Forgot your password?
typodupeerror
The Internet Privacy

Dissidents Seeking Anonymous Web Solutions? 684

Posted by Cliff
from the browsing-without-regard-for-politics dept.
DocMurphy asks: "I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes. Many have in-home Internet access, but think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites. Dissidents not only want to remain anonymous themselves, but also wish to not compromise the sites they access. Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime run Internet access?"
This discussion has been archived. No new comments can be posted.

Dissidents Seeking Anonymous Web Solutions?

Comments Filter:
  • by garcia (6573) * on Friday May 13, 2005 @03:39PM (#12523116) Homepage
    Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites.

    I would think that Internet Café "spies" would be more useful than keyloggers to the authorities looking for dissidents. Unless these connections are somehow routed through multiple anonymous/encrypted proxies and hopping through open WAPs I really don't believe that a public terminal is in any way "safe".

    A stalker that I had earlier this year was easily located via tracking his IP and figuring out which coffee shops and libraries he was using. The libraries all went through a single county-wide proxy and narrowing his location down on a Sunday was easier than you could possibly imagine (all satellite locations in the county were closed except one).

    If I could track someone down that easily imagine what the members of a Gestapo looking to do more than end some harassing emails could do, especially when they might have a network of spies watching public access locations in person.
    • You know, that shirt you're wearing right now is kinda tacky.

      wait. whoops.

    • that's the point of the "internet". Tt is a public network. Traffic gets routed through other peoples routers. Almost any "interent" traffic can be subjected to man-in-the-middle attacks at the routers. Even if it is encrypted, they can go to one end (source or destination), break in, and install a keylogger or listener to capture the key and decode a message after the fact.
      • 1) Find a friend in America
        2) Have them run a website that has plauslbly-reasonable ssl content (a fake store or whatnot).
        3) Run an ssl over http tunnel to them.
        4) Enjoy your uncensored ssl connection. ... oh, what the heck:

        5) ?????
        6) Profit!
        • 5)Friend turns paid informant to the opressive government.

          That will garuntee 6.
        • by WhiplashII (542766) on Friday May 13, 2005 @04:17PM (#12523603) Homepage Journal
          Even better:

          1. Have a PC with a CDROM drive.
          2. Rent or borrow an SSH account outside the country.
          3. Boot PC using KNOPPIX (do not load hard drive)
          4. Open a connection through SSH that forwards a local to an anonymous proxy at the far end.
          5. Use 127.0.0.1 as your proxy address.
          6. Surf away!

          When done (or if the government busts in!), reboot your computer - no traces left. (Knoppix stores everything in RAM).

          Keyloggers do not work against you, because you are booting from known media. (On the other hand, if the NSA REALLY wants you, they will hack your bios - but no one else is probably that anal).
          • by Anonymous Coward on Friday May 13, 2005 @04:48PM (#12523977)
            http://www.keyghost.com/sx/ [keyghost.com]
            This device will happily log all your keystrokes whatever media you decide to boot from.
          • by TubeSteak (669689) on Friday May 13, 2005 @05:02PM (#12524167) Journal
            If they're really after you, they'll scour your RAM for whatever recoverable material is left behind.

            RAM isn't completely recovery proof.

            Now... as for the original question, isn't this what freenet was supposed to be for?

            Freenet is free software which lets you publish and obtain information on the Internet without fear of censorship. To achieve this freedom, the network is entirely decentralized and publishers and consumers of information are anonymous.
            ...
            Users contribute to the network by giving bandwidth and a portion of their hard drive (called the "data store") for storing files. Unlike other peer-to-peer file sharing networks, Freenet does not let the user control what is stored in the data store
            In other words, the site is published by you, but hosted on some other freenet member(s) box.

            That was the entire point of freenet, to allow for truly anonymous publishing of material.
            Oh yea, and don't forget to check the "Post Anonymously" box

          • by Jack Taylor (829836) on Friday May 13, 2005 @06:28PM (#12525064)
            Knoppix stores everything in RAM

            Not entirely true. Knoppix searches for and uses existing unix swap partitions. To stop it doing this you should pass the 'noswap' option at boot. Look at the Knoppix Cheat Codes page [linuxtag.org] for evidence, and for other boot options.
          • When done (or if the government busts in!), reboot your computer - no traces left.

