[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r16346: Updated walkthrough with some new stuff, and corrections fro (in incognito/trunk/root_overlay/usr/share/incognito/walkthrough: . img)
Author: anonym
Date: 2008-08-01 21:09:42 -0400 (Fri, 01 Aug 2008)
New Revision: 16346
Added:
incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/incognito-screenshot.png
Removed:
incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/incognito-desktop.png
Modified:
incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/ff-compose-2.png
incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/tork-main.png
incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/tork-network.png
incognito/trunk/root_overlay/usr/share/incognito/walkthrough/walkthrough.html
Log:
Updated walkthrough with some new stuff, and corrections from proofreading. Also revised some of the pictures.
Modified: incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/ff-compose-2.png
===================================================================
(Binary files differ)
Deleted: incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/incognito-desktop.png
===================================================================
(Binary files differ)
Added: incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/incognito-screenshot.png
===================================================================
(Binary files differ)
Property changes on: incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/incognito-screenshot.png
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/tork-main.png
===================================================================
(Binary files differ)
Modified: incognito/trunk/root_overlay/usr/share/incognito/walkthrough/img/tork-network.png
===================================================================
(Binary files differ)
Modified: incognito/trunk/root_overlay/usr/share/incognito/walkthrough/walkthrough.html
===================================================================
--- incognito/trunk/root_overlay/usr/share/incognito/walkthrough/walkthrough.html 2008-08-02 01:08:34 UTC (rev 16345)
+++ incognito/trunk/root_overlay/usr/share/incognito/walkthrough/walkthrough.html 2008-08-02 01:09:42 UTC (rev 16346)
@@ -1,21 +1,22 @@
<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
- <title>Incognito Walkthrough</title>
+ <title>__INCOGNITO__ Walkthrough</title>
</head>
+
<body>
-<h1>Incognito Walkthrough</h1>
+<h1>__INCOGNITO__ Walkthrough</h1>
<h2>Contents</h2>
<ul>
<li><a href="#intro">Introduction</a>
<ul>
- <li><a href="#what">What is Incognito?</a>
+ <li><a href="#what">What is __INCOGNITO__?</a>
<li><a href="#why">Why do you need anonymity?</a>
- <li><a href="#how">How does Incognito provide with anonymity?</a>
+ <li><a href="#how">How does __INCOGNITO__ provide with anonymity?</a>
</ul>
- <li><a href="#howto">How to use Incognito</a>
+ <li><a href="#howto">How to use __INCOGNITO__</a>
<ul>
<li><a href="#nm">Networking with NetworkManager</a>
<li><a href="#tork">Controlling Tor with TorK</a>
@@ -24,19 +25,22 @@
<li><a href="#pidgin">Chatting with Pidgin</a>
<li><a href="#konq">Managing files with Konqueror</a>
<li><a href="#misc">Other applications</a>
- <li><a href="#usb">Running Incognito from USB</a>
- <li><a href="#windows">Running Incognito from within Microsoft Windows</a>
+ <li><a href="#macchanger">Enabling MAC changer</a>
+ <li><a href="#usb">Running __INCOGNITO__ from USB</a>
+ <li><a href="#cold">Cold boot attacks</a>
+ <li><a href="#vm">__INCOGNITO__ and Virtualization</a>
+ <li><a href="#windows">Running __INCOGNITO__ from within Microsoft Windows</a>
</ul>
<li><a href="#conclusion">Conclusion</a>
</ul>
<h2><a name="intro"></a>Introduction</h2>
-<p><a name="what"></a>In this document we try to present the Incognito LiveCD in an easy to understand and reasonably thorough manner in hope to give the new user a crash course in what might be a completely new set of applications and concepts. However, if you have experience with these applications and concepts from elsewhere and feel comfortable with the user interface in general, reading this document is not necessary although reading the <a href="#what">what, why and how</a> sections might still be of some interest. A word of caution to all users is not to poke around to much with the network, proxy and firewall settings – doing that might spoil the built-in defences of Incogntio. Proceed with that at your own risk.</p>
+<p></a>In this document we try to present the __INCOGNITO__ LiveCD in an easy to understand and reasonably thorough manner in hope to give the new user a crash course in what might be a completely new set of applications and concepts regarding anonymity and security on the Internet. It is quite long so you might want to not read it in one go but instead read the introduction and conclusion, as well as the sections on only those applications you intend to use with the possibility to return to it whenever you want to try something new or use it for reference. If you have experience with these applications and concepts from elsewhere and feel comfortable with the user interface in general, reading this document is maybe not necessary at all. A word of caution to all users is not to alter the network, proxy and firewall settings unless you know what you are doing – poking around with them too much might spoil the built-in defences of __INCOGNITO__.</p>
-<h3>What is Incognito?</h3>
+<h3>What is __INCOGNITO__?</h3>
-<p>Incognito, <strong>noun</strong>:</p>
+<p>__INCOGNITO__, <strong>noun</strong>:</p>
<ol>
<li>One unknown or in disguise, or under an assumed character or name.
