Big Brother is Watching – Privacy, Censorship, and Staying Anonymous

Big Brother is Watching You - rezn8d.com - R3zn8DThe freedom of our internet is at stake, 1984 is here, Big Brother is watching you, tracking your every move, and he is slowly dissolving your connections to uncensored content.  Google’s actions have prompted me to write a “State of the Internet” address regarding our current Orwellian existence.

In addition to Google’s new privacy concerns, this page will seek to document any programs, software, and companies or organizations that help fund, effect, or support censorship and/or tracking on the internet; as well as ways to protect yourself and browse anonymously online.  This page will be updated from time to time with no notice.

Protip: click the links in the following paragraph to see how each of these Google services cause great concern for privacy advocates.

Google is the world’s most popular search engine, and YouTube (owned by Google) is the world’s most popular video hosting site.  Google also offers tons of other services, like Gmail, the world’s most popular online email service, Google Maps, the world’s most popular mapping software, who’s Street View cars recorded local WIFI’s in your homes and geolocated them. The two services of greatest concern for privacy advocates are Google Analytics and Google Safe BrowsingGoogle Chrome is Google’s own browser, combines all of the above mentioned services together like Voltron’s Big Brother.  Google’s mantra “do no evil” is now officially riding the fail whale.

Now Google has “up and done it“.

“The main change is for users with Google Accounts. Our new Privacy Policy makes clear that, if you’re signed in, we may combine information you’ve provided from one service with information from other services. In short, we’ll treat you as a single user across all our products, which will mean a simpler, more intuitive Google experience.”

The idea is to consolidate all your online activities into a single profile that tells their marketing clients and law enforcement anything they want to know about Joe Smith, 221 Mockingbird Lane.  Privacy advocates are up in arms.  You should be too, read on and I’ll take you on a tour of modern day Big Brother.

Never trust your own eyes, believe what you are told - 1984 - Big Brother

So what made all of Google’s services “the world’s most popular” on the internet?  Quality products and excellent results.  We all love Google, but our love has emboldened and empowered them to spit in the face of those who built their success.

We live in the “information age” where large packs of “personally identifiable” data are sold to anyone who can foot the bill.  These sales range from the mundane to the down-right dangerous.  And who oversees these sales?  The answer is: Nobody.  There are no laws governing what private corporations do with large data-sets.  Therefore it is solely up to the discretion of each company on how, what, when, and where they sell your data.  I received this email offering to sell me data sets:

please reply to NAMEREMOVED@gmx.com if interested

Healthcare List Package: $295 for all 21 complete lists below

- Also available, Business Lists, Foregin Business Lists and Consumer data

Physicians (34 specialties)
Database – 788k records, 17k emails, 200k fax numbers
Chiropractors
Database – 108,421 total records * 3,414 emails * 6,553 fax numbers
Alternative Medicine
Database – 1,141,602 total records with 36,320 emails and 38.935 fax numbers
Dentists
Database – 164k records, 45k emails, 77k fax numbers
Dentists with Specialties
Database – 30k records all with emails
Veterinarians
Database – 78,986 total records with 1,438  emails and 1,050  fax numbers
Hospitals
Database – 10,661 Emails for hospitals in the USA
Nursing Homes
Database – 31,589 Senior Administrators, 11,288 Nursing Directors, 14,706 Nursing Homes
Pharmaceutical Companies
Database – 47,000 emails of pharma company employees
Physical Therapists
Database – 125,460 total records with 5,483 emails and 4,405 fax numbers
Oncology Doctors
Database – 2,200 records all with emails
US Surgery Centers
Database – 85k records and 14k emails
Acupuncturists
Database – 23,988 records 1,826 emails
Massage Therapists
Database – 76,701 records and 8,305 emails
Medical Equipment Suppliers
Database – 67,425 total records with 6,940 emails and 5,812 fax numbers
Mental Health Counselors
Database – 283,184 records 7,206 emails
Visiting Nurses & RN’s
Database – 91,386 total records with 2,788 emails and 2,390 fax numbers
Optometrists
Database – 63,837 records 2,015 emails
Psychologists
Database – 272,188 records and 9,874 emails
Healthcare Recruiters
Database – 11,370 emails for active healthcare recruiters in the USA
Plastic Surgeons
Database – 23,109 emails with full data

This package would be very useful to pharmaceutical, medicare, or healthcare corporation looking to find out “who do I push my swag on”?

In 2012, there’s the “physical you” and the “digital you”; the former being clueless, and the latter being sold on open markets like a modern day slave.

Global Internet Map 2001

Global Internet Map 2001

Big Brother 2012

Customer Loyalty Cards

Those cards you get from your grocery store are a sign of the times.  Vast advertising firms buy your “purchase history” from these “loyalty programs” so they can create spreadsheets that show “Sally likes Heinz Ketchup with her Ballpark Franks and Doritos.”  This information is used to create partnerships with other suppliers, to strategically place store inventory, and to create “target audiences” for their advertising campaigns.  See Personalized Recommendation Database Management from citeseerx.ist.psu.edu which not only applies to loyalty program cards, but all forms of online purchase tracking.

Credit Card Purchases

Anything you purchase with a credit card, debit card, or the like, is recorded, and more than likely sold as a data product.  There are those who would do away with all paper money claiming a “cashless society” would mean all transactions would be traceable.

Cellphones

We all heard about the News of the World phone hacking scandal.  This practice is more common than you know.  Everything you say or type into a “smartphone” is recorded and analyzed by multiple parties.  Your phone probably has this installed:

carrier-iq-cellphone-trackingCarrier IQ Rootkit discovery and media attention

On November 12, 2011, researcher Trevor Eckhart stated in a post on androidsecuritytest.com[14] that Carrier IQ was logging information such as location without notifying users or allowing them to opt-out,[15] and that the information tracked included detailed keystroke logs,[16] potentially violating US federal law.[17] Carrier IQ on November 16, 2011, sent Eckhart a cease and desist letter claiming that he was in copyright infringement by posting Carrier IQ training documents on his website and also making “false allegations.”[18][19] Eckhart sought and received the backing of user rights advocacy group Electronic Frontier Foundation (EFF).

On November 23, 2011, Carrier IQ backed down and apologized.[20] In the statement of apology, Carrier IQ denied allegations of keystroke logging and other forms of tracking, and offered to work with the EFF.[21]

On November 28, 2011, Eckhart published a YouTube video that he claims shows Carrier IQ software in the act of logging, as plain text, a variety of keystrokes. Included in the demonstration were clear-text captures of passwords to otherwise secure websites, and activities performed when the cellular network was disabled.[22] The video of the demonstration showed Carrier IQ’s software processing keystrokes, browser data, and text messages’ contents, but there was no indication that the information processed was recorded or transmitted. Carrier IQ responded with the statement, “The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tools.”[23][24] A datasheet for a product called Experience Manager on Carrier IQ’s public website clearly states carriers can “Capture a vast array of experience data including screen transitions, button presses, service interactions and anomalies”.[25]

Which phones have it?

On December 1, 2011, AT&T, Sprint and T-Mobile confirmed it was on their phones. Sprint said, “We collect enough information to understand the customer experience with devices on our network and how to address any connection problems, but we do not and cannot look at the contents of messages, photos, videos, etc., using this tool…The information collected is not sold and we don’t provide a direct feed of this data to anyone outside of Sprint.” Verizon was the only one of the four biggest U.S. firms to say it was not installed on their phones.[32]

Big Brother involved here?

A request to the FBI under the Freedom of Information Act for “any manuals, documents or other written guidance used to access or analyze data gathered by programs developed or deployed by Carrier IQ” was denied, citing pending law enforcement proceeding. This has led to speculation that the FBI is using data obtained through Carrier IQ for investigations.[38]

Security responses

Fortinet has deemed Carrier IQ as a security risk/rootkit.[39] using definition Riskware/CarrierIQ!Android[40]

Medical Records

Every time you visit a doctor, a hospital, or refill a prescription, you leave a huge paper and digital trail.  With more and more records being stored online, it is only a matter of time before your herpes diagnosis shows up in a Google search, along with your address, phone number, and social security number.

Facebook

Facebook tracks everything you do online.  If you click the “stay logged into Facebook” button, then anytime you visit a website that has a “Like” button on it, Facebook knows you were there.  Facebook Like buttons are on most websites now, therefore they are unavoidable, making Facebook a tracking juggernaut.  Recently, Facebook bundled facial recognition software giving them new ways to track your activities.

Skype, VOIP, Instant Message

Skype, the world’s most popular video conferencing software, is now built into Facebook.  Skype is a great tool for seeing and talking to people over the internet, and has an excellent messaging component, however every second of your video stream is recorded by Microsoft.  Similar to a man-in-the-middle attack, your video and audio streams are routed from your computer, to the Microsoft recording databases, then to your video conferencing partner, without you noticing a thing.  Why is this a concern?  There are no public notices that this is happening, and I am sure there are plenty of people talking on Skype, saying things they want kept private.  Did you know our government said “Skype usage now allowed on congressional computers“?  Which three letter agencies are monitoring these conversations?  Microsoft has a patent application for Legal Intercept that describes a technique of recording:

“As mentioned previously, traditional techniques for silently recording telephone communication may not work correctly with VoIP and other network-based communication technology. As used hereafter, the term VoIP is used to refer to standard VoIP as well as any other form of packet-based communication that may be used to transmit audio over a wireless and/or wired network. For example, VoIP may include audio messages transmitted via gaming systems, instant messaging protocols that transmit audio, Skype and Skype-like applications, meeting software, video conferencing software, and the like.”

Even scarier:

“Modification may include, for example, adding, changing, and/or deleting data within the data. The data as modified is then passed to a protocol entity that uses the data to establish a communication session”

You just can’t get any more “Big Brother” than that, or can you?  Not only is this spying, they can censor you midstream (ouch) or even change what you said (damn!) which is straight out of an Orwell novel.  To top all this off, the RC4 encryption scheme Skype uses to keep your transmissions secure was broken and posted online allowing anyone who can write code to “listen in”.  Also see: Video Conferencing Systems Vulnerable To Hackers

Global Internet Map 2011

Global Internet Map 2011Your ISP sold you out, man!

Your Internet Service Provider (ISP) is required by law to store your online activities for 90 days just in case the feds want to “review the tape”.

Read for yourself:18 U.S.C. 2703 ISP Requirements for Government Access

(f) Requirement To Preserve Evidence.—
(1) In general.— A provider of wire or electronic communication services or a remote computing service, upon the request of a governmental entity, shall take all necessary steps to preserve records and other evidence in its possession pending the issuance of a court order or other process.

(2) Period of retention.— Records referred to in paragraph (1) shall be retained for a period of 90 days, which shall be extended for an additional 90-day period upon a renewed request by the governmental entity.
Regardless of all of the other forms of tracking, this is the most egregious as you cannot get on the internet at all without paying someone who is waiting to “snitch” you out at any moment.

Breaches, Hacks, & Data Loss

Due to the numerous breaches in websites as of late, your data is insecure.  It really doesn’t matter how good the security is on a given webserver, history proves that internet giants will eventually fall prey to hackers (Google, Sony, Comodo SSL, DigiNotar, HBGary, etc) just like all the little guys.  In many cases, hackers will boast of their successful intrusion by posting the entire volume of stolen contents online as text on pastebin.com or in a torrent on sites like ThePirateBay.  Once online, legal and illegal data-harvesters can incorporate these ill gotten gains.  In most cases, the entire contents of these stolen databases are now Google searchable within 24 hours, and after that, what is done can never be undone.

hackersGovernMENTAL Monitoring and Censorship

Internet censorship is the control or suppression of the publishing of, or access to information on the Internet. It may be carried out by governments or by private organizations either at the behest of government or on their own initiative. Individuals and organizations may engage in self-censorship on their own or due to intimidation and fear.

To see just how censored the world’s internet currently is, check out Opennet.net and there awesome world, YouTube, and Facebook, Twitter, and other social media maps.

Oppressive regimes around the world use software to track dissidents and silence opposition.  The truly sad part is that private (sometimes publically traded) companies write for, sell to, and provide technical support to these regimes. See:

Iran’s Web Spying Aided By Western Technology

European Gear Used in Vast Effort to Monitor Communications

This should be illegal.  Two examples:

  1. Great Firewall of China
    China says No Internet For You - Great Firewall of ChinaThe system blocks content by preventing IP addresses from being routed through. It consists of standard firewalls and proxy servers at the Internet gateways. The system also selectively engages in DNS poisoning when particular sites are requested. The government does not appear to be systematically examining Internet content, as this appears to be technically impractical.[33] Researchers at the University of California, Davis and at the University of New Mexico said that the censorship system is not a true firewall since banned material is sometimes able to pass through several routers or through the entire system without being blocked.
  2. FinFisher
    FinFisher Governmental Intrusion Software
    FinFisher
    is security software that has stirred controversy because Gamma International marketed it to government security officials who were told it could be covertly installed on suspects’ computers through exploiting security lapses in the update procedures of non-suspect software.[1][2][3] Egyptian dissidents who ransacked the office’s of Egypt’s secret police following the overthrow of Egyptian President Hosni Mubarak reported they discovered a contract with Gamma International for 287 thousand pounds for a license to run the FinFisher software.[4]The (FinFisher) Remote Monitoring and Infection Solutions are used to access target systems giving full access to stored information with the ability to take control of the target systems functions to the point of capturing encrypted data and communications. In combination with enhanced remote infection methods, the Government Agency will have the capability to remotely infect target systems.There is very little you can do to stop these guys from breaking in your computer, even if you’re an American.

Homeland Security Explosion

Since September 11, 2001, the police state here in America eagerly pursues every avenue in advancing the scope of their surveillance capabilities to thwart terrorist attacks.  I’m all for securing our country against threats, however my concern is that it only takes one corrupt government worker and one eager corporation to turn these massive data mining programs into tools used to silence political enemies. Here’s a list of programs and software used in the United States of America to monitor it’s own citizens.

Communications Assistance for Law Enforcement Act

United States wiretapping law passed in 1994, during the presidency of Bill Clinton (Pub. L. No. 103-414, 108 Stat. 4279, codified at 47 USC 1001-1010).  Requires all telecommunications equipment made in America be designed to be easily interfaced by the government for wiretapping purposes.

