Every other website or platform we work or access services from, tracks us to get their services improved by getting user experience information or to make some money by selling ads to you based on your previous web activities on other platforms, which can vary from buying some product from amazon and then spamming ads to the user to our service providing platform with the products closely related to our search on those E-commerce platforms to the exams or the stream to which we belongs to giving them some accurate recommendations of the materials required to operate in that domain(e.g. performance mouse, gaming monitor or graphic cards to the professional gamers).
Even our emails are getting eavesdropped (read secretly) by Google, some professional Hackers or the National Security Agency(NSA) cataloging all our activities which finally specifies that our every online move is being watched or recorded.
The Social Dilemma: Digital Identity Risk
There is a theory of what the big tech companies do with the data they collect from us and how could it be dangerous to us and humankind. So here the main question is:
Why do we need to secure our information and resist any information or data breach?
One of the greatest movie being produced- The Social Dilemma, talks about how this information of all of us are being recorded, our every step, every action we do on the web whether it's upvoting, commenting, sharing, saving videos, posts, reels or any product. As Bruce Schneier the famous cryptographer and cyber security expert once said, "If something is free, you're not the customer; you're the product".
This information or the metadata acquired by these companies is often used to get you more acquired with their product and increase engagement for their product or their partner companies' products by providing you advertisements related to your interest or direct posts and content based on your previous activity.
The main motive of these companies is to release as much dopamine as possible in your head and get you addicted to their applications, games or other products. To do it many professionals from the tech domain have said that these companies happen to form a real-life artificially intelligent model of your personality based on the content you consume, like, save or share with your friends and thus similarly similar content has been shared with you on the platform which could flood your mind with dopamine which is very dangerous as it creates a kind of illusion between the real world and the world in which you believe to exist which could harshly result in strikes, riots, effect election polls or can even put someone's life in danger.
It isn't like its not useful at all as it could reduce the time and bring some useful content or product for the customer which they have been looking for a long time without wasting any further time or can even bring a lot more help as well like for the charity works, marketing tasks for the events and hackathon which exactly happened earlier in the starting phase of all of these products but soon as it started growing, strangely it happen to start violating a lot of ethics and privacy.
General Methods to Go Anonymous
To get rid of this tracking by these big firms or bodies we can adopt various methods, I will be getting you 4 general methods which will include navigating anonymously by:
The Onion Network (using Tor Browser)
Virtual Private Networks (VPN)
Proxy Servers
Private encrypted email
How do we get Tracked anyway?
First, before moving forward to how can we use the web anonymously we need to know how we get tracked by these big players in the tech domain or even by some other well-experienced hackers.
Your IP address identifies you as you traverse the internet. Data sent from your machine is generally tagged with your IP address, making your activities easy to track. Second, Google and other email services will āreadā your email, looking for keywords to more efficiently serve your ads.
When you send a packet of data across the internet, it contains the IP addresses of the source and destination for the data. In this way, the packet knows where it is going and where to return the response. Each packet hops through multiple internet routers until it finds its destination and then hops back to the sender.
For general internet surfing, each hop is a router the packet passes through to get to its destination. There can be as many as 20ā30 hops between the sender and the destination, but usually any packet will find its way to the destination in fewer than 15 hops. As the packet traverses the internet, anyone intercepting the packet can see who sent it, where it has been, and where itās going.
This is one way websites can tell who you are when arrive and log you in automatically, and itās also how someone can track where youāve been on the internet.
To see what hops a packet might make between you and the destination, you can use the traceroute command in the command prompt or the terminal command line of your Linux OS version(like Kali, Ubuntu, etc). Simply enter traceroute and the destination IP address or domain, and the command will send out packets to the destination and trace the route of those packets.
traceout google.com
Your results will likely be different from others because your request would be coming from a different location and because Google has many servers across the globe. In addition, packets donāt always take the same route across the Becoming Secure and Anonymous 141 internet, so you might send another packet from your address to the same site and receive a different route.