@@ -44,78 +48,88 @@
character; the state of being in disguise or not recognized.
</ol>
-<p>Incognito is an open source <a href="http://en.wikipedia.org/wiki/Livedistro";>LiveDistro</a> based on <a href="http://www.gentoo.org/";>Gentoo Linux</a> assisting you to securely and anonymously use the Internet almost anywhere you go, e.g. your home, work, university, favourite Internet café or local library. Incognito can be used from either a CD or a USB drive and has several Internet applications (Web browser, IRC client, Mail client, Instant messenger, etc.) pre-configured with security in mind, and all Internet traffic will be anonymized. To use it, you simply insert the CD or USB that you have installed Incognito on in a computer and restart it. Incognito should then start as an independent operating system instead of Microsoft Windows or whatever operating system you have installed. It is also possible to run Incognito as a guest operating system inside Microsoft Windows by simply inserting the media while Windows is running which should present you with a menu.</p>
+<p>__INCOGNITO__ is an open source <a href="http://en.wikipedia.org/wiki/Livedistro";>LiveDistro</a> based on <a href="http://www.gentoo.org/";>Gentoo Linux</a> assisting you to securely and anonymously use the Internet almost anywhere you go, e.g. your home, work, university, favourite Internet café or local library. __INCOGNITO__ is designed to be used from either a CD or a <a href="#usb">USB drive</a> and has several Internet applications (Web browser, IRC client, Mail client, Instant messenger, etc.) pre-configured with security in mind, and all Internet traffic will be anonymized. To use it, you simply insert the CD or USB that you have installed __INCOGNITO__ on in a computer and restart it. __INCOGNITO__ should then start as an independent operating system instead of Microsoft Windows or whatever operating system you have installed. It is also possible to run __INCOGNITO__ as a guest operating system inside Microsoft Windows by simply inserting the media while Windows is running which should present you with a menu.</p>
-<p>Incognito is Free Software released under the GNU/GPL (version 2).</p>
+<p>__INCOGNITO__ is Free Software released under the GNU/GPL (version 2).</p>
<h3><a name="why"></a>Why do you need anonymity?</h3>
-<p>In case you didn't know, we currently find ourselves in a state of steady decline of our freedoms and privacy, with increasing levels of mass surveillance and repression all over the world (see <a href="http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-559597";>this report from Privacy International</a>). Without taking any precautions, your Internet service provider, the state, the police and global surveillance systems like <a href="http://en.wikipedia.org/wiki/ECHELON";>ECHELON</a> (which is <em>not</em> a conspiracy theory; see <a href="http://www.fas.org/irp/program/process/rapport_echelon_en.pdf";>this report from the European Parliament</a>) can record what you do online: what you read, what you write and who you communicate with. This is possible since all messages sent over the Internet contain the <a href="http://en.wikipedia.org/wiki/Ip_address";>IP addresses</a> of both the sender and receiver, much like an ordinary mail sent through the postal system contain addresses of both sender and receiver for two-way communication. IP addresses can easily be traced back to the physical location of the computers and their owners, and from that ultimately back to you. If you don't mind this fact, then more power to you, but if you do mind, then Incognito might be just what you need.</p>
+<p>In case you did not know, we currently find ourselves in a state of steady decline of our freedoms and privacy, with increasing levels of mass surveillance and repression all over the world (see <a href="http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-559597";>this report from Privacy International</a>). Without taking any precautions, your Internet service provider, the state, the police and global surveillance systems like <a href="http://en.wikipedia.org/wiki/ECHELON";>ECHELON</a> (which is <em>not</em> a conspiracy theory; see <a href="http://www.fas.org/irp/program/process/rapport_echelon_en.pdf";>this report from the European Parliament</a>) can record what you do online: what you read, what you write and who you communicate with. This is possible since all messages sent over the Internet contain the <a href="http://en.wikipedia.org/wiki/Ip_address";>IP addresses</a> of both the sender and receiver, much like an ordinary mail sent through the postal system contain addresses of both sender and receiver for two-way communication. IP addresses can easily be traced back to the physical location of the computers and their owners, and from that ultimately back to you. If you do not mind this fact, then more power to you, but if you do mind, then __INCOGNITO__ might be just what you need.</p>