The Patriot Act

The USA PATRIOT Act (commonly known as the “Patriot Act”) is an Act of the U.S. Congress that was signed into law by President George W. Bush on October 26, 2001. The title of the act is a ten letter acronym (USA PATRIOT) that stands for Uniting (and) Strengthening America (by) Providing Appropriate Tools Required (to) Intercept (and) Obstruct Terrorism Act of 2001.[1]

This act should be call the “Mass Paranoid Response by Police State Act” or the “Military Industrial Complex Profit Gain Act”

The President Surveillance Program

PDF MIRROR – Unclassified Report on the Presidents Surveillance Program

The President’s Surveillance Program (PSP) is a collection of secret intelligence activities authorized by then President of the United States George W. Bush after the September 11 attacks in 2001 as part of the War on Terrorism. The Terrorist Surveillance Program, which authorized warrantless wiretapping of international communications where one party to the communication was believed to be affiliated with al-Qa’ida, is the only part of the President’s program that has been publicly disclosed. The other intelligence activities covered under the same Presidential authorizations remain classified information, although the Attorney General publicly acknowledged the existence of such activities in 2007.[1] The other activities have reportedly included data mining of e-mail messages[2] and telephone call detail records in the NSA call database.[3]

Terrorist Surveillance Program

An electronic surveillance program, whose actual name is currently unknown, was implemented by the National Security Agency (NSA) of the United States in the wake of the September 11, 2001 attacks. It was part of the President’s Surveillance Program which was in turn conducted under the overall umbrella of the War on Terrorism. The NSA, a signals intelligence agency, implemented the program to intercept al Qaeda communications overseas where at least one party is not a US person. In 2005 the New York Times disclosed that technical glitches resulted in some of the intercepts including communications were “purely domestic” in nature, igniting the NSA warrantless surveillance controversy. [1] Later works, such as James Bamford‘s The Shadow Factory, would describe how the nature of the domestic surveillance was much, much more widespread than initially disclosed. In a 2011 New Yorker article, former NSA worker Bill Binney said that his people told him “They’re getting billing records on U.S. citizens! They’re putting pen registers on everyone in the country!’”[2]

The Information Awareness Office (IAO)

The IAO was established by the Defense Advanced Research Projects Agency (DARPA) in January 2002 to bring together several DARPA projects focused on applying surveillance and information technology to track and monitor terrorists and other asymmetric threats to national security, by achieving Total Information Awareness (TIA).This would be achieved by creating enormous computer databases to gather and store the personal information of everyone in the United States, including personal e-mails, social networks, credit card records, phone calls, medical records, and numerous other sources, without any requirement for a search warrant.[1]

ADVISE - Data mining software

Analysis, Dissemination, Visualization, Insight, and Semantic Enhancement

A massive data mining system, which would collect and analyze data on everyone in the United States and perform a “threat analysis” of them.[1]After the DHS Privacy Office and Inspector General criticized the privacy practices of the program DHS announced that it had scrapped the $42 million system in favor of commercial software.  Eff.org Freedom of Information Act documents here.

MATRIX - Data mining software

The Multistate Anti-Terrorism Information Exchange Program, also known by the acronym MATRIX, was a U.S. federally funded data mining system originally developed for the Florida Department of Law Enforcement described as a tool to identify terrorist subjects.The system was reported to analyze government and commercial databases to find associations between suspects or to discover locations of or completely new “suspects”. The database and technologies used in the system were housed by Seisint, a Florida-based company since acquired by Lexis Nexis.

The Matrix program was shut down in June 2005 after federal funding was cut in the wake of public concerns over privacy and state surveillance.[1]

Carnivore (FBI software)

used a customizable packet sniffer that can monitor all of a target user’s Internet traffic, replaced by NarusInsight.

NarusInsight (Boeing software 2012)

•  NarusInsight™ Solution for Cyber Protection


•  NarusInsight™ Solution for Intercept

narus-insight-precision-targeting
•  NarusInsight™ Solution for Traffic Management

narusinsight canalyticsSome features of NarusInsight include:[10]

  1. Scalability to support surveillance of large, complex IP networks (such as the Internet)

  2. High-speed Packet processing performance, which enables it to sift through the vast quantities of information that travel over the Internet.

  3. Normalization, Correlation, Aggregation and Analysis provide a model of user, element, protocol, application and network behaviors, in real-time. That is it can track individual users, monitor which applications they are using (e.g. web browsers, instant messaging applications, email) and what they are doing with those applications (e.g. which web sites they have visited, what they have written in their emails/IM conversations), and see how users’ activities are connected to each other (e.g. compiling lists of people who visit a certain type of web site or use certain words or phrases in their emails).

  4. High reliability from data collection to data processing and analysis.

  5. NarusInsight’s functionality can be configured to feed a particular activity or IP service such as security, lawful intercept or even Skype detection and blocking.

  6. Compliance with CALEA and ETSI.

  7. Certified by Telecommunication Engineering Center(TEC) in India for lawful intercept and monitoring systems for ISPs.

Narus has venture funding from companies including JP Morgan Partners, Mayfield, NeoCarta, Presidio Venture Partners, Walden International, Intel, NTT Software and Sumisho Electronics.Narus has several business partners who provide various technologies similar to the features of NarusInsight. Several of the partners are funded by In-Q-Tel.

TALON (Threat and Local Observation Notice)

is a database maintained by the United States Air Force after the September 11th terrorist attacks. It was authorised for creation in 2002 by Deputy Defense Secretary Paul D. Wolfowitz, in order to collect and evaluate information about possible threats to U.S. servicemembers and civilian workers in the US and at overseas military installations.[1] The database included lists of anti-war groups and people who have attended anti-war rallies.[2] TALON reports are collected by various US Defense Department agencies including law enforcement, intelligence, counterintelligence and security, and are analyzed by a Pentagon agency, the Counterintelligence Field Activity. CIFA has existed since 2004, and its size and budget are secret.[3]

On August 21, 2007, the US Defense Department announced that it would shut down the database, as the database had been criticized for gathering information on peace activists and other political activists who posed no credible threat, but who had been one topic of this database due to their political views.[4]

Guardian Threat Tracking System

Guardian is a reporting system used by the FBI to track threats and other intelligence information. It was established to collect data on terrorist threats and suspicious incidents, at seaports and other locations, and to manage action on various threats and incidents. [1] On August 21, 2007, the US Department of Defense announced that Guardian would take over data collection and reporting which was previously handled by the TALON database system.

Combat Zones That See (CTS)

CTS is a project of the United States Defense Advanced Research Projects Agency (DARPA) [1] whose goal is to “track everything that moves” in a city by linking up a massive network of surveillance cameras to a centralized computer system.[2] Artificial intelligence software will then identify and track all movement throughout the city.[3]

ECHELON

The AUSCANNZUKUS Alliance Signals Intelligence Gathering system.
This ain’t your NATO snooping system.  This is the Anglosphere detection system.  A series of listening stations that monitor all radio signals (military, cellphone, satellite, etc.)

DHS Fusion Centers
Fusion Center Location Map

A fusion center is a data mining center, many of which were created under a joint project between the Department of Homeland Security and the US Department of Justice‘s Office of Justice Programs between 2003 and 2007.

The fusion centers gather information not only from government sources, but also from their partners in the private sector.[1][2]

They are designed to promote information sharing at the federal level between agencies such as the Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI), Department of Justice, US Military and state and local level government. As of July 2009, the Department of Homeland Security recognized at least seventy-two fusion centers. One such fusion center has been involved with spying on anti-war and peace activists as well as anarchists in Washington State.[3] Fusion centers may also be affiliated with an Emergency Operations Center that responds in the event of a disaster.

Watch this very informative video on Fusion Centers: Domestic Spying or Sensible Surveillance?

Internet Legislation:

Anonymous RevolutionACTA – Anti-Counterfeiting Trade Agreement

ACTA in a Nutshell –

What is ACTA?  ACTA is the Anti-Counterfeiting Trade Agreement. A new intellectual property enforcement treaty being negotiated by the United States, the European Community, Switzerland, and Japan, with Australia, the Republic of Korea, New Zealand, Mexico, Jordan, Morocco, Singapore, the United Arab Emirates, and Canada recently announcing that they will join in as well.

Why should you care about ACTA? Initial reports indicate that the treaty will have a very broad scope and will involve new tools targeting “Internet distribution and information technology.”

