Introduction: Make Yourself Anonymous on the Web!

Picture of Make Yourself Anonymous on the Web!

"How can I travel and communicate over the Internet without being tracked or spied on by anyone?"

This tutorial is going to explain how you got to this!

There are a multitude of reasons for wanting privacy for communications on the Internet. I think it goes without saying that every human being has an inherent right to privacy. In our current technological state of surveillance, this right to privacy has been severely compromised. Google, the NSA, and GCHQ are all spying on our private communications.

Furthermore, I believe that we have a right to free communication and uncensored communication. Many nations and companies limit what sites its citizens and employees can visit and view. In some cases, if they do go to certain sites, they are immediately suspected of criminal or anti-government activities (often those two are conflated). In these cases, browsing the Internet anonymously can be a matter of life and death. We are going to do this using a proxy server, vpn, and encrypting our send data.

Step 1: Tor Browser

Picture of Tor Browser

Tor browser is a browser that uses a vpn to show sites another public ip. Tor also encrypts your data. So lets start by downloading tor browser for your platform. So lets go to:

Click on download and select your platform. Save your file somewhere on your hard drive. Note: If you're using linux there's a easier way then downloading every thing from the site. If you're using linux skip to step 2. Select the right download link. And when its done downloading. Run the installer and follow every step. When that's done go into your map where all data is and open start tor browser. If you haven't got a vpn or proxie click the first option. Wait a second and boom! You got your tor browser. To check if its really working type in the search panel " my ip". If its different from your own ip, then its working.


Step 2: Tor Browser for Linux

Picture of Tor Browser for Linux

If you got linux, you've only got to type some simple lines in the terminal. It's as easy as copy and pasting some lines. because thats what you're going to do. you'll also need administrator rights to perform these steps.

So start by typing(copy and pasting) these lines of code:

sudo add-apt-repository ppa:webupd8team/tor-browser
sudo apt-get install tor-browser
sudo apt-get update

Nice! Now you should have the tor browser. Open it and select the first option if you aren't using any vpn or proxie. You're done! To check if its working type in the search panel " my ip ". And open a site called whatsmyip or something similar. If you're ip is different from your own ip, then its working. Nice!

Step 3: Adding a Vpn

Picture of Adding a Vpn

What is a VPN?

A VPN or Virtual Private Network is a method used to add security and privacy to private and public networks, like WiFi Hotspots and the Internet. VPNs are most often used by corporations to protect sensitive data. However, using a personal VPN is increasingly becoming more popular for every citizen as more interactions that were previously face-to-face transition to the Internet. Privacy is increased with a VPN because the user’s initial IP address is replaced with one from the VPN provider. This method allows subscribers to attain an IP address from any gateway city the VPN service provides. For instance, you may live in San Francisco, but with a VPN, you can appear to live in Amsterdam, New York, or any number of gateway cities. It is also the best method to surf anonymously. And on top: You will bypass online blocks to access foreign content like a local. Get to websites back home when you’re abroad. And bypass government or workplace censorship of sites like Facebook, Gmail and Youtube. Plus, you can download torrents and use P2P programmes anonymously.

What Vpn to choose?

There are many choices when it comes to VPN providers. There are some
VPN providers who offer free service and there are some which charge for VPN service. Paid VPN provider IPVANISH is doing an excellent job compared to the free service providers, which are very unreliable, slow and not safe. IPVANISH offers robust gateways, proven security, free software, unmatched speed, unlimited bandwith, and the best of all: IT HAS NO TRAFFIC LOGS! Unlike other VPN companies do they NOT collect any data because of their no-log policy! And to stay completely and 100% anonymous, they even offer to pay via paysafecard (but they offer also the usual payment methods and even accept paypal). And on top of that do they not only offer the VPN software for Windows, Mac, Ubuntu, Chromebook and Routers, but they also offer ANDROID & IOS VPN Apps for easy install. It is really easy to setup the VPN connection either on PCs or on mobile devices with the apps, everyone can do it within a few clicks. Need a free VPN? Then you can download Cyberghost, you got a paid and a free version. Unfortunately cyberghost isn't free for linux.

How to install cyberghost?

Go to the site of cyberghost and click on download. Run the installer and follow all the steps. Run the program and push that big yellow button! Now its configurating your vpn. Visit whatsmyip and see if your ip is changed! You can also install cyberghost on your android and apple products. For linux you would like to download and install frootvpn. Unfortunatly this isn't free too. There is also a vpn for linux called vpnbook that is free.

Step 4: Configure Apps to Use Tor

Picture of Configure Apps to Use Tor

If you also want apps to have encrypted data by tor, then we have to install proxycap. Install proxycap and open your tor browser. go to settings and then Preferences. A window will open, click on "Use custom proxy settings". Now you got to fill in "No proxies for: ". Just fill in Nice! Copy the port section and click OK and you can close tor browser now. Open proxycap and go to the proxies tab. Click on new and give it a display name. I'm going to call it 'Tor proxy'. Select type SOCKS5. Hostname is going to be and port is the port you just copied. Click on OK. Now you go to rules. Change the field(Under Redirect through proxy) from default to tor poxy(Or the name you gave it). Under this section check specify and select an exe file. Or if you're using mac select an app file. Give it an name and Voila! Click on OK and you're done! Select Enable proxycap in your menu bar and it should be running. Go check it!

