Dissidents Seeking Anonymous Web Solutions?

DocMurphy asks: "I'm working with some dissidents who are looking for ways to use the Internet from within repressive regimes. Many have in-home Internet access, but think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine may be infected with keystroke loggers that give governments access to and knowledge of 'banned' sites. Dissidents not only want to remain anonymous themselves, but also wish to not compromise the sites they access. Any suggestions for products/procedures/systems out there making anonymous access & publishing a reality under repressive regime run Internet access?"

wireless

[Umbral Blot]

Open wireless nerworks wouldn't work because?

Freenet

[TheRedHorse]

Freenet is the only solution I can think of, although it seems much slower than the common internet, and I'm not up to date on what content's available, but this is what freenet was made for.

http://freenet.sourceforge.net/ [sourceforge.net]

Re:wireless

[gstoddart]

Open wireless nerworks wouldn't work because?

Connected to what when the government tracks everything and owns/controls all of the nations connectivity?

You may as well have suggested FDDI or gigabit ethernet would solve the problem.

Once you're inside of a 'repressive regime', it's a lot more difficult to circumvent than just pick a new network layer.

Dissidence isn't supposed to be convenient.

[Rude Turnip]

If you've gotten to the point where you're really worried about being caught and persecuted, perhaps the internet is not your safest bet, due to every reason being posted here, ie: keyloggers, etc. As much as you'd like to change your world, the "system" isn't going to make things easy for you to overthrow it. And the internet is very much a part of the "system." Unless you're ready to string up your own network and create a rebellion intranet, you're out of luck.

Just do what they do on the Sopranos: keep it low tech, use payphones, meet in person. If your cause it that important and you need to spread information, may I suggest a major leaflet campaign?

Impossible based on requirement

[ebrandsberg]

If you assume that any "public" PC is infected with a key logger, then you can NOT guarantee any level of protection, as they can always find the names of sites you type in, etc. You must have some level of trust on the PC before you can consider any solution. Beyond that, you would want to make use of an encrypted connection to a proxy or vpn outside the control of the regime, then access the content from there.

Next Time

[zepmaid]

Dear DocMurphy, Next time, please submit stories as AC. Posting your email address on the front page of slashdot is a poor way of achieving anonymity.

Re:wireless

[kouhoutek]

Beacuse:
A. Repressive regimes may not have a lot of unsecured open hotspots.
B. Repressive regimes may not have an abundance of wireless enabled laptops, and possessing one would draw attention.
C. Going from "inside the internet cafe" to "within 150' of the internet cafe" doesn't get you that much. Repressive regimes are pretty good with triangulation.

Re:There is no anonymity on the internet

[lukewarmfusion]

"Best not to risk your life if a regime is that oppressive."

That's an excellent time to risk your life. Rolling over and "playing nice" is exactly what lets oppressive regimes exist.

There is no point

[ahdeoz]

There is no point in being a dissident if you choose to remain anonymous. How is anyone supposed to know what your motives are if they don't know who you are. And if you really care about the things you say, then you should be willing to take a stand for it. Any anonymous "dissention" is on par with raving on usenet and somewhere beneath private grumblings. Anonymous action, yes, can produce results. But anonymous words aren't worth the electrons they're displayed with.

Re:write in advance, encrypt and email it

[tekiegreg]

The only issue I see with that is that it is possible to detect (though not decode) encryption. If a repressive government sees a particular pattern coming from a particular cybercafe, they'll start watching more and someone could still be in trouble under the "well why would you encrypt it? You must be a dissident!" assumption. That could be just as bad as if they were leaving it unencrypted....

One Man's Villan is Another's Man's Hero

[geoaxis]

How can one make sure that a perfect system will not be used by terrorists and human smugglers, child pornographers to hide their activities. This may be classified as "choose between the two devils"

Seriously

[Anonymous Coward]

DocMurphy you are an idiot. You are talking about working with people to commit treason against oppressive regimes. Maybe you don't understand what an oppressive regime actually is or something but here is a hint: they don't have and problems killing people. You are not only proposing to work with these people across international lines but then you post a question to slashdot about how to help them. Assuming you think you are serious and not just posting the question to generate responses, do you even have a fucking clues how something like this would actually work. You are not going up against your high school typing teacher here. Not only do virtually all regimes have computers they also have people that know how to use them. If you don't know this stuff you are going to get these people killed and really run the risk of getting yourself killed in the process (or imprisoned depending on US geopolitical concerns. If you have to ask slashdot and expect a bunch of pasty teenages reading the anarchist cookbook to give you advice on assisting an insurgency you have no business doing this. You don't think that suggesting they use some sort of encryption from their internet cafes isnt going to get them killed. Wouldn't an oppresive regime monitor communications coming out of an internet cafe? Please do not continue to try this. Giving any advice like this is akin to leading a children's crusade and every baron along the way is going to fuck you in the ass and all your children are going to get killed. You really need to learn how things work first in international smuggling of goods and information and being a technical advisor to an insurgency you are not part of is no fucking place for some stupid idealistic kid. You will, in all likely hood, end up in jail for this if you are lucky. Really, they will probably just kill you.