            I'd be extra paranoid and make sure to power off the computer, not just reboot it, to be sure all the RAM is reset. If they're super-cunning they could salvage incriminating data from it.

            You could also go one step further on the keylogger protection and have your own USB keyboard that you carry around with you. Keylog that! :D Or even just buying a keyboard that you can't take apart might work. Have a look at this [thinkgeek.com] and t [thinkgeek.com]
      • Check out http://freenet.sourceforge.net/ [sourceforge.net]

        Its' free software which lets you publish and obtain information on the Internet without fear of censorship. To achieve this freedom, the network is entirely decentralized and publishers and consumers of information are anonymous. Without anonymity there can never be true freedom of speech, and without decentralization the network will be vulnerable to attack.

        Communications by Freenet nodes are encrypted and are "routed-through" other nodes to make it extremely
  • No, Think about it this way. The Internet is made by humans, using human reasoning it has a method of communicating with your computer and an other computer at a different location. So if they really want to see where you came from they will follow your traffic. It might take time, money and legislation but it can be done, if they truly want to track you down. It is a question of are you worth the effort. The only good method is to take citizenship in a location which it is legal to say your point of
    • So if they really want to see where you came from they will follow your traffic

      Um... unless a step (or steps) along the way are engineered specifically to route in a way that doesn't provide for that, and leave no logs of any kind. Yes, someone could watch all traffic going into and out of all paths surrounding such an anonymizer.

      But that's not a free speech issue, and of course, criminals can use it, too, engaging in activities that are definately not protected by free speech principles.
  • by Anonymous Coward
    I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes.
    Democrats?
  • by Anonymous Coward on Friday May 13, 2005 @03:40PM (#12523127)
    Your parents' basement is not an oppressive regime.

    Love,
    People suffering under the oppressive regimes of employers
  • wireless (Score:2, Insightful)

    by Umbral Blot (737704)
    Open wireless nerworks wouldn't work because?
    • Re:wireless (Score:4, Insightful)

      by gstoddart (321705) on Friday May 13, 2005 @03:43PM (#12523185) Homepage
      Open wireless nerworks wouldn't work because?

      Connected to what when the government tracks everything and owns/controls all of the nations connectivity?

      You may as well have suggested FDDI or gigabit ethernet would solve the problem.

      Once you're inside of a 'repressive regime', it's a lot more difficult to circumvent than just pick a new network layer.
    • You are braudcasting your computer like a sore thumb to the spies. Hmm who is using wireless today. Well lets get out our pingle can and bingo!
    • Re:wireless (Score:5, Insightful)

      by kouhoutek (836370) on Friday May 13, 2005 @03:51PM (#12523278)
      Beacuse:
      A. Repressive regimes may not have a lot of unsecured open hotspots.
      B. Repressive regimes may not have an abundance of wireless enabled laptops, and possessing one would draw attention.
      C. Going from "inside the internet cafe" to "within 150' of the internet cafe" doesn't get you that much. Repressive regimes are pretty good with triangulation.
  • by maharg (182366) on Friday May 13, 2005 @03:40PM (#12523141) Homepage Journal
    write it in advance, take it to the cybercafe on a floppy, pgp it, email it to someone you trust (or an automated publisher)
    • oops, meant pgp, then put it on the floppy
      • by FreezerJam (138643) <smithNO@SPAMvex.net> on Friday May 13, 2005 @04:06PM (#12523470)
        Just beefing that up a bit...

        In general keep needed software and materials off the machine, on usb key only. Ideally, use an OS with no swapping. Keep the USB key in a shielded housing when not in use to prevent locating it due to active components.

        Regularly use the machine for innocuous activities, so that there is a record of something. Regularly use an identical usb key with the system, to provide cover in the event you are seen with the device (see below), and to provide a reason for any needed drivers on the machine.

        To send...

        1) write it in advance
        2) PGP it
        3) steganographically hide it
        4) take it to the cybercafe on a floppy/usb key
        5) upload it to a public place where everyone can see, so it is hard to track receipt
        6) Afterwards, out-of-band relay to a contact where to find it. If you relay ahead of time, a compromised contact could leak where to look for you. THIS IS THE HARDEST PART. It is effectively your key-exchange process.