The Onion Router System
History:
In the 1990s, the US Office of Naval Research (ONR) set out to develop a method for anonymously navigating the internet for espionage purposes. The plan was to set up a network of routers that was separate from the internetās routers, that could encrypt the traffic, and that only stored the unencrypted IP address of the previous routerāmeaning all other router addresses along the way were encrypted. The idea was that anyone watching the traffic could not determine the origin or destination of the data. This research became known as āThe Onion Router (Tor) Projectā in 2002, and itās now available to anyone to use for relatively safe and anonymous navigation on the web.
How Tor Works
Packets sent over Tor are not sent over the regular routers so closely monitored by so many but rather are sent over a network of over 7,000 routers around the world, thanks to volunteers who allow their computers to be used by Tor. On top of using a separate router network, Tor encrypts the data, destination, and sender IP address of each packet. At each hop, the information is encrypted and then decrypted by the next hop when itās received.
In this way, each packet contains information about only the previous-hop along the path and not the IP address of the origin. If someone intercepts the traffic, they can see only the IP address of the previous hop, and the website owner can see only the IP address of the last router that sent the traffic. This ensures relative anonymity across the internet.
DarkWeb on Tor
In addition to being capable of accessing nearly any website on the traditional internet, the Tor browser is capable of accessing the dark web. The websites that make up the dark web require anonymity, so they allow access only through the Tor browser, and they have addresses ending in .onion for their top-level domain (TLD). The dark web is infamous for illegal activity, but a number of legitimate services are also available there. A word of caution, however: when accessing the dark web, you may come across material that many will find offensive.
Disadvantages of Tor
The tradeoff is that surfing via the Tor browser can be a lot slower; because there are not nearly as many routers, the bandwidth is limited in this network.
The intelligence and spy services of the United States and other nations consider the Tor network a threat to national security, believing such an anonymous network enables foreign governments and terrorists to communicate without being watched. As a result, several robust, ambitious research projects are working to break the anonymity of Tor.
How Intelligence agencies like the NSA broke Tor
Torās anonymity has been broken before by these authorities and will likely be broken again. The NSA, as one instance, runs its own Tor routers, meaning that your traffic may be traversing the NSAās routers when you use Becoming Secure and Anonymous 143 Tor. If your traffic is exiting the NSAās routers, thatās even worse, because the exit router always knows your destination. The NSA also has a method known as traffic correlation, which involves looking for patterns in incoming and outgoing traffic, that has been able to break Torās anonymity.
Though these attempts to break Tor wonāt affect Torās effectiveness at obscuring your identity from commercial services, such as Google, they may limit the browserās effectiveness in keeping you anonymous from spy agencies.
Virtual Private Networks (VPN)
Using a virtual private network (VPN) can be an effective way to keep your web traffic relatively anonymous and secure. A VPN is used to connect to an intermediary internet device such as a router that sends your traffic to its ultimate destination tagged with the IP address of the router.
Mechanism
The beauty of VPNs is that they are simple and easy to work with. You can open an account with a VPN provider and then seamlessly connect to the VPN each time you log on to your computer. You would use your browser as usual to navigate the web, but it will appear to anyone watching that your traffic is coming from the IP address and location of the internet VPN device and not your own. In addition, all traffic between you and the VPN device is encrypted, so even your internet service provider canāt see your traffic.
Advantages
Among other things, a VPN can be effective in evading government-controlled content and information censors. For instance, if your national government limits your access to websites with a particular political message, you can likely use a VPN based outside your country to access that content.
The strength of a VPN is that all your traffic is encrypted when it leaves your computer, thus protecting you against snooping, and your IP address is cloaked by the VPN IP address when you visit a site.
Here are some of the famous secured VPNs:
NordVPN
ExpressVPN
CyberGhost
Private Internet Access
Hide My Ass (HMA) LOL !!
PureVPN
Disadvantages
Using a VPN can certainly enhance your security and privacy, but itās not a guarantee of anonymity. The internet device you connect to must record or log your IP address to be able to properly send the data back to you, so anyone able to access these records can uncover information about you.
It is much better to use the paid VPNs which provide a lot more features and assure/ promise not to store or log any of the information so that they won't be able to give your information to the security or intelligence firms even on getting forced as they don't your information themselves. In this way, if someone insists that the VPN service provider turn over its data to its user, there is no data.