Re:Use the Circumventor.

[LWATCDR]

You would connect to the proxy via SSL and hope that it is not noticed and then blocked.
You pretty much have hit on the problem.
Even if they can not read your data they will know it is encrypted. That could cause them to notice you.
If you are in a totalitarian country you can not be safe and a dissident. I do wish them luck.

Re:Tor

[geminidomino]

Interesting suggestion, but pretty much undoable. You can't have both anonymity and keep the bad guys out, since if you have a way to ID the bad guys, you have a way to ID the good guys. It's a trade-off.

Re:Easy solution

[WigginX]

You really need at least two external servers. Here's why:

Suppose the authorities notice dissident activity from the first external server. If they then determine that I've been making connections to that dissident server, I'll be put under investigation. Yes my data may have been encrypted, but the connection alone is enough to raise suspicion.

However, if I have two external servers, I use the first as a proxy to the second, and use the second to conduct dissident work. Since both servers are beyond the regime's control, they have no way of discovering the connection between them and attributing the dissident activity to me.

Combatting keystroke loggers

[ReverendLoki]

Regarding keystroke loggers on public terminals - if you can gain access to do so, you could reboot the machine with Knoppix or another live CD to circumvent software loggers above the BIOS level, though it won't help against hardware loggers (a brief visual search can rule out most of those, as long as you can trace the cord to the back of the machine). From there, a secure encrypted connection to a "free world" site should cover you, electronically.

However, even this will leave you open to IP tracing (should a stream of encrypted traffic raise any flags), as well as wandering busybodies/spies/anyone willing to report your ass for a reward. Just a thought.

Fsking Democrats!!!

[Anonymous Coward]

I don't care what you think. The US and its present president is not a repressive regime! I wish you damned democrats would just get over yourselves already. If you can post on Slashdot, you're not repressed. Obsessed maybe, possessed possibly, but not repressed!

Re:I do not know if this is valid...

[Anonymous Coward]

It is real. Anyone interested in how to connect can send mail to bill.t.gates at gmail d0t com.

It is a network that is based on OpenVPN and Quagga (for BGP routing). The last time someone posted the connect details on slashdot, we were overwhelmed. If you are truly interested though, shoot an email over to that account and someone will shoot you back the instructions.

A variant of Unix or BSD with a dedicated connection is recommended -- but NOT required. The reason being, we would like as many people as possible to be permanent "nodes".

This is NOT freenet. It is fast and _extremely_ reliable.

One last thing, if you send mail to the above address, do it from an account that is NOT tied to you (webmail through a proxy).

Ok, one MORE last thing. Once you are on the Metanet ... you can do whatever you want. But I will tell you right now ... if you are looking for kiddie porn, look elsewhere. Most anything goes ... but a line has to be drawn somewhere. While the network is anonymous and you won't be busted ... we can disconnect bad nodes.

Re:There is no point

[gstoddart]

There is no point in being a dissident if you choose to remain anonymous. How is anyone supposed to know what your motives are if they don't know who you are. And if you really care about the things you say, then you should be willing to take a stand for it.

Spoken like a true Westerner I'm thinking.

In countries where you can stand up and say your government is a bunch of idiots, there is no harm in not being anonymous.

But if this can lead to prison, death, torture, disappearance, or all sorts of ahem inconvenience cough, then anonymity is what you want.

What good is saying "if you have anything of value to say, be public about it" if everyone is eventually dead and too afraid to say anything?

Sometimes just making sure someone hears the words is important. As is making sure those who need to say 'em are alive to keep saying 'em. Deciding that anything that can't be said out in the open isn't worth saying is probably a real disservice to peoples who absolutely cannot do that.

Re:And the entire internet is public..

[Anonymous Coward]

Guess what, if you live in a repressive reigime, the only crime they have to charge you with is illegal use of a cryptographic device (or something along those lines).

They understand the power of crypto, they will outlaw it. That's why the writeup for the article mentioned avoiding the use of personal PCs.

Ask Slashdot

[mobby_6kl]

KIM asks: "I'm working for a repressive regime which is looking for ways to control the use of Internet in its country. Many have in-home Internet access, but, luckily, think it too risky to participate in pro-freedom activities on home PCs. Internet cafés are also available, but although fairly anonymous, every machine is infected with keystroke loggers that give us access to and knowledge of 'banned' sites. Obviously, not only we want to identify the dissidents themselves, but also the sites they access. Any suggestions for products/procedures/systems out there making overwatching access & publishing a reality under our own run Internet access?"