        For receipt...

        1) Beforehand, find out where to look for what. THIS IS THE OTHER HARDEST PART. It is effectively your key-exchange process.
        2) at cybercafe, download uninteresting materials
        3) at home, de-steg and de-crypt
        4) store only if needed on key

        Regularly upload and download un-steg (no payload) and random steg (random payload) materials to defeat traffic analysis.

        If you have any time left over after all this, you can use it to be a dissident. However, you should regularly do other things such as get a job or have a family to provide a plausible reason for your existence.
        • by rizzo420 (136707) on Friday May 13, 2005 @04:58PM (#12524100) Homepage Journal
          to add to that wonderful list... use different cybercafes in a random manner... don't use the same machine at any cybercafe.

          also, try using one of those secure usb key's (lexar has one). and always do boring, mundane stuff while you're at the cafes, even when you go for the main purpose, start up a normal browsing session before you upload anything and flip back to it during the transfer.
          • by Anonymous Coward on Friday May 13, 2005 @05:41PM (#12524603)

            use different cybercafes in a random manner... don't use the same machine at any cybercafe.

            Bad idea.

            If you naively use the same cybercafe each time, the police will be able to watch the cybercafe, observing who is attending whenever the suspicious stuff happens, therefore you will be found quite easily.

            If you visit different cybercafes each time to avoid this, the police will simply watch a few local ones. You will show up at each one when the suspicious stuff happens. It takes a few more policemen, but you actually get caught quicker.

            Another solution is to use the same cybercafe each time, but do so during lunch hour, and use one near to a school or something. Basically, you want to have your visits coincide with a lot of people at the same time, and the same people each time.

            Of course at this point, the government will simply run a check on each observed person and find that you have a computer and internet connection at home, which means that there's no reason for you to be visiting a cybercafe.

            The problem is that the police can predict your visits. If you wait a few months in between suspicious activity and there is no CCTV, then you can be reasonably certain the police won't be able to find you, as long as you don't use the same one each time. Presumably the police don't have the resources to track who uses which cybercafe at any given moment.

    • The only issue I see with that is that it is possible to detect (though not decode) encryption. If a repressive government sees a particular pattern coming from a particular cybercafe, they'll start watching more and someone could still be in trouble under the "well why would you encrypt it? You must be a dissident!" assumption. That could be just as bad as if they were leaving it unencrypted....
      • Hide it in an image (Score:3, Interesting)

        by FhnuZoag (875558)
        I remember some software that could hide messages in graphics files, by subtly editing the values of some pixels. Then, if the other side has a copy of the image, they can subtract them to find the difference, and decode the image.

        So, your scheme would be to send an image, and then, some random time later, to send some information using this image. Double encrypting might work too. As long as you aren't already under suspicion, I doubt anyone has the time to check for people sending duplicate graphics file
    • Would Blogger's [blogger.com] post-by-email feature count as an automated publisher? A secure HTTP proxy, like MegaProxy [megaproxy.com], might be an alternative. I suppose that how anonymous it is depends on 1) how determined the regime is to know what you're doing, and 2) whether the remige is blocking proxies.
    • by Simonetta (207550) on Friday May 13, 2005 @04:07PM (#12523485)
      write it in advance, take it to the cybercafe on a floppy, pgp it, email it to someone you trust (or an automated publisher)

      This wouldn't work in the People's Republics where sending and receiving encrypted messages is illegal.
      In this case, perhaps encrypting the message and putting the message inside a photograph using a stegnography program would work for a while.
      Eventually the police will learn about stegnographic programs and test all photos leaving the country on the web for any messages. There aren't that many commercial steg programs around.
      In brutal repressive regimes, the primary means of gathering information on the resistance is through informers. Eventually the police arrest everyone and offer them the deal of either spy on your neighbors and friends or rot in prison forever. The former East Germans were the masters of this. Almost everyone was forced to spy for the secret police. When the government fell the people first burned down the internal security headquarters and the files. The Israelis also use this technique to control Palestine. But they are far too heavy-handed to be effective.
      Assume that the best scientists and engineers will be working to spy on people. The police can easily arrest these people for imaginary crimes and then offer them special treatment in exchange for their willing co-operation. An excellent novel on how this works is The First Circle by Aleksandr Solzhenitsyn, writing about the slave labor camps for scientists in the Stalinist USSR.
    • by Krunch (704330) on Friday May 13, 2005 @04:35PM (#12523826) Homepage
      Maybe Tinfoil Hat Linux [shmoo.com] could be useful to someone after all.
  • Onion Routing (Score:3, Informative)