Step 5: Adding a Proxy

Picture of Adding a Proxy

Using proxies is a tried and true method of obscuring your identity on

the Internet. Although your traffic is not encrypted and can be sniffed, the traffic cannot be attributed to any person as the proxies use their IP addresses rather than yours. Of course, this does not prohibit your traffic being tracked by your cookies. At the moment i haven't got a tutorial for adding proxies. Look for some on the internet and watch out for fake proxies! Don't download proxies no one have ever heard of! I found some tutorials for windows and mac, go check them out! I haven't checked if these proxies are safe. So google around.

Proxy Tutorial for windows 7

Proxy Tutorial for mac

Step 6: Encrypted P2P Chat

Often, people want to chat or use voice communications over the Internet. Both can be intercepted and read. There are at least two technologies available to encrypt these types of communications that makes it very difficult to intercept and read.

For Internet chats, CSpace is among the best. Like so many of these technologies, CSpace relies upon encryption. CSpace uses a 2048-bit RSA key for authentication and each user has a unique public key to identify themselves. Users are only identified by a hash of their public key on a central server. All communication is encrypted with TLS (Transport Layer Security). You can find more information about CSpace here, though, it is no longer in active development.

Step 7: Well Done!

Picture of Well Done!

Nice you got it all working and you're anonymous on the web. Using all of the options gives you the best security! Hope you've learned something and you're safe on the internet now! Thank you! If you liked it vote for the contest.

A Word of Caution
I am very reluctant to use any proprietary, commercial product for purposes of maintaining anonymity. The reason is that these companies easily bow to pressure from state authorities to enable snooping on their networks and products. Although not perfect, open-source products are more likely to give you a greater level of assurance for maintaining your anonymity and privacy.


I'm not responsible of anything happened to you(your computer), or anything else.


isherclub (author)2015-04-19

I entirely agree with the principle:

"I am very reluctant to use any proprietary, commercial product for purposes of maintaining anonymity"

yet I completely disagree with the advices:

1. TOR is financed by US intelligence, according to journalist investigation from

Pando (see So forget about TOR.

2. IPVanish is based in the US therefore subject to the Patriot Act


3. The concept of CSpace is nice, yet it is old and relies on the usage of

key servers to store public keys. This kind of encryption has been

surpassed by end-to-end encryption methodologies such as OTR

for the chat, zrtp for the voice and others.

Not to mention that I can use a bullet proof technology to make myself untraceable, but if I use such technology to register myself on my facebook account, I became again immediately traceable.

Privacy is a huge subject which requires a very meticulous approach to be handled honestly and candidly.

jmichel5 (author)isherclub2015-04-21

isherclub thanks for sharing the extra information. I've been wondering why such programs are being widely suggested by a lot of IT's. I heard of a few programs that does a way better job then what we see now, but because they are not with or created by the government its not something you would ever know unless you happened to know some people... What is the bullet proof technology that you mentioned. It is pretty much logical that if you want to go on popular social site that you would use a different device altogether and have one device or so just for private surfering, unless you create a another facebook with no trackers etc...

isherclub (author)jmichel52015-04-21

I entirely agree with your point

"It is pretty much logical that if you want to go on popular social site
that you would use a different device altogether and have one device or
so just for private surfing"

Yet, in my experience, this has been a huge cultural barrier. Not to mention that there are out there products and companies that still seem to "ignore" this issues by proposing solutions that can work both ways. In my opinion it is a fraud.

The technology is out there, there are two huge barriers that have been withholding people to "access" it:

a. Its complexity of use

b. the "cultural" shift required to protect our investment (our privacy)

To answer your question "which bullet proof...", last December, Der Spiegel (a German magazine) published a series of documents made available from E. Snowden.

Those documents actually stated the obvious: the technology that is community developed and open-source is the hardest to break.

But please, remember, community developed AND open-source. In other words, that technology that you can compile on your PC at home (first complexity barrier).

As for the cultural barrier, until our privacy will truly be preserved, we have to take care of it by ourselves, there is no other way and, to quote Christopher Soghoian, principal technologist for the American Civil Liberties Union:

need to stop assuming that the phone companies will provide us with a
secure method of making calls or exchanging text messages,"

unkerjay (author)isherclub2016-05-22

The commentary of the movie "RED" (former CIA consultant) is enlightening.

"Don't use a cell phone to commit a crime", it's traceable. He didn't mention brand or method (text, voice, throwaway). He simply said "don't".

What they want to keep secure, they don't write down, they compartmentalize to just those who need to know and ONLY what they need to know.