Q:

[GeckoX]

Q: What's the difference between a dissident and a terrorist?

A: Only your point of view.

Re:write in advance, encrypt and email it

[rizzo420]

to add to that wonderful list... use different cybercafes in a random manner... don't use the same machine at any cybercafe.

also, try using one of those secure usb key's (lexar has one). and always do boring, mundane stuff while you're at the cafes, even when you go for the main purpose, start up a normal browsing session before you upload anything and flip back to it during the transfer.

Re:Lemme guess...

[dillon_rinker]

Anecdotal evidence. The typical Texas Democrat supports the death penalty, opposes abortion, and owns guns. In majority Democrat states, such a person could be expected to vote Republican. A Texas Democrat may be a union worker, a trial lawyer, or a historically oppressed racial minority; these are all Democrat constituencies. You are correct that you ARE a democrat, but in other communities, you might find you have more in common with Republicans. By the same token, I would expect the typical Massachusetts Republican to vote Democrat in Texas.

If I may be permitted a tiny flame, I'd suggest that you don't distinguish between statistical statements about groups of people and categorical statements about each member of a group of people. While the latter is fallacious, the former is not. Granted, they are easily confused, and bigots often pretend to say the former when they mean the latter. However, in intelligent discourse, it is important to realize that statistical statements CANNOT be refuted by anecdotes. "The averate 4-year-old can't read" is true, no matter how many gifted four-year-olds you might find.

Re:Q:

[YrWrstNtmr]

Q: What's the difference between a dissident and a terrorist?
A: Only your point of view.

I think the difference is bomb/no bomb, and choice of target.

Re:And the entire internet is public..

[TubeSteak]

If they're really after you, they'll scour your RAM for whatever recoverable material is left behind.

RAM isn't completely recovery proof.

Now... as for the original question, isn't this what freenet was supposed to be for?

Freenet is free software which lets you publish and obtain information on the Internet without fear of censorship. To achieve this freedom, the network is entirely decentralized and publishers and consumers of information are anonymous.
...
Users contribute to the network by giving bandwidth and a portion of their hard drive (called the "data store") for storing files. Unlike other peer-to-peer file sharing networks, Freenet does not let the user control what is stored in the data store

In other words, the site is published by you, but hosted on some other freenet member(s) box.

That was the entire point of freenet, to allow for truly anonymous publishing of material.
Oh yea, and don't forget to check the "Post Anonymously" box

Re:Q:

[SB5]

And History labels them as who won in the end.

Re:American dissidents persecuted by Secret Police

[YrWrstNtmr]

The same thing might easily happen in England. Threats agasint the Queesn are equally prohibited.

Disliking the president is one thing. Hoping for his literal death is something else altogether.

How long would such a person last in Saddam's Iraq, or KJI's North Korea? A 'request' to Fark for their email address? No. A threat to 'our beloved leader' would end up quite a bit nastier than that.

Re:Anything PRIVATE is also NOT safe...

[loopdreams]

Ever thought that these countries aren't really terrorist nations at all, but simply labelled by a few countries because it serves their own agenda?

Re:And the entire internet is public..

[Jack Taylor]

When done (or if the government busts in!), reboot your computer - no traces left.

I'd be extra paranoid and make sure to power off the computer, not just reboot it, to be sure all the RAM is reset. If they're super-cunning they could salvage incriminating data from it.

You could also go one step further on the keylogger protection and have your own USB keyboard that you carry around with you. Keylog that! :D Or even just buying a keyboard that you can't take apart might work. Have a look at this [thinkgeek.com] and this [thinkgeek.com] for ideas.

Re:There is no anonymity on the internet

[Anonymous Coward]

Rolling over and "playing nice" is exactly what lets oppressive regimes exist.

Actually, it is exactly what lets me sit here in front of a Starbucks, in my boyfriend's Lexus, sipping a latte and chatting on his laptop. That and the fact that he couldn't switch from IE to Firefox without three IT consultants - so he is never any the wiser ;) He probably thinks keyloggers are the guys you can't do without if you are cutting down a forest....

ssh is confidential, but easily traced

[EventHorizon]

Do not confuse authentication, confidentiality, and tracability.

authentication: third parties cannot alter your communication; the party you are talking to is who you expect.

confidentiality: third parties cannot read your communication

tracability: third parties cannot determine who you are and/or with whom you are communicating (i.e. they can't map to meatspace)

The most critical factor for dissidents is tracability.

While ssh provides authentication and encryption, it does NOT, on its own, decrease tracability. Most governments (and in the US, corporations) can easily trace a basic IP connection, even if they can't read or write the traffic on it. Just follow the wire.

Remember: who you talk to can be at least as sensitive as what you say.