Internet Privacy – PostScript
by Paul Green
Recently by Practical
I am glad so
many found the article "Practical
Internet Privacy" helpful. Thank you for the email. Many
also mentioned the earlier article on ethical problems with intellectual
"property" – some even professed to a "conversion"
on the matter...
In line with
this, I am pleased the privacy article has been copied far and wide
on blogs and newsletters. But please note that I have no connection
with "PrivacyWorld", who credited themselves not lewrockwell.com
– leading others in good faith and better manners to credit them.
The same goes for another "anti-illuminist" site which
replaced links with MLM junk – leaving my name on it. Always check
are some more internet privacy related tips, extras, and favourite
the idea is to maintain "two sets of books" – that you
don’t need or even want everything you do to be private:
For those things
you do want to "privatize," here are the basics again:
- Start by
making sure your computer is clean from viruses, spyware, junk
background programs, and junk files like cookies and other web-bugs.
Get rid of bloated security suites – the best stuff is free.
your internet activity by tunnelling it elsewhere through a VPN
privacy service. Choose a service that keeps no logs. Preferably
use a server outside your state, country, or political bloc.
- Set up new
accounts for email, internet phone calls and anything else through
this service, using generic personal information.
- Use free
services, or pay with cash, money orders, prepaid vouchers or
pseudonymous prepaid cards.
In this way,
you can take control of your "data trail" or "data dossier"–
the sum total of what converging
databases, retained logs, and available government and private records
hold about your life. With Google
by the NSA/CIA),
banks, cards, telcos and internet providers all helping to build
up that profile
for the state anyway – you can choose what they get and what they
In the US,
it is possible that a small independent internet provider might
not be retaining or passing on your data – certainly a privacy advantage,
if available. But the big players, including their local affiliates,
They still have "NSA
rooms" and most of what they did illegally has since been
together with retrospective immunity.
is now making even this obsolete. Surveillance is morphing into
little more than a bump on a fibre optic cable:
traffic passes through a relatively
few exchange points and, internationally, there are only about
30 main fibre optic highways. Maybe you remember last year, when
millions had their internet cut
off due to mysterious cable damage?
It is a simple
matter to tap fibre optic cables at key points and from there via
dedicated cables, send traffic straight to the NSA. This agency
has at least three
data centres. One reportedly takes up 6 acres underground, with
the latest in Utah taking up a million square feet.
A CNET surveillance
is supported by up-to-date tech details here
from a presentation at this year’s Black Hat security conference.
The analysis is good – but I doubt if, in practice, surveillance
is so well implemented.
– aside from helping cover-ups – helps to create an exaggerated
aura of invincibility. The good news is that governments are not
omnipotent. In that regard, they are merely significant but also
incompetent wannabes – and thank God, always doomed
to failure sooner or later. Our job is to make it sooner, while
in the meantime treating them as obstacles to be overcome. Here
is one way:
and big corporate environments often block
access to unapproved websites – with Australia, China and some other
governments even filtering their whole countries.
On a public
or shared computer in some of these places, you may not be able
to install a VPN connection. So here are some other practical ways
work very much like a phone directory – the name is used to look
up the actual number ("IP address"). Censorship often
targets these directories (called Domain Name Servers – "DNS").
So, one trick is to access a website directly through its IP address
and not use the name.
"lewrockwell.com" is really 126.96.36.199
– just put that number in your browser address bar and see. To use
links, you would need to overwrite the "www.lewrockwell.com"
bit with "188.8.131.52". So, a link to the earlier article
would be http://www.lewrockwell.com/orig9/green-p2.1.1.html
but it would also be http://184.108.40.206/orig9/green-p2.1.1.html
way to bust the censors is to visit www.microsofttranslator.com
and enter the banned website address there. Click on Translate,
from English to English, and there you are – the "translated"
website appears, links and all, with nobody any the wiser. Try other
translators if that one stops working.
But, what if
they have filtered not just the main web address, but even any reference
to the site?
Well, you would
normally avoid government-funded
freebies that log everything. One such
service is Ultrasurf
– linked to the Falun Gong run GIF
Inc, and headed by an NSA scientist to break Chinese censorship.
But here, your
only objective is to get through from a public military system or
library. So why not let military socialism, corporate fascism and
Chinese communism fight it out – while you pass through the midst
fast, and does get through – one click and a new censor-busting
browser window will open. All tracks – at least at your end – are
wiped when you close.
are many free "anonymous"
web-based proxies available, such as the one used in the Sarah Palin
hack described next. Some may be blocked and to get through, you
might need to choose an SSL (secure) one. Just don’t expect it to
be fast and don’t rely on any privacy promises.
