How To Surf the Internet Anonymously
Sunday, December 9, 2007 by HackCollege As Kelly referred to in his last post, anonymity online is not an absolute truth. If you do something really stupid and bad, the people in power (aka, the government) will eventually find you. And in my opinion, that's not actually that horrible if you think about it.
Nevertheless, if you're looking for some privacy from your parents or your significant other or the office or your school, there are a few methods --some stronger than others. In this post, I will detail the few methods I know, from easiest to most difficult (also weakest to strongest).
Method #1 - Install the TrackMeNot Firefox Add-On
This is the easiest and most hands-free method. Install it here.
TrackMeNot is a lightweight browser extension that helps protect web searchers from surveillance and data-profiling by search engines. It does so not by means of concealment or encryption (i.e. covering one's tracks), but instead, paradoxically, by the opposite strategy: noise and obfuscation. With TrackMeNot, actual web searches, lost in a cloud of false leads, are essentially hidden in plain view. User-installed TrackMeNot works with the Firefox Browser and popular search engines (AOL, Yahoo!, Google, and MSN) and requires no 3rd-party servers or services.
TrackMeNot will simply sit in the background of your browsing experience, sending random requests to popular search engines that log the searches of each of their users. For example, mine is sending a request for "Local Sporting Events" right now. So since Google is logging everything I'm searching for, "Local Sporting Events" will be mixed in with everything I'm actually searching for, leaving a cloud of confusion. All my real searches are still in their logs, but they are mixed in with many others --making me less predictable in their eyes.
Method #2 - Surf the Internet Using CGI/Web Proxies
This method will allow you to surf the Internet without leaving any information about what browser you're using, which computer system you have, where you live, your IP address, etc., etc. How this method works is, you enter in the URL of the site you wish to visit, and the CGI/Web Proxy will retrieve it for you, not giving that website any of your information. How nice, right?
Since websites do log their visits, your information simply won't be listed there.
Here's a quick list of available CGI/Web Proxies that I know of:
- Public CGI (Web, PHP) anonymous proxy free list - uses a list of several proxies and randomizes which you'll be using each time. Neat.
- Box of Prox
- Guardster
- Proxify
Method #3 - Download, Install, and Configure TOR
This is somewhat complicated, but it's the best free solution I know. Download the Tor Bundle here. The Tor Bundle will include Tor, Vidalia (a GUI for Tor), Privoxy (a filtering web proxy), and Torbutton --all ready to work together.
After installing the Tor Bundle, Vidalia will have also installed for you the Torbutton Firefox Add-On, so all you will need to do is restart your Firefox. But if you're using something other than Firefox, see here.
Now check to make sure Tor and Vidalia are running.
And check this site to make sure it's all running correctly.
Now let's change our IP Address. Go to C My IP, and you'll see your IP Address along with your location. Scary. Now right-click on the blue Tor icon and change your IP Address. Refresh that site. Are you in Russia now? England? Pretty cool.
For most people, this Tor Bundle is enough. But make sure to read the warnings --as simply installing the application is not enough to ensure (almost) complete privacy. Like I said, this method is not single step.
Furthermore, Tor can also work with most other applications --like email or instant messaging.
To Torify other applications that support HTTP proxies, just point them at Privoxy (that is, localhost port 8118). To use SOCKS directly (for instant messaging, Jabber, IRC, etc), you can point your application directly at Tor (localhost port 9050), but see this FAQ entry for why this may be dangerous. For applications that support neither SOCKS nor HTTP, take a look at SocksCap or FreeCap. (FreeCap is free software; SocksCap is proprietary.)
For information on how to Torify other applications, check out the Torify HOWTO.
Addendum - Always Clear Your Browsing History!
Like the rest of this post, I'm using Firefox. If you're using anything else, I'm sure synonyms of Tools and Privacy will work.
- In your Firefox Menu, select Tools.
- Select Options...
- Go to the Privacy tab.
- In the Private Data section, click Clear Now...
- Go ahead and clear you Browsing History, Saved Form and Search History, Cache, Cookies, and Authenticated Sessions. Or any combination, really. The more you clear, the less of a footprint you're leaving.
- Click OK.
These are the methods I'm aware of. Let us know in the comments any others you've been using.
Reader Comments (19)
If you want to really get down to it, you might also want to spoof your MAC address. One of the aforementioned programs might already do that, but I'm not sure.
A MAC address is the unique identifier for your particular piece of hardware (network card, wireless card, bluetooth, etc.). Its information (I think) is wrapped inside every TCP packet sent from your computer. So it could potentially make its way back to you if you're not careful.
I know for Linux users it's as easy as 2 commands, for windows it might be a little tougher. Google is your friend: "Spoofing MAC addresses."
Hi,
As far as I know, MAC address is not wrapped in the TCP header, and search engines have no way to access it, so MAC spoofing is useless.
I'm developping a firefox add-on like TrackMeNot. But I'm trying to generate more coherent and personalized queries using keywords extracted from RSS flows. Also, my add-on randomly click on some results. More information : http://squigglesr.free.fr
It's under development, so any comment will be appreciated.
Hey Vince,
Using Wireshark for Linux, it appears that the MAC addresses are preserved inside the TCP headers up until the router. I'm guessing some routers might throw that information away. I'm sure LMU keeps logs of TCP requests.
I know at LMU each student's system login is also tied to their MAC address. I'm pretty sure this is how the school was able to track down the student so quickly. But then again, who knows.
Yeah, if you're doing anything sketchy on campus they will track down your MAC address. I don't think search engines track it though.
[...] previously discussed these here, here, and here. Be sure to get all [...]
[...] to shoot some people on campus, surfing the ‘Net anonymously has become a hot topic here. We followed up with our own post about surfing anonymously, but today we’re going to cover one of those methods a little bit more in depth: [...]
I used to use an SSH Tunneling Software while at work made by RS4U Consulting. And I personally run my own dedicated server with SSH access. Basically you configure the SSH Tunneling software to connect to your own server directly. And then the software creats the proxy settings you can change on your web browsers proxy settings.
So while you seem to be browsing all these sites, all the network admin sees where you are is you are accessing your own server. My whole story about it started when http://downloads.seoreligion.com/ssh-tunneling.html" rel="nofollow">a firewall was blocking a site I wanted to visit.
So are common proxies like TOR not good enough for screwing around online on campus?
@Internet Party:
Awesome update. Thanks for the tips.
@Salvia:
If the school comes after you for something and they have your outgoing logs and the server our visiting's logs, it won't take them long to figure out what you've been doing. Tor is less effective on campus if your school logs all traffic.
what sucks is that through most proxies the java applet wont work so its hard to watch java vids through a proxy.
Hey...is this the kelley sutton from clarks summit??...just wondering..I'm an old friend and haven't talked to the old crowd in years
Say I work for a company which monitors my surfing habits, i.e, my Network Administrator knows all the websites I visit everyday.
Can any of these programs hide this information from him?
Can I be completely 'ANONYMOUS' to my Network Admin and to the internet?
tor is blocked in my college
plz tell me any other software like this.
thnxxxxxxxxxxxx
Very good post. It really helped me a lot, will be referring a lot of friends about this. I keep seeing articles like these. Keep blogging.
The topic Internet Using CGI ,was a new thing to me.I did'n get the complete data from here.
Interesting question "How To Surf the Internet Anonymously,well want to know that.
Well its really a nice blog well want to know more and more.
Use incognito windows on google chrome! It's really easy and it doesn't store it in your history.
Good site you have here :)
Looking for proxy to unblock sites?
Try this one http://.4ever3.info
Hope it helps :)
cheers!