-<h3><a name="how"></a>How does Incognito provide with anonymity?</h3>
+<h3><a name="how"></a>How does __INCOGNITO__ provide with anonymity?</h3>
-<p>First of all, true anonymity is impossible. Given enough resources an attacker will get you. What one can do is to make the cost of doing that so high that it becomes infeasible Incognito tries to do this by sending all your Internet traffic through the <a href="https://www.torproject.org/";>Tor™ network</a> which makes your Internet traffic very hard to trace. So if someone tries to trace you when you are using Incognito, the trail will stop somewhere in Tor network with the IP address of some of its participants, not your. Similarly, if someone tried to see where you ultimately want to send your traffic, they will only reach as far as some computer in the Tor network. In fact, you will be the only one knowing exactly what is going on – not even the computers in the Tor network that you send your traffic through will know the whole picture!</p>
+<p>First of all, true anonymity is impossible. Given enough resources an attacker will get you. What one can do is to make the cost of doing that so high that it becomes infeasible. __INCOGNITO__ tries to do this by sending all your Internet traffic through the <a href="https://www.torproject.org/";>Tor™ network</a> which makes your Internet traffic very hard to trace. If someone tries to trace you when you are using __INCOGNITO__, the trail will stop somewhere in Tor network with the IP address of some of its participants, not your. Similarly, if someone tried to see where you ultimately want to send your traffic, they will only reach as far as some computer in the Tor network. In fact, you will be the only one knowing exactly what is going on – not even the computers in the Tor network that you send your traffic through will know the whole picture!</p>
<p>As at least a rudimentary understanding of Tor currently is essential for using it securely (and knowing its limits) we strongly recommend reading the <a href="https://www.torproject.org/overview.html";>Tor overview</a> and <a href="https://wiki.torproject.org/noreply/TheOnionRouter/TorALaymansGuide";>Understanding and Using Tor – An Introduction for the Layman</a>. We also encourage you to read the following paragraphs about common misconceptions about the service offered by the Tor software:</p>
-<p>By relaying your Internet traffic through the Tor network (which Incognito does per default) your communications should <em>only</em> be considered to be untraceable back to the computer you used, not encrypted or in any other way hidden. While the traffic <em>is</em> encrypted when it leaves your computer and when you get back your responses, it will not be so when sent between the Tor network and your destination (this is unavoidable for technical reasons). This means that an eavesdropper at some later point will be able see your traffic without Tor's encryption, but will not be able to link it back to your computer.</p>
+<p>By relaying your Internet traffic through the Tor network (which __INCOGNITO__ does per default) your communications should <em>only</em> be considered to be untraceable back to the computer you use, not encrypted or in any other way hidden. While the traffic <em>is</em> encrypted when it leaves your computer and when you get back your responses, it will not be so when sent between the Tor network and your destination (this is unavoidable for technical reasons). This means that an eavesdropper at some later point will be able see your traffic without Tor's encryption, but will not be able to link it back to your computer.</p>
<p>As such, if you are sending or receiving sensitive data whose disclosure would be damaging in itself even if it is untraceable, you need to use end-to-end encryption to hide the meaning of your data to everyone except the recipient. Examples of such sensitive information that you need to protect in this way are your real identity or other personal information linkable to you, login details and passwords, bank account or financial details, anything illegal or political, and secrets in general.</p>
