Help me become completely anonymous and untraceable online

[ch@ts]

After all the recent facebook related arrests, I was wondering if it was possible to be completely untraceable online.
I'm in the process of setting up a site where I'll be asking people to expose corrupt & powerful people, and I don't want to endanger them...or myself!

If I use services like Hidemyass, Ultrasurf or KISS security, create fake facebook accounts, and register/operate my website/blog from there, can I still be traced?
Do foreign domain registrars like Namecheap release our details to governments on request? I've got who.is privacy, do I still need to worry about being tracked?
Are there any web-hosts who'll protect my privacy, or are there ways to run a server, take back-ups etc, without leaking my identity? I'll still need to monetise the site, so if I use adsense/and or other avenues of revenue , can I direct payments to an anonymous offshore account? And can I access that account in India without compromising myself?
Can the meta-data on pictures I've taken be traced back to me? How do I wipe any extra info from the pic, like camera info, lens, etc, but keep stuff like location, date etc, and still have the photo in a state where it can be used as evidence in a court of law?
I won't keep any site traffic logs, but will that be enough to protect people who post to my site? Will my hosting company have and give up traffic logs?

What does one need to do to protect one's people (and one's freedom) from the government?

 

[puns]

You cant be completely anonymous and untraceable online. If they want to come looking for you, you will be found.
if you try to earn money out of whatever you are doing, you are it making it easier to trace you.

There are enough examples of companies & people getting caught, extradited or thrown in jail when local or international governments dont like what they think is illegal.

Simply put, you will get caught !!!

 

[ch@ts]

Okay, so I can't be completely anonymous.

So, then the question is how can I be traced?

 

[ayanavish]

A Guide to Online Anonymity - How can i be completely untraceable ?| Learn How to Hack| Ethical Hacking

 

[ch@ts]

A Guide to Online Anonymity - How can i be completely untraceable ?| Learn How to Hack| Ethical Hacking

Thanks....I hadn't thought about hiding my MAC address.

But, I'm a bit confused. I use tunnelling, and MAC address spoofing on my PC, but I'm connecting through a router attached to my ADSL modem. Will my modem/routers IP/MAC address also be hidden ?

- - - Updated - - -

Also, the guide says this stuff is also useful for "Bypassing ISPs service usage limits".

So, does it mean that if I use a VPN my usage won't count towards my FUP limit?

 

[dexBG]

TOR is a good way to go .. hopefully your exit node will be somewhere faarr off ..
Traffic is encrypted and bounced around a lot.

You can suggest all users of your site to use TOR while browsing and submitting content .. that way everyone can be secure.



Your hosting company will most certainly maintain records of incoming IPs .. site visitors etc. They have to maintain for their own internal purposes.

- - - Updated - - -

- - - Updated - - -[/COLOR]

Also, the guide says this stuff is also useful for "Bypassing ISPs service usage limits".

So, does it mean that if I use a VPN my usage won't count towards my FUP limit?

Your router is what is visible to the outside world not your PC Network Card.. your Modem/Router address will be visible.


Any traffic going through your router to your ISP will count to your FUP .. VPN is just a service and will take up bandwidth just like any other.
The "Bypass Service Usage limits" means using blocked services like torrents etc .. or accessing certain sites.

 

[ayanavish]

+1 to what @dexBG says...traffic going / coming through your router to your ISP will be recorded in your bandwidth consumption, and VPN service will also have its share of traffic used

 

[Arv90]

I too was reviewing some VPN's some days back.
Small Reference :Why You Should Start Using a VPN (and How to Choose the Best One for Your Needs)
Even the VPN providers have to provide logs under the circumstance of a court order. For instance,

TorVPN
Supports: Windows, OS X, Linux, iOS, Android
Protocols: SSL (they often refer to it as OpenVPN), PPTP, and full SSH tunneling.
Home Country: Hungary, with exit servers in Hungary.
Logging Policies: The service doesn't log your connection aside from bandwidth usage to compare against your quota, and your payment details. They also are committed to your privacy, and specifically say they won't surrender their data without a Hungarian court order.

So details are still available.An identity can never be hidden unless you have some magical wand.
Am sure some ethical hackers,if available here on the forum,can guide the OP well.

 

[honest1]

A bit off topic but related. I am planning to use putty at my workplace and use "localhost" as proxy on the browser. I have goflex running at my home and it should tunnel all the traffic from my home.
So will that leave any traces of site I visit at my workplace?

Details of the method is here:
Using PuTTY to create an SSH tunnel

 

[Rockfella]

Ethical hacking lol

 

[Arv90]

So will that leave any traces of site I visit at my workplace?

No, i think so.
Squids and other internet content security software's won't recognize the traffic.
However,a larger bandwidth consumption can raise suspicions.

 

[honest1]

No, i think so.
Squids and other internet content security software's won't recognize the traffic.
However,a larger bandwidth consumption can raise suspicions.

I generally use Gmail only and couple of other sites. No downloading stuff. So I believe that that's fine. Right?

 

[Arv90]

I generally use Gmail only and couple of other sites. No downloading stuff. So I believe that that's fine. Right?

I forgot to mention that sensible seniors in your office might have block unwanted ports on squids and TMG(Threat Management Gateway),used in offices.
So if you are lucky enough you may be able to use Gmail in you office.
So it depends on the port you set in Putty and the the ports kept open in your office.

 

[Praks]

So many question in main post ? Hope few got clarified. Why so much of protection ? Anything personal ?

 

[booo]

if its about paid vpn, did anyone try ipredator? its supposed to be from the piratebay guys.

 

[Mr.J]

piratebay and zippyshare not working for me.
opens in TOR but not in firefox or chrome.
Which free VPN should I use?