Sarah Palin Email Hack
hitting the news, the real greatness of this hack is as a text book
example of what not to do.
a year ago, but I only recently came across how it was done: Here
are the details.
used Yahoo email. She followed all their "security" steps
and answered all their intrusive personal "security" questions
accurately – and it got her hacked. Her personal security information
was actually public information distributed all over the net. The
one good thing she did (we are told) was to use the email for only
trivial email content.
was very easily found. This is partly because the "free anonymous
proxy" service he used kept logs. Plus, his own personal info
was all over the net.
I almost felt
sorry for the lad not only in hot water with his State Representative
father, but also unanimously derided by his peers (for getting caught).
And now the hypocritical state is prosecuting
Here is a privacy
tip for international travel: Maybe you don’t need to transport
sensitive data at all.
installed, you can access your main computer from a normal web browser
anywhere in the world, on any computer. Just enter the main computer’s
IP address, followed by your chosen password, to use it via the
remote computer’s keyboard, mouse and screen. The connection can
easily be encrypted, you can transfer files and you can chat.
I also use
this for small business customers so they don’t have to go in to
the office as much. It is quite easy to set up, but non-tech users
might need tech help to set up their router (tech-talk: forward
port 5800 – that’s it).
in case a computer with sensitive data is stolen, including by customs,
is to remember that deleted files remain intact on your free disk
space for some time, and are easily recovered.
this, CCleaner has a setting to securely empty your recycle bin
(Options>Settings). Also, the main window has a tick box for
an occasional secure wipe of all free disk space. A single or three-pass
secure wipe should be more than enough – any more will take ages.
The "geek mythology" that more are needed at least seems
to be busted.
Mac, or Linux, encrypting the whole system disk can be done – but
is inconvenient, degrades performance, and increases the risk of
data loss in the event of system or disk problems. There is also
the trend in the US, UK and other places of demanding passwords
under penalty of imprisonment.
could work on or save critical data only on removeable storage.
Windows users can encrypt using Truecrypt.
CCleaner can securely delete files on both system and backup drives.
For backup, the tiny concealable "microSD" cards are ideal
– here are inexpensive 8Gb
options, with USB adapter kit included.
In the US,
a bill is being pushed right now to enable a complete internet shutdown.
Other governments have bestowed on themselves similar "emergency
would also hurt government and associated big corporate interests.
Therefore, except in a very worst-case scenario, blanket shutdowns
are likely to be temporary, or only targeted at certain areas.
In which case,
one answer might be satellite access – billed to an outside address,
Or, if landline
phones still work, there are numerous free (call cost only) dial-up
These are accessible internationally, often with no
signup needed. It is outdated, slow and costly but does work,
even with a VPN – making it also a privacy option of last resort.
Some are suggesting
a return to the old BBS pre-internet communication system, which
is a good idea, but still depends on a functional phone line.
might be a wireless
mesh network linking wireless routers, either independent of
any broadband provider or sharing a single satellite uplink. Directional
antennas can extend wireless range to a half mile – or even much
more. Wireless amplifiers are also
available, or routers like the Linksys
WRT54GL can be upgraded with firmware
to boost power output.
If all else
fails, it's back to carrier
pigeons – with memory sticks or SD cards....
"security suites" are widely promoted because major magazines,
websites, retail stores and manufacturers all get advertising revenue
and/or a commission on the annual fee.
avoid manufacturers like Packard Bell, who even remove the uninstaller
(use the removers I linked to). They make nothing from the much
better but free products (with optional upgrade) like Antivir, CCleaner,
Malwarebytes and Spybot.
As I write
this section, within the last three working days I have twice solved
major problems primarily by removing Norton. Today, I had the same
thing with the "Kaspersky" security suite – and not for
the first time.
One more Windows
privacy and security tip:
to the simple cleanup steps I outlined, techies often use a program
This!". Proceed at your own risk. Leave any antivirus entries
(or install that afterwards) and anything called "lexbce"
alone. Start-up entries can be thinned down to less than a dozen
– far less than in the above video.
