Introduction: Automatic Anonymous Wifi
This Instructable will demonstrate a method of automatic wireless anonymity using two security applications.
Step 1: Downloading the Applications.
Image source: https://commons.wikimedia.org/wiki/File:Tor-onion-network.png, used with permission (https://privacycanada.net/).
The two applications we will be using are called MadMACs and TOR.
When a computer connects to a wireless network it usually obtains an IP through a DHCP server, which is basically just a method of providing dynamic IPs so that everyone does not have to sit down and figure out what IP everyone else is using and then manually set one on their own machine. When a request is made to a DHCP server two pieces of information are recorded, your MAC address and your hostname. What MadMACs does is randomize both of these for you automatically every time you boot, or every time you manually tell the software to do so.
Once your computer is connected to the network, randomized or not, most of the traffic leaving your PC is in the clear. So any network admin, or *nix user with free software can eavesdrop on everything you do. TOR solves this problem through a suite of applications that anonymize your connection point and encrypt all your traffic.
So with both pieces of software installed you have hidden your identity from the network, and made all of your traffic unreadable by anyone else on the network you have chosen to connect to.
(Sorry, no how madmacs works, but then its pretty self explanatory)
Step 2: Installing and Configuring MadMACS
For the normal user the MadMACS installation is pretty straightforward.
You just click OK or YES for all of the options, making sure you select your wireless card for randomization.
At setup window 5 in the MadMACs program you are given the option of typing in a prefix for the the MAC address randomized. This just identifies the brand of the MAC to the DHCP server, you can find a database of prefixes here
Advanced, paranoid users :
For super paranoid users who rightfully do not trust precompiled code from virtually unknown publishers, the source is provided with the compiled program. I've made an instrutable on how to do this.
The compiler is available from AUTOIT, here. You want version 3.
Step 3: Installing Tor
Installing TOR is as easy as installing any other program. So just keep clicking next until it is completely installed.
The difficult part is configuring your programs to use it.
Here are a couple screenshots of the Tor installation program, don't worry if your version numbers are different, and leave all the options checked.
Step 4: Configuring Your Programs to Use TOR
TOR is an anonymizing program which is interfaced through a proxy that is included with the suite.
If you use Firefox it is incredibly easy to start using TOR, all you have to do is go to the Tor Button addon page, and install it. Then whenever you need to browse anonymously (and securely) you just click the tor button and you're all set.
For your other programs, you need to look up how the program interfaces with proxies, and manually enter the information. Since there is such a wide variety of programs people use I won't list any here, but I will provide details upon request. Just leave a comment with the program name and I will reply with a brief how-to.
Proxy Details for TOR ::
localhost port 8118
Or, 127.0.0.1 port 8118
I've added three examples for programs I think are still somewhat popular, each are two pictures with comments. First two are Aim, second two are MSN, third two is Pidgin the gaim successor.
Step 5: Make Sure Its All Working.
My basic self test is to point Firefox to Whatismyip and make sure its not my home IP. to test it in the field, toggle the tor button while hitting your refresh key, when the tor button is on it should be a different IP from when its off.
If all works out, your laptop will now boot with a randomized MAC and hostname, and TOR will start and allow you to encrypt all your traffic.
It was bought up that TOR exit nodes could still eavesdrop on your traffic. For secure web browsing through an exit node you can use sites such as http://www.conceal.ws/ which encrypt the traffic through your entire session. More sites such as this one would be appreciated.
Any problems, feel free to comment.
Thats it for now, stay anonymous.
24 Comments
5 weeks ago
One of the standout features of Utopia P2P private browser is chatGPT. ChatGPT is an AI-powered encrypted messenger that enables users to send text messages and files to one another anonymously. The chatGPT function uses natural language processing techniques to generate conversational responses, making it feel like a real-person chat. This feature enhances privacy and reduces the risks of hacking and phishing scams.
8 years ago on Introduction
HI,
When should I randomize my IP. Before I connect? After? During?
15 years ago on Introduction
How about a way to hack into secure networks
Reply 14 years ago on Introduction
thats what im looking for too. all the strong signals are secured, anyone got any tips?
Reply 8 years ago on Introduction
Thats cyber terrorism - don't do it
Reply 15 years ago on Introduction
That could be a separate instructable, I really just wanted to focus on a simple way to mask yourself on open wifi networks that you might stumble onto.
8 years ago on Step 4
So how do I configure BlueStacks Android App player to connect through Tor to use apps like Instagram?
11 years ago on Step 4
About Pidgin....
the Torrify FAQ on https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorifyHOWTO/InstantMessaging specifically says: "Do not use the SOCKS 4 setting; this leaks DNS."
So probably it's not a good idea to go this way.
I'm also looking for how to configure Pidgin with Tor.