And "disinformation" is their friend.

I might also add, for the Americans here, the 4th Amendment"

"You have the right to be free from unreasonable search and seizure..."

has NOT been amended to include:

"unless you have nothing to hide".

And the Miranda rights:

"ANYTHING you say can can and will be used against you in a court of law"

Does not implicitly or explicitly mean,

used to ":exonerate" you.

Don't talk to the Police:

To be clear here, I am not advocating crime. I AM saying that EVEN if you are innocent and can prove it. The deck is not stacked in your favor.

Justice is all about facts as determined by the "allowable" evidence, a case presented by attorneys who want to win, in a court of law, as (in some cases - not always) as determined by "a jury of your peers". Often by people who are elected to office who often tend to see "justice" through the perspective of the next election or their political bias (or both) as well as the demands of the public (in elections). Who lock people up in for profit prisons and do so often out of a bloodthirsty demand for "toughness" on crime.

This (in America) is the system in which we seek anonymity and privacy.

Every new threat is a new fear by which the wheels of surveillance can be stoked and the freedoms we'd like to think are "guaranteed" by law can be dialed back.

Certainly we want to feel "safe and secure".

At what price?

It's a NECESSARY balancing act.

JohnD445 (author)unkerjay2017-11-15

Thats Where your wrong. In certain cases the law requires law enforcement to use what you said to your benefit. For example, Police may not omit material facts from a PC affidavit. See Franks V. Delaware. Also, the government has to turn over exculpatory evidence that goes against the government's position. See Brady V. Maryland. Violations of these examples can carry hefty penalties against government actors, ranging from criminal charges for civil rights violations (18 USC 242) to civil liability for civil rights violations. (See 42 USC 1983 and Bivens V. Six Unknown Agents.)

jwbowman06 (author)unkerjay2016-05-22

After reading several of the comments here, one observation should be stated.

The firm and unabashed answer to the question of "what do you have to hide?" should always be:


It's nonsense that an entire generation has been fooled into thinking that a desire for privacy equates to criminal activity, or that any type of spying on YOU is somehow a benefit to YOU.

DeanP31 (author)jwbowman062016-05-24

That is a great way of turning the unspoken assumptions on their head. It reminds me of taxation - where the government and its dependents assume that all your money and property are theirs, and they'll let you keep a little.

ShawnM38 (author)DeanP312016-05-25

Absolutely, people need to know and keep in mind that big bro is a business,they don't make money, they just illegally tax the hell out of us and spend as they see fit. No one "pays" taxes, the gov just takes them. They get stealth tech n we get shite sandwiches. They're all crooks,and they'd rather wipe their asses with the constitution than follow it. We have a right to privacy!!

PhiS1 (author)jwbowman062016-05-23


JamesS43 (author)jwbowman062016-05-23

Well stated my friend.

macgyver71 (author)jwbowman062016-05-22

Usually when I hear that type of talk (or the "If you don't break the law, you dont have anything to worry about"), I tell them to read "Three Felonies a Day" and then come back and have this conversation.

Right on, jwbowman06! For some reason, I have always been the type of person whom even strangers in a crowded room, at church, some social function, even in a restaurant, will seek out with a brief introduction, then ask, "Could I speak with you about something confidential (personal, private, whatever)"? I never leave a setting to go somewhere alone with an unknown person, but I have a few times suggested something like, "Would you like to go over there toward the corner, or to the end of this row, where we can sit and talk for a moment without being interrupted?" None of these people, or relatives or close friends, (or I myself) would want to have private conversations broadcast to the world. If a close friend or relative is discussing family situations with me, or even just whom to vote for, it is our business alone, period. I would be very reluctant to discuss private issues with anyone who feels that everything about our private lives should be open information for any busy-body to just wants to know!

callunajean (author)jwbowman062016-05-22

YES, this. I grew up with a phone tap because of the work my father did. I cherish my privacy...

dianad1 (author)isherclub2015-04-21

Fat chance _I'll_ be compiling at home!

isherclub (author)dianad12015-04-21

@dianad1, re: "_I'll_ be compiling at home"

I understand what you're saying :-)

We need to start somewhere.

I believe you trust the guy who comes and fix your PC (at least I hope do).

This guy may be able to package for you what you need to protect your privacy.

If he doesn't, then he perhaps knows someone who can (I can always tell him what to do of course) but ultimately the point is:

a. we take open-source, community developed, technology

(either we or someone we trust)

b. we pack it in an usable form (again we or someone we trust)

c. we use it.

Any other way cannot, at this stage, be trusted.

I myself offer such kind of services and often I have been asked to provide "certifications" from "higher" authorities confirming the quality of what I do, and my answer is:

"if you ask me to certify myself, how can you trust me?!? On the contrary, I give you everything you need to check my work, and if you like it, you take it, but it is you, ultimately, who is responsible for looking after your own interests".

dianad1 (author)isherclub2015-04-21

Unfortunately, I have usually been the person to do all the repairs, installations, builds, etc., on my own computers. I've compiled programs and installed Linux, but I sure don't want to mess with that level of complexity and difficulty any more in my life. It's a life drainer. I have neither the time (you know some software can take hours and days to work out the bugs and nuances to work on your particular system) nor the inclination.

