Anonymity on the internet cannot be achieved in a 100% capacity. That is a bold statement, but a very accurate statement and one that needs to be understood.
When you spend so many hours sitting at your desk staring at your web browser as websites render on a constant basis, it all appears so flawless and streamlined. It is so easy to just ignore and forget that all of that information and data is delivered by a server, located somewhere in some country. So irrespective of just how hard you try to stay anonymous and obfuscate your internet activity, web history and connection identity, you will always leave a trace on a server, somewhere.
We should also clarify that your desire to achieve anonymity does not imply that you are doing anything illegal. It’s about taking control of your data and identity, and exerting your natural human right to privacy. Anonymity is too often associated with illegal activity, when it’s absolutely false. Illegal activity occurs on anonymous networks, sure. But it also occurs on non-anonymous networks too. Therefore, it’s completely unfair to associate your desire for privacy with doing anything illegal.
There are some very good methods you can employ to attempt to stay anonymous on the internet. Let’s take a look at some of the most popular methods.
The first method we take a look at is Tor Browser.
Tor Browser is developed by the Tor Project and is based on Firefox web browser. It has many underlying changes so it connects and functions on the anonymous encrypted network called the onion router. This involves encrypting all traffic three times by relaying the data through a complex series of connected Tor servers, called relays. The process has some network performance overhead, however this has improved drastically from the early days of Tor when volunteer operated relays were few. As Tor Browser has become more popular, so has the desire for the security community to step up and commit to operating relays. The more relays that connect to the onion router, the more secure and efficient the network becomes.
Accessing Tor Browser is simple and free. Just download the package from the website, extract the archive and launch the startup script.
IBM Terminal Prompt >wget https://www.torproject.org/dist/torbrowser/9.0.1/tor-browser-linux64-9.0.1_en-US.tar.xz
IBM Terminal Prompt >tar -xvf tor-browser-linux64-9.0.1_en-US.tar.xz
IBM Terminal Prompt >cd tor-browser_en-US/
IBM Terminal Prompt >./start-tor-browser.desktop
The Tor connection tool will launch, automatically connect you to the onion router network and launch Tor Browser. You are now anonymous on the internet when using Tor Browser.
The second method we take a look at is Whonix.
Whonix is an extension of the Tor Browser project, albeit a completely separate project with no collaboration between the two. Where Tor Browser is simply a modified web browser which connects to the onion router to attain anonymity, Whonix employs a different method. Whonix consists of two components – Gateway and Workstation. Whonix requires you to have Oracle VM VirtualBox installed. Once you have it installed, you simple download and import the Whonix OVA appliances into VirtualBox. The Gateway component runs a local Tor relay which is used to provide onion router access to the Workstation component. Whonix operates on modified Debian Linux operating systems and the connectivity is all streamlined once both virtual appliances are installed and running.
Install Oracle VM VirtualBox first, then download the Whonix OVA appliances. Import the OVA into VirtualBox. Once the import has completed, you are now ready to start Whonix.
IBM Terminal Prompt >wget https://download.whonix.org/ova/126.96.36.199.9/Whonix-XFCE-188.8.131.52.9.ova
You can start the Whonix Gateway and Workstation at the same time, but it’s a good idea to start the Gateway first and wait a couple of minutes for it to connect to the onion router and the encryption to complete negotiation. Then when you start the Workstation, it will automatically connect to the Gateway and you are now anonymous on the internet when using any software on the Whonix Workstation.
The third method we take a look at is Tails Linux operating system.
Tails is a Linux distribution focused on anonymity and amnesia. By amnesia we mean that it leaves no trace on the computer where it is run. Being a fairly secure distribution, it has some particularities. The most important of them is that it is not installed on a hard disk but runs from LIVE. On the other hand, because it is very secure and its communications are encrypted, we will notice that it is something slower than the rest, but that is something worthwhile if you value security and privacy. It has an excellent website with the information and instructions for download and installation of Tails being first class.
We found the best way to download Tails is by using the torrent file provided. Then you simply copy the downloaded IMG file onto a USB memory drive, then reboot your system using the Tails operating system.
IBM Terminal Prompt >wget https://tails.boum.org/torrents/files/tails-amd64-4.0.img.torrent
IBM Terminal Prompt >qbittorrent tails-amd64-4.0.img.torrent &>/dev/null
IBM Terminal Prompt >sudo dd if=/home/user/tails-amd64-4.0-img/tails-amd64-4.0.img of=/dev/sdX
When you reboot your computer from the USB memory drive it will boot into Tails operating system. You are now anonymous on the internet when using any software on the Tails.
If you are running your own website or network, then our last example is one that is increasingly tempting to consider with the constant expansion of global internet mass-surveillance by government and intelligence snoops. The intelligence agencies like to refer to private networks as the dark web because they are inaccessible by using a traditional web browser and a regular internet connection, instead remaining accessible only by using Tor Browser and a unique onion URL. Some private networks are off the internet grid and run off a dedicated server or network accessible by exclusive network access, provided by either subscription or invite access only.
Private networks do suffer from lack of public web traffic, but usually private networks are set up for a specific purpose without public access being required. Again, it’s true that illegal activity occurs on some of these networks, but not all of them. Some black-hat hackers use private networks to share information, stolen databases and other illegal data. White-hat hackers use these networks for legitimate purposes and choose to remain off the internet grid usually because of a personal belief and deep commitment to the philosophy of the right to privacy.
Proxy Servers and Virtual Private Networks (VPNs)
There is a lot of misinformation surrounding the use of proxy servers and virtual private networks, or VPNs as they are commonly known. Some people believe that routing their web browser traffic through a proxy server will hide their activity. This is not correct. Proxy servers are good at obscuring your actual IP address, instead exposing the IP address of the proxy server to the web server you’re connecting to. This is a basic level of security and should never be considered as a method to achieve anonymity.
Many people put much faith in virtual private networks, or VPNs. I have used VPN services in the past. The experience has been mixed. Sometimes they can be useful for accessing web servers in a specific locale which may be restricted in the locale you reside. Sometimes they can be useful for downloading files off torrent and other peer-to-peer networks, as some internet service providers still frown upon these networks because they are usually always associated with illegal file sharing activities. There are many legitimate purposes for using peer-to-peer networks. So again, the presumption these networks are operating simply to allow illegal activity is incorrect. Be cautious using VPN services. It’s common to place too much confidence in their services. Many of them claim to not log traffic but have been exposed for keeping logs on some of their servers. Sometimes deliberately and sometimes as a result of careless system administration. But the paying customer is the one who suffers. VPN services are a constant magnetic target for the world’s law enforcement agencies, so you always risk becoming an unintended subject of investigation if your IP address gets scooped up by an investigation that is completely unrelated to you or anything you have done – something you definitely want to avoid.