(→Create pseudonymous e-mail accounts)
|Line 46:||Line 46:|
==== Create pseudonymous e-mail accounts ====
==== Create pseudonymous e-mail accounts ====
Revision as of 15:25, 17 March 2010
While the main usage of JonDo is anonymizing web surfing, there are a lot of other applications that you may use with the program.
In the following, you will see some applications that have successfully been tested with JonDo. There, you will also find some basic instructions regarding their configuration. If you are missing the configuration of an email-client or an instant messaging-service please consider reading our help. Due to lot of questions we decided to introduce both the former and the latter there and not within this wiki. If you have your own suggestions, write us: For every submission which is published here, we will send you a JonDonym-couponcode worth of 500 MB for free.
Web browser - anonymous WWW surfing
If you are surfing the web via JonDo using JonDoFox, your IP address and the characteristics of your browser are anonymized. But you should in any case pay attention to the following notes while surfing, because otherwise JonDonym is not able to protect you:
- If it is possible, enter personal data on web sites only if they are secured by HTTPS. JonDoFox shows for these sites a blue or green bar within the address bar.
- If it is possible, enter your correct personal data only if you want to order some physical product. In all the other cases you should use imagined identities and do not use login names more than once.
- Use different, randomly generated and preferably long passwords for each web service. You may use password programs like KeePass, in order to generate identities and passwords automatically and save them securely.
- Avoid Flash and Java applications. Download web videos instead of viewing them directly in your browser.
- Allow cookies just temporarily. Do not use Google search if you have accepted cookies for Googlemail.
Secure PDF documents: harden Adobe Acrobat against attacks
Using Edit->Preferences (key combination: Strg+K), you should disable various functions of your Adobe Reader in order to secure it against hackers. Multimedia Trust must not be allowed (prevents direct IP connections):
Internet: Forbid displaying PDFs in the browser (prevents direct IP connections):
Disposable e-mail addresses
If you are using one and the same address more then once in order to send or receive your e-mail, you are "creating" an identity with it. In the following you will find some web services which you may use to quickly switch your e-mail pseudonym:
Sending e-mails from disposable addresses
If you want to send e-mails, but do not want to reveal your identity to the addressee or a third party, the best thing is using the remailer interface provided by the German Privacy Foundation (click here). If the addressee has a contact form on his web-site, of course, you may use rather this one.
Receiving e-mails to disposable addresses
If you are registering on web-forums you often have to leave an e-mail address in order to get a confirmation. If you do not want to use your own e-mail address for it, you may use rather one of the following temporary PO boxes:
- Anonbox provided by Chaos Computer Club (readable using web-site source)
Create pseudonymous e-mail accounts
Pseudonymous inboxes for whistle-blowers
Journalists, bloggers and other whistle-blowers may use the PrivacyBox (click here).
E-mail accounts in one minute
There are many e-mail provider that allow you to set up a new account very quickly if required. Choose an E-Mail address of the form firstname.lastname@example.org, that is "anonymous" + numbers + letters. If all JonDo users create addresses of this form, they are much less distinguishable. Please be aware that you do never access these accounts without using JonDo because otherwise your IP address is being revealed. Please note that almost all of these services need cookies for login.
- VFEmail (HTTPS/POP with SSL, you need a disposable address for registration)
- HotPop (no HTTPS; POP with SSL; only 8 character passwords; choose random answers on questions about personality)
Keep your E-mail communication
With Hushmail you can prevent the details of your e-mail communication being left behind on servers and/or computers of your communication partners. Above all this is useful if the addressees of your e-mails are using web accounts which are never deleted, like GoogleMail. At least the e-mail provider can trace your communication then. Therefore, act as follows:
- Set up an e-mail account (account A) in order to receive e-mails (do NOT use Hushmail now, as otherwise Hushmail would be able to observe your long-term communication, which is just what we want to prevent).
- Access account A regularly via JonDo using your e-mail programm or your browser.
- Set up a new Hushmail account (account B) for every addressee who is sending you an e-mail to account A. You may now access this account via JonDo as well, as long as you need it.
- Answer the addressee only via account B. He is getting now a link. If he is clicking on it, he may write you back directly using the Hushmail web site (HTTPS-encrypted).
- Account B will be deleted automatically if you are not accessing it for three weeks. With it your communication is gone as well, unless your addressee has saved or printed the Hushmail web sites.
If your conversation partner is also using Hushmail, however, he keeps your messages. You should encrypt your messages using GPG additionally, (best directly in your web browser) in order to make the access of a third party more difficult.
Anonymous and secure document sharing
If you want to send larger documents but are not able or do not want to attach them on e-mails you should use one of the following one-click file hosts. There you may upload files for some days or weeks free of charge:
- Datenklo (deleting manually maybe not possible)
- FlyUpload (deleting manually maybe not possible)
- UltraShare (deleting manually maybe not possible)
These file hosts do not require scripts or cookies in your browser and do not want user-related data.
If you want to protect the contents of the uploaded files against being accessed by file hosts or third parties you should encrypt them before uploading. You may use, e.g. TrueCrypt, AxCrypt, AES Crypt or jFileCrypt. Then you are sending the password to the same people that get the download link to the files.
Hint: An asymmetric encryption of these files using GPG/PGP results in third parties being able to connect your GPG/PGP pseudonyms with those files.
Anonymous server maintenance with WinSCP
WinSCP is a Windows program for the secure data transfer from and to a server. At the menu item "Proxy", just enter the connection data for JonDo (Proxy host name=127.0.0.1, Port number=4001) and choose "Login". You should now see in JonDo that the program transfers encrypted data.
Proxy-compliant applications (HTTP/SOCKS)
In principle you may use JonDo with every Internet application where you can enter an HTTP-proxy in the settings. The default values for enabling the proxy are as follows:
- Hostname/IP address: localhost (or 127.0.0.1)
- Port: 4001
Some premium mix services offer in addition to the HTTP proxy interface a SOCKS proxy interface as well. However, the HTTP interface is preferable over SOCKS if the respective Internet application is supporting it.
Be cautious if you are using the SOCKS interface
Please, if you are using a SOCKS proxy make always sure that the respective application is resolving the DNS name via the SOCKS proxy. Because otherwise information about the servers which you contacted via JonDo will be transmitted to the DNS servers together with your IP address. Should the configuration of your SOCKS application neither be specified in this wiki nor in the help, please check if it is leaking DNS using a personal firewall or tools like Wireshark. If you do not know what to do with these terms it would be better if you were not using SOCKS.