    by Anonymous Coward on Friday May 13, 2005 @03:40PM (#12523144)
  • I can see it now:

    Chekov: Excuse me I'm looking for the nuclear wessels

    Chekov: Nuclear wessels.
  • ...but what about Metanet?

    (I'm not even entirely sure if its for real, but hey!)
  • Freenet (Score:3, Insightful)

    by TheRedHorse (559375) on Friday May 13, 2005 @03:41PM (#12523157)
    Freenet is the only solution I can think of, although it seems much slower than the common internet, and I'm not up to date on what content's available, but this is what freenet was made for.

    http://freenet.sourceforge.net/ [sourceforge.net]
  • by Silverlancer (786390) on Friday May 13, 2005 @03:42PM (#12523169)
    PeaceFire [peacefire.org] distributes a free program called the Circumventor which can be used (by running it on a server in a free country) to safely and securely proxy out of a firewalled nation like China.
    • by gstoddart (321705) on Friday May 13, 2005 @03:48PM (#12523247) Homepage
      PeaceFire distributes a free program called the Circumventor which can be used (by running it on a server in a free country) to safely and securely proxy out of a firewalled nation like China.

      I'm curious about this --- if in a nation like China all of the packets are routed through government owned machines, how would sending a proxy to a foreign machine circumvent them? All of your data still passes over the network in the country. The IPs of your foreign host could be blocked.

      I'm not dissing you, I'm just not 100% sure of how easy it is to bypass that. On the surface, depending on how they implemented it, I should think that's kinda like bypassing the phone system in my country so I can use another --- I still need the phone system I'm wired into, no?
  • Tor (Score:5, Informative)

    by Tack (4642) on Friday May 13, 2005 @03:42PM (#12523170) Homepage
    Look at Tor [eff.org]. It works well.

    Jason.

    • Re:Tor (Score:4, Informative)

      by geminidomino (614729) * on Friday May 13, 2005 @03:48PM (#12523252) Journal
      If it works at all.

      Wholesale blocking of Tor nodes as they are identified has become popular because, like anything remotely useful, it's been abused by spammers, stalkers, and other general asshats.
      • so. invent something better that isn't subject to these abuses.
        • Re:Tor (Score:3, Insightful)

          by geminidomino (614729) *
          Interesting suggestion, but pretty much undoable. You can't have both anonymity and keep the bad guys out, since if you have a way to ID the bad guys, you have a way to ID the good guys. It's a trade-off.
      • Re:Tor (Score:3, Informative)

        by elemental23 (322479)
        As far as spam goes, Tor nodes will be blocked only by mail server admins who don't know how Tor works or that the default exit policy is to disallow outbound port 25.

        Details [noreply.org]
    • by freality (324306) on Friday May 13, 2005 @04:03PM (#12523427) Homepage Journal
      Neat idea.. perhaps there should be a Tor-Over-Steganography platform, to prevent the identification of Tor usage or some other method of information hiding. Otherwise, a regime can just shut down Tor(-ish) traffic.

      I guess the best way to get your message through the iron (red?) curtain is to piggy-back it on whatever the highest-volume public information stream is. That way the baddies would have to shut down all of that traffic and risk a large public pushback.

      In the case of China, I hate to say it, but if it's true that a lot of spam is outbound from their country, that would be an ideal place to hide information. Lots of spam has randomly generated text, so altering the frequency of that text in a fashion known only to sender and receiver could be used to encode an information channel, over which you could run a simple unicast stream, or something more decentralized, like TOR.
      • Hmm... I wonder how much of the random chinese spam IS coded disident info. Its like hiding your gold in a wheelbarrow full of manure. It would be almost imposible to find the one intended recpient in the midst of a millian nigerian scam letters. I guess a better analogy would be the classic spy cliche of putting a secret message in the classifieds.
  • I'm working with some dissidents

    Congratulations, Carnivore just found a new snack.

