Live CD for anonymous internet browsing: The (Amnesic) Incognito Live System

After the sole developer of Incognito, arguably, the best Linux live CD for anonymous internet browsing, announced that he could not carry on with his work in the project, another anonymous live CD, Amnesia, decided to merge with Incognito Linux live CD, and hence, the (Amnesic) Incognito Live System was born.

 

Information security awareness poster

Information security awareness poster

 

Version 0.5 of The Amnesic Incognito Live CD is now out and includes lots of goodies for anonymous internet surfing, encryption and erasing your online tracks, such as:

  • Tor 0.2.1.25
  • Vidalia 0.2.8
  • Claws Mail 3.7.5 with OpenPGP support.
  • Pidgin automatically connects to irc.oftc.net with a randomized nickname.
  • At shutdown time, only prompt to remove CD; just halt when booted from a USB stick.
  • Forbid any IPv6 communication with the outside.
  • Added some wifi drivers: Ralink rt2570, rt2860 and Broadcom STA.

My hats off to this great live CD for anonymous internet surfing!

For those who fear that the Chinese or British secret services will seize their computers one day, a live CD is the sure way to avoid leaving any tracks on your computer.

The (Amnesic) Incognito Live System homepage

 

Review: Free speech webhosting NearlyFreeSpeech

I have been with NearlyFreeSpeech webhosting for three years (not this blog) and this review is based on that experience. The fact that I have been with them for so long already indicates that I am happy with their services, although there isn’t too much competition in the free speech webhosting field and that also helped.

Besides webhosting, NearlyFreeSpeech.net also does domain name registration with whois privacy included.

At the time of writting this NearlyFreeSpeech fees are very cheap for static sites (no database and few pictures).  Just remember to change the settings on your account because by default it is set up to support PHP and once you change it to static site the price will go down.

You will need to pay in order to get support for your hosting account at NearlyFreeSpeech, but I have found their members only forum, to be very useful,  NearlyFreeSpeech staff hangs around there too and they will help you out whenever they can.

During my time with NearlyFreeSpeech I have always gotten free meaningful support from their forums. No question has gone unanswered.

Muhammed the prophet

Muhammed the prophet

The Good Stuff

As long as your content is legal in the United States, where NearlyFreeSpeech is based, you will have absolutely no problems with them, it does not matter if you are promoting pedophilia, Hitler, Stalin or anything similar, NearlyFreeSpeech will not take the content down if this is legal in the US and does not infringe on copyright.

You can pay via Paypal, credit card or sending a money order in the post, the last payment method being a rare find for a webhost.

NearlyFreeSpeech will also take anonymous donations to fund your hosting account, this is an excellent way for people to anonymously fund your website, with no involvement from your part, the donator will only need to indicate your hosting account number, which you can make clear on your site, and you will be notified by NearlyFreeSpeech every time someone sends money in.

NearlyFreeSpeech members can propose new features to be implemented and they are then submitted to a popular vote.  There is support for SFTP and SSH and the sense of community at the forums is also very good.

The Bad Stuff

The only way to upload your files is with an FTP or SFTP client, there is no web interface to do that. Nearlyfreespeech hosting control panel is unique to them and has been developed in house, its navigation is hard and you will need to get used to it, it also has far less features than the more usual cPanel.

It will be hard for you to work out what you are going to pay at the end of the year, the way used to calculate that is complex, consisting of the sum of number of active databases, bandwith used, space used, email forwarding used, etc.

You will need to pay to get hosting support and any hosting software you need to install will have to be done manually because you can’t do that from the control panel.

Barak Obama

Barak Obama

Conclusion

If your site is controversial but legal in the US, you will feel safe hosting it at NearlyFreeSpeech.

Their hosting panel is poor and hard to navigate and you will need not to know the basics of webhosting, such as how an FTP client works.

You will only be better off NearlyFreeSpeech if your website has specific software needs such as some peculiar CMS that you would like to install through the hosting panel. You may also be bothered by not being able to work out what the hosting is going to cost you at the end of the year.

