November 18, 2012

Stealth Downloading via BitTorrent

How To Anonymize and Encrypt Your BitTorrent Traffic from the HowToGeek

7ahgbsdh

Whether you’re trying to dodge an angry government, a connection throttling ISP, or the watchful gaze of media conglomerates, anonymizing and encrypting your BitTorrent traffic can help. Read on to learn how.
Photo by jin.thai.

 

What Is This and What Do I Need?

BitTorrent is a form of distributed file sharing. Undistributed file sharing is when you connect to a single source and download a file. When you visit a software repository online, for example, and download a new version of some application you’re engaging in an undistributed file transfer—the file went from their server directly to you.
Distributed file sharing changes that model. When you use BitTorrent, a distributed file sharing protocol, you don’t download a file from a single source but instead from any number of sources.

Everyone who is part of the swarm of file sharers using the same tracker and sharing the torrent you’re downloading can potentially send you a piece of that file. Your download is no longer between you and a single source but between everyone in the swarm and you. This means anyone can join the torrent swarm and see what files you are downloading and, in turn, uploading—reciprocating to the swarm is part of the BitTorrent model.
If that person spying in your torrent activity is a hostile government, your ISP seeking to throttle your connection, or an agent hired by a media conglomerate to monitor BitTorrent networks, you can find yourself in unexpected trouble.

How can you circumvent such outcomes? By anonymizing and/or encrypting your BitTorrent traffic.
What are the upsides? Your BitTorrent traffic will be anonymous, the IP the swarm sees will not be your actual IP address. If you choose to encrypt as well as anonymize, even your ISP—the very people with direct access to your bandwidth pipe—won’t be able to see what you’re doing. You’ll be able to use BitTorrent without fear.

What are the downsides? Proxying/tunneling can slow down your connection and encryption can further slow it down. While many people are perfectly comfortable taking a performance hit in order to better secure their BitTorrent connection, it’s something to be aware of.
Ready to get started? To anonymize and encrypt BitTorrent you’ll need the following:
  • For both techniques you’ll need a BitTorrent client with proxy support. We’re going to be using uTorrent on Windows.
  • You’ll need a proxy/SSH provider. For this tutorial we’ll be using the popular Canadian BitTorrent proxy provider BTGuard.
  • To encrypt your BitTorrent session you’ll need an additional layer of security in the form of a local proxy server that connects to your encrypted tunnel. We’ll highlight how to use both the BTGuard supplied application and the free application PuTTY to roll your own proxy server.
Our instructions will help you configure any SOCKS proxy to work with uTorrent (or another proxy-friendly BitTorrent client) but we’re going to be setting it up for BTGuard. If you don’t have an anonymous proxy yet, BTGuard is a solid choice and costs a mere $7 a month. Get your proxy information handy or go sign up for a BTGuard account here. before continuing.

 

Configuring uTorrent for Anonymous Torrent Traffic

 

2011-10-11_145756

Run uTorrent. Navigate to Options –> Preferences (or press CTRL+P) to open up the Preferences panel. From within the Preferences panel, navigate to the Connection sub-menu.
From within the Connection sub-menu, you need to fill out the Proxy Server information. For the Type select SOCKS5, for the Proxy fill in proxy.btguard.com and Port 1025. Check Authentication and fill in your Username and Password (BTGuard users will use the same username and password they created their account with). If you’re using another service besides BTGuard, simply change the previous entries to match your service providers data.

Under Authentication check all the boxes, including “Use proxy for hostname lookups”, “Use proxy for peer-to-peer connections”. Make sure to check all the boxes under Proxy Privacy including “Disable all local DNS lookups”, “Disable features that leak identifying information”, and “Disable connections unsupported by the proxy”. Failure to check these options will compromise your anonymity and defeat the whole purpose of using a proxy server.
Restart uTorrent. If you do not restart uTorrent the Proxy changes will not take effect.

 

Encrypting Your BitTorrent Connection

 

Anonymization will protect your identity but, if your ISP is throttle happy, it won’t stop them from detecting and throttling your BitTorrent traffic. If you want the extra security of encrypted traffic and/or your ISP is shaping your traffic and throttling BitTorrent connections, this is the configuration for you.
BTGuard offers a free encryption proxy that is preconfigured. In order to use the BTGuard encryption tool, first download it from the BTGuard servers here. Install the application to C:\BTGUARD (this step is extremely important, if you install it to another directory the application will not operate properly). Once you’ve installed it, run the application.