  • by HighOrbit (631451) on Friday May 13, 2005 @03:43PM (#12523186)
    Between IP-Addresses, MAC addresses, and dial-in-numbers, there is no anonymity on the internet. Any feeling of anonymity is an illusion. Best not to risk your life if a regime is that oppressive. Not even encryption is safe, because as you mentioned, keyloggers and silent listeners can capture passcodes and keys. If you must pass information, try it the old fashioned way - person to person or with a trusted intermediary.
  • by El_Smack (267329) on Friday May 13, 2005 @03:43PM (#12523188)
    ...cause there isn't enough tinfoil in the world for guys like this.
  • ssh (Score:3, Informative)

    by delirium of disorder (701392) on Friday May 13, 2005 @03:44PM (#12523194) Homepage Journal
    Google for free ssh connections, and chain a few of them together just to be sure. I run a free shell service myself (but its currently down for upgrading).
  • by js7a (579872) <jamesNO@SPAMbovik.org> on Friday May 13, 2005 @03:44PM (#12523198) Homepage Journal
    From http://doc.asf.ru/Tools%20&%20Utilities.htm [doc.asf.ru]
    Corkscrew [agroman.net] (Unix, Windows) : Tunnel SSH connections through an HTTP proxy.

    Curl [curl.haxx.se] (Unix, Windows) : Utility who permits to easily download and upload files by using different protocols: FTP, HTTP, HTTPS, Telnet, LDAP, ... Also supports proxies, cookies, authentification, resumes, ...

    DesProxy [sourceforge.net] (Unix, Windows) : Tunnel TCP connections through an HTTP proxy, eventually by converting SOCKS requests.

    FizzBounce [team-teso.net] (Unix) : TCP redirector through HTTP proxies.

    HTTPort [htthost.com] (Windows) [Closed source]: Tunnel TCP connections through the HTTP protocol, by simulating a SOCKS server, and by eventually using an intermediate server.

    HTTPTunnel [nocrew.org] (Unix, Windows) : Bidirectionnal tunnel through HTTP requests, eventually through an HTTP proxy.

    LibCurl [curl.haxx.se] (Unix, Windows) : Library who permits to easily download and upload files by using different protocols: FTP, HTTP, HTTPS, Telnet, LDAP, ... Also supports proxies, cookies, authentification, resumes, and lots of languages: C, C++, Perl, ...

    MultiProxy [multiproxy.org] (Windows) [Closed source]: HTTP proxies tester. MultiProxy can be used as a proxy server who use a different proxy for each request.

    Numby [team-teso.net] (Unix) : Scanner for HTTP vulnerables proxies.

    Proxomitron [proxomitron.org] (Windows) [Closed source]: Scanner and redirector through HTTP proxies, who can also delete or modify informations contained in HTML transferred pages. For example, this permits to easily filter automatic popups, DHTML or JavaScript.

    ProxyTools [sourceforge.net] (Unix, Windows) : Set of Perl utilities, who permits to use, sort, test and search for HTTP proxies.

    TransConnect [sourceforge.net] (Unix) : Transparently tunnel TCP connections through an HTTP proxy.

    Zylyx [team-teso.net] (Unix) : permits to access to files through HTTP proxy caches.

  • Get a server outside the regime. A dedicated linux or windows server is perfect for this.

    Then simply connect to this server using an encrypted connection such as SSH, X over SSH, Windows Remote Desktop, or whatever.

    Use the remote box for all your activities.
  • If you've gotten to the point where you're really worried about being caught and persecuted, perhaps the internet is not your safest bet, due to every reason being posted here, ie: keyloggers, etc. As much as you'd like to change your world, the "system" isn't going to make things easy for you to overthrow it. And the internet is very much a part of the "system." Unless you're ready to string up your own network and create a rebellion intranet, you're out of luck.

