Wednesday, April 29, 2009

Some Semblence of Privacy (in Browsing.)

In a more technical than political vein, I'd like to document how i have created a semi private browsing experience i can take with me, use from nearly anywhere, and then have little fear of finding my name on some new-fangled Homegrown Terrorist list, or some other governmental nonsense, for something google pre-cached, or that came up in a pop up window. This also has the very much wanted side effect of blocking most ads, and seems all around like a handy thing to have.

This solution uses Google Chrome, the newest browser on the scene, but you can in fact use any browser that you can run as a standalone, ie; without having installed directly on the computer.

Before we get started, go ahead and visit whatismyip.com and make a note of what it shows as your ip.

I started with an ordinary USB Thumb Drive, which these days you can pick up for nearly nothing at any electronics store. 

I then reassigned the drive letter, so that no matter what computer we end up plugging our drive into, that letter will not be in use, and our later references to it can remain static. If you want to skip this, it doesn't effect the functionality at all.

Reassigning the drive letter:
This is done (at least in XP) by 
1)going to Start>Settings>Control Panel>Administrative Tools>Computer Management.
2)Then double click on Disc Management under the Storage heading in the Left Pane. 
3)Locate the USB Drive 
4)Rightclick on it and select 'Change Drive Letter and Path' This will allow you to set the drive letter to something specific, Y: in this example.

Install Chrome Portable:
Opening the drive, I installed Chrome Portable, which you can download from HERE. You can download the initial file to anywhere, it doesn't extract anything until you run it. When prompted, ask it to extract all files to root of your Y: drive (again, if that's the drive letter you chose) This will extract all your needed files into a folder named "Y:/Chrome-Portable-blah-blah-blahXXX" Go ahead and rename this folder to just "Chrome", for ease in remembering later.

Running Chrome:
Thats all you need to go ahead and start using the internet's newest and most formidable browser, with its own built in 'Incognito Mode' (just right click on any link and ask it to "Open in Incognito Window" and it will then not keep any privacy info like cookies or history entries when that window closes) from any windows pc with a usb port, just by going into your "Chrome" folder and running ChromeLoader.exe

But we want to go a step further and anonymize it. There are many software solutions out there but i went ahead and chose Privoxy (which blocks certain types of content, including ads, and if properly configured, tracking scripts embedded into some webpages) in combination with Tor (which makes it very difficult to tell exactly where a particular electronic packet of data came from, or is going, let alone, who is responsible for originating it.)  These two, excellent pieces of software which you can obtain, and learn much about at http://www.privoxy.org/and http://www.torproject.org/will do us quite nicely, in our quest for some semblance of privacy, on the internet.

Since both of these are designed really to run on only one machine after they are installed, we are going to cheat a little to get it to run smoothly hand in hand with our thumbdrive portable version of Chrome. That is where PortableTor comes in, fantastically.

The application, which will fit nicely on our thumbdrive, is a tweaked bundle of the TorVidalia package and the proxy-server Privoxy. Once you extract PortableTor and fire it up, it automatically launches the two apps and connects to the Tor network. From there out all you have to do is make sure that your web browser is configured to use a proxy (we will get to that in a bit) and all your traffic will be sent on a privacy-producing trip through the many layers of the Tor network. You can download it here or by navigating through the PortableTor Homepage to make sure you have the most recent version.

The file you download is just a self extracting archive, so just extract its contents onto the thumbdrive. It extracts its own folder, so the root of the drive is fine. 

If you like, just go into that folder, "PortableTor" and run PortableTor.exe, it should pop up with a window that shows itself connecting to the Tor network, and finally, that it successfully connected. Pretty easy, right?

Well, not so fast, as by default, Chrome will still just connect directly to Internet content, and give us all away, instead of connecting to the Tor Network and anonymizing us. We need to configure Chrome to use the proxy we have just set up and started.

Configure Chrome to Use a Proxy*:
1) open the Chrome browser from Y:/Chrome/ChromeLoader.exe
2) Click on the Wrench icon in Chrome in the upper right corner
3) Choose "options"
4) Open the tab titled "Under the Hood"
3.) Underneath the Network title, select "Change proxy settings"
4.) A windows box pops up, click the box that says "LAN settings" 
5.) Check off “Proxy settings” or "Use a proxy server for your lan" depending on if you are running XP or Vista and in the address setting add "127.0.0.1" and in the port "8118" (without the quotes.
6.) If you have the option, you can also check off “Bypass proxy for local settings”
7.) Click “Ok”, close chrome and restart it.

Now that is the slightly disappointing part, as you may not be able to do this on every computer, depending on permissions, and it has to be done on every computer you want to comandere anonymously, be it the local library, work, or any number of other public accesses that one would use for completely secure or sensitive browsing. 

Fortunately, we only have to do it once for a personal computer, as theres no harm in using a proxy (Privoxy) all the time, even if we dont want to use our anonymizer (Tor.) Why wouldnt we want to use our anonymizer, you ask? well, secure practices are never without their downsides, and in this case, its speed. While the Tor network isnt tortoise slow, you will probably notice the difference, and as it relies entirely on private volunteer servers, we really cant complain. 

Besides, as my friend Vistonie says, you have to slow down, if you want to be sneaky.

With that done, you can now test your new found security by visiting either one of these two sites: Whatismyip.com and https://check.torproject.org/
  the first one should display something other than your actual IP, and the second should congratulate you on using Tor. 


Now you can take your drive anywhere, and browse securely:
1)Plug drive into USB
2)Open the drive in My Computer
3)Go to the TorPortable folder and run TorPortable.exe
4)Go to the Chrome folder and run ChromeLoader.exe
5)Follow the proxy configuration above (you may want to keep it in a text file on the drive)

Welcome to the privacy elite of the internet.

If it didnt work, go back to the proxy configuration in Chrome, and make sure you configured it properly, or read any error messages you find.

Tor has alot of options, which are well covered on the Tor page, but works pretty well right out of the box. I will mention one option, that is of some interest, is the setting up of your own Tor relay, not only is plain nice to give back to the people who are helping you, its a good practice, as a particular packet of information, if ever traced back to your computer, network traffic will show little to no forensic evidence that it was requested by your computer. Plausible Deniability is the word of the day.

The main Tor window, after showing a successful connection, can be closed, which doesn't really close it, but instead sends it to the system tray, in the form of a small green onion icon. right next to it is a blue P icon, that is Privoxy.

If this is your first introduction to Tor, here are a couple links with a decent overview: how to browse the internet anonymously with Tor or this guide to anonymous web browsing for a great overview of how Tor protects your privacy.

There are also a lot of individual settings you can look at, and customize at will. Browse away anonymously anywhere you like, any computer running windows that you have access to.

When you are done, you will need to remove the proxy settings you added, essentially a reversal of what you did earlier.
1) Chrome should already be open, if not open it as before.
2) Click on the Wrench icon in Chrome in the upper right corner
3) Choose "options"
4) Open the tab titled "Under the Hood"
5) Underneath the Network title, select "Change proxy settings"
6) A windows box pops up, click the box that says "LAN settings" 
7) uncheck  “Proxy settings” or "Use a proxy server for your lan" depending on if you are running XP or Vista.
8) Exit Chrome
9) Rightclick on the Green Onion in the systray and select "Exit"
10)Rightclick on the Blue P in the systray and select "Exit"
11) Remove your thumbdrive, and make a stealthy exit, knowing you have just pulled one over on big brother...

Remember, we only have rights as long as we exercise them, and we must, frequently, if we wish to keep them.

Ill add an update when i can make this a little faster.

No comments: