One year after the first revelations of Edward Snowden, cryptography has shifted from an obscure branch of computer science to an almost mainstream notion: It’s possible, user privacy groups and a growing industry of crypto-focused companies tell us, to encrypt everything from emails to IMs to a gif of a motorcycle jumping over a plane.
But it’s also possible to go a step closer toward true privacy online. Mere encryption hides the content of messages, but not who’s communicating. Use cryptographic anonymity tools to hide your identity, on the other hand, and network eavesdroppers may not even know where to find your communications, let alone snoop on them. “Hide in the network,” security guru Bruce Schneier made his first tip for evading the NSA. “The less obvious you are, the safer you are.”
Though it’s hardly the sole means of achieving online anonymity, the software known as Tor has become the most vouchsafed and developer-friendly method for using the Internet incognito. The free and open source program triple-encrypts your traffic and bounces it through computers around the globe, making tracing it vastly more difficult. Most Tor users know the program as a way to anonymously browse the Web. But it’s much more. In fact, Tor’s software runs in the background of your operating system and creates a proxy connection that links with the Tor network. A growing number of apps and even operating systems provide the option to route data over that connection, allowing you to obscure your identity for practically any kind of online service.
Some users are even experimenting with using Tor in almost all their communications. “It’s like being a vegetarian or a vegan,” says Runa Sandvik, a privacy activist and former developer for Tor. “You don’t eat certain types of food, and for me I choose to use Tor only. I like the idea that when I log onto a website, it doesn’t know where I’m located, and it can’t track me.”
Here’s how you can use the growing array of anonymity tools to protect more of your life online.
The core application distributed for free by the non-profit Tor Project is the Tor Browser, a hardened, security-focused version of Firefox that pushes all of your Web traffic through Tor’s anonymizing network. Given the three encrypted jumps that traffic takes between computers around the world, it may be the closest thing to true anonymity on the Web. It’s also rather slow. But the Tor browser is getting faster, says Micah Lee, a privacy-focused technologist who has worked with the Electronic Frontier Foundation—one of the organizations that funds the Tor Project—and First Look Media. For the past month or so, he’s tried to use it as his main browser and only switch back to traditional browsers occasionally, mostly for flash sites and others that require plugins.
After about a week, he says, the switch was hardly noticeable. “It may not be entirely necessary, but I haven’t found it that inconvenient either,” Lee says. “And it does have real privacy benefits. Everyone gets tracked everywhere they go on the Web. You can opt of out of that.”
The simplest way to anonymously send email is to use a webmail service in the Tor Browser. Of course, that requires signing up for a new webmail account without revealing any personal information, a difficult task given that Gmail, Outlook, and Yahoo! Mail all require a phone number.
Runa Sandvik suggests Guerrilla Mail, a temporary, disposable email service. Guerrilla Mail lets you set up a new, random email address with only a click. Using it in the Tor Browser ensures that no one, not even Guerrilla Mail, can connect your IP address with that ephemeral email address.
Encrypting messages with webmail can be tough, however. It often requires the user to copy and paste messages into text windows and then use PGP to scramble and unscramble them. To avoid that problem, Lee instead suggests a different email setup, using a privacy-focused email host like Riseup.net, the Mozilla email app Thunderbird, the encryption plugin Enigmail, and another plugin calledTorBirdy that routes its messages through Tor.
Adium and Pidgin, the most popular Mac and Windows instant messaging clients that support the encryption protocol OTR, also support Tor. (See how to enable Tor in Adium here and in Pidgin here.) But the Tor Project is working to create an IM program specifically designed to be more secure and anonymous. That Tor IM client, based on a program called Instant Bird, was slated for release in March but is behind schedule. Expect an early version in mid-July.
Large File Transfers
Google Drive and Dropbox don’t promise much in the way of privacy. So Lee createdOnionshare, open-source software that lets anyone directly send big files via Tor. When you use it to share a file, the program creates what’s known as a Tor Hidden Service—a temporary, anonymous website—hosted on your computer. Give the recipient of the file the .onion address for that site, and they can securely and anonymously download it through their Tor Browser.
Anonymity tools for phones and tablets are far behind the desktop but catching up fast. The Guardian Project created an app called Orbot that runs Tor on Android. Web browsing, email and IM on the phone can all be set to use Orbot’s implementation of Tor as a proxy.
Apple users don’t yet have anything that compares. But a 99-cent app called Onion Browser in the iOS app store offers anonymous web access from iPhones and iPads. An audit by Tor developers in April revealed and helped fix some of the program’s vulnerabilities. But Sandvik suggests that prudent users should still wait for more testing. In fact, she argues that the most sensitive users should stick with better-tested desktop Tor implementations. “If I were in a situation where I needed anonymity, mobile is not a platform I’d rely on,” she says.
Even if you run Tor to anonymize every individual Internet application you use, your computer might still be leaking identifying info online. The NSA has even usedunencrypted Windows error messages sent to Microsoft to finger users and track their identities. And an attacker can compromise a web page you visit and use it to deliver an exploit that breaks out of your browser and sends an unprotected message revealing your location.
So for the truly paranoid, Lee and Sandvik recommend using entire operating systems designed to send every scrap of information they communicate over Tor. The most popular Tor OS is Tails, or The Amnesiac Incognito Live System. Tails can boot from a USB stick or DVD so no trace of the session remains on the machine, and anonymizes all information. Snowden associates have said the NSA whistleblower is himself a fan of the software.
For the even more paranoid, there is a lesser-known Tor-enabled OS called Whonix. Whonix creates multiple “virtual machines” on the user’s computer—software versions of full computer operating systems that are designed to be indistinguishable from a full computer. Any attacker trying to compromise the user’s computer will be confined to that virtual machine.
That virtualization trick underlines an important point for would-be anonymous Internet users, Lee says: If your computer gets hacked, the game is over. Creating a virtual sandbox around your online communications is one way to keep the rest of your system protected.
“Tor is awesome and can make you anonymous. But if your endpoint gets compromised, your anonymity is compromised too,” he says. “If you really need to be anonymous, you also need to be really secure.”