    Just do what they do on the Sopranos: keep it low tech, use payphones, meet in person. If your cause it that important and you need to spread information, may I suggest a major leaflet campaign?
    • by Kphrak (230261) on Friday May 13, 2005 @05:30PM (#12524490) Homepage

      Couldn't agree more. As nerds, it's easy to recommend gimmick after technological gimmick. It's not so easy to imagine ourselves in a repressive regime. Consider that the very possession of cryptographic software, or even a computer, in some countries marks a person, if not as guilty, at least as under deep suspicion. I have heard that in North Korea, probably at this point the most repressive regime on the planet, radios are forbidden to all but a select few for fear that the populace might hear Voice of America or something. With restrictions like this, arguments on whether the dissident should use FreeNet or Tor suddenly sound pretty stupid.

      As the parent poster quoth, movies about the Mob show an excellent example of information security. The top people only talk to a few guys, who talk to a few more. In "The Godfather" (the book), Don Corleone won't even use a telephone because he's afraid the FBI will be able to splice together tape to frame him even if he reveals nothing over the phone. Now that's paranoid.

      The best way not to get busted is not to fall under suspicion (in a truly repressive country, once you're suspected, you're already tried, convicted, and headed for prison or worse). And if you get caught, the next best thing is not to know your fellow dissidents, so the authorities can't make you sing.

  • I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes.

    I'm surprised that repressive regimes allow Internet. Or wait, am I thinking of oppressive regimes. Or surpressive regimes... Damn I always get my regimes mixed up.

    Anyways, tell them to play EverQuest - that will make them forget about the regimes. Although then they'll have to worry about repressive clans and PK'ers.

    • tell them to play EverQuest

      Actually, that may not be such a bad idea. Anyone trying to be inconspicuous watching will see you are playing a MMORPG. All the IP logs will also show it. However, it's who you contact while playing that is the key. So, provided the "friends" are also online, then they can be contacted.

      OK, so it's a bit of security through obscurity, but it may work.
  • by ebrandsberg (75344) on Friday May 13, 2005 @03:47PM (#12523232)
    If you assume that any "public" PC is infected with a key logger, then you can NOT guarantee any level of protection, as they can always find the names of sites you type in, etc. You must have some level of trust on the PC before you can consider any solution. Beyond that, you would want to make use of an encrypted connection to a proxy or vpn outside the control of the regime, then access the content from there.
  • by realmolo (574068) on Friday May 13, 2005 @03:47PM (#12523233)
    If you want to communicate with your fellow dissidents in secret, just broadcast it through a UPN affiliate. I guarantee NO ONE will ever see what you're up to.
  • Next Time (Score:2, Insightful)

    by zepmaid (694112)
    Dear DocMurphy, Next time, please submit stories as AC. Posting your email address on the front page of slashdot is a poor way of achieving anonymity.
    • Alright, the first idiot gave us his email address... now lets break him and get some more names, so we can find out how retarded these other dissidents are.
  • by nekoniku (183821) <justicek@@@comcast...net> on Friday May 13, 2005 @03:50PM (#12523267) Homepage
    Olvesay the oblempray.
  • by Tenebrious1 (530949) on Friday May 13, 2005 @03:52PM (#12523294) Homepage
    Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime...

    Which oppressive regime, the RIAA or MPAA?



  • I'm surprised I haven't seen a mention of steganography yet in this discussion.

    Properly implemented, stego can be used quite effectively to communicate secretly on the Internet.

  • There is no point (Score:2, Insightful)

    by ahdeoz (714773)
    There is no point in being a dissident if you choose to remain anonymous. How is anyone supposed to know what your motives are if they don't know who you are. And if you really care about the things you say, then you should be willing to take a stand for it. Any anonymous "dissention" is on par with raving on usenet and somewhere beneath private grumblings. Anonymous action, yes, can produce results. But anonymous words aren't worth the electrons they're displayed with.
    • by gstoddart (321705) on Friday May 13, 2005 @04:20PM (#12523622) Homepage
      There is no point in being a dissident if you choose to remain anonymous. How is anyone supposed to know what your motives are if they don't know who you are. And if you really care about the things you say, then you should be willing to take a stand for it.

      Spoken like a true Westerner I'm thinking.

      In countries where you can stand up and say your government is a bunch of idiots, there is no harm in not being anonymous.