I'm betting most people don't. Assuring private interaction with resources while on the Internet needs to be at least as easy as antivirus software--and many of those are too complex for your average user. I don't mean neo-luddites, either.

As to trusting repair people, when I've "outsourced" to someone commercial rather than messing with problems myself, many of them have been half-trained maroons or rude young people in a hurry to jump to conclusions and not even listen to what I've tried already. I've worked in IT at many levels, from drilling holes in concrete to run peer-to-peer networking back in the day (does anyone even know what that is any more??), installing components, maintaining servers, and upgrading computers on the hardware side to programming Web sites before the advent of content management software. Still, I find many of the repair folks narrow-minded and only interested in the next, kewl thing. They are like doctors who have decided what you have before even examining you. I have often ended up fixing it myself after they are done mucking around.

But that can take a long time. So, yeah, trust is a rare commodity. Time is more precious these days. Compiling my own code? There has to be an easier way!

Nonetheless, I do appreciate your optimism that solutions are out there. Do you blog about the topic of private/anonymous browsing or can you recommend a good place to keep informed?

Lashway (author)dianad12015-04-22

LinuxMint, and similar distros, are the answer to this. I made the switch about a year ago, and it's been easier to use than any Microsoft product since XP. No joke.

The community is intensely active, and it's releases are very stable (and secure), with it intending to be the open source OS for those who just want a computer to work without paying.

isherclub (author)Lashway2015-04-23


I'm afraid this may be a little misleading.

1. The point of open source community developed technology is not about having a solution to our IT needs that is cheaper (without paying) but that is more secure (because thousands or hundred of thousands of private citizens check it for us)

2. Unfortunately it is not enough to install an open source operating system because, as correctly mentioned @absolutekold earlier in here, to approach the problem of keeping our data private is simply too big to be realistically solved by any of us.

On the contrary, what we can do, is to prioritize our needs for privacy, identify what we really need to keep private, then find appropriate technologies and methodologies that will help us to increase the level of privacy for such kind of information we want to protect.

To summarize, the message is two-fold:

a. protecting everything is impossible

b. increasing the level of privacy is something that can be done but requires the use of open source technology and a change in our habits

Finally as a side note, you may find interesting this article about how to take advantage of open source technologies to increase data protection

But don't forget that your hard-drive may be already inherently insecure, as reported on this other article

Or even your CPU may not be that secure after all

isherclub (author)dianad12015-04-21


What I am saying is that you need to start shifting your trust onto someone you can more easily control: either yourself or someone close.

This doesn't come for free.

I've heard somewhere about the theory of transforming "trust" or "reputation" in a sort of currency.

Perhaps soon an online "market" will attribute "reputation points" to professionals whose only job will be to integrate such technologies into usable forms, thus avoiding the risk of bumping into "...folks narrow-minded and only interested in the next, kewl thing..."

Until then, privacy will come to a cost, and it won't be cheap. At least we know in which direction to invest our money.

Those who will make you believe that you simply install a new app and you are safe, will just be fooling you.

Yes, I blog about privacy in general, including anonymous browsing, with an eye more to the regulatory aspects in different countries. I don't know of any specific place to look or, to be more precise, I believe it is wrong we need to look at just one place.

For example a few days ago an interesting conference about BitCoin let us understand that Intel chips (and very likely many other manufacturers) have been including technology that may well have been used, or could be used, to hack our systems.

I myself worked about 15 years ago on special firmwares installed on commercial hard drives used to access, or deny access, to data stored in them, regardless of what the operating system was doing.

So everything is interconnected and to be effective, we need to look at protecting our privacy from every single point of view.

JohnD445 (author)jmichel52017-11-15

Actually, while Tor is funded by the U.S. Government, the government does not participate in the development or maintenance of Tor, and has no direct input as to how Tor is implemented. While the FBI and others have claimed to have cracked the Tor network, we must remember that the Department of Defense still uses it AND we must remember that the few cases where Tor's anonymity was breached after operation Torpedo, were cases where server-side code was clearly implicated in the breach directly. The latest round of attacks have exploited a vulnerability in PHP, by way of example. Tor is only as strong as the technology deployed over it. Also, VPNs Do NOTHING to protect your identity- they have your identity when you connect, and are known to sell your data to the highest bidder. Proxy servers are similarly implemented to VPNs. Therefore, Tor is your single best bet of online anonymity, however Tor can also be blocked from a server entirely. (For example, Wikipedia blocks all Tor exit nodes.)