Open up your uTorrent application once again and navigate back to the Preferences menu. Within the Preferences menu replace proxy.btguard.com with 127.0.0.1 (the address of the local computer). Leave all the other settings, including your login information, the same. Restart uTorrent for the changes to take effect. You’ll still be connected to the BTGuard servers but the traffic between uTorrent and those servers will be encrypted.

Alternatively, if you wish to use an SSH service to connect to a foreign server and anonymize your traffic that way, you’ll need to use PuTTY to connect to the SSH service and create a local proxy for uTorrent’s traffic to flow through. Note, if you’re already using BTGuard you might as well use their encryption too and skip this step. If you’re using another service and want to use their encrypted SSH tunnel, keep reading.

Putty is a free Telnet/SSH client for Windows and Linux that allows you to easily route your traffic through an encrypted tunnel. Download and install PuTTY. Run the application for the first time. The first screen you’ll see is the Session screen. Here you’ll need to enter the address of your SSH provider. The default SSH port is 22; only change this port # if your SSH provider indicates you should.  Make sure SSH is checked. Go ahead and give your session a name so that you can save it for future use.

2011-10-11_154822

Navigate to Connections –> SSH. In the SSH sub-menu you need to create a new port configuration. Put a port number in the Source box (it can be any number that isn’t in conflict with your computer’s existing port structure, we used 12345) and then check Dynamic and Auto. Press Add to add the port.

2011-10-11_153949

Navigate back to the session menu and click Save to save your configuration. Then click Open to launch the SSH tunnel to your SSH host and login with your login credentials.
Once you’ve logged in via PuTTY with your login credentials you can now use PuTTY as your SOCKS server. Open uTorrent and the Preferences menu. Configure things exactly as you would for BTGuard except for the IP address put in 127.0.0.1 (the proxy server is on your computer), change the port number to 12345, and leave the Authentication section blank.

 

Testing The Anonymity of Your BitTorrent Connection

 

2011-10-11_160143

When you set up your web browser with a proxy server, it’s easy to visit a site like WhatIsMyIP to see if you’re surfing from the new IP address. What about BitTorrent? It’s not quite so easy. Thankfully there’s a service designed to help you check the IP address your Torrent client is broadcasting.
Once you’ve configured uTorrent using the above techniques (either anonymous but not encrypted with BTGuard, anonymous and encrypted with BTGuard, or anonymous and encrypted with your SSH provider of choice), it’s time to visit CheckMyTorrentIP. At CheckMyTorrentIP, click the Generate Torrent tab. Save the resulting torrent file to your computer and load it in uTorrent. It should look like this:

2011-10-11_150452

Click on the torrent and then look down in the information panel at the bottom of the screen. Click on the Trackers tab. In that tab you will get information back from the Tracker (in this case the CheckMyTorrentIP tracker.

2011-10-11_150231

See that IP address? That should be the IP address of your new proxy service and not the IP address of your internet connection. If you see the address of your internet connection and not the proxy server you need to go back and double check your configuration.
You can also visit CheckMyTorrentIP and click on the Check IP tab to see all the IP addresses your torrent file has connected from:

2011-10-11_160049

There you have it. If the IP addresses are those provided by your proxy/SSH provider and not your home IP address then you’re in the clear. All your BitTorrent traffic will be routed through that IP address and your private IP address will never be broadcast to the greater internet!

 Source: http://www.howtogeek.com/76801/how-to-anonymize-and-encrypt-your-bittorrent-traffic/?utm_source=newsletter&utm_medium=email&utm_campaign=121011&utm_content=emailsidebar

November 17, 2012

The TOR Network


Inception

Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others.

Overview

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.
Journalists use Tor to communicate more safely with whistleblowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they're in a foreign country, without notifying everybody nearby that they're working with that organization.
Groups such as Indymedia recommend Tor for safeguarding their members' online privacy and security. Activist groups like the Electronic Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis, and to protect sensitive procurement patterns from eavesdroppers. They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company's patent lawyers?
A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.
The variety of people who use Tor is actually part of what makes it so secure. Tor hides you among the other users on the network, so the more populous and diverse the user base for Tor is, the more your anonymity will be protected.