-<p>There are several tools bundled with Incognito offering end-to-end encryption for various applications: <a href="http://www.gnupg.org/";>GnuPG</a> provides with encryption for email, <a href="http://www.cypherpunks.ca/otr";>OTR</a> is for instant messaging (MSN, ICQ, IRC etc.) among others. Also, bear in mind that web browsing on sites for whom the addresses begin with "http://" are not encrypted and thus dangerous to transmit sensitive information to, but those starting with "http<strong>s</strong>://" (notice the additional <strong>s</strong>) are encrypted and thus <strong>s</strong>ecure (many web browsers also display a lock or a similar symbol in the address field or status bar indicating that the connection is secure).</p>
+<p>There are several tools bundled with __INCOGNITO__ offering end-to-end encryption for various applications: <a href="http://www.gnupg.org/";>GnuPG</a> provides with encryption for email, <a href="http://www.cypherpunks.ca/otr";>OTR</a> is for instant messaging (MSN, ICQ, IRC etc.) among others. Also, bear in mind that while web browsing on sites for whom the addresses begin with "http://" the connections are not encrypted. However, web sites whose addresses start with "http<strong>s</strong>://" (notice the additional <strong>s</strong>) use encrypted connections and are thus <strong>s</strong>ecure (many web browsers, including Firefox, also display a lock or a similar symbol in the address field or status bar indicating that the connection is secure).</p>
-<p>Furthermore, some applications have features and services that may compromise the anonymity offered by the Tor network. All modern web browsers, such as Firefox, support <a href="http://en.wikipedia.org/wiki/Javascript";>JavaScript</a>, <a href="http://en.wikipedia.org/wiki/Adobe_flash";>Adobe Flash</a>, <a href="http://en.wikipedia.org/wiki/HTTP_cookie";>Cookies</a> and other services which have been shown to be able to defeat the anonymity provided by the Tor network. For instance, a web page using JavaScript can make your web browser send your real IP address to the web server hosting the web page which possibly can disclose it not only to the web server's owner but also eavesdroppers that happen to fetch the message when it is sent from the Tor network to the web server. Even if most web pages using JavaScript does not do this, it is important to be vary cautious when determining which sites you allow to use these extra features. When running Firefox in Incognito all such features are handled by an extension called <a href="https://www.torproject.org/torbutton/";>Torbutton</a> which does all sorts of things to prevent the above type of attacks. But that comes at a price – since this will disable some functionality, certain sites might not work as intended.</p>
+<p>Furthermore, some applications have features and services that may compromise the anonymity offered by the Tor network. All modern web browsers, such as Firefox, support <a href="http://en.wikipedia.org/wiki/Javascript";>JavaScript</a>, <a href="http://en.wikipedia.org/wiki/Adobe_flash";>Adobe Flash</a>, <a href="http://en.wikipedia.org/wiki/HTTP_cookie";>Cookies</a> and other services which have been shown to be able to defeat the anonymity provided by the Tor network. For instance, a web page using JavaScript can make your web browser send your real IP address to the web server hosting the web page which possibly can disclose it not only to the web server's owner but also eavesdroppers that happen to fetch the message when it is sent between the Tor network and the web server. Even if most web pages using JavaScript do not do this, it is important to be very cautious when determining which sites you allow to use these extra features. When running Firefox in __INCOGNITO__ all such features are handled by an extension called <a href="https://www.torproject.org/torbutton/";>Torbutton</a> which does all sorts of things to prevent the above type of attacks. But that comes at a price – since this will disable some functionality, certain sites might not work as intended.</p>
-<h2><a name="howto"></a>How to use Incognito</h2>
+<h2><a name="howto"></a>How to use __INCOGNITO__</h2>