Laral (author)isherclub2016-05-22

So you base your conclusion that "TOR is financed by US intelligence" on a Pando article? There have been rumors that US intelligence agencies are operating TOR exit nodes where they could easily perform a man-in-the-middle attack and decrypt SSL traffic. Also that they inject spyware via javascript, which is mistakenly enabled by default in TOR. But all this smacks of conspiracy theory IMO.

isherclub (author)Laral2016-05-23

No. Tor ...

was developed in the mid-1990s by United States Naval Research Laboratory employees, mathematicianPaul Syverson and computer scientistsMichael G. Reed and David Goldschlag, with the purpose of protecting U.S. intelligence communications online. Onion routing was further developed by DARPA in 1997


And, again:

Active Sponsors in 2016:


As you can see, Radio Free Asia is still there.

So, no conspiracy theory at all, just facts.

Laral (author)isherclub2016-05-23

Faskinatin' Ak-ak-ak-ak…

Using this as your argument in support of the claim that "TOR is financed by US intelligence" is like saying that the internet is financed by US intelligence. Just as the internet has come a long way since the early days of DOD-financed ARPANET, so too has Tor come a long way since the early days of an NRL- and DARPA-financed encrypted anonymous network project.

isherclub (author)Laral2016-05-24

I respectfully disagree with your opinion because and I hoped you read my whole post, not just the first two lines because, while it is true that the Internet Protocol was first developed by Darpa, it is today used and developed by millions of developers thay are not necessarily receiving money from the US intelligence.

On the contrary, but please read for yourself, the TOR organization (which is one organization) still receive money today from the US intelligence (please read CIA, don't read Darpa) through their arm "Radio Free Asia".

Now, when it comes to protect my privacy, I personally don't trust any product developed by a single organization, especially if it is financed by a single government, especially if it is offered for free. Call it TOR, call it whatever you like.

Don't get me wrong though, TOR financed by Radio Free Asia makes perfectly sense and it is perhaps the safest way dissident in China or North Korea may have to communicate relatively safely with the outer world.

That being said, I don't mean to further convince you of the opposite, and if you are happy using TOR for your privacy needs, who am I to tell you otherwise?

Moodle2 (author)isherclub2016-05-23

still, although Tor is Used by the US Government, according to Clint Emerson it has become a favorite for the black market and drug trade.

tkjtkj (author)Moodle22016-05-23

and that is exactly what any 'government' crypto group would want to happen!!

The 'common term' would be 'honeypot' .. a system designed to attract those whom you want to attract! This, of course, implies governments' instilling a false sense of 'privacy' in the product or site ..

"Paranoia does NOT mean they are NOT after you!"

isherclub (author)Moodle22016-05-23

@Moodle2, Thank you for your observation. It actually gives me the chance to highlight some major points:

1. We all are in favour of protecting the individual privacy, as stated in the universal declaration of human rights (art. 12)

2. This right is not subordinate to the need, that we all acknowledge, to fight crime (otherwise the above mentioned article would have included such precondition)

Do we need to rewrite the universal declarations of human rights? Maybe, maybe not, but I would like to keep the conversation on the technological side, without getting into the political implications, which are definitely relevant, but maybe not entirely the focus of this article.

We all are archived into so many databases that profile us at our every step. Having access to this amount of data without control may be dangerous.

Do you want to have a private conversation with someone and be relatively sure that nobody else is listening? Just meet this someone in person at least once, agree face to face with a password at least long 43 characters (chosen among letters up and lower case and numbers) and from that moment on use an AES256 implementation trusted enough for exchanging your messages (voice, data, whatever).

This is what the universal declaration of human rights authors had in mind when they wrote that 12th article.

Do you want to leave an anonymous footprint on internet when you are doing your stuff? Then (a) use a VPN service located in some countries without the obligation of data retention and (b) never, never, never (did I say never?) access any service that connects to your real identity.

But if you commit a crime, then don't be surprised if the governments will hunt you down. If you used TOR, the best option is to control the exit nodes. If you used the VPN, the best option is to control your VPN provider and if he doesn't have the logs, they will start logging their vpn access gateways traffic through the ISP used to connect to the Internet.

Now, I read somewhere, apparently the new Silk Road 3.0 (or reloaded, don't remember) is using I2P instead of TOR. At the same time I have read that the previous biggest crimes committed using TOR (Silk road or the other one related to money laundering, forgot the name) they both used TOR and the authors both got sentenced to life or I don't remember how many years of prison in the US.

Now, are we talking about protecting our private conversations? then the solution is out there ( I mentioned it above and, forgive me, but when someone else chose the key for me, i.e. whatsapp, or the other guys at open whisper system, I am not comfortable. To be honest I am even less comfortable when the solution is offered from a company for free. Does it mean they live out of thin air?)

Do we wanna keep a low profile or leave an anonymous foot print on Internet, read above.

We can even combine the two solutions and have private conversations and leave anonymous footprints, but this comes at a cost, requires commitment and focus.

