One has to be able to protect efficiently their data and their online private life, at a time when States, companies, hackers (in a word: everyone) care a lot about your communications and contents. That is why we published a series of articles to help you make your data safe and private: 4 simple pieces of advice to create a first protection line, then a guide on encryption. In this last publication, find out how you can remain anonymous while being connected.

Profil anonyme

When you are connected to the Internet, an IP address is given to you. This address is written in all the requests sent by your browser, for the answer to these requests (web pages for instance) to be able to reach your machine, not your neighbor’s one. Each of your connections thus leaves a trace carrying your identity. However, there are several solutions to ensure that your browsing is confidential.

NB: beware, IP addresses are not the only elements enabling to recognize someone from the mass of Internet users. There are others, such as third-party cookies, canvas fingerprinting, the size of your screen, the version of your browser, etc.

VPN

VPN

One of the solutions is to use a VPN (Virtual Private Network). This system allows to create a direct link between two computers: the principle, when applied to the protection of your data, is to use such a connection to anonymise your web browsing. Indeed, your connection requests to an application or a website will go through another machine: the IP address of this machine will be considered as the one which sent the request, it becomes a proxy between you and the website… an discreet proxy, since it hides your IP address!

Beware however: a VPN is no panacea. It will increase your latency, but more importantly it will not provide you with total anonymisation. Indeed, the intermediary machine knows who you are and what you requested: a surveillance by this proxy is thus possible, in spite of all the promises of your VPN provider, which swears not to look at your traffic.

There are several good VPN providers, which allow multi-device use (PC/Mac/tablet/smartphone), and all are charging for their services. You wan find a list of the VPN services that are the most respectful of confidentiality on the dedicated page of Torrentfreak.

Here are still a few options:

If you work with Linux, you can arbitrate very simply (through source IP, destination IP or protocol) which connection will be used by which packet. For that, you can follow our multiple gateway howto.

This option is however not the best; for complete anonymization, we advise you (just like Snowden) to use Tor.

Tor

TORTor (The Onion Router) is a world network enabling to anonymise your connections, based on a distributed networks of relays (or nodes). It has been created and is maintained by the Tor Project. Once connected to the network, your connection will go through three successive relays: the first one knows who you are, the second one routes packets from the first to the third ones, and the third knows where the request has to go. Thus, even if one relays is compromised, it never has any knowledge of all of the information related to your connection… and neither will the hacker. It can be compared to an identity theft attempt where the attacker only has your name; without your surname and date of birth, it won’t be much use.

To surf with Tor, we advise you to use Tor Browser Bundle, the official browser of the Tor Project. Not only will it make your traffic go through Tor, but will also anonymise the other artefacts enabling your identification, by pretending, for instance, that your screen is the same size as everyone else using the Tor Browser Bundle.

For more information and to install Tor, you can read the documentation of the project.

Beware however: if you go to http websites instead of https, Tor’s exit node will still be able to spy on you since it will receive in plaintext the packet containing the answer to your request. The packet will only be encrypted when it goes into the network; there is nothing Tor can do for you beyond its own borders.

Tails

Tails

Another, even more exhaustive option, is to use Tails (The Amnesic Incognito Live System), an operating system that keeps no trace of your activity once it is shut down. It routes all of your Internet traffic through Tor, does not need any installation, leaves no trace on your computer, and uses modern and renowned cryptography tools.

You can install a USB key, and use it in any way you want on your usual computer! No panic, the Tails website gives a lot of explanations and offers you an installation assistant (go to “getting started”).

We hope this series of articles will have helped you protect your private life, in a context where the latter is more and more at jeopardy online!

Source : Philippe Humeau & Julien Voisin

Lucie Saunois
Lucie Saunois
IT aficionado, specifically when it comes to cybersecurity, since she joined OT Group in 2015, Lucie specializes in making technical, and often complex, topics understandable by anyone.