Visit NearlyFreeSpeech


Alternatives to NearlyFreeSpeech:

- Invisihosting

- CrisisHost: Read my CrisisHost review

Freebie: Free full version East-Tec Eraser 2009

I came accross this offer at Softpedia today and I thought about sharing it with all of you. Valid until 31st January 2010, you can download a free full licensed version of East-Tec Eraser 2009.

I just downloaded and registered it and so far so good, it works fine with Windows Vista 64 bit. East-Tec Eraser is last year’s version of this software but still has lots of great features. It can clean your Windows registry, email software, Windows OS unwanted backups and page file, cookies, history, and a long etc.

East-Tec Eraser 2009 is highly configurable and it has a wide range of wiping methods.

Eas-Tec Eraser 2009 wiping software

Eas-Tec Eraser 2009 wiping software

Note: Do not fool yourself! East-Tec Eraser does a great job making life difficult for anyone trying to recover data from your computer. But if your life is at stake, use full disk encryption (Truecrypt)! Sometimes only a single picture or a single document is necessary to ruin your life for ever.

Free East-Tec Eraser 2009 (link valid until 31st January 2010):
http://www.east-tec.com/offers/softpedia/2009/eraser/register.htm (Offer gone!)

Late readers: get Eraser (Freeware):
http://sourceforge.net/projects/eraser/

Secret FBI subpoena demanding IP Addresses of all visitors to Indymedia.us

It is only now that the subpoena has been fought off successfully in court that it can be know how the FBI attempted to get all the IP addresses of people visiting Indymedia.us, an independent news website. The subpoena also imposed a gag order and demanded the recipient’s silence under threat of being prosecuted for obstruction to justice.

Unfortunately for the FBI Indymedia has a no logs policy so besides being defeated in Court by the Electronic Frountiers Foundation, its request could not be fulfilled anyway.

I wonder what kind of people the US has protecting them from terrorism, unpaid fines and rape, when the FBI intelligence team is not aware that Indymedia does not keep logs?

This is actually public information that Indymedia has all over its website.

FBI: Fucktard Bureau of Investigation

FBI: Fucktard Bureau of Investigation

You can read all of the saucy details on how the Electronic Frontier Foundation won the case against this bogus FBI subpoena at the EFF webpage: Anatomy of a Bogus Subpoena

Indymedia UK security set up

Just for all the fucktard officers reading this who do not know how to use Google, let me tell you some of UK Indymedia security set up. (I will assume the security of their Worldwide Indymedia counterparts resembles it).

Hardware encryption:

There are two physical servers that are owned by Indymedia UK, both servers are fully encrypted, the passphrases required for the disk encryption software are in the region of 30-40 characters minimum, they are only stored in an encrypted format by trusted administrators.

If any of the servers are turned off for any reason the passphrases needs to be manually re-entered before the machine can become functional again. People who have physical access to the servers do not normally hold the passphrases, and in some instances, the passphrases are kept in a different country to where the machine is located.

Software anonymisation:

The UK Indymedia website uses software designed around a central publish server from which static HTML content is then copied to mirrors.

UK  Indymedia has employed up to 10 mirrors at any one time, the mirrors may be located anywhere around the world, when you post an article you will be redirected to one of these mirrors at random. Mirrors, like the publish server, are set up to not log IP addresses.

FBI top secret tip to always get it right

-"This is the best marksmanship I have ever seen" - said the
idiot man
-"How in the World do you do it?"
-"Nothing to it" - says the Fucktard Bureau of Investigation
 officer
-"I shoot first and draw the circles afterwards"

Review: Virtual Pritate Network for private internet surfing AceVPN

I have been using AceVPN for three months now and this review is based on this length of time. Before getting into a Virtual Private Network for anonymous internet surfing purposes, you should understand that a VPN will make it more difficult for TLA agencies such as the CiA and Mi5 to spy on you, but a VPN is a single hop proxy, if they want you bad they will most likely have you.

For serious anonymous internet surfing you should use Tor, which unfortunately it is slow for most activities other than posting at bulletin boards.

At the moment there is a 50GB monthly bandwith cap on AceVPN, I think this is a very reasonable amount of bandwith, the average surfer will probably download half that and since P2P programs are not allowed on AceVPN I can hardly see anyone going over the limit.

The Good Stuff

Every time I have emailed AceVPN, around five times, I always got a useful reply in under 24 hours. AceVPN at the time of writing this, has servers in the US, UK and France and claims to be planning new servers at other countries.

One of the USA VPN I was using got blocked by Hulu, a US only TV website, apparently they do not like people from abroad being able to watch their films through a proxy. AceVPN has a secret list of VPNs to access US only sites such as Hulu TV, Pandora radio and Crackle TV, if you email AceVPN support and tell them you want to watch Hulu and they are blocking your proxy, they will send you a new non public configuration file with new servers for the VPN.

AceVPN uses OpenVPN to tunnel the data as opposed to the more unsecure PPTP, and besides Windows, AceVPN also works in Mac, Linux/BSD and the iPhone, any device where you can install OpenVPN should work.

You can choose the UDP or TCP protocol for tunneling. Normally you should choose the UDP protocol, this is que fastest method to download data through the VPN, the TCP protocol is provided because some ISPs and private networks block all UDP traffic to stop certain applications from accessing the internet.

World Internet Plugged In

The Bad Stuff

When you sign up for AceVPN they will send you a very hard to remember cryptic password that you can not change, you will need to enter this every time you want to access the VPN, better write it down somewhere, I personally have it saved on a .txt file on my Desktop.

AceVPN has servers in several countries but  in order to choose what server you want to connect to you will have to manually edit the OpenVPN config file in Notepad and comment out the servers you want to avoid, there is no control panel to do this.

Torrents and P2P programs are not allowed at AceVPN, even if some users use it, as  per terms and conditions this is forbidden.

Conclusion

AceVPN is great value for money and it stops your ISP from logging your internet activities making the life of those who spy on others much more difficult, AceVPN is also one of the cheapest VPN available and the wide choice of servers located in different countries guarantees that if one goes down you can still connect somewhere else.

Be aware that during my time with AceVPN one of their USA servers was seized by the FBI, this was due to a DMCA request according to AceVPN management.

While AceVPN claims not to keep logs, the FBI is known to have great computer forensic facilities and only God knows what kind of personal private data from innocent people they managed to retrieve from that server.

I will be greatly surprised if these professional meddlesome informers resisted the temptation of not looking at other users accounts, I will say it again because people’s lives may be at stake, never forget to use full disk encryption as a security back up. A VPN will make the spooks job more difficult but not impossible, privacy advocates are a high target for TLA, people who have a private life scare the shit out of them, they are not used to that, be ready for an early morning raid from people wanting to know what you do in your spare time, whether you use VPN or you don’t, the Obama deception is here, this is not a joke, the CiA means business, your little VPN will not be enough to stop them, think bigger.

http://www.acevpn.com

UPDATE: As of 01 December 2009, I am having serious problems to watch USA TV with AceVPN (it’s very slow), after various speed tests at http://www.speedtest.net I have detected that their USA servers are very slow at times, in the order of 500Kb/download.

This may change in the future but as for now be warned of this problem. Their French and UK server speed was acceptable.

Registering a domain name with privacy protection

You may want to set up a website that deals with controversial issues or post information regarding possible corruption cases inside the Mi5, the Internet Watch Foundation or Huntingdon Life Sciences. The first thing you should do for this is to get your own domain name.

You could host your site for free, but if your webhost ever goes down or is coerced by the Government to pull the plug on it, all your hard work will be gone at the flick of switch.

Having your own domain name protects you against this. By keeping a local/remote backup of your website and owning the domain name, in case of deletion you simply reupload your data to another webhost located offshore and redirect your domain name there. Owning your domain name allows you to be in control of your site, you should not give this right away to others.

World Wide Web

As per ICANN rules, the Internet Corporation for Assigned Names and Numbers, you must provide your real contact information when you register a domain name. This includes your full name, mailing address, telephone number and email address. Failure to do so will result in your domain being seized.

You can still register your domain with fake details, but if the ICANN finds out, your domain name will be taken away. If you decide to use fake details, make sure that your email address is valid because once a year your domain name registrar will send you an email notification asking you to confirm your personal details.

You should also use common sense and avoid using names like Micky Mouse or Pamela Anderson when registering a domain name. In addition if you use someone else real name and address to register it, that would probably be illegal as you will be impersonating someone identity without their consent. Making up a fictitious personality to register a domain name breaks ICANN rules but unless it is made for criminal purposes most countries do not prosecute people doing this.

Besides emailing you once a year, the ICANN does not go around checking if people has entered their correct registration details, it is when someone makes a complaint against you that they will investigate it.

There are some companies that can be used as a front end to protect yourself from spam, fraud, stalkers and keeping your name, address, email and phone number private. By using them you are not breaking any ICANN rules and your domain name can not be taken away from you, those companies act as a third party lodged in the middle in between the public whois register and you.

Not all domain names can be registered with whois privacy protection, for example the .EU and .US top level domains need to be registered using your real details.

The domain names I know of that accept private registration are:

.COM, .NET, .INFO, .ORG, .ME, .MOBI, .BIZ, .NAME, .WS, .CC and .TV.

Question mark

List of registrars offering whois privacy protection:

These three companies are all resellers and you can find a dozen like them around, easily recognized as their websites and services all look pretty close. All of them use DomainsByProxy for domain privacy registration. I think that DomainsByProxy is one of the best choices, although they are based in the US, they will only reveal your information when required by law.

The domain name registrars I named above tend to have special offers from time to time where you get a domain privacy registration at a very low price for each domain name you buy from them.

If my experience is anything to go by, this special price will then be jacked up by five the next year. The trick is that once you have registered a domain name with privacy protection transferring  it to another registrar means you will lose that privacy registration.

You are likely to be stuck with the registrar you choose and pay the higher fees or risk your identity be known during the domain transfer. If you see a special price and do not take up the offer for five or ten years, you most likely will have to pay a higher price when renewal time comes, special price offers do not apply on renewing the domain name.

This domain registrar HQ are located in the Bahamas and subjected to their privacy laws. I have found Internet.BS to be the cheapest domain registrar around, they even have this statement on their frontpage: Our Warranty: If you find a better offer, we match it!

When you register a domain name with privacy protection through Internet.BS, these are the details that anyone doing a whois on your domain name will see:

Domain Privacy Protection with Internet.BS
Domain Privacy Protection through Internet.BS

Notice that your real email addres will be replaced by a forwarding antispam email address .

Other registrars that offer domain name privacy protection:

If you want to save yourself time looking at prices, your best bets are Internet.BS and BlackBeltDomains. I also do not know how good it is the privacy protection provided by the registrars on the last list. I have only used Internet.BS, BlackBeltDomains and NameCheap, with NameCheap being a bit more expensive that the other two. But prices and offers do change all the time.

Personal disclosure: The link to BlackBeltDomains has an affiliate code included!

Bad Apple

The bad apples of the basket:

Dynadot: Dynadot so called domain privacy registration will not replace your name. Only your email, phone, and address. Pretty pathetic leaving your name out in the open to be targeted by Mi5 busybodies and spammers.

Nameguard: At Nameguard they use a company called Privacyprotect to safeguard your so called privacy.

Privacyprotect, according to their site, will disclose a domain name owner’s private data if they are engaged in spam or abuse, the complainant can be any member of the public and needs to attach evidence. Whether that evidence will be enough proof of abuse/spam will be solely decided by them.

It would be easy for anyone disgruntled with your site to formulate bogus charges against you and then request them to reveal your personal details.

In fairness, the only company that openly states it will refuse to disclosure any domain name personal details without a court order is DomainsByProxy, the others simply skip over the issue by not mentioning it.