While the solution I mentioned above for having private conversations is quite bullet proof (assuming your counterpart won't be the weak link of the chain), the solution to keep your identity secret relies on your ability not to make mistakes (i.e. not to do anything that relates to your real identity). Sooner or later you will make mistakes and if you committed a crime, you will get caught, not necessarily because the technology isn't good, but because you made mistakes. The bigger is the crime you commit, the bigger governments will invest to hunt you down.

There are interesting experiments of new operating systems without "memory", meaning every time you start your PC they erase every trace of their previous executions. As you can see this approach is relatively bullet proof when it comes to protect your identity, but again if you access services connected to your real identity, all your efforts will be useless.

tkjtkj (author)isherclub2016-05-23

Good points... Now, unless i'm wrong, 'OTR' ("Off The Record") is still

"beta code" .. and one must NEVER EVER use beta crypto !! WAIT for it and any product to be audited (like, for example, Truecrypt was audited.)

tkjtkj (author)isherclub2015-04-27

I just want to mention that 'OTR' ( known as 'Off The Record') is BETA code .. and one must never, ever, ever, use BETA algorithms for security matters.

Even 'release code' such as TrueCrypt 7.xx is only now being analyzed/audited. .. Latest info suggests it does have at least one significant vulnerability.

The team has moved to Switzerland, if that matters to you, .. and it should!!!

isherclub (author)tkjtkj2015-04-27


Thank you for your note.

I believe there must be a number of misunderstandings which I believe it is worth to clarify for the sake of who is reading us.

From what I am aware of or, let's say, in the context I was referring to it, OTR is not a code at all, neither alfa nor beta nor nothing. OTR is a protocol, first released in 2004 now at its 3rd release ( see on wikipedia ).

The authors provided, with the aim to help developers, a library which, again, is not an algorithm.

There have been a number of implementations of such protocols, some of them are in alpha, some in beta and some in stable release.

Some of those implementations are open source and community developed, some are not.

I personally only trust those implementations that are open source and community developed.

As for Truecrypt, the only one I am aware of is a freeware utility now discontinued (see wikipedia ).

It was not though a community developed utility, as you mention about their team moving somewhere (a community doesn't move, a team does)

I don't get at all into the dispute if it was a good or bad utility, I simply don't trust at all any tool whatsoever that is not open source AND community developed.

Finally, why should matter if a team moves to Switzerland? Are you implying that in Switzerland those people can produce a more trustworthy code for all of us to use it?

I hope you will forgive me, but  I personally consider very naive to think that only because a company moves to Switzerland it suddenly becomes more trustworthy than it was before.

In Europe, Switzerland included, there was a EU directive (issued in 2006) that forced all telco and ISP to record for up to two years all data regarding users access to Internet or telecommunication usage.

So, in some respect, even worst than the Patriot Act.

Such directive was declared null in 2014 but several, almost all, adhering countries kept their local laws in force.

And this applies also to Switzerland.

Now, we can discuss about the fact that the team you are mentioning, which I don't know, is not a telco nor an ISP nor provide any VoIP service (some do and use their switzerland location as an excuse to say: see we are in switzerland, therefore more trustworthy) yet, they make people think that just because they are in Switzerland they are more trustworthy.

In my humble opinion, trust is long gone and I personally trust ony the code which is community developed and open source that I can check by my-self.

isherclub (author)isherclub2015-04-28

The link to TrueCrypt I typed above is wrong due to typo.

The correct one is

Sorry for the inconvenience

nliwilson (author)isherclub2015-04-21

Interesting article but unfortunately I have to agree with isherclub, however this is probably not the forum for that discussion? :/

I fall somewhat on the "I have nothing to hide" side of the discussion but it would be self-destructively naive to dismiss the discussion off of that but is there a sensible middle ground?

UnmercifulOne (author)nliwilson2015-04-21

Well then... since you "have nothing to hide", you shouldn't have a problem with some random cop pulling you over for no reason and searching you, questioning you about your comings and goings, where you work and how much you make, who you slept with last night, etc.. right?

Ridiculous you say? At what point is it no longer your government's business what you say or do? Or your employer? Your spouse/significant other? Your parents? You school/instructors? Your ISP? Who are any of them to tell you how to think/feel/act/believe? Personally, unless I ACT in such a way as to cause harm to another person, it's none of your business what I think, feel, say, or do.

nliwilson (author)UnmercifulOne2015-04-21

I wondered when the really paranoid drivel would be trotted out "UnmercifulOne." I simply can't take you seriously from your comments or your user ID. You're amusing though, I'll give you that. ;D

isherclub (author)nliwilson2015-04-21

Perhaps you are right, this is not the right forum, and I want again to
thank the host for giving us the opportunity to debate on this subject.

answer to your question, "is there a sensible middle ground?", I would
like to use an analogy and shift the focus from the "right to privacy"
(which is somehow still something intangible) into something that can be
more easily managed: a trade deal.