Why we need Tor

Using Tor protects you against a common form of Internet surveillance known as "traffic analysis." Traffic analysis can be used to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests. This can impact your checkbook if, for example, an e-commerce site uses price discrimination based on your country or institution of origin. It can even threaten your job and physical safety by revealing who and where you are. For example, if you're travelling abroad and you connect to your employer's computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted.
How does traffic analysis work? Internet data packets have two parts: a data payload and a header used for routing. The data payload is whatever is being sent, whether that's an email message, a web page, or an audio file. Even if you encrypt the data payload of your communications, traffic analysis still reveals a great deal about what you're doing and, possibly, what you're saying. That's because it focuses on the header, which discloses source, destination, size, timing, and so on.
A basic problem for the privacy minded is that the recipient of your communications can see that you sent it by looking at headers. So can authorized intermediaries like Internet service providers, and sometimes unauthorized intermediaries as well. A very simple form of traffic analysis might involve sitting somewhere between sender and recipient on the network, looking at headers.
But there are also more powerful kinds of traffic analysis. Some attackers spy on multiple parts of the Internet and use sophisticated statistical techniques to track the communications patterns of many different organizations and individuals. Encryption does not help against these attackers, since it only hides the content of Internet traffic, not the headers.

The solution: a distributed, anonymous network

How Tor works

Tor helps to reduce the risks of both simple and sophisticated traffic analysis by distributing your transactions over several places on the Internet, so no single point can link you to your destination. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you — and then periodically erasing your footprints. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several relays that cover your tracks so no observer at any single point can tell where the data came from or where it's going.
To create a private network pathway with Tor, the user's software or client incrementally builds a circuit of encrypted connections through relays on the network. The circuit is extended one hop at a time, and each relay along the way knows only which relay gave it data and which relay it is giving data to. No individual relay ever knows the complete path that a data packet has taken. The client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can't trace these connections as they pass through.

Tor circuit step two

Once a circuit has been established, many kinds of data can be exchanged and several different sorts of software applications can be deployed over the Tor network. Because each relay sees no more than one hop in the circuit, neither an eavesdropper nor a compromised relay can use traffic analysis to link the connection's source and destination. Tor only works for TCP streams and can be used by any application with SOCKS support.
For efficiency, the Tor software uses the same circuit for connections that happen within the same ten minutes or so. Later requests are given a new circuit, to keep people from linking your earlier actions to the new ones.

Tor circuit step three

Hidden services

Tor also makes it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant messaging server. Using Tor "rendezvous points," other Tor users can connect to these hidden services, each without knowing the other's network identity. This hidden service functionality could allow Tor users to set up a website where people publish material without worrying about censorship. Nobody would be able to determine who was offering the site, and nobody who offered the site would know who was posting to it. Learn more about configuring hidden services and how the hidden service protocol works.

Staying anonymous

Tor can't solve all anonymity problems. It focuses only on protecting the transport of data. You need to use protocol-specific support software if you don't want the sites you visit to see your identifying information. For example, you can use Torbutton while browsing the web to withhold some information about your computer's configuration.
Also, to protect your anonymity, be smart. Don't provide your name or other revealing information in web forms. Be aware that, like all anonymizing networks that are fast enough for web browsing, Tor does not provide protection against end-to-end timing attacks: If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit.

The future of Tor

Providing a usable anonymizing network on the Internet today is an ongoing challenge. We want software that meets users' needs. We also want to keep the network up and running in a way that handles as many users as possible. Security and usability don't have to be at odds: As Tor's usability increases, it will attract more users, which will increase the possible sources and destinations of each communication, thus increasing security for everyone. We're making progress, but we need your help. Please consider running a relay or volunteering as a developer.
Ongoing trends in law, policy, and technology threaten anonymity as never before, undermining our ability to speak and read freely online. These trends also undermine national security and critical infrastructure by making communication among individuals, organizations, corporations, and governments more vulnerable to analysis. Each new user and relay provides additional diversity, enhancing Tor's ability to put control over your security and privacy back into your hands.