-<p>In this section we will briefly present the main applications included in Incognito. All the pictures are clickable to get them undistorted and in full size. Users are encouraged to look for further information about them elsewhere and to experiment (while not doing anything sensitive!) for their own benefit. But first, let's take a look at the Incognito desktop:</p>
+<p>In this section we will briefly present the main applications included in __INCOGNITO__. Users are encouraged to look for further information about them elsewhere and to experiment (while not doing anything sensitive!) for their own benefit. All the pictures are clickable to get them undistorted and in full size, but note that some of the text is smudged in order to protect identities. Let us take a look at the __INCOGNITO__ desktop:</p>
-<p align=center><a href="img/incognito-desktop.png"><img src="img/incognito-desktop.png" width=512 height=384 border=0></a></p>
+<p align=center><a href="img/incognito-screenshot.png"><img src="img/incognito-screenshot.png" width=512 height=384 border=0></a></p>
-<p>There are not many things to say unless you are completely unfamiliar with this kind of graphical user interface. It is called KDE and share many fundamentals with Microsoft Windows, Mac OS X and other modern graphical user interfaces, so if you have used any of them, getting used to KDE will take no time. But there are a few things we will say right away to spare you some time. First of all, in the lower left corner of the screen there is a blue button with a K in it, called the K-menu button. Pressing it opens the K-menu where applications are started, KDE is configured, you can choose to shutdown etc. Please explore the different categories of applications and try out those that seem interesting. Also, in the lower right corner you will find something referred to as the system tray, or simply systray, that has a couple of icons in it, each which offers an interface for some application. One of them helps you keep an eye on the battery level (if you run from a laptop), one allows to instantly change the keyboard layout, and one helps you control the network settings, for instance. You are encouraged to check them out, but we will say more about some of them later on in this walkthrough.</p>
+<p>The graphical user interface used in __INCOGNITO__ is called KDE and share many fundamentals with that of Microsoft Windows, Mac OS X and most other modern operating systems, so if you have used any of them, getting used to KDE will take no time. As this document is not intended as a complete guide for KDE there are only a few things we will mention here to spare you some time. First of all, in the lower left corner of the screen there is a blue button with a K in it, called the "K menu button". Pressing it opens the "K menu" where you will find short cuts to many different applications. Please explore the different categories of applications and try out those that seem interesting. If there are any KDE or system settings that you want to change, like the screen resultion or KDE's appearance, this can be done in the "Control Center", found at the first level of the K menu. Also notice that there is a category named __INCOGNITO__ which contains some things relevant for the user, like a short cut to this document. The __INCOGNITO__ category is also available from as a quick launch item, located right of the K menu button, among the short cuts to your home directory (where you store your files), Firefox and Thunderbird.</p>
-<p>Some other important things that needs to be understood before proceeding are the concepts of a <a href="http://en.wikipedia.org/wiki/Livedistro";>LiveDistro, LiveCD and LiveUSB</a>. In essence a LiveDistro is an operating system (e.g. Windows, Linux, Mac OS X) that is run from some removable media like a CD or USB memory stick. Most likely you are running Incognito from a CD, which makes it into a LiveCD, and this brings some limitations to its operation. Most importantly, since a CD is read-only once it has been burned by CD recording software it is locked down so that no changes persist through reboots. So, if you download a file or make some application settings they will disappear when you shutdown. This is both good and bad – on the plus side, if you screw up anything or get a virus, they will be gone if you restart. But not being able to save stuff is of course inconvenient in some cases. In that case you might want to run Incognito from and USB memory stick instead, making it into a LiveUSB, which is writeable and where changes <em>will</em> persist through reboots. You can read more about this and its implications later in this <a href="#usb">walkthrough</a>.</p>