I have been taught that a deal, to be a legitimate one, has to have the following characteristics:

It has to be clear (the involved parties have to be clearly identified
and the subject matter of the transaction has to be clearly identified
in time and space)

2. It has to be fair (I give you something,
you give me something back whose value is proportionate to the asset
which I am offering).

Now, I understand you have nothing to hide,
so has none of us, yet , beyond our understanding, we are brought to
close a deal which is clearly unfair because:

a. it is unclear (we offer all our private information to whom? for how long?)

b. What do I get in return?

I have some troubles to quantify the value of my private information since such value constantly changes.

For example:

weeks ago an Australian insurance company started offering discounts on
its life insurance products to those clients who are willing to be
constantly monitored during their lives, i.e. if they go to the gym,
what they eat, what they do and stuff like that (I have those details on
my blog or in my mailing-list, don't remember)

Now, this insurance company put a price on those private information. Is that price fair? I don't know.

some days ago, started offering their customers the "promise" of not
"spying" on their internet traffic, for as little as 720$/year. Is that
fair? I don't know.

Perhaps this market should be regulated.

thing is, everybody has the right to choose if enter or not into those
trade deals, and so far this right has not been granted.

my point is: you take your assets back (your privacy) and if and when
you will feel you want to trade them, at least you'll have an option.

I hope I answered your question.

farticus (author)isherclub2015-04-21

Ignore that Australian insurance company story guys, it is overblown nonsense. All you can get is a discount if you record your car's velocity data with an app on your phone to prove you are a safe driver. It is entirely opional and the data is not collected, only the peaks of acceleration are.

isherclub (author)farticus2015-04-21

Why do you say to ignore the Australian insurance story?

This is the news

as you can read yourself from the New York Times published last 8th of April.

Apparently John Hancock Insurance will be the first insurance company who will offer a similar plan also in the USA.

So, unless you're saying the New York Times is telling jokes...

farticus (author)isherclub2015-04-21

I know for a fact that both sides of politics in Australia are against offering insurance discounts based on diet choices ("what they eat"). I looked into this and corresponded with the relevant health ministers of two successive goverments. They were unambiguoius in their regection of the idea on the grounds that is was a form of discrimination.

So what some small comany thinks they can do and what is actually allowed are not the same thing. i.e. the NYT is full of hot air, as usual.

However it is a shame really because the 10% of the population that are vegetarians do deserve a huge discount on health and life insurance because the China study has proven they live longer and healthier lives.

nliwilson (author)isherclub2015-04-21

Actually I think that's a great answer. To boil it down you're effectively saying we should have control over how our personal information is disseminated and no one's going to give us that control so we have to take responsibility for it ourselves?

I have to say I find the AT&T thing disturbing. What they're saying is "pay a premium or we'll make the money back by abusing your personal info"?! Why aren't people up in arms about this?

The one caveat I would add to the debate is that here in the UK we have an act in law called the Data Protection Act which provides a very strong measure of personal protection but which is routinely ignored by government agencies and circumvented by private company's mandatory agreements, making some of the strongest legislation in the world more or less worthless in many situations.

isherclub (author)nliwilson2015-04-21


I respectfully have to disagree with you.

In the United Kingdom is currently in force, since 2014, a Data Retention and Investigation Act, see:

which, not only authorize your government to snoop in your telecommunication habits, but actually requires all telecom operators and Internet Service providers to store your data for up to two years, without any investigation running or being authorized.

So, they are working respecting your law, and recording every access you do to Internet, keeping up to two years of records.

nliwilson (author)isherclub2015-04-21

Sorry, yes you are quite correct.

dianad1 (author)isherclub2015-04-21

Thank you very much for posting your counterpoints, @isherclub. I love boompjes's concept; however, as soon as I read about the Tor browser, I immediately wanted to know who created it and how they were funded. For all I know, Tor is an NSA/Google thinktank product that installs keystroke recorders and makes it easier to follow the very people who would be tempted to use this. Although I have nothing to hide (I'm a senior who writes children's books), I am very concerned about the increasing mega-corporation involvement in foreign policy and the recent legislation that paves the way for bypassing the bill of rights. <sigh> Looks like your average citizen who still believes in real democracy is stuck in a catch-22 situation trying to bolster security and privacy but realizing that there is no one to be trusted due to the invasiveness of shadow government and the pervasiveness of hi-tech think tanks. Ooh, I sound like a conspiracy person!

isherclub (author)dianad12015-04-21


Yes, you absolutely centered the point: "... realizing that there is no one to be trusted..."

As I wrote in my previous reply to you, we still have to start somewhere.

And we start from who we trust in person.

Yes, the technological gap for using effectively some technology is there, but it is no more impossible to bridge. We can get there. It requires a shift in the way we look at how to satisfy those needs.

You see, in the late '80 (or it was early '90?), when Linux (the operating system open-source) came out, nobody thought it could become the main operating system used today by all the largest data centres worldwide.

A similar revolution will have to happen for the technologies used by everyone in defense of our privacy.