What is the goal of ACTA? Reportedly the goal is to create new legal standards of intellectual property enforcement, as well as increased international cooperation, an example of which would be an increase in information sharing between signatory countries’ law enforcement agencies.

Negotiating Parties -

  • Australia
  • Canada
  • European Union
  • Japan
  • Mexico
  • Morocco
  • New Zealand
  • The Republic of Korea
  • Singapore
  • Switzerland
  • United States

Essential ACTA Resources

  • HOW TO ACT AGAINST ACTA: Make a difference
  • Read more about ACTA here: ACTA Fact Sheet
  • Read the authentic version of the ACTA text as of 15 April 2011, as finalized by participating countries here: ACTA Finalized Text
  • Follow the history of the treaty’s formation here: ACTA history
  • Read letters from U.S. Senator Ron Wyden wherein he challenges the constitutionality of ACTA: Letter 1 | Letter 2 | Read the Administration’s Response to Wyden’s First Letter here: Response
  • Watch a short informative video on ACTA: ACTA Video
  • Watch a lulzy video on ACTA: Lulzy Video
  • Reuters: ACTA signed in Tokyo: Article
  • United States ACTA: Read
  • European Union Trade Commission ACTA: Read
  • Australian Gov’t ACTA: Read
  • Canadian Internet Policy and Public Interest Clinic: Read
  • ACTA Undermines Access to Medicines: Article

Say NO to ACTA. It is essential to spread awareness and get the word out on ACTA. #ActAgainstACTA

actaSOPA – Stop Online Piracy Act

SOPA_seizure_notice_R3zn8DOn January 18, 2012, the English Wikipedia, Reddit, and an estimated 7,000 other smaller websites coordinated a service blackout, or posted links and images in protest against SOPA and the Senate bill, the PROTECT IP Act (PIPA), in an effort to raise awareness. In excess of 160 million people saw Wikipedia’s banner. A number of other protest actions were organized, including petition drives, with Google saying it collected over 7 million signatures, boycotts of companies that support the legislation, and a rally held in New York City.

In response to the protest actions, the Recording Industry Association of America (RIAA) stated, “It’s a dangerous and troubling development when the platforms that serve as gateways to information intentionally skew the facts to incite their users and arm them with misinformation”, and “it’s very difficult to counter the misinformation when the disseminators also own the platform”.

The sites of several pro-SOPA organizations such as RIAA, CBS.com, and others were slowed or shut down with denial of service attacks started on January 19. Self-proclaimed members of the “hacktivist” group Anonymous claimed responsibility, and said the attacks were a protest of both SOPA and the United States Department of Justice shutdown of Megaupload that same day.[2]

Anonymous Fighting Protect IPPROTECT IP Act (Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, or PIPA)

The PROTECT IP Act is a re-write of the Combating Online Infringement and Counterfeits Act (COICA),[5] which failed to pass in 2010. A similar House version of the bill, the Stop Online Piracy Act (SOPA), was introduced on October 26, 2011.[6]

In the wake of online protests held on January 18, 2012, Senate Majority Leader Harry Reid announced that a vote on the bill would be postponed until issues raised about the bill were resolved.[7][8]

What have we learned?

Anything you can type, say, or photograph and send online or through a phone is recorded and analyzed by marketers, criminals, and law enforcement.  Be careful what you say on the internet, everyone is listening.  Our good hacktivist friends Anonymous created this tutorial on silent surfing, internet relay chat, and basic hacktivism.  Understanding these processes will give you better insight into how to stay Anonymous online.  Before the tutorial, let’s see, “Who is Anonymous“?

Awesome right?  On with the tutorial.

The #OpNewblood Not-So Secret Security Handbook

Anonymous OpNewBloodIf you have not gone through the IRC chat client setup for your operating system, we recommend you go back and get started there.

Master Table of Contents
1) Preface
2) Setting up Tor
3) Firefox Recommended Add-Ons
4) Setting up i2p
4.1) Installation
4.2) Firefox Configuration
4.3) IRC Client Configuration
4.4) I2p IRC on Android via irssi connectbot
5) Advanced IRC
5.1) Commands
5.2) Browsing
6) Advanced Defense Techniques
7) Portable Solutions
8 ) ADVANCED GUIDE TO HACKING AND SECURITY VULNERABILITY

Section 1: Preface

NOTE: If at any time you need help with any topic found in this guide, feel free to join us on Anonymous IRC and you’ll be able to find someone to help you figure it out. It should be noted that this guide contains information that may be difficult to understand without an extensive technical and functional knowledge of information systems. While this guide does attempt to put it simply and in laymans terms, you the user are ultimatly responsible for the security of your own systems.

Section 2: Setting up Tor (For Anonymous Web Browsing)

Preface: Due to abuse in the past, users trying to connect to the AnonOps IRC servers using Tor will not be able to connect. This is nothing personal, there have just been problems with abuse of the program in the past on the IRC server. Therefore, we do not recommend using this for IRC connection, but merely as an easy to use tool for browsing the internet anonymously. Keep it in, for most users it’s a relatively slow connection.

Windows:
Go download Tor here: https://www.torproject.org/dist/torbrowser/

After downloading Tor:
1) Run the .exe
2) Extract to your PC.
3) You will now have extracted TOR into the selected folder. You should have a button called „Start Tor“ with an onion on it, click this to start (if you want you can make a shortcut by right-clicking create shortcut and drag it to your desktop, make sure the original stays in the same folder though).
4) You are good to go, if your ISP blocks connections to TOR and you need help setting up a bridge feel free to ask about it in the #OpNewblood channel, which again you can access through your web browser at this link: http://goo.gl/8zxwO

Linux:
1) Download Tor here: https://www.torproject.org/dist/torbrowser/linux/
2) Extract to destination of your choice
3) You should now be able to just click your start tor button to start.
4) For additional ease of use, try Tor Button for Firefox.
5) Once again for help with making a bridge if your ISP blocks Tor please ask for help in #OpNewblood via your web browser here: http://search.mibbit.com/channels/AnonOps

Mac OS X:
1) Download Tor here: https://www.torproject.org/dist/vidalia-bundles/
2) Mount the .dmg file and find it on your desktop
3) Move Vidalia to your applications folder
4) Download the Tor button for Firefox here: https://www.torproject.org/torbutton/index.html.en
5) Once you have both installed, run Vidalia and make sure it says „Connected to the Tor Network!“ and then go to your Firefox browser and right click on the indicator in the bottom right and click „Toggle Tor Status“
6) Read more on operating Tor here: https://www.torproject.org/docs/tor-doc-osx.html.en
7) Once again for help with making a bridge if your ISP blocks Tor please ask in the #Opewblood channel via your web browser here: http://search.mibbit.com/channels/AnonOps

A NOTE FOR ALL OS’s:
1) To check anytime if TOR is working, you can go here: https://check.torproject.org/ and it will tell you if your TOR is working.
2) Highly reccomended is the TOR button for firefox: https://addons.mozilla.org/en-us/firefox/addon/torbutton/ which will allow you to turn tor on/off as well see if it’s disabled in your browser.

Anonymous Browsing Using Tor Button for Firefox
Start by install Tor on your computer and configuring it to your liking. Then, download the Tor Button add-on for Firefox, and use the options to configure the add-on the way you want it. Then, press the „Tor Button“ and go to a test website to ensure you’ve done it correctly. If the website returns properly anonymous results, then you’ve correctly set up Firefox for anonymous browsing through Tor. Also worth doing: hit Tools>Start Private Browsing whenever you are browsing with Tor. It stops logging your web history, caching files, passwords, cookies, and download history, so you don’t have to clear the history everytime you’re finished.

Troubleshooting: refer to www.torproject.org

Anonymous Guy Fawkes MaskSection 3: Firefox recommended Add-ons

Adblock Plus: This plugin blocks around 90% of internet services that attempt to track your web activity and then send you targetted ads. It’s crucial to use while browsing any aon websites or sites that have anon news articles, etc. http://adblockplus.org/en/

NoScript: A very useful plugin that will disable javascript on sites to protect your privacy and stop malicious activity. Can set rules for individual sites or deny globally. http://noscript.net/

BetterPrivacy: This plugin is a tool to identify and remove cookies. It will also act as an „optout“ from advertisement and other forms of web tracking.

FoxyProxy: An Addon to the default way to handle connecting to proxies, the FoxyProxy addon will allow you to have easier access to enabling your proxy tunnels, also has advanced features, such as setting up a list of domains that you will always want to use a proxy to connect to, and to do so automatically, while still using another connection for non-listed sites.

Ghostery: Another tool to help manage and mitigate tracking cookies, Ghostery features tools that will alert you when there are tracking cookies on the websites you visit. You can also view information about each tracker that is trying to harvest your browsing data, and even view the source code of said tracker and see exactly how the cookie is tracking you. Make sure you get Fanboy list and Easy list to stay updated (these can be selected during setup or in the options of the addon itself )

Greasemonkey (GM): A great addon that allows you to edit the way websites show information to you, using bits of javascript code. This is more of an addon „engine“ or development platform, allowing you to write and download scripts to do many different things using their addon.

HTTPS Everywhere: A Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites.

Anonymous Guy Fawkes MaskSection 4: Setting up i2p for IRC+Browsing

by cred

Section 4 table of contents:
4.1 Installation
a. Windows
b. Linux
4.2 Firefox Configuration
4.3 IRC Client Configuration
4.4 I2p IRC on Android via irssi connectbot

—————————————————————————–

4.1a) I2p Installation: Windows
1) Download:
You can download the latest version of the i2p software here:
http://www.i2p2.de/download.
2) Installing:
In windows, the installation, as with any other windows software, is relatively
straightforward. Double click on i2pinstall_(version).exe that you downloaded from the above website and follow the instructions.
3) Launching the router:
After the install has completed, you can access your router console (control panel for i2p software, in the form of a website) even when you’re not actively using the i2p proxy by doubleclicking the „Start I2p“ icon or by following http://127.0.0.1:7657 For those not versed in how the internet works, 127.0.0.1 is an IP address that always leads to Localhost, or webservices that are running on your machine. As long as you are connecting to that address, no other anonymizing software is needed, since you are only talking to your own machine.
4) Browsing I2p:
In order to access .i2p websites, or eepsites, you’ll have to set up i2p as a PROXY on your web browser of choice, instructions for this on Firefox are in section 4.2

4.1b) I2p Installation: Linux
1) Easy way: Ubuntu.

  • Open a Terminal and enter:

sudo apt-get install sun-java6-jdk

  • Get the latest install package (yes, the .exe file, don’t ask, it’s java.) from http://www.i2p2.de/download. In the terminal window, navigate to the folder where you downloaded the .exe file and enter:java -jar i2pinstall-*.exe
  • Follow the prompts

2) Other distributions:
Google instructions for installing the java JRE software on your distribution, typically it’s not much more difficult than with Ubuntu, but different distros have their own package management systems, and the commands might be slightly different.
Once Java is installed, it’s the same command as Ubuntu:

java -jar i2pinstall-*.exe

4.2) Firefox Configuration
1) Verify it’s running:
Once the i2p client is installed, you can verify it’s running an http:// tunnel by
going to http://127.0.0.1:7657/i2ptunnel/ Under the „I2p Client Tunnels“ section, the first entry should be „I2p HTTP Proxy“. On the right, under the „Status“ column, there are three little stars, one red, one yellow, and one green. If red is lit up, hit the „start“ button to the right of it, If it’s yellow, you don’t have enough peer connectionsyet, and you should let it establish a presence on the network. Leave it alone and grab a sandwich, it should be ok in an hour or two.
2) Set up localhost as a proxy
Goto Edit>Preferences
Goto the Advanced section
Under Connections click the Settings button
Select „Manual Proxy Configuration“
Enter the following:

  • HTTP Proxy: 127.0.0.1 Port: 8118
  • SSL Proxy: 127.0.0.1 Port: 8118
  • SOCKS Host: 127.0.0.1 Port: 9050
  • SOCKS V5 checked
  • No Proxy for: 127.0.0.1

4.3) Various IRC Client configuration
IRC Clients need no special setup or proxies. Just visit your
http://127.0.0.1:7657/i2ptunnel/ and make sure IRC Proxy is running. If it is, justconnect to 127.0.0.1 on port 6668 like it’s a normal IRC server. Your client will sendall data to the proxy that’s running on your machine on port 6668, which will then send it, via I2p, anonymously and securely to the i2p IRC servers. You may enter additional .i2p irc servers by clicking on IRC Proxy on the Tunnel manager page and pasting the addresses in the „Tunnel Destination“ field (comma seperated).Take a look at this list of clients and choose the one that sounds right for you:
Windows: http://www.ircreviews.org/clients/platforms-windows.html
Linux: http://www.ircreviews.org/clients/platforms-unix-x.html

(This author is a proud owner of a Ubuntu box, chatting on Xchat)

4.4) Fun shit
1) If you have a Linux machine, you can connect to the i2p irc servers through your home computer from your Android phone from anywhere in the world.

https://market.android.com/details?id=org.woltage.irssiconnectbot

  • openssh for Ubuntu: sudo apt-get install openssh-server
  • irssi for Ubuntu: sudo apt-get install irssi

2) open irssi connectbot on your android and enter [your linux username]@yourip:port
Now, since most people are behind a firewall, or a router, or something, there’s
probably some port forwarding you’re going to have to do, but for now, just connect to your own wireless router with your android’s wifi. It’s safer anyway.

3) First thing you want to do is login with your password (that’s why it’s better to do it locally before doing it over the web… Make sure you’ve got encryption on your wifi, by the way)

4) Once you have a command prompt on your android, hit the back button to get back to the host list, then the menu button, and tap „Manage Pubkeys“ Hit the menu again, and select „generate“. Name your key, make it RSA and give it at least a 1024 bit hash, (I go to 2048, you can’t be too careful) No password, and hit „Generate“

5) Now it will have you fuck around with your touchpad to generate randomness, and create your pubkey. Once you’re back on the pubkey list with your new pubkey, longpress on it and select „Copy Public Key“

6) Now hit the back button and click your host connection in the host list, which will bring you back to your command prompt. Enter cat „(hit menu and select paste to paste your pubkey into these quotes)“ >> .ssh/authorised.keys

7) Now enter exit which will take you back to your server list, and disconnect you. Tap your server to connect again, and this time, it should not ask you for a
password. This means you are connected using a shared 1024 bit (at least)
pubkey, which ain’t bad.

8) To connect from outside your home network, you need a few more things:

  • Your external IP address: http://www.whatismyip.com
  • Port forwarding to port 22 on your machine (if you have a router and multiple machines on your home network as most do) See step 9

9) Most routers are set up with a web interface for changing settings. If you have
wireless security enabled, then you or whoever set up your home network for you, have already accessed the web interface, and should have set up a password. You’ll need to log into that web interface, go to the section on port forwarding, and forward an available external port (22 will do) to port 22 on your machine’s local IP address (usually 192.168.1.101 or something) for BOTH tcp and udp. This is as clear as I can make it without router specific instructions. (Talk to your router provider or local geek for help in this regard)

10) Now all you need to do is connect through irssi connectbot to (your
username)@(your external IP address):(port you set up to forward to ssh on your
machine)

11) Once you’re connected to a ssh server on your home computer (which by now
should be running i2p) you may launch irssi, a command line irc client, and connect to the i2p servers with irssi using:

/connect 127.0.0.1 6668

Questions? Comments? Concerns? Join into #OpNewblood via your web browser here: http://search.mibbit.com/channels/AnonOps or you can contact cred via i2pmail cred@mail.i2p or from the insecure web (securely) at http://privacybox.de/cred.msg (include return contact info, since it doesn’t store or transmit any identifying information)

Anonymous Guy Fawkes MaskSection 5: Advanced IRC Commands

5.1) Commands

1) /join
Self explanatory, this is used to join a channel, to join #opnewblood , you would type /join #opnewblod
2) /me
Not really as necessary, but used sometimes. for instance if you wanted to wave at someone, you would type /me waves it would appear as „anon waves“
3) /msg
if you want to have a conversation with a specific person outside of the channel the best thing to do is message them, just type /msg username message here. just make sure to use a space between their name and the message.
4) /query
Same thing as msg, except this will open up a new window for you to have a conversation with this person.
5) /nick
This command will change your nickname for instance if you wanted to be called gigapuddi you’d type /nick gigapuddi. Remember though if you do this you won’t be registered unless you re-register with nickserv (see the walkthrough to anon if you dont know what nickserv is, or want help with it)
6) /quit
This will let you quit.
7) /ignore
Trolls are plenty, and it’s best not to feed them, and just ignore them. To ignore someone type /ignore username
8) /whois
This will display information about the person you selected, such as their vhost, what channels they’re in ect. to find a whois just type /whois username
9) /away
To mark yourself away, you can use this, if you were persay making a sandwich, you could do /away making sammiches and people will know you’re making sandwiches.
10) /ping
This is to see the latency to the server, if you’re lagging this might give you more information, to ping a server just type /ping ipadresshere
11) /notify on/off
This will change if you get a notification (a beep sound) whenever someone types your name. to turn off /notify off to turn on do /notify on
12) /topic
If you want to see a topic in a certain channel just type /topic and it will read it out to you.
13) /list
Lists the channels that are available to you.

5.2) Browsing IRC

NickServ
When you arrive on the IRC for the first time, you will be using an unregistered nickname. If you plan on becoming a regular user, it is vital to register your nick. This is important for several reasons:

  • It ensures that nobody can impersonate you.
  • It grants you various abilities which non registered users do not have
  • (Most importantly) It allows you to use a vhost – this hides your location and ISP information from other users.

To register your nickname, refer to the IRC guide for your operating system on the original #OpNewblood page.

When you connect to the server, type /msg nickserv IDENTIFY password
This will tell nickserv that you are the real owner of your nickname. If you do not do this, you will not have access to registered-only chans or your vhost. For safety reasons, it is recommended that you type the command in your status window so, in the event of an error on your part, you do not post your password to an entire channel.

Groups
If you plan to use more than one nickname, you can group them together. This has several uses, the main ones being to tell people where you are connecting from, or that you are away.

For example: a user called „JohnDoe“ might be going out for a while but leaving his laptop on, in which case he could change his nick to JohnDoe|Away or JohnDoe|AFK to let other users know he was away. This is important so as, for example, people will know why you are not replying to messages. He might also use the nick JohnDoe|Mobile to let people know he is on a mobile client, and therefore cannot use certain functions such as possibly recieving PMs or visiting links people might send him.

To change your nick, type /nick newnick. However, when you do this, you will lose any access levels, vhost, and other settings associated with your nick.

To avoid this, when you choose your new nickname, switch to it using /nick, then type /msg nickserv GROUP nick password – where nick and password are your MAIN nick and its password. This ensures that these nicks will share passwords and settings.

Ghosts
Let’s face it, sometimes shit happens. Sometimes your internet connection will randomly decide to die on you. Sometimes your laptop’s battery might run out, sometimes your IRC client will crash, sometimes you might accidentally close a window. There are many reasons one might suddenly find themselves accidentally disconnected from the IRC.

The problem is that unless someone signs off in „an orderly fashion“, the server will not actually realize they are gone. Think of it like somebody who puts down a phone and walks away, but without hanging up the call. Or like when your computer crashes without shutting down the correct way. In these circumstances, the IRC server does not realize you’re gone, and assumes your nick is still connected. This situation remains until the next time the IRC pings your nick and gets no response (‘ping timeout’). This can take a while though, and very often the person who has disconnected, will manage to get themselves back online before the server has time to realize they ever left in the first place. When this happens, the user’s nick is already in use, so the server will assign them a new one (usually just by adding a ` or _ to the end, so if JohnDoe tries to connect when there is already a JohnDoe connected, they will be signed on as JohnDoe_ or JohnDoe`.

The problem with this, of course, is that just like an un-identified nick, these nicks have no modes, no vhosts, no access levels – because the „ghost“ of the nick is still occupying them.

To force the dead session to disconnect and replace its nick with yours, type /msg nickserv GHOST password, where password is the pass to the original nick. This would, in this example, disconnect JohnDoe and change JohnDoe_ to JohnDoe automatically, identifying and setting up the nick as normal. When this happens, you will probably see something like this in the channel:

JohnDoe left the chat room (GHOST command used by JohnDoe_)

JohnDoe_ is now known as JohnDoe

It is very important to do this as quickly as possible when re-connecting, as you will be locked out of your vhost until you have done this.

Vhosts
Obviously one of the main priorities of any Anonymous is to be, well… Anonymous.

When you connect to our IRC server, the server will automatically mask your IP address (your computer’s „phone number“). This is the most important layer of anonymity, but unfortunately there is a catch. Most of the time, it will NOT automatically hide your ISP (Internet Service Provider)’s name. So for example the fact that your IP is from a certain town might be hidden, the fact that you are a comcast customer may not be.

To rectify this, we have a vHostServ. It gives you a fake host name, which masks the true ISP you are connecting through. It can be anything you want – for instance, if anyone ever tries to check where I am connecting from, they will see „fuck.off.you.bollocks“ instead. :D

To get a vHost, you must be registered and identified. This is why it is CRUCIAL that you identify ASAP when you connect, as your vHost will not be activated until you have done so.

How to get a vHost :
1. Type /join #vhost in your IRC.
2. Once inside the vHost channel, type !vhost (insert.clever.name.here).
NOTE : You can, indeed, use whatever you want as a vhost – provided it is a valid one, i.e. no spaces, and must contain at least one dot. The most common way to do this therefore is.to.use.dots.as.spaces.in.your.vHost.

When you have done this, vHostServ will automatically kick and ban you from the #vhost channel. This is normal and expected, and simply means the vHost as worked. You will be banned from the channel (#vhost) for a certain amount of time, after which you will be able to change your vHost if you like. Now that you have a vhost, you are fully set up to use the IRC, any other settings you may set on your nick are purely optional.

*Note: If you join a #chan before you vHost, your new anonymized information will not automatically update in the channel. Be sure to exit and rejoin any channels you are connected to after you vHost, or your real connection information will still be viewable.

**NOTE: If you use Xchat along with auto-join channels, you can tell xchat to wait longer before joining channels on server connect using the /set irc_join_delay X command, where X is the number of seconds xchat will wait before joining channels. Setting this to something like 10 seconds helps if you’re using automatic channels

Invite-only channels (mode +i)
Some channels, for various reasons, are invite-only. Commonly this is because the channel has a very specific purpose and only users who have a specific job in the channel can access it – for example, there are private channels for operators and hackers. Sometimes, a channel will also be set to +i if it is being invaded or flooded by bots or trolls.