Security and Windows/Mac/Linux
They are all
useable for internet privacy purposes.
on Macs, but only Windows really needs an antivirus program. Windows
currently represents 92.54%
of computer users.
one Vista laptop, the eight computers in my own large household
are all XP. Microsoft may rightly be unpopular, but XP is fast,
works with everything and has the biggest choice of software – official
and unofficial. Virus or spyware problems are for us extremely rare
and easily dealt with.
is receiving NSA "assistance"
yet again, Windows
7 is at least better than Vista – any NSA "backdoors"
or "watermarks" would soon be uncovered, and cause an
immediate outcry. Avoid the 64-bit
version, for a year or two at least.
Mac users generally
get to enjoy "security through obscurity". In other words
– they are too few to target.
But Macs do
go wrong and it can be more serious: Experienced help is harder
to find, much more expensive, you may have to wait longer for it,
and it may be harder to recover vital data. You also have less choice
of both hardware and software – with fewer games for the young at
heart being just one example.
all that, it may suit your needs exactly and, for many, a Mac is
a pleasure to work with. A Mac may put a spring in your step and
not just because of a considerably lighter wallet....
Linux had a
promising boost on early netbooks, which then shocked Microsoft
reverse legal environment and mostly volunteer base have made it
the "too many cooks" OS. Except for business servers,
it can often be a case of one geek proving his worth to another
– with little
market pressure to please users. Then, the already steep learning
curve goes vertical when you have a problem.
You are less likely to have virus problems than even a Mac, but
more likely to have operating problems.
there are many variants. One great distribution
is called "Dream
Linux", with an attractive, user friendly, Mac type appearance.
Then there is "Ubuntu" – by far the most popular flavour
of Linux. The best branch of this may be the semi-commercial Linux
Mint, which has a good non-IP based business model, that would
probably be standard were it not for the pro-IP legal environment.
With most Linux
distributions, you can safely start up your computer from a "Live
CD" and get a foretaste – before deciding whether to actually
install from the same disc. You might really like it.
some time to select VPN services for myself, the one service I can
definitely recommend is www.perfect-privacy.com.
There are many others, including some to be avoided:
is a long list of VPN services and here
is another with some good comments amongst the spam.
seem to be sound, have a healthy
attitude towards IP legal threats, but use a non-published modification
of OpenVPN. Xerobank, Cryptohippie and Metropipe are all loosely
associated with the old Laissez
Faire City DMT/Alta.
Check the reviews, but they may be OK. I still like SwissVPN
but they are in the Swiss surveillance net, do keep logs and don’t
allow file sharing. There is also a limited free service called
Alonweb – but
they are very new.
the Swiss TunnelDrive
use a type of VPN called PPTP or "poptop". For basic privacy
this is fine – it would take hours or days of focused effort to
crack, though it can be done. There is a post to solve a couple
of PC security problems with this type here.
you avoid the US-based "StrongVPN"
(terms of service, logs). Particularly avoid "Securenetics",
as it is almost identical to "FindNot" – which recently
disappeared along with customers’ money. There is another free service
called "ItsHidden", but the hosting location suggests
it may be set up to create a cloud of users to cover extreme porn.
although preferable, it is not essential to pay for a VPN privately.
The VPN service will get your real IP address anyway, and your internet
provider will see the VPN connection also (though nothing else).
PayPal or a third-party card payment service should be OK. There
is no reason to directly supply a VPN service with any personal
details, of course.
using website "Domain Name Server" lookups was mentioned.
I want to emphasize that these "DNS" lookups also lend
themselves to surveillance of the websites you visit, even if you
have a VPN active. So for Windows, common Linux distributions, and
under some circumstances Macs – do make sure you check your VPN
connection for "DNS leaks". Details, tests and recently
updated fixes are here: OpenVPN,
related forums, setting up a personal VPN is sometimes mentioned.
The problem with this is the loss of any "crowding" effect:
Normally it would be difficult for targeted surveillance of a VPN
server to match incoming and outgoing connections. But with a private
VPN, it is easy to identify the source of the single incoming connection
and to monitor all outgoing connections.
plans indeed are afoot to enforce copyright on the internet.
response to this kind of threat, the VPN market has recently been
boosted by file sharers. This is good news as it means more choice
and a bigger crowd to get lost in.
by using a VPN, a good file sharing defence would be an unencrypted
wireless router which anyone could have accessed. Young file sharers
in France are currently promoting open wireless nationwide to foil
is not as risky as the media will tell you, because the media/IP
wants all activity uniquely identified. For a targeted company or
in a built-up area, caution is advisable. Otherwise, it may be more
likely that a computer is stolen than a white van parked outside,
hacking it for hours.
now have an isolated open Wi-fi hotspot option, to share a fixed
portion of available internet bandwidth – an ideal solution.
new development to watch is the emergence of encrypted anonymous
file sharing, by using a program called Anomos.
Here are two
good alternatives for making private landline or mobile calls over
- With laptops,
usually your internet connection will be wireless. This means
you can plug an IP
phone (reviews here)
into the unused network socket for Internet Connection Sharing
(Control Panel> Network Connections> "Set up a home or small
office network"). You might need a special "crossover"
type cable. As a privacy safeguard, only plug the IP Phone in
after your VPN is connected, or make sure a button needs to be
pressed before the line goes live.
- On my own
system, I just plug in a USB phone
My daughter uses this
USB cordless phone (alt.).
Don’t run the CD – these particular USB phones just plug in and
work fully with the "X-Lite"
free soft-phone (alt.).
Note: When installing X-Lite, disable "Run at start-up".
Always start manually, after the VPN is connected.
did a US radio interview recently using this setup, through a Luxembourg
VPN. The studio called up my anonymous international number and
it worked for an hour as well as any normal phone call. In this
scenario, possible privacy concerns
are a lower priority, and Skype might have been preferable, for
higher audio quality. Note: Sign up and use Skype only with a VPN,
turn off the "Run at start-up" option and only start manually
after your VPN is connected.
There is one
more option for internet calls:
Some IP phones
actually incorporate a VPN connection. They are not commonly available,
phones are expensive and require technical know-how, but the 800
series can establish OpenVPN connections. Other, mostly Chinese,
include the ability to connect using the simpler PPTP type of VPN.
There is one model available in the US
phone calls, you will need a call provider. Layers of privacy here
can include: private payment, calls routed through another country
or political region, privacy standards within that country, using
a VPN service with no logs, and optionally, further call content
For both sides
of the Atlantic, I like the call provider Link2Voip.
They are Panama owned, with a base in Canada and offices in the
US. They have call servers in Canada, Dallas, Panama and Amsterdam
(okay for northeastern US). Call prices are very good.
They do have
to log outgoing calls to charge you, but there may be some protection
in the Panama legal base. However, for real privacy, pay with a
money order and be virtually anonymous.
Best of all,
having written most of the above recommendation already, I discovered
Link2Voip day-to-day management is in the hands of a regular LewRockwell.com
USD/CAD money orders are not obtainable (strangely, except in Albania),
so here are some other options:
is Swiss-based and like Nomado
in Belgium, you can pay for calls using an anonymous "Paysafecard"
voucher, obtainable across Europe (and in Mexico). "UKash"
is a similar European (and Canadian) payment service that can be
used for a number
of internet call providers. Most are "Betamax" resellers,
is one good independent service based in Amsterdam.
Most VoIP services
in Switzerland (like Peoplefone, Sipcall, NetVoip) can be paid over
the counter at any Swiss Post Office. A day trip to Switzerland
might be well worthwhile to fund a private number, outside the EU.
(Note that "Switzernet" actually uses French call servers.)
Switzerland does have a surveillance system called Onyx but, at
least officially, it is not tied to the EU or Echelon.
With the premium
version of X-Lite ("Eyebeam") and other software or IP
phones, you can have two or more lines. That means one account with
a phone number could be used for incoming calls, while another without
a number, could call out.
So, if you
obtained a free US (alt.),
IT or worldwide
(alt.) incoming number, you
could then use any other outgoing call provider. Operation is seamless
in practice, and the separation offers even greater privacy. Often
you can set your own outgoing caller ID – or turn it off completely.
the iPhone with Wi-fi remains a favourite option – preferably with
GPRS and the cell connection disabled. The new
iPod Touch models are almost identical to the iPhone. They still
do not have a built-in handset, but do now come with a separate
wired headset/mic as standard.
some new apps available to make SIP calls: Check out iPico,
and note that SipPhone has been renamed to iSip.
Hp iPaqs can
work well also, and the newer 210
series can be used as a normal handset. The front speaker/earpiece
it is not officially supported, so it needs a simple fix,
which also solves other reported audio problems.