I am optimistic :-)

jmichel5 (author)isherclub2015-04-21


"For all I know, Tor is an NSA/Google thinktank product that installs keystroke recorders and makes it easier to follow the very people who would be tempted to use this."

Conspiracy it maybe but this one may be true. My suspension was alerted when almost every large tech site was literally inviting the public or so to go to the deep web using Tor. They rant on the crime & all that exist but also that their are things that are like a candy to a baby.... ah so dazzling. Especially during the whole resetthenet campaigns, how they was just bringing it up as if its something to concern our self with.

spark master (author)dianad12015-04-21

eggszacktly! seriously. I don't like the NSA FBI CIA etc.checking out my underwear sizes or choices in condoms , but, I am more worried about data mining scum like... , well you know who THEY are dozens of them. Many you know most you do not. They are toe fungus and can be painful as said fungus.

Maintain a series of unconnected legend email accounts and a separate old crappy computer no one wants, just to do email and cruise websites, all while using what you found here. And stay off idiots reside here sites, like face book.

Cloud storage, read the 300 page privacy statements , read every word, in some cases it give the provider full access AND FULL USE of you Intellectual Property in Perpetuity. All for free and no advanced warning.

Anything you store in the cloud by law is searchable WITHOUT DUE PROCESS.

Apparently this was in the Patriot Act. So if it is in your home they can get a no knock, no inform search warrant, and look in your undies drawer or computer. But their could be minor problems if they do that and it comes to light. Cloud storage, emails, skype conversations are all free to peruse by the US government w/o due process.

WWGWD -What Would George Washington Do.

jest say'n

the-nsa (author)isherclub2015-04-21

Stop spreading FUD isherclub

bornozz (author)isherclub2015-04-19

:( you got to it b4 I did

absolutekold (author)2016-05-25

I feel the arguments against TOR (at least in this light) are similar to the arguments I've heard against PGP & GPG encryption. The raw code for GPG is available to anyone. It's still a really good choice for encryption because the math makes it that way. This applies to TOR so long as there are enough TOR routers that the chances of the end router, start router, source (you), or target site being compromised is statistically low. This is why I encourage people interested in this and who don't need all their high-speed bandwidth to buy a pi or a $100 atom server and host your own TOR node. The guberment did fund the start of TOR and then turned it over to the private sector. Why? Because they needed the additional traffic to hide their stuff. If only unka Sammy used it spotting all the super secret squrrel stuff would be easy. As it stands a lot of people use it so determining who is a snowden vs who is just someone looking at pron is pretty difficult.

Now I'm not saying there aren't problems with the implementation of the protocol in places and that your data can be hijacked before it enters / after it leaves the TOR net but just because the government once funded something (like the internet) doesn't mean that they control it to this day. The TOR foundation has been improving the code so that today looks very unlike it did when the Navy let go of it.

Just relying on something like TOR is foolish but that isn't because of TOR itself but because reliance in any one system be it TOR or a firewall or a particular OS is a single point failure when it comes to digital security & anon-ish-ness. There are still ways around TOR but it does what it was designed for, which is making in route tracing and decryption of signal very difficult.

unkerjay (author)2016-05-24

I would also add unless you're working FOR the government or law enforcement or national intelligence, defense, security THEN you can probably achieve a HIGH level of anonymity and privacy.

Seemed to work well for Snowden and Manning in what they were able to do, to get away with, without question. Although I suspect that's changed a WHOLE lot since.

unkerjay (author)2016-05-24

Just did a quick lookup and, unless I'm wrong "DARPA" net - "Defense Advanced Research Projects Agency" "" one of the founders of the internet is government is it not?

Tor, is a government project.

Attempting to achieve anonymity and privacy FROM goverment inside a government designed system using tools designed by the government, Isn't this a little like asking a thief to secure your holdings?

To me, it compares to the frustration of trying to conduct searches through for profit systems. Their first and foremost interest isn't the accuracy or relevancy of your search as much as the profit that makes their continued existence possible.

And on the other hand, there's the government ensuring that "sensitive" information, as defined by the government isn't leaked into the public domain (see: Snowden, Chelsea Manning,

Right up there with banks in bed with investors and for profit prisons.

Exactly whose interests are being represented?

It boils down, in degree, to who's watching the watchers?

Government doesn't always have My interests in mind, neither does the "freemarket", "representatives" seem to be most beholden to contributors.

Begs for me, the question of, where exactly is "independent" "objective" oversight?

And I would guess the best answer is, perhaps, the legal system. Not those who enact the laws, but, those who interpret them.

Seems, given these shortcomings, we have a right to use the means and methods available for our anonymity and privacy.

And, for all the resources available to thwart our efforts, the BEST solution?


It's exceptionally inconvenient, but, both private and anonymous. Far more than that which is gained from within the system.

About This Instructable



More by boompjes :Make yourself anonymous on the web!Making a website all about you with Visual Studio (HTML, CSS, JQUERY)
Add instructable to: