Free PrivacyOct 11 • Categorized as Asset Protection,Other
by Paul Rosenbaum, Cryptohippie
This is an odd thing for me to do, since I sell Internet privacy, but I want you to be protected one way or another. My service couldn’t handle every reader of this column anyway; we keep our system small enough to manage.
I’ll start with a short, important thought:
If you do anything offshore, you must protect your Internet communications.
We all more or less know this, but some of us are still waiting for hackers to jump in and solve the Internet’s problems. I know a lot of those folks and please believe me, that isn’t going to happen. And it’s long past time for it to happen anyway. Other people aren’t going to give you a free lunch. It would be ridiculous to assume such things in your business, and it’s foolish to assume it here also.
Okay, that said, here’s how to protect yourself for free. You do that with onion routing, and with a service/program called Tor. You can probably set it up in an hour or so.
Tor repeatedly encrypts and forwards data through several network nodes called onion routers. Each router removes a layer of encryption to uncover routing instructions, then sends the message to the next router where this is repeated. Intermediary nodes are prevented from knowing the origin, destination, and contents of the message. (Exit nodes know both the destination and the contents.)
Here are the steps:
- You can setup Tor most easily by using a second program called Privoxy. Download both programs. (Both are free.)
- Configure Privoxy to use Tor, then configure your browser to use use Privoxy.
- Reconfigure every program that will use the Internet for Tor. (Each of these programs must support either SOCKS or HTTP.)
- Re-download and re-install Privoxy every two months. (If you don’t, you’ll have problems.)
Here are a few things you should know in advance:
- Most Tor nodes are blocked at banking and credit card sites. So, you may have to turn Tor off for your financial activities.
- Every message you send over Tor will be in plain text at the exit nodes. In other words, it can be read. So, you’ll have to use PGP encryption if you want any security there.
- Tor breaks IP addresses and sessions. That means that things can stop working at random moments.
- Tor can be slow. Sometimes it won’t be too bad, other times it will be.
- Tor can include malicious nodes. When anyone can run a node, it’s not always nice people who do so.
That’s more or less all you need to know to run Tor.
THINGS NOT TO DO
- Don’t use free proxies. There were lots of free proxies in the 90s, and when the Internet was small and had a community atmosphere, they were very cool. Since then, lots of less trustworthy people have come along and opened free proxies for gathering valuable information. The operator of the proxy can be anyone, after all, and you have no way of knowing who.
- Avoid cheap proxies. Unless you’re using another layer of protection in front of them, avoid low-priced proxies. Cheap proxies are all single-hop services, with only one server between you and the Internet. That’s almost no protection at all against data thieves watching from two points. (Tor provides multiple hops always.)
- Don’t use US networks. The US and UK are among the worst locations for Internet servers. They have the ability and the will to grab and save everything. It just isn’t worth it. (FYI: You cannot configure Tor to avoid US/UK exit nodes.)
REPRISE: DO SOMETHING
Pick your technologies and start using them. I won’t even bother telling you the truth about what’s happening with your Internet traffic – you’d think I was trying to scare you into buying my service. It’s bad… very bad. So, do something.
If you want to try my service, we’ll be glad to give you a free trial. But after that, you’ll have to pay. We run a professional service and we provide customer service. No one can do that for free.
Editor’s Note: For updated information on this and related topics, see our new website: PremierOffshore.com