Android smartphones are set to break on the scene this year. Android
does include a VPN
client and SIPdroid
is free SIP internet calling software.
unless at a random Wi-fi hotspot, you would use these phones only
after connecting with their internal VPN. Be sure to take the more
A VPN Router
2820Vn router is a simple, always-on, VPN router for a whole
household or office. It could maybe even fit in a laptop bag for
With all features
in one place, it is not expensive for a complete solution. There
is little retail presence in the US (www.draytek.us)
but it is on Amazon.
UK will ship
to the US and Europe.
You can connect
to any of four broadband sources: wired network (workplace, existing
modem/router etc.); ADSL (broadband phone line); wireless USB cellular
broadband; plus, it can even connect to a nearby Wi-fi signal. Any
or all computers in your house or office can be plugged in, or connected
to it via wireless.
There are two
internet phone sockets for use with regular (inc. cordless) telephone
sets. All calls can go out via the VPN connection and it additionally
calls, including ZPhone.
It does use
the simpler "PPTP" type of VPN, which is fine for avoiding
routine logging. Individual computers can still connect through
it with their own OpenVPN connection.
It will require
at least basic tech ability to set up.
Use of the
stronger OpenVPN standard within modified routers is currently messy,
although it can be done by the (very) tech minded. The best hope
for a reasonably useable solution appears to be "TomatoVPN"
which is currently being improved to work with more VPN providers.
One way to
register online with some privacy is to use generic details and
look up a serviced office, apartment block or motel address. But
there is an alternative:
Check out the
which makes it even easier. This site randomly gives you a whole
identity in a number of countries, including accurately formatted
(unused) ID numbers and a working email address.
to money orders and (on the UK/European side) Paysafecard and UKash,
prepaid cards can also be private but may require some time, effort,
and involve fees.
are gift vouchers easily available which make private online purchases
possible without any extra fees. An iTunes voucher, for example,
would be the ideal way to credit or register a new iPhone, via an
Amazon is another
First set up
a new account via your VPN. Then Amazon can be funded privately
cards available in supermarkets and other stores. Local "Coinstar"
coin changing machines also issue various vouchers – some will even
take notes. Western Union offices do charge a small fee.
If your email
content is often critical and you want to learn how to encrypt email,
here is a tutorial
for Gmail. Or, here is a tutorial
for the free trial version of PGP
– the main part keeps working after the trial. Remember, this is
for content encryption only – without a VPN, your IP address (and
therefore location) is clearly visible as well as the "to"
and "from" email addresses.
If your content
is occasionally confidential but you want something quick and easy,
then here is a tip – don’t send an email, share an email address:
a new free email account, preferably secure (https:) and offshore,
then pre-share the details. All you do is save a draft, with or
without attachments – for the other person to log in and pick up
later. Ideally, one or both persons should use a VPN. The last one
out deletes the draft.
provides the security of a needle in a haystack and interception
is highly unlikely – no email is ever sent.
privacy tool of choice, the Asus
1000HE netbook, is still available but has recently been superseded
by the 1005-HA.
This is a worthy successor – with battery life extended to a maximum
Of the three
available variants, the top spec model unfortunately has a glossy
screen. Reviews say it is not too reflective,
but you could choose the even lower cost middle
spec model – there is little noticeable difference (e.g. no
Bluetooth, lower res webcam). Or, get a matt screen
At home, you
can always plug it in to a larger screen – even one like the Samsung
37" TV this article was written on....
netbooks need an external
I hope these
methods will enable you to take some more privacy steps.
is reasonable caution, not fear, in the face of current oppressive
trends. These activities are the death throes of a failed system.
The source of danger is real, but might be compared to Frankenstein’s
monster – inevitably doomed, and not so smart.
the NSA, for example, with associated corporate workfare recipients,
absorb and then slowly stifle human creativity in their hierarchical
straitjackets. That’s why, by God’s grace, as long as there are
individuals who choose freedom; we will always be one step ahead.
defeat this present system, it is essential that legitimate private
wealth remains in private hands. Remember the Golden Rule – who
has the gold, makes the rules.
if you bank offshore, in fiat currency or precious metals, then
these and other privacy measures are now absolutely essential. I
look forward to sharing more on this with you.
Green [send him mail] was
born in the UK and currently works from home there as an independent
emergency callout specialist for home and small business computer
users. He is married with five children all at home
and the three of school age are homeschooled. Over the years he
has also traded the financial futures markets and worked as a one-stop
advertising copywriter/ voice-over artist/ music and jingle producer.
© 2009 by LewRockwell.com. Permission to reprint in whole or in
part is gladly granted, provided full credit is given.