If a channel is +i, you will not be able to join it using /join. You will simply get an error message telling you that the channel is invite only. However, if you are an operator yourself, or are on the invite exception list, you can force the server to let you in.

To do this, you send a message to another bot called ChanServ, which is not covered in this guide as in general only more advanced users will ever need to use it. However, to request an invite, type /msg chanserv INVITE #channel, where #channel is the channel you are trying to connect to. It is important to include the # at the start of the channel name, or ChanServ won’t recognize it.

If you are on the list, you will then gert a message asking you if you would like to join the channel. Otherwise, chanserv will tell you that you do not have permission.

If you are NOT on the invite or operator list for a channel, but you feel you should be allowed in to it anyway, you can type /knock message, where message is your message to the channel admins. So for instance, if there was a channel called #brits only for British people, and you didn’t have access, you could type /knock #brits Hey, I’m British, let me in!

This will send a message to the channel admins, and cause your message to appear in the channel. The admins will then (if they decide to let you in), send you an invite just like chanserv does. You will receive the same message you would receive from chanserv asking you if you would like to join the channel.

NOTE: Knocking on a channel 10 times in a row is not going to amuse anyone. In all likelihood, it will actually make it almost certain that you will NOT be invited into the channel. If you receive no invite it either means the admins are not active at that time, or have decided for whatever reason not to invite you. If it does happen, you could maybe try again later, but don’t knock 10 times in one minute, this is more likely to get you banned.

If no one replies to your knock, another option you have is to type /msg chanserv INFO #channel, where #channel is the name of the channel (again, include the # or chanserv will ignore your message). This will tell you what the channel is for, and who created it. You could then message the room founder and ask for access, but this is generally not recommended unless it is extremely urgent.

Anonymous Guy Fawkes Mask

Section 6: Advanced Defense Techniques

USING Virtual Machines
It is strongly recommend you consider making a Virtual Machine (VM) to seperate your personal OS instance with you anon activity OS instance. This ensures that personal data does not leak while viewing anon related social media on such sites as Twitter or Facebook.

It has several other advantages such as allowing you to quickly delete all anon activity off your computer by simply deleting the VM itself.

Virtual Machine Software
VirtualBox – x86 and x64
VMWare Workstation 7 – x86 and x64
Windows Virtual PC – x86
etc. (do a google search for „virtual machine)

DISK ENCRYPTION
Disk encryption is another way to protect yourself. Disk encryption software will make it pretty much impossible for any one but yourself to access the data on any physical disk.

Disk Encryption Software
TrueCrypt – http://www.truecrypt.org/
Bitlocker – (Win 7 Ultimate only)

File and Email encryption and validation (added by cred)
Using the openPGP standard, the following software creates a „Keyring“ for you, bound to your name and email address (neither of which needs to be real, I have two, one for my real life identity and another as cred) The private key is a password protected key you keep on any system on which you will be DECRYPTING information; your home computer, and if you’re brave, your Android phone. The public key is used to ENCRYPT information or files, and is available to anyone. So if you wanted to encrypt information to send to me, you’d have to search from my public key, (cred@mail.i2p will find it for you) encrypt the data with it, and send it to me. The only thing that can now recover that data is my private key and password. PGP is the industry standard for high level encrypted email.

PGP (Windows) http://gpg4win.org/download.html
PGP (Linux) http://www.gnupg.org/
APG (Android) https://market.android.com/details?id=org.thialfihar.android.apg

PROXY LISTS
- http://www.freeproxies.org
- http://www.socks24.org
- http://www.samair.ru/proxy

LINUX TOR VM’s
It’s possible to use Tor as a VPN using some prepackaged linux VM’s. Once these VM’s are started it’s possible to create a VPN connection to the Tor VM. These VM include additional privacy goodies such as Squid and Privoxy.

Linux Tor Software
JanusVM – http://janusvm.com/
TAILS – https://amnesia.boum.org/

Anonymous Guy Fawkes MaskSection 7: Portable Solutions

Portable refers to self-contained OS and software packages that can be run from CD, DVD or USB device. This allows you to carry your anon OS instance in your pocket, plug it into or insert into another computer and be ready to access anon resources in a secure way.

The Amnesic Incognito Live System: https://amnesia.boum.org/download/index.en.html
A bootable, live, Linux distribution focusing on security and privacy, Basically this entire document in a single download.

Gnacktrack: http://www.gnacktrack.co.uk/
For the hacker anons among us, a live linux distribution with all the tools a good hacker needs to control the fate of the world from a laptop at a Starbucks.

BackTrack: http://www.backtrack-linux.org/
Gnacktrack, only for people who prefer the K desktop environment over GNOME.

Ubuntu Privacy Remix: https://www.privacy-cd.org/
Intended solely for Live Booting, no installation on the local system is required, and none of the data on it is touched.

anonops dev-nullSection 8: ADVANCED GUIDE TO HACKING AND SECURITY VULNERABILITY

by Denizen

Preface: Information in this section can be extremely confusing for new users, and those without the sufficient technical knowledge to understand. Always be cautious when tinkering with systems you don’t fully understand, as this may lead to undesirable results, detection, and in extreme cases system failure or legal trouble.

For those interested, an excellent guide to Denial of Service Attacks or DDoS can be found here: http://insurgen.cc/index.php?title=DDOS

—————————————————————————-
Guide By: Denizen
As the ultimate denizen, you must be able to enter systems at will in various ways. There are many ways to reach a website, and to add protection for yourself in terms of anonimity and minimized vulnerability.
—————————————————————————-

Table of Contents
1. SSH Tunnelling Techniques
2. VPN (Virtual Private Network) Sub-netting techniques
3. Anonymous SOCKS4/SOCKS5 proxy techniques at
OS level (e.g. Network Layer 3)
4. Anonymous SOCKS4/SOCKS5 proxy techniques at Internet Browser Level (e.g. firefox)
5. Local DNS hosting and Direct to IP internet browsing
6. Windows /system32/drivers/etc/Hosts File IP DNS Lookup (Associating any ip with any hostname, permanently)

1. USING PUTTY TO SETUP AN SSH TUNNEL
http://oldsite.precedence.co.uk/nc/putty.html

Normal connections to the internet, unless using SSL, are typically unencrypted transmissions divided into data packets. Using a packetsniffer, it is possible to capture most packets, and look at their payload in plain text. This can include usernames, emails, IM’s, and sometimes even passwords and sensitive information. When you set up a tunnel securely, you are connecting to a secure, encrypted connection to the machine you are connecting to, helping to prevent the use of packetsniffers to steal your information.

Not only is this useful for keeping your local connection to the internet secure, it is also one of the basic ways you can hide which IP address you are connecting to the internet from at home. When using the tunnel for your transmissions, all of your packets will have that machine’s IP address on the source address section instead of your own. Again, as covered above, you cannot trust a VPN (SSH) provided at no cost. It is in your best interests to use a paid hosting provider.

2.OPENVPN GNU/LINUX HOWTO (what if they don’t have linux) list alternatives for vpn/ instructions for other os’s?)
Information on how to set up a GNU/Linux system to use open VPN can be found here: http://openvpn.net/howto.html (openvpn only secures you between your server and you, not between your server and the internet. your server will be the middle man and is identifieable unless augmented with additional obfuscation techniques)

3. USING SOCKS4/5 PROXIES WITH FIREFOX
If you’re interested in using SOCKS 4/5 proxies with the Firefox browser, you can find instructions here: http://uniqueinternetservices.com/configure-proxy-for-firefox.html

4. CHANGING LOCAL DNS SERVICES
This section explains how to change the nameserver that resolves domain names into IP adresses that is sometimes used as an ideal way to trace you by your ISP, even if the data you used is encrypted via RSA or a strong triple des encryption the request to the domain name to an ip still is carried out by someone, make sure it’s you, or someone friendly.

DNS requests in an ideal situation should be encrypted, if you’re super paranoid, and some proxies offer this. I can’t list which ones off the top of my head, sorry.

http://dnscurve.org/in-benefits.html ?

5. CHANGING WINDOWS HOSTNAMES PERMANENTLY
This hackers trick is a good way to associate a permanent IP mirror for your favourite social networking site like facebook, twitter, etc etc. If this is something you’re interested in, more information can be found here: http://www.ehow.com/how_5225562_edit-windows-hosts-file.html

If you want cannabis.com to goto 4.2.2.1 then you can enter it just like the

localhost 127.0.0.1 entry you’ll find in your windows setup. This bypasses nameserver requests to most browsers (check to be sure with a packet sniffer)

6. MISC PACKET CAPTURE SECTION
All of these need PCap drivers installed and are included in the downloads of each…

Understanding packets takes time and practice. To get started install a copy of wireshark (http://www.wireshark.org/); or MS Network Monitor 3.4, both are free. If you don’t see any capture interfaces listed then you may need to run it as administrator. To identify which interface is seeing your traffic click the first (top-left) icon „list available interfaces“ and look for the one with the numbers counting up; it’s the active one. Start it and watch all the packets flow. You might see lots of traffic, start closing shit that’s downloading or streaming stuff. You’ll get down to a slower scroll of ARP and NetBios traffic, the occasional UPNP burst and other stuff. If you’re on a secure VPN or something you’ll see just about ALL SSL/TLS grey colored packets or all UDP blue packets in some cases. Try another active interface (like a TAP interface) to see the goods. Get on your home network and play around; see what DHCP handshakes look like, DNS requests/responses, navigate a shared folder and see what it shows you, stuff like that. If you know how, do an nmap scan and see how obvious and loud it is and learn techniques to use it in a more covert manner.

http://www.wireshark.org/docs/ <- read and watch the videos. There’s a lot to it but once you catch on it’s quite simple to grasp.

TCPDump(linux)/WinDump(windows) – Command line packet capture for gathering to analyze later. http://www.tcpdump.org/ and http://www.winpcap.org/windump/

NetworkMiner (http://networkminer.sourceforge.net/) is an alternative that allows you to sort collected packets however you want (by host for example) for easy digging around.

7. TCP/IP AND THE WIDER INTERNET
(DNS/HTTP Port 80/Logging/Secure ways to connect to your ‘crack’ machine).. PROXY CHAINING, SSH CLI Chaining maybe?

  • Change DNS Settings in Windows XP

http://www.mediacollege.com/computer/network/dns.html

Network Layers & OSI Model

In order for a security expert to truly understand a software or hardwares running on a network or security system, they must be able to relate to and fully conceive the implications of changes that are made to an existing setup.

No matter what you do at any level of the network layer, you will be interacting at other levels also. E.g. The data link layer (Layer 2 OSI) must make use of the physical layer (Layer 1 OSI), and so on.

Layer 1 : Physical layer

This is the electrical and physical specification of the devices. In particular it will refer to pins, voltages, repeaters, hubs, network adapters, host bus adapters and SANs (Storage Area NEtworks). Standards such as the RS-232C Com port standard popularised in the 90′s uses such physical wires to access medium.

One such popular medium would be the internet. To which the early modems connected.

Layer 2 : Data Link Layer

The Data Link Layer provides functional and procedural means to transfer data between network entities using physical layers (or cabling/adapters/routers/repeaters) so on and so forth. Originally Layer 2 was intended for point 2 point transfer only. LAN and multi-broadcast media (multicast et al) were developed independant of the ISO standard (IEEE 802).

WAN and LAN are services on the data link layer that arrange bits, from physical layer into logical fram sequences.

These frames contain important information that is relative to your Transmission Control Protocol, and includes information such as your IP (Internet Protocol) address.

This address is binded through service levels by the TCP (Transmission Control Protocol) transport layer.

8. Hack in a sack:

The Metasploit Framework
Metasploit is a software suite created for penetration testing, and is included in both Backtrack and Gnacktrack LiveCDs listed in the mobile solutions section. It has a command line interface, a GUI interface, and a Web interface, creating what is, in a real way, the world’s first point-and-click hacking software. It has a massive, constantly updated Database of usable exploits, which you can use to gain access to vulnerable remote systems. http://www.metasploit.com/

Sign off
Thanks for reading this whole doc, you did right? Please ask questions in #OpNewblood (Again, you can reach us via your web browser on the Anonymous IRC) and refer back to this document and remember to stay safe. Protecting your anonmity is the most important part of being Anonymous.

Safe Surfing
~R3zn8D

kill your tv it trains ignoranceSTOP CENSORSHIP BY GETTING INVOLVED

Petitions - 

  • U.S. anti-ACTA White House Petition: sign it
  • Canada – Take 1 minute to send a letter contesting Bill C-11: here 
  • Ireland – anti-SOPAIreland Petition: sign it
  • Poland – ACTA Referendum: here
  • Global anti-ACTA Petition: sign it

Attend a local Protest - 

Contact Elected Representatives (special focus on European Parliament) - 

Contacting your Elected Representatives is the most useful thing you can do right now, and until the final vote in the European Parliament.

CALL Members of European Parliament Committees:

Raise Awareness - 

Use whatever resources you have to spread the word about ACTA and similar bills:

  • Twitter
  • Facebook
  • Google+
  • mailing lists
  • email
  • forums
  • personal blog

What is ACTA? See our Nutshell Guide here

For additional information on how to Act Against ACTA, see this helpful compilation

censorship - get your hand dirty2012 World War Web – War on the Internet with Jacob Applebaum

War on the Internet event #4 – Jacob Applebaum from Electronic Frontiers Australia on Vimeo.

Shocked?  Read “The Revolution Will Be Packet-Sized” and get involved!  Or read moar about Big Brother here:

Big Brother Supporters – Countries, Corporations, and Corruption

10 thoughts on “Big Brother is Watching – Privacy, Censorship, and Staying Anonymous

  1. Pingback: Making a Record of The Human Race? – Social Networking Sites « livlovhealth

  2. Pingback: America – The Way I See It | R3zn8D's (R)Evolutionary Blog

  3. Pingback: DHS Terrorism Informatics – Fusion Centers are Socially Irresponsible | R3zn8D's (R)Evolutionary Blog

  4. Pingback: A Declaration of the Independence of CyberSpace | R3zn8D's (R)Evolutionary Blog

  5. Pingback: Everything is OK, go shopping, stay scared | R3zn8D's (R)Evolutionary Blog

  6. Pingback: Welcome to 1984, martial law is here, Obama signs new legislation | R3zn8D's (R)Evolutionary Blog

  7. Pingback: Kill Your Television | The ResoNation

  8. I have to say this is one of the most researched and well thought out deployment of any certain topic. But this is right on point with so many validations here. It is all very scary on one level we are slowly giving away our rights and information creating this Virtual real time display for certain agency’s to monitor and what not…. I don’t fear these company’s with my information. I tend to stay on par with policy and law. As far as privacy goes….what privacy? Ever since XP we have been on Que with data review…. Very good article 5 stars if that was a option!

  9. Pingback: Perusahaan Inggris Memata-matai 50 Juta Warga Indonesia | Chaos Theory

  10. Pingback: NSA Devises Radio Pathway Into Computers not connected to the internet

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s