How To Remain (Mostly) Anonymous Online Using Linux
Some may consider this a “tin-foil hat” way of thinking, but as we’ve clearly seen with many three-letter organizations throughout the world, government spying has gone from being seen as a crazy conspiracy theory to becoming nearly blatantly out in the open. Because of this, those who are privacy minded and who wish to stay off of the radar as much as possible will find Linux to be quite a valuable tool when used properly. In fact, those who wish to remain as anonymous as possible online will find Linux to be the only option, as Windows and Mac OS X are known for collecting as much information on you as possible. Just perform a Google search for “Windows 10 spying” or “Mac OS X privacy” and you can see this for yourself.Before we get started, it’s important to note that the only 100% secure and private computer is one that is disconnected from the Internet and powered off. Therefore, it is impossible for a device that is connected to the Internet to be absolutely, 100% secure. There is always a way around security, and if there isn’t, then tools are continually developed to find new ways. So the guiding principle here is not to expect to change a few settings on your computer and think that you’ve now enabled your Impenetrable Fortress, rather the idea is to put up as many roadblocks as you can in order to make it as difficult as possible for any would-be attacker or spy to gain access to your system or your private information.
There are a few Linux tools that one can employ in order to keep one’s anonymity in tact as much as possible (again, in today’s day and age this is becoming increasingly difficult, but if privacy is important to you, you already know the importance of fighting the good fight, refusing to go gently into that good night):
The first tool we’re going to look at is Tails OS, although “tool” may be the wrong adjective, as Tails is an entire Linux Distro, not just a tool. The idea behind Tails is to be an anonymous, self-destructing OS that disappears and removes any trace of its existence once you’re done using it. Obviously, this makes it less than ideal to be used as one’s daily driver, but if there’s something online you need to access and you prefer to keep it private or want to browse anonymously, then Tails is a great place to start. Rather than being permanently installed onto your hard drive, Tails operates entirely as a Live system and erases itself upon shutdown. You can download the latest Tails ISO at the aforementioned link, and either burn it to a DVD or copy it to a bootable flash drive (the latter is much easier, less time consuming, and less wasteful). Linux has several tools for burning DVDs, notably Brasero and DeVeDe. Or, if you prefer to make a bootable flash drive, you may find Unetbootin ideal (or you can use the ‘dd’ command in the terminal if you’re familiar with it). Once you’ve got Tails copied onto a bootable medium, just boot your computer from it just as you would if you were installing a new operating system or running a Live system.
It seems that the Tails website will only allow you to download Tails with either Firefox or Tor Browser. When I attempted to download the ISO via Google Chrome, it told me my browser is unsupported. It also forces you to install their Firefox browser add-on, which automatically verifies your ISO download upon completion using checksum verification. This is actually a great security measure to implement, as it ensures that you do not get a corrupted copy of Tails that could potentially have security holes in it, like what happened to Linux Mint.
The next tool we’re going to look at is Tor Browser, a product of the Tor Project, an organization dedicated to online privacy and security. As previously mentioned, this tool is already built-in to Tails OS, but you can also install it on any OS you like, as they have versions available for Windows, Mac, and Linux. It is unlikely to find it in any official Linux repositories (as far as I know), so you’ll need to download it from their website links above. With a typical Internet connection, traffic flows directly from the host requesting information to the server that provides the requested information, usually with a few extra hops in between from server to server, in order for the traffic to reach it’s intended destination. This, however, can be very easily tracked, even if you’ve deleted your browsing history. So what Tor Browser does is instead route your traffic to many, many different intermediary servers within the Tor Network, known as nodes, which serves to obfuscate the original source of the traffic, before exiting the Tor Network via an exit node and finally reaching the intended destination. As you might imagine, this can slow down your browsing speed a bit, but if privacy is the concern, one can learn to live with sacrificing a bit of speed with anonymous web browsing. It is recommended to only use Tor Browser when a specific task or tasks requires one to be extra careful, rather than using it as your daily driver.
Tor Browser is a fork of Firefox, so you can install your preferred add-ons such as Adblock Plus, uBlock Origin, DownThemAll, and so forth, but know that any extra add-on that you install could weaken the security of Tor, thereby putting you at risk and defeating the purpose of using it in the first place. Be cautious with what you choose to install. In fact, Tor actually strongly recommends against the installation of any browser plug-ins. Note that Tor Browser can also circumvent web filters if you happen to live in a place where the Internet is censored, such as China. Some hidden websites, known as “onions”, have obscure URLs and can only be accessed via Tor Browser. For example, the now-defunct Silk Road was one of these onions, as it could only be accessed via Tor Browser (this author does not condone drug use of any kind, I am merely presenting an example that many people are likely to have heard of). If you try to access these links with a regular browser, they can’t be found. Also, some websites like Twitter can determine if traffic is coming via the Tor Network, making it nearly impossible to maintain an anonymous Twitter account, as Twitter will require you to provide a phone number if you attempt to create and use a Twitter account via Tor. If anyone knows a way around this short of purchasing a burner phone, please let me know.
It is also important to note that Tor Browser is not a magical “hide me” button. It is possible to still be tracked by your browsing habits. Be judicious, be cautious, and remember that everything done through a computer leaves a trail somewhere, whether you like it or not.
It is also important to note that recently, the FBI has discovered an undisclosed exploit in Tor Browser that has allowed them to track and arrest people. So until this exploit is discovered and fixed by the Tor Project team, Tor remains weakened and vulnerable, although it is still greatly more advantageous than a regular browser. Because of this, using Tor by itself without also running Tails OS may be a bad idea. Be judicious and use caution.
VPNs are also worth looking into for increased web traffic security.
macchanger And MAC Spoofing
When it comes to Internet traffic, addresses come in two flavors: IP Addresses and MAC Addresses. You are probably already familiar with your IP Address, but perhaps maybe not so much your MAC Address.IP Addresses are generally automatically assigned by a network’s router or DHCP Server (your home router has a DHCP Server built in). This is basically your network address, and this can change at any time. If you wanted to set a static IP Address that does not change, rather than having it automatically assigned, you could do this as well (this is generally ideal for printers and other shared peripherals on a network). You also will generally have an internal IP Address that exists only on your local network (probably 192.168.1.x or 192.168.0.x), as well as your external IP address that all of your incoming and outgoing traffic actually uses (go to IPChicken if you want to see your external address).
However, in addition to IP Address, there are also MAC Addresses. Unlike IP Address, MAC Addresses are physically burned into your networking equipment and cannot be changed. MAC Addresses are also known as hardware addresses for this reason. Internet traffic uses both your IP Address and MAC Address to know where to properly route data. Because of this, in addition to obfuscating your IP Address with Tor Browser, it’s also a good idea to obfuscate your MAC Address using MAC Spoofing.
Again, it’s impossible to change your MAC Address like you can with your IP Address, however, you can spoof your MAC Address so that it appears to be something else. As previously mentioned, this is something that is already built-in to Tails OS, but you can also do this on other distros. My preferred tool is macchanger, which is a simple terminal command that allows you to spoof your MAC address as you see fit. If you can’t find it in your official repositories (sudo apt-get install macchanger), you can download macchanger from GitHub or the GNU website.
The easiest way to use macchanger is to use the -r (random) flag in order to create a random MAC address, but in my experience using Ubuntu 14.04 LTS, I could never get this to work. The command would execute, but the MAC address would never actually change. However, this was quite a long time ago and it seems that macchanger has been updated since then. As of this writing, it seems to work just fine in Linux Mint, and the developer(s) have even added an automatic function for your MAC to change every time the device is restarted, making it easier than ever before.
Full Disk Encryption
Full Disk Encryption is a rather complicated process that I don’t even fully understand. Suffice it to say that if you want to encrypt your data, Full Disk Encryption is the way to go, as it will prevent anyone from physically accessing any information on your hard drive without the encryption passphrase.
There are many ways to manually configure Full Disk Encryption, but they all go way above my level of understanding. Therefore, the easiest way to set up Full Disk Encryption is during the installation of your Linux Distro.
If you use Ubuntu or Linux Mint, you’ll notice that during installation when you get to the Installation Type screen, underneath Install Ubuntu/Linux Mint there are two checkboxes that say “Encrypt the new Ubuntu/Mint installation for security” and “Use LVM (Logical Volume Management) with the new Ubuntu/Mint installation”. I will generally check both of these boxes and allow Ubuntu/Mint to do the rest. However, note that if you prefer to set up your own custom partitioning scheme, you will be unable to do so here, as this option will cause Ubuntu/Mint to handle the partitioning for you. It is still possible to go to Something Else and set up your own encrypted partitions, but it becomes a bit more complicated at that point and would have to be addressed in a separate article.
This process may also be available with other distros, but my own personal experience is confined to Ubuntu and Mint.
If you just want to encrypt certain folders on your Linux system, another handy utility is encfs, which you should be able to find on the official repositories. Encfs allows you to create an encrypted folder that cannot be opened and viewed without the encryption passphrase. Note that this does not cause the encrypted folder to disappear completely from your system, as a clever person could still identify that the encrypted folder exists (you can probably figure it out too if you know where to look), however they would not be able to access its contents without the passphrase. Another popular encryption tool is VeraCrypt, which has replaced the popular yet now-defunct TrueCrypt.
And of course, don’t forget the obligatory XKCD.