Source: https://www.torproject.org/about/overview.html.en

To download go here: https://www.torproject.org/download/download.html.en

Want Tor to really work?

...then please don't just install it and go on. You need to change some of your habits, and reconfigure your software! Tor by itself is NOT all you need to maintain your anonymity. There are several major pitfalls to watch out for:
  1. Tor only protects Internet applications that are configured to send their traffic through Tor — it doesn't magically anonymize all your traffic just because you install it. We recommend you use Firefox with the Torbutton extension.
  2. Torbutton blocks browser plugins such as Java, Flash, ActiveX, RealPlayer, Quicktime, Adobe's PDF plugin, and others: they can be manipulated into revealing your IP address. For example, that means Youtube is disabled. If you really need your Youtube, you can reconfigure Torbutton to allow it; but be aware that you're opening yourself up to potential attack. Also, extensions like Google toolbar look up more information about the websites you type in: they may bypass Tor and/or broadcast sensitive information. Some people prefer using two browsers (one for Tor, one for non-Tor browsing).
  3. Beware of cookies: if you ever browse without Tor and a site gives you a cookie, that cookie could identify you even when you start using Tor again. Torbutton tries to handle your cookies safely. CookieCuller can help protect any cookies you do not want to lose.
  4. Tor anonymizes the origin of your traffic, and it encrypts everything between you and the Tor network and everything inside the Tor network, but it can't encrypt your traffic between the Tor network and its final destination. If you are communicating sensitive information, you should use as much care as you would on the normal scary Internet — use HTTPS or other end-to-end encryption and authentication. HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites.
  5. While Tor blocks attackers on your local network from discovering or influencing your destination, it opens new risks: malicious or misconfigured Tor exit nodes can send you the wrong page, or even send you embedded Java applets disguised as domains you trust. Be careful opening documents or applications you download through Tor, unless you've verified their integrity.
  6. Tor tries to prevent attackers from learning what destinations you connect to. It doesn't prevent somebody watching your traffic from learning that you're using Tor. You can mitigate (but not fully resolve) the risk by using a Tor bridge relay rather than connecting directly to the public Tor network, but ultimately the best protection here is a social approach: the more Tor users there are near you and the more diverse their interests, the less dangerous it will be that you are one of them.
  7. Do not use BitTorrent and Tor together.

Be smart and learn more. Understand what Tor does and does not offer. This list of pitfalls isn't complete, and we need your help identifying and documenting all the issues.


November 16, 2012

Privacy Watch: Free Tool Makes You Anonymous on the Web

Illustration: Mark Matcho

No matter how meticulously you remove cookies and cleanse spyware and adware from your PC, snoops can still track your movements on the Web. The telltale sign is your IP address.
For a Web server to send your browser information, the server needs to know that you're at 192.168.234.10, for instance. Some Web servers can reveal the city you're in, the Internet service provider you use (or the company you work for), and the type of connection you have--in other words, a lot more than a cookie ever could.

Fortunately, a free tool named Tor from Electronic Frontier Foundation can close this privacy loophole. Tor--a World Class Award winner last month, and available at tor.eff.org--strips the identifying IP address from the headers of each data packet that leaves your computer, by bouncing the packet through a special network of computers called "onion routers." The trade-off for this kind of anonymity, of course, is the speed of your Web browsing. Bouncing from server to server takes time. Tor's advantage over previous anonymizing services is that it can anonymize more than browser communications. Tor works with apps like Thunderbird, Outlook, and Eudora--and with IM programs.

Before you can use Tor, you must download a small freeware app called Privoxy). After installing Privoxy, you must alter a line in one of the program's settings files so that Privoxy can talk to Tor (click here for instructions).

Without directions to send their data through Tor, your apps won't know how to transmit packets over the network. In Internet Explorer, click Tools, Internet Options, then the Connections tab, and then the LAN Settings button. Check Use proxy server for your LAN and click Advanced. In the HTTP field, type localhost; and in the Port field, enter 8118. In Firefox, go to Tools and click Options. Click Connection Settings, and in the field labeled 'HTTP Proxy' fill in the same information as outlined above for IE.

You'll have to enter these proxy settings into each app you want to use with Tor, and you'll lose a little extra time to Web browsing each day. But if you want complete privacy, it's a small price to pay.
--Andrew Brandt