 

[ch@ts]

So many question in main post ? Hope few got clarified. Why so much of protection ? Anything personal ?

Nope...nothing personal. I just don't like the idea of government surveillance, censorship, tracking and it's abuse of our legal system to attack people who say anything against those in power.

What I've begun doing since I posted this -
1) I use SecurityKiss Tunnel to surf when I want to be anonymous. (rare now)
2) I use a separate browser for my daily browsing, and another for my private sessions and turn on "do not track".
3) I've downloaded Thunderbird and along with GPG4win (GNU GPG), and the enigmail add-on am using it to encrypt some of my emails. But since I've got to get the receiver to learn how to encrypt/decrypt for it to be useful, I don't use it much right now. I plan on using this for quite a few of my work mails, since it prevents people from reading your messages, even if they're using the same computer.
4) I've downloaded a Bitcoin client, and once I get enough coins I'll use them to buy a new domain name/hosting solution while using a VPN so that it can't be traced back to me.
5) Once I get to work on my website, I'll start using Linux on an encrypted partition, connect only through a VPN, spoof my MAC address, and only send out encrypted & signed emails.
6) I've also begun using DuckDuckGo instead of Google search, as they don't track activity.

I still haven't thought up a way to monetize the site while remaining anonymous. Or found a place to host the site and domain name that accepts bitcoins and is guaranteed not to respond to take down requests by the Indian Government.

 

[Phaeous]

After all the recent facebook related arrests, I was wondering if it was possible to be completely untraceable online.
I'm in the process of setting up a site where I'll be asking people to expose corrupt & powerful people, and I don't want to endanger them...or myself!

If I use services like Hidemyass, Ultrasurf or KISS security, create fake facebook accounts, and register/operate my website/blog from there, can I still be traced?
Do foreign domain registrars like Namecheap release our details to governments on request? I've got who.is privacy, do I still need to worry about being tracked?
Are there any web-hosts who'll protect my privacy, or are there ways to run a server, take back-ups etc, without leaking my identity? I'll still need to monetise the site, so if I use adsense/and or other avenues of revenue , can I direct payments to an anonymous offshore account? And can I access that account in India without compromising myself?
Can the meta-data on pictures I've taken be traced back to me? How do I wipe any extra info from the pic, like camera info, lens, etc, but keep stuff like location, date etc, and still have the photo in a state where it can be used as evidence in a court of law?
I won't keep any site traffic logs, but will that be enough to protect people who post to my site? Will my hosting company have and give up traffic logs?

What does one need to do to protect one's people (and one's freedom) from the government?

GPS Incognito Method (Written for a slightly different forum topic.)

There's a way to disable the root directive from re-enabling GPS

If you think it's possible for someone to hack the root directive for your particular system, there is likely a physical GPS apparatus within the device that one can take apart or permanently remove, whereby disabling the very potentiality of GPS. The best way to get access to this particular feature is to look online for a model-blueprint with a function-directory. If that proves unfeasible, you could look for an engineer who worked on the project at the particular company and pay him to describe the method of discovering and removing the particular configuration. If that also proves unfeasible, then learning electrical and computer-technology engineering to discover the unique functions of each part of your device will probably be more difficult than finding someone who's able to help you, most likely at a fee (I'd look in the engineering staff of wealthy programming and computer hardware companies--the skill of the individual will likely be the primary factor in determining his mercenary-project cost.)

All this being said, if someone really wanted to hack your device, and you use WiFi, they could find the location of the router through illegal hacking or a court order and possibly determine your *general* location (depending on whether the location of your router relative to your own makes it conducive to the deductive power of law enforcement officials to cross-integrate your identity with the location-potential to determine where you are or would likely be.)

Though all this being said, one could conceivably replace one's electrical-directed GPS configuration with a mechanical one or special-software defense system, whereby allowing quick internet access at your command (4G & WiFi are a form of GPS [one can bounce the signal back from the company satellite to one's receiver off the subsequent space-satellites]) within an instance where this unique type of location-determining bounce could be detected by this special-software system and immediately direct (through one's own programming) a reaction-function to disable the GPS apparatus by means of its own separate configuration system, or merely alert you prominently of the breach and so enable you to mechanically disable one's GPS apparatus. Though one would need to find out the root-denominator identity of the special location-bounce-action to fully disable the possibility of one's warning system being disabled via non-essential bounce-identifying software (wherein able to be blocked or misdirected from its function). Also, to wit if unknown, initially none of this will work at all if you give your service-company/ISP your actual billing address.

If one uses this method correctly, and if one cannot find a method for 100% incognito by a special-bounce-stifling hardware, and one includes the GPS apparatus of one's call-connecting mechanism within the sphere of these activities as well, then I'm pretty positive there's like a 99% chance they'll never be able to track your exact or even general regional location unless (I wager highly unlikely) they store past satellite communication information from your constant GPS access and determine through past-history your general location by means of the recorded satellite-bounces. (I am not aware of any company having such potential or even being willing to fill data-storage/copying-systems with such massive quantities of virtually worthless data.)

So, given all of this, I'd predict that following the exact direction of my (above-mentioned) best utilized system for incognito will virtually guarantee success at the attempt.

Hopefully this information proves valuable to those with objectively moral intentions.

Farewell,

Jeff Phaeous

 

[max_demon]

why not use Tails as primary OS?
PS : for your original querry for wiping out metadata from jpg is using an app called jhead i'hv been using it all the time .

 

[subhasis]

One of the top most way for total anonymity is something known as onion Routers ..using a onion Router not only protects your privacy but also you are virtually untraceable .