      But if this can lead to prison, death, torture, disappearance, or all sorts of ahem inconvenience cough, then anonymity is what you want.

      What good is saying "if you have anything of value to say, be public about it" if everyone is eventually dead and too afraid to say anything?

      Sometimes just making sure someone hears the words is important. As is making sure those who need to say 'em are alive to keep saying 'em. Deciding that anything that can't be said out in the open isn't worth saying is probably a real disservice to peoples who absolutely cannot do that.

  • How can one make sure that a perfect system will not be used by terrorists and human smugglers, child pornographers to hide their activities. This may be classified as "choose between the two devils"
  • by gremlins (588904)
    i2p [i2p.net] is exactly what you are looking for. However it is still in a very very early stage of development.

    Once it is done though you will be able to do everything on the internet anonymously, like download television torrents [slashdot.org]

    So to speed things up some of you Java developers should volunteer.
  • 1) Satellite Phones: Use an Iridium phone while driving around to avoid location. They are very slow, but should work find for text based sites--assuming you download them for latter reading. 2) USB WiFi adapters. In the Internet Cafe, quietly slip a Usb Wifi adapter onto the pc and activiate internet sharing. That way you can park along side the cafe and surf, without anyone know who you really are. 3) Hidding information in Jpegs. Have an outsider hide the information in harmless seeming websites
  • Seriously (Score:2, Insightful)

    by Anonymous Coward
    DocMurphy you are an idiot. You are talking about working with people to commit treason against oppressive regimes. Maybe you don't understand what an oppressive regime actually is or something but here is a hint: they don't have and problems killing people. You are not only proposing to work with these people across international lines but then you post a question to slashdot about how to help them. Assuming you think you are serious and not just posting the question to generate responses, do you even
  • Knoppix! Or any other bootable CD will get past any keystroke loggers that are not hardware based.
  • Just speak in code that makes your communications look banal.

    Hey, Joe what's up? I'm walking my dog in the park tomorrow at noon...
  • by ReverendLoki (663861) on Friday May 13, 2005 @04:07PM (#12523482)
    Regarding keystroke loggers on public terminals - if you can gain access to do so, you could reboot the machine with Knoppix or another live CD to circumvent software loggers above the BIOS level, though it won't help against hardware loggers (a brief visual search can rule out most of those, as long as you can trace the cord to the back of the machine). From there, a secure encrypted connection to a "free world" site should cover you, electronically.

    However, even this will leave you open to IP tracing (should a stream of encrypted traffic raise any flags), as well as wandering busybodies/spies/anyone willing to report your ass for a reward. Just a thought.

    • by zr-rifle (677585) <zedr AT zedr DOT com> on Friday May 13, 2005 @04:23PM (#12523663) Homepage
      A good way to combat a software or even a hardware keylogger is use the mouse to type in letters in random positions.

      For example, if you need to type in your email password in a webmail autentication form, you could type the first part, say "bud", then click on another part of the desktop, say the url bar of the browser, type in some random garbage, move the mouse again and finish the password, adding "rose" to "rosebud".

      Since keyloggers don't track mouse movements or clicks, the phisher wouldn't be able to breakdown and harvest the password from the keylogger.

      PS. It also helps not to use obvious passwords like "rosebud" ;)
  • Ask Slashdot (Score:3, Insightful)

    by mobby_6kl (668092) on Friday May 13, 2005 @04:35PM (#12523824)
    KIM asks: "I'm working for a repressive regime which is looking for ways to control the use of Internet in its country. Many have in-home Internet access, but, luckily, think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine is infected with keystroke loggers that give us access to and knowledge of 'banned' sites. Obviously, not only we want to identify the dissidents themselves, but also the sites they access. Any suggestions for products/procedures/systems out there making overwatching access & publishing a reality under our own run Internet access?"
  • by catdevnull (531283) on Friday May 13, 2005 @05:25PM (#12524442)
    I have large facility with many good computers and access to evil western sites. Please, if so kinds, forward names and addresses of dissidents to me so I may contact them for their helps.

You can bring any calculator you like to the midterm, as long as it doesn't dim the lights when you turn it on. -- Hepler, Systems Design 182

Working...