13 years ago on Introduction
This will go great with my biquad antenna, now the coffee shops downtown will never know what hit them :P
Reply 12 years ago on Introduction
also here: http://urbanwireless.info/antennas
15 years ago on Step 1
You forgot to mention the FACT that even though TOR dose encrypt all of its traffic from NODE to NODE with a different key between each node IT DOSE NOT HOWEVER ENCRYPT THE DATA ENTERING AND EXITING THE NODES! this being fact you are at the disposal of anyone interested in setting up a node to analyze the traffic. Dan Egerstan demonstrated this publicly just recently even though this has been know for some time, out of pure common sense. to over come this simply encrypt your dam connection on the way in! THIS IS THE ONLY EFFECTIVE AND SAFE WAY TO USE TOR! this info is clearly stated on there main website
Reply 14 years ago on Introduction
tor 'does' encrypt data from the initial service running locally to the first point of entry to the 'mix', you must be confusing this with the exit node sending the request in the native format of the protocol used to make the initial request. ie, tor provides anonymity, not security. If you want security, then make sure that you are using a secure protocol.
Reply 13 years ago on Step 1
The other part of TOR that is being missed here is that no single TOR node can be used to incriminate anyone. The only node that can decrypt data is the end node and this node is prevented from knowing the senders identity by the protocol.
This works because the only information anyone can have is either(not both ever) your IP address(the entry node) or the data(the exit node). This gives a level of anonymity since someone would have to be able to compormise your start and end node and identify your TOR route. This is pretty much infeasable(notice I didn't use impossible).
The tor software also incorporates plugins that prevents software like flash or java from running. This is designed to prevent that software from embedding identifiable data into packets(mac, ip address, domain info, hardware ids, etc) that could compromise anonymity.
All in all, if used right, TOR provides an excellent source for anonymous browsing. In countries like the US this really isn't needed unless you are doing something illegal but some countries have strict censorship and it allows those people to bypass this and experience truth they way they want to see it.
*It should be noted for perspective that in their country what they are doing is likely considered illegal whether WE think it should be or not.
Reply 15 years ago on Step 1
RE: Read the purpose.
14 years ago on Step 3
One thing that can definitely help with the TOR setup complexity is to download TOR Browser, which is a bundle with Vidalia, a pre-configured version of Pidgin (for IMs), and a pre-configured version of Firefox Portable. It doesn't interfere with current installations of Firefox, and it will automatically open and close Vidalia when you open and close the portable version.
Also, the portable version of Firefox seems to be configured to not log any history, cache, or cookies (it doesn't matter what the settings are set to in it as well).
Reply 14 years ago on Step 3
Awesome constructive comment. Thanks for the input!
15 years ago on Introduction
I think changing your network card's MAC addy after boot would be a good idea before connecting to any unknown wifi APs. IIRC privoxy should forward all traffic through tor and will deal w/ DNS requests. Some web browser plugins can also be used to betray your location. Tor isn't perfect, and an attacker wth sufficient resources can demonstrably compromise the network. Tor also publishes a list of their exit nodes IIRC, so someone can just blacklist all of those in order to have users connect through some other method besides tor.
15 years ago on Introduction
Remember that your DNS requests is not handled by TOR and can be intercepted like any other local traffic. This means that your local sysadmin can still see that you surf to stileporn.com regardless of TOR or not.
Additionally TOR doesn't give encrypted end-to-end connections. As soon as your traffic exits the last point of the links of TOR-machines you are unencrypted on the internet as usual. The guy that runs the end-node can see all your passwords to http-sites and your login/passwords for your mail.
So in some cases you are more secure using your local ISP directly than routing it through the TOR network. I rather trust my local ISP to not listen in to my traffic and using that gained information in a bad way than I trust a random guy that runs a TOR exit node that he might have setup just to sniff peoples passwords.
But if you are only using HTTPS-sites, and you use a mail-client and -server that allows for encrypted logins/passwords you should be safe using TOR.
Reply 15 years ago on Introduction
Yeah, but the whole idea here is to hide yourself from the random wifi network you connect to on the side of the road, or the wifi youre leeching off the network next door. True at home I don't use any of this, those examples are just for testing. PLUS if you set it up correctly it does handle DNS, and for most people they only have to worry about DNS when browsing online sites, and the TOR button described in step 4 covers this. Here is a relevant quotes : "Using Privoxy is necessary because browsers leak your DNS requests when they use a SOCKS proxy directly, which is bad for your anonymity. Privoxy also removes certain dangerous headers from your web requests, and blocks obnoxious ad sites like Doubleclick." This is the reason we install the whole suite and not just the tor anonymizer. Plus, most websites and programs no longer send their credentials in the clear anymore, the traffic the exit node would be able to sniff would be instant messenger logs and unencrypted web traffic, which is generally inconsequential. But really, all this is beyond the scope of this Instructable, all I was really trying to accomplish is 'automatic anonymous wifi' which is what this provides at your entry point.
Reply 15 years ago on Introduction
Fair enough, I missed the picture with the privoxy - I usually read the text, not look at pictures :-)
But still I think it's important to educate people that TOR is not something that magically encrypts their traffic and makes them 'secure' on the net. Remember what happened to all dos embassies a month ago?
Most websites doesn't have https-pages for logging in. Some, like banks , gmail, hotmial and facebook does, but take intructables.com for instance. No https nor any encryption done in the javascript on the login-page. All info is sent in cleartext. Most "forums" and other lower level membership sites doesn't have any https for login.
And both the mail itself and the authentication credentials are in cleartext 99 times out of 100%.
But, as you said, if this instrucable is "How to leech your neighbours wifi without exposing yourself to him" and you don't care about security then this is a fine instructable.