snail mail. Thus the name and address you supply
    need only match the name and address you have used when creating your
    second E-gold account. Naturally, this is the same address you must
    use when using your card to subscribe to a Web site. But this name and
    address is your choice! If in the United States, the Zip code must
    match your choice of address. But so far as I can tell, that is the
    only check that is made. Just take an address out of the phone book,
    but change the name and street to something innocuous.

    Of course the Email address you offer, must be accurate, secure and
    most importantly, anonymous.

    55. Are there any disadvantages to this type of card?

    Cost. They charge you 50 US Dollars, plus 6 percent of the value you
    wish to load into the card. At the end of the year, you need to re-
    apply for another. It can only be used for Web purchases.

    Its truly big advantage is it can be purchased anonymously. No online
    identity checks or credit checks and no need to offer a genuine postal

    But be certain to use an accurate and anonymous Email address.

    56. What about funding my E-gold account?

    This can be a disadvantage if you choose a market maker unwisely. Some
    will want to identify you as per the latest Government homeland
    security bills. However, if you choose an Asian market maker, you can
    pay directly into one of their branches with a fake identity. Remember
    this is your initial E-gold account. The name you use must be
    different to your second E-gold account. The second E-gold account
    receives its funding by you transferring money from one account to
    another. To E-gold it would seem as if you were sending money to
    someone else with no connection with you. Always use Windows Washer
    between accessing these accounts, to ensure there can be no connection
    between them by E-gold's use of cookies.

    57. What is so bad about MS Internet Explorer?

    MSIE is a dangerous program designed by MS to allow remote servers to
    access your computer's registry. Although designed for use by MS to
    allow easy updating of the Windows Operating System, this feature
    could be used by any site to access your IP address, even your machine
    ID and your personal Credit Card details or worse, far worse, your
    saved passphrases. This can be done even if you have logged onto a
    site through a chain of proxies. In other words Microsoft Internet
    Explorer is an absolute no-no as far as anonymity is concerned.

    Be wary also of Windows Media Player. It creates a unique ID number in
    the form of a 128-bit GUID (Globally Unique Identifier) which will
    uniquely identify your computer to the world at large. It is stored in
    the Windows Registry here:


    This ID number can be retrieved by any web site through the use of
    JavaScript. Hence the reason why it MUST be disabled. The ID number is
    called a supercookie because it can be retrieved by any web site. This
    supercookie can be retrieved by any site to track you and web sites
    can share this information with each other, allowing them to create a
    sophisticated profile about your Internet usage. Worse, cookie
    blockers cannot block its use!

    The easy way to fix the problem is in Windows Media Player > Tools >
    Options > Player. In the "Internet settings" section, uncheck the box
    next to "Allow Internet sites to uniquely identify your Player."

    Or you can ensure that Windows Media Player is not enabled at all. To
    do this go Start > Settings > Control Panel > Add/Remove Programs >
    Set Program Acess and Defaults > Custom > clear the button for both
    Real Player (another bad one) and Windows Media Player and also clear
    the button where it says "Enable access to this player" for both of
    them. I choose both of the above methods as I believe in belts and
    braces when it comes to privacy.

    58. Surely all this is totally over the top for the majority of users?

    It is certainly over the top for 99 per cent of users for 99 per cent
    of the time. If, however, you are the one in a hundredth and you do
    not much like the idea of being at risk for 1 per cent of the time,
    then no, it is not over the top at all.

    In any case, using these tactics helps create smoke which in turn
    helps protect those who really do need all the protection and security
    they can get.

    Remember this Faq is intended to help many different people. Some may
    be living in deprived conditions, in countries where human rights
    abuses are a daily fact of life. Remember, there are far more
    undemocratic countries, than democratic ones.

    59. What about backing up my Data?

    Create another encrypted container using TrueCrypt on an external hard
    drive. Open this partition and copy some innocuous data from your
    normal plaintext drive. Now close this container and create a hidden
    container, following the instructions in the documentation that comes
    with TrueCrypt. Now copy all your secret data across into this secret

    Restoring is just as simple. Just open the secret container and copy
    into your DCPP partition.

    60. Are there any other hints?

    A few items that may be of interest if you run Windows XP, although
    not of any value as snoop protection. To make your system run faster
    do this: Right-click on the Start menu button > Properties > Start
    Menu > Classic Start menu > Customize > Advanced Start > scroll down
    to "Show Small Icons in Start menu" and uncheck the box. Click OK,
    again OK. Now right-click on your Desktop > Properties > Appearance >
    effects. Uncheck everything. Click OK in the Display Properties dialog
    and OK again. You have just got rid of much of the Windows kludge. It
    will run faster and will seem more enthusiastic about everything.

    A further small improvement in securing your hard drive is to disable
    Write Behind Disk Cache, if allowed. My version of Windows XP Pro does
    not now allow it. If yours does, do this: go > Start > Control Panel >
    System > Hardware > Device Manager > Disk Drives - show devices > open
    the appropriate disk > Policies > Uncheck Enable write caching on the
    disk. Click OK, close the boxes. And that's it!

    Write behind disk caching is just another kludge thing from Windows.
    Theoretically it will speed things up, but at the cost of causing more
    program crashes and certainly to reduce your security, so disable it.

    Windows Vista insists on NTFS files. Thus it is presently impossible
    to create a hidden OS using Vista. I suspect Securstar are well aware
    of this and are taking steps to work around this drawback.


    That's it. I hope this Faq has been of some help to you.

    I am aware that this Faq has grown over the years and will seem very
    daunting to someone new to the Net. My suggestion is to take it one
    step at a time. Experiment with PGP. Generate a few keys, test them
    out by sending Email to yourself. Only when you understand what you
    are doing should you then go on to the next step. I would suggest this
    might be by investing in a new hard drive and experiment with
    encrypting it using DCPP. Once this has been successful, attempt to
    clone it and then finally to encrypt your hidden OS within it.

    Only then should you try installing the files required for anonymity
    and privacy. Again, take it one step at a time. Do not over-reach

    Despite my attempts at thoroughness, this Faq still falls woefully
    short of a truly comprehenisve explanation of all that is required for
    true Net privacy and anonymity. Hopefully individuals will take time
    to read and learn more as they go along.

    I have received several Emails from individuals who tell me they have
    encountered various problems trying to follow my Faq. Basically, it
    appears that some machines just do not like DCPP. Dell is one such
    brand. From what I have learnt, it seems impossible to create a hidden
    drive. In some cases, not even on Drive C. However, some success was
    achieved following my suggestion to use the ER disk to attempt to boot
    into the hidden disk instead of relying on the disk's MBR (Master Boot
    Record) after cloning. Do the same whenever you wish to boot into the
    hidden drive. In another incidence it seemed beneficial to switch off
    the machine altogether before attempting a re-boot. Yet another ploy
    was to reduce the size of the DCPP drive to just below 30 Gigs. A
    larger drive caused boot errors.

    No idea what is going on, but if you are having similar problems, try
    one or more of these suggestions. They may help.

    My key is on the key servers. This is my key fingerprint:

    F463 7DCB C8BD 1924 F34B 8171 C958 C5BB

    Remember, anybody can call themselves by my Nic, but there can only be
    one key fingerprint like the above - mine. It thus ensures you are
    reading a Faq prepared by me and no one else.

    Links to items specifically mentioned or recommended in the Faq:




    or here:

    Stunnel is used for NNTP secure connections to your news provider.

    Stunnel requires the executive file plus 2 others.


    stunnel-4.05.exe stunnel-4.05.exe.asc (digital signature file optional
    but recommended)

    OpenSSL Libraries (required files - scroll down the page:

    libssl32.dll libeay32.dll

    libssl32.dll.asc (optional) libeay32.dll.asc (optional)

    Privoxy Home page:



    Mixmaster: (required by Quicksilver) can be downloaded after
    installing Quicksilver, just go > Window > Update Wizard and follow
    the onscreen steps

    POP Email services:

    Hashcash Zip file:

    Hashcash site:



    Windows Washer is here:

    E-Gold: (CAUTION: Don't use anymore! Indicted in
    the US, no more privacy)


    Virtual Debit Cards:




    Other links that might be of interest:




    (Recommended to decode and join binary files)

    SSL Proxy info:


    (Will show you what is on your hard drive)


    Thumbs Plus:


    News Providers:


    Nym remailers:, home page: //, home page:

    In case you need convincing:

    Useful programs:

    Partition Magic:










    Media Player Classic:

    Some anonymity sites:

    Other additional useful sites:

    Beginner's Guide to PGP:

    PGP for beginners:

    Faq for PGP Dummies:

    The PGP Faq:

    The SSH home page:

    Anonymous Posting:

    Anonymity Info:

    Nym Creation:

    General info:

    Revision 21.4
    , Oct 10, 2007
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. know-doubt about it

    Re: Security & Encryption FAQ - Revision 18

    know-doubt about it, Mar 2, 2004, in forum: Computer Security
    Doctor Who
    Mar 6, 2004
  2. starwars

    Security and Encryption FAQ - Revision 18.2

    starwars, Apr 9, 2004, in forum: Computer Security
    Apr 9, 2004
  3. Doctor Who

    Security and Encryption FAQ - Revision 18.2

    Doctor Who, Apr 12, 2004, in forum: Computer Security
    Doctor Who
    Apr 12, 2004
  4. Doctor Who

    Security and Encryption FAQ - Revision 18.2

    Doctor Who, Apr 16, 2004, in forum: Computer Security
    Doctor Who
    Apr 16, 2004
  5. usenet security by Dr Who v21.4

    , Oct 10, 2007, in forum: Computer Support