Encrypted Email
Free commercial email services such as Gmail, Yahoo!, and Outlook Web Mail (formerly Hotmail) are free for a reason: they are vehicles for tracking your interests and serving up advertisements. As mentioned already, if a service is free, you are the product, not the customer. In addition, the servers of the email provider (Google, for example) have access to the unencrypted contents of your email, even if youāre using HTTPS.
One way to prevent eavesdropping on your email is to use encrypted email. ProtonMail encrypts your email from end to end or browser to browser. This means that your email is encrypted on ProtonMail serversāeven the ProtonMail administrators canāt read your email.
ProtonMail was founded by a group of young scientists at the CERN supercollider facility in Switzerland. ProtonMailās servers are based in the European Union, which has much stricter laws regarding the sharing of personal data than the United States. When exchanging email with non-ProtonMail users, there is the potential for some or all of the email not to be encrypted.
Proxy Server
proxies are intermediate systems that act as middlemen for traffic: the user connects to a proxy, and the traffic is given the IP address of the proxy before itās passed on. When the traffic returns from the destination, the proxy sends the traffic back to the source. In this way, traffic appears to come from the proxy and not the originating IP address.
The proxy will likely log your traffic, but an investigator would have to get a subpoena or search warrant to obtain the logs. To make your traffic even harder to trace, you can use more than one proxy, in a strategy known as a proxy chain.
proxychains that you can set up to obscure your traffic. The syntax for the proxychains command is straightforward:
proxychain <the command you want proxied> <arguments>
If you wanted to use proxychains to scan a site with nmap anonymously:
proxyxhain nmap -sT -Pn <IP address>
This would send the nmap āsS stealth scan command to the given IP address through a proxy. The tool then builds the chain of proxies itself, so you donāt have to worry about it.
Setting Proxies in the Config File
In this section, we set a proxy for the proxychains command to use. As with nearly every application in Linux/Unix, configuration of proxychains is managed by the config fileāspecifically /etc/proxychains.conf
We can add proxies by entering the IP addresses and ports of the proxies we want to use in this list. For now, weāll use some free proxies. Note, however, that using free proxies in real-life hacking activity is not a good idea.
Itās important to note that proxychains defaults to using Tor if you donāt enter any proxies of your own. If youāre not adding your proxies and want to use Tor, leave this as it is. If you are not using Tor, youāll need to comment out this line (add a # before).
As much as I like Tor, as mentioned, it is usually very slow. Also, because the NSA has broken Tor, I am much less likely to depend on it for anonymity. I therefore comment out this line and add my own set of proxies.
Dynamic Chaining
With multiple IPs in our proxychain.conf file, we can set up dynamic chaining, which runs our traffic through every proxy on our list and, if one of the proxies is down or not responding, automatically goes to the next proxy in the list without throwing an error. If we didnāt set this up, a single failing proxy would break our request.
This will enable dynamic chaining of our proxies, thus allowing for greater anonymity and trouble-free hacking. Save the config file and feel free to try it out.
Random Chaining
Our final proxy trick is the random chaining option, where proxychains will randomly choose a set of IP addresses from our list and use them to create our proxy chain. This means that each time we use proxychains, the proxy will look different to the target, making it harder to track our traffic from its source. This option is also considered ādynamicā because if one of the proxies is down, it will skip to the next one.
Disadvantages
proxychains are only as good as the proxies you use. If you are intent on remaining anonymous, do not use a free proxy, as mentioned earlier. Hackers use paid-for proxies that can be trusted. In fact, the free proxies are likely selling your IP address and browsing history.
Although the IP address of your traffic leaving the proxy will be anonymous, there are other ways for surveillance agencies to identify you. For instance, the owner of the proxy will know your identity and, if pressured enough by espionage or law enforcement agencies with jurisdiction, may offer up your identity to protect their business. Itās important to be aware of the limitations of proxies as a source of anonymity.
Hope you get to find a lot of knowledge and data, you came to read this blog, soon I will be releasing blogs on managing and Analyzing Networks, Using & Abusing Services and a lot more..šš
If you like my Article then please react to it and connect with me on Twitter if you are also a tech enthusiast. I would love to collaborate with people and share the experience of techšš.
My Twitter Profile: