How to keep your internet traffic safe and secret

-


​​Option #1

Tor


The Onion Router (Tor) is a specially designed Internet routing system that routes traffic while encrypting the IP address of where it came from. To enable routing, only the last and next IP addresses are available at each hop. The original and all other hops along the way are encrypted and can only be decrypted by a Tor router.

Tor can evade detection from nearly everyone except the most powerful state-owned surveillance machines. Even then, the NSA has some challenges in breaking Tor, but they have and still can. In general, Tor is safe for most traffic, but if someone or some agency wants to spend the time and resources to watch you, they can and will.

You can access the Tor network by using the Tor browser, which is simply a plug-in to the open-source browser Firefox.

​​Option #2

Proxies


Using proxies is a tried and true method of obscuring your identity on the Internet. Although your traffic is not encrypted and can be sniffed, the traffic cannot be attributed to any person as the proxies use their IP addresses rather than yours. Of course, this does not prohibit your traffic being tracked by your cookies.

Option #3

VPN

As the name implies, a virtual private network, or VPN, is a private way (encrypted) to connect over a public network (Internet) to a private network. It requires an authentication mechanism and then encrypts all the traffic between the client-to-server or peer-to-peer communication. It can encrypt all communication including the control channels, making it very hard to crack or identify the user.

You can access private VPN services where you will connect to their VPN server through an encrypted tunnel and then browse the Internet with their IP address. All of your traffic appears to be from their IP address and your communication to the service is encrypted so the traffic can not be traced back to you.

By default, VPN capabilities are NOT included in Kali, but I will be doing a tutorial on installing and stetting up VPN services on Kali in the near future.


Option #4

Encrypted P2P Chat or Encrypted VoIP

Often, people want to chat or use voice communications over the Internet. Both can be intercepted and read. There are at least two technologies available to encrypt these types of communications that makes it very difficult to intercept and read.


Chat

For Internet chats, CSpace is among the best. Like so many of these technologies, CSpace relies upon encryption. CSpace uses a 2048-bit RSA key for authentication and each user has a unique public key to identify themselves. Users are only identified by a hash of their public key on a central server. All communication is encrypted with TLS (Transport Layer Security). You can find more information about CSpace here(http://www.anonymous-p2p.org/cspace.html)
 though, it is no longer in active development.

If the members of Anonymous had been using this service, many of those now serving time in prison (Jeremy Hammond received a 10 year sentence for hacking Stratfor and releasing the information to WikiLeaks) would still be free.

​​VoIP

For VoIP, consider ZRTP for private voice communication. ZTRP is an open-source (thank the heavens for open-source developers) technology for VoIP communication that authenticates both ends of the communication with Diffie-Hellman and then encrypts the communication with a pre-shared key and salting.

For those of you not familiar with cryptography and password-cracking, salting makes it more difficult for a third-party to break the encryption. This technology (ZRTP) was developed by Philip Zimmerman, the same guy who developed PGP and a longtime advocate for privacy rights (Zimmerman fought the U.S. government all the way to U.S. Supreme Court when the NSA demanded a backdoor to his PGP). As a result, I have a lot of trust in ZRTP.


ZORG is an implementation of ZRTP and is available on the Android, BlackBerry, iOS, Linux, Mac OS X, Symbian, and Windows platforms.


Option #5

Combine All of the Above for Ultimate Privacy

When Edward Snowden released confidential NSA documents in 2013, we got some insights into this super-secret snooping agency. In one of these documents, the kindly folks at the NSA rated their ability to snoop on communications when users were using any number of different anonymity technologies. On a scale from 1 to 4, 1 was the least difficult and 4 the most difficult.

According to the NSA, the combination of Tor, a VPN, and either CSpace or ZRTP basically blinds, so this combo received a 4 rating. In their own words, the "good" folks at NSA described these circumstances when trying to surveil users combining these technologies as "near-total loss/lack of insight to target communications, presence."


A Word of Caution

I am very reluctant to use any proprietary, commercial product for purposes of maintaining anonymity. The reason is that these companies easily bow to pressure from state authorities to enable snooping on their networks and products. Although not perfect, open-source products are more likely to give you a greater level of assurance for maintaining your anonymity and privacy.


Comments

Post a Comment

Popular posts from this blog

Hacking WiFi using Termux on Android PART 1

-
Image
ANDROID IS A LINUX BASED OS SO MOST OF THE LINUX BASED APPLICATIONS WORK ON ANDROID. LINUX IS THE BEST PENETRATING OS AVAILABLE SO LINUX TOOLS ARE THE BEST. NOW TO CRACK THE WIFI PASSWORD ON ANDROID YOU'LL NEED TERMUX WHICH IS EASILY AVAILABLE ON GOOGLE PLAY. DOWNLOAD TERMUX AND FOLLOW THE STEPS BELOW. WE ARE GOING TO USE ROUTERSPLOIT MODULE OF TERMUX FOR THIS. ROOT IS NOT REQUIRED FOR THIS METHOD. STEP 1 :   INSTALL TERMUX FROM GOOGLE PLAY, OPEN IT AND INSTALL THE REQUIRED PACKAGES. FOR THAT JUST TYPE IN THE FOLLOWING COMMAND:       pkg install git  AND PRESS ENTER ON YOUR MOBILE'S KEYBOARD. AFTER THE SERIES OF COMMAND THAT APPEAR TYPE THE SECOND COMMAND:       pkg install python2 AND AGAIN PRESS ENTER. STEP 2 :   GO TO THE PROVIDED URL TO CLONE GIT.                       **** GIT CLUB **** CLICK ON CLONE BUTTON AND COPY THE URL GENERATED STEP 3 :  OPEN THE MINIMIZED TERMUX AND TYPE IN       git clone  https://github.com/reverse-shell/routers
Read more

Hacking WiFi using Termux on Android Part 2

-
Image
SO IN THE PREVIOUS POST YOU LEARNED TO INTSALL TERMUX WITH ITS MODULE CALLED ROUTERSPLOIT. NOW REMAINS ITS EXECUTION FOR HACKING WiFi. STEP 1 :    OPEN TERMUX AND CHANGE YOUR DIRECTORY TO ROUTERSPLOIT. FOR THAT TYPE IN   cd routersploit  ls                                                                                                                                                                STEP 2 :   NOW TO TO RUN ROUTERSPLOIT TYPE IN     python2 rsf.py NOW TYPE      show all THE LIST OF SUB MODULES ARE SHOWN YOU CAN USE ANY OF THEM  HERE I RECOMMEND USING THE MODULE-        use  scanner/autopwn   THEN TYPE IN show option TO SEE ALL OPTIONS OF THE SUB MODULE YOU'VE SELECTED THEN TYPE      set target _______________________  (*** YOUR TARGET IP  ANDPORT WHICH CAN BE ACQUIRED THROUGH                           
Read more

Hacking Facebook or Instagram

-
Requirements 1.Live internet connection 2.Phone,computer STEPS 🔷  Launched your web browser and Open this website Click here to proceed to shadow wave 🔹Being a new user click on sign up.Fill the form Now select sign up and wait for the page to load 🔷 Now select any of the option available: Facebook profile Facebook app Now create your page and fill 🔷 After filling the form select create and  select click here 🔷  Copy the link and send it to your victim ⚠️ Make a smart link human hacking 😊 Eg. click on this link login into your Facebook account and get 500 likes on your photo After sending links  you wait to get a victim if someone falls in the trap.
Read more