+<p>In the lower right corner you will find something referred to as the system tray, or simply systray, that has a couple of icons in it, each which offers an interface for some running application. One of them helps you keep an eye on the battery level (if you run from a laptop), one allows to instantly change the keyboard layout, and one helps you control the network settings, for instance. You are encouraged to check them out, but we will say more about some of them later on in this walkthrough. You will also see a clock showing its time in UTC (Greenwich Mean Time) which might not be appropriate for your location. To make it show your local time, right-click it and choose "Show timezone" and either choose one of the timezones available there or add your own with the "Configure timezones..." option.</p>
+<p>Some other important things that need to be understood before proceeding are the concepts of a <a href="http://en.wikipedia.org/wiki/Livedistro";>LiveDistro, LiveCD and LiveUSB</a>. In essence a LiveDistro is an operating system (like Windows or Mac OS X, although __INCOGNITO__ uses Linux) that is run from some removable media like a CD or USB memory stick. Most likely you are running __INCOGNITO__ from a CD, which makes it into a LiveCD, and this brings some limitations to its operation. Most importantly, since a CD is read-only once it has been burned by CD recording software no changes persist through reboots. So, if you download a file or make some application settings they will disappear when you shut-down. This is both good and bad – on the plus side, if you screw up anything or get a virus, the system will be restored once you have restarted it. But not being able to save stuff is of course inconvenient in some cases. If you find that frustrating you might want to run __INCOGNITO__ from and USB memory stick instead, making it into a LiveUSB, which is writeable and where it is possible to make it so that the changes persist through reboots. You can read more about this and its implications <a href="#usb">later</a> in this walkthrough.</p>
+
<h3><a name="nm"></a>Networking with NetworkManager</h3>
-<p>The name is quite self-explanatory – this is what you should use to set up your network, usually to establish an Internet connection. In many cases this is automatic. For example, if you are connecting through a wire and it is inserted in the computer, NetworkManager will try to obtain network access automatically with DHCP. If you are using a wireless connection you are basically one click away. Right-click its icon in the systray to summon this menu:</p>
+<p>The name is quite self-explanatory – this is what you should use to set up your network, usually to establish an Internet connection. In many cases this is done more or less automatically. For example, if you are connected with wire NetworkManager will try to obtain network access automatically. If you are using a wireless connection you are basically two clicks away. First Right-click its icon in the systray to summon this menu:</p>
<p align=center><a href="img/nm-menu.png"><img src="img/nm-menu.png" width=240 height=194 border=0></a></p>
-<p>All wireless networks your computer is picking up are listed there, as are all wired networks you have access to (usually one per wire). There are other options also, like connecting using dial-up and setting up VPNs although these will require further setup in the "Options -> Configure..." section. Hopefully all your networking needs will be satisfied using this interface.</p>
+<p>All wireless networks your computer is picking up are listed there, as are all wired networks you have access to (usually one per wire), so the second click is used for choosing any one of them. If the network is protected you will be prompted for a password. There are other options too, like connecting using dial-up and setting up VPNs although these will require further set-up in the "Options -> Configure..." section. Hopefully all your networking needs will be satisfied using this interface.</p>
<h3><a name="tork"></a>Controlling Tor with TorK</h3>
-<p>TorK is described as an anonymity manager. Basically this means that it can be used to control Tor, and is used here as an alternative to Vidalia which some of you might be familiar with (Vidalia is also included in Incognito if you prefer it to TorK). But TorK can do a few more things than just control Tor, one which is evident from the following picture of its main window:</p>
+<p>TorK is an anonymity manager. Basically this means that it can be used to control Tor, and is used here as an alternative to <a href="#vidalia"Vidalia</a> which some of you might be familiar with (Vidalia is also included in __INCOGNITO__ if you prefer it to TorK). But TorK can do a few more things than just control Tor, one which is evident from the following picture of its main window:</p>
-<p align=center><a href="img/tork-main.png"><img src="img/tork-main.png" width=380 height=340 border=0></a></p>
+<p align=center><a href="img/tork-main.png"><img src="img/tork-main.png" width=400 height=325 border=0></a></p>
-<p>The "Anonymous Email" entry is pretty interesting. Pressing the envelope icon will bring forth a dialogue which makes it possible to send anonymous email. Besides first routing the mail through the Tor network, it will also be routed through the <a href="http://en.wikipedia.org/wiki/Mixminion";>Mixminion</a> network, which offers even greater anonymity than the Tor network, at least in theory. In practice the Mixminion network is a bit to small to offer much anonymity, but that extra layer of indirection will probably not hurt. Also, notice that this is one-way only, so the recipient cannot answer unless you specify a response address in the message. But that could defeat the whole purpose of sending email anonymously. If you want the recipient to be able to answer you be attaching a response address you should consider encrypting the message. TorK does not offer an interface to GnuPG, who will have to do that manually, most likely by using the command-line gpg tool.</p>
+<p>The "Anonymous Email" entry is pretty interesting. Pressing the envelope icon will bring forth a dialogue which makes it possible to send anonymous email. Besides first routing the mail through the Tor network, it will also be routed through the <a href="http://en.wikipedia.org/wiki/Mixminion";>Mixminion</a> network, which offers even greater anonymity than the Tor network, at least in theory. In practice the Mixminion network is a bit too small for offering much anonymity, but that extra layer of indirection will probably not hurt. Also, notice that this is one-way only, so the recipient cannot answer unless you specify a response address in the message. Of course, that could defeat the whole purpose of sending email anonymously. If you want the recipient to be able to answer you by attaching a response address you should consider encrypting the message. TorK does not offer an interface to GnuPG, who will have to do that manually, perhaps with PGP (<a href="#kpgp">KPGP</a> is an easy alternative for this).</p>
<p>Next we will have a look at the "Tor Network"
tab:</p>
-<p align=center><a href="img/tork-network.png"><img src="img/tork-network.png" width=380 height=340 border=0></a></p>
+<p align=center><a href="img/tork-network.png"><img src="img/tork-network.png" width=400 height=325 border=0></a></p>
-<p>In here, all the Tor nodes in the Tor network are listed, as are all your circuits and connections that go through the Tor network. All this requires a bit of technical knowledge of how Tor works in order to understand and use, but it is not strictly necessary. One very useful thing when working with Tor is the following option, found in the TorK-menu that you get by right-clicking its systray icon:</p>
+<p>In here, all the Tor nodes in the Tor network are listed, as are all your circuits and connections that go through the Tor network. All this requires a bit of technical knowledge of how Tor works in order to understand and use, but it is not strictly necessary. From the connection listing it should at least be relatively easy for you to see which exit node and country it appears your connections come from.</p>
+<p>One very useful thing when working with Tor is the following option, found in the TorK menu that you get by right-clicking its systray icon:</p>
+
<p align=center><a href="img/tork-menu.png"><img src="img/tork-menu.png" width=182 height=98 border=0></a></p>
-<p>The "Change Identity" option will tear down all you current circuits and build new ones. This is very useful if you experience bad performance or even timeouts accessing some Internet resource as you might have better luck with the new circuits that are built. Also, if you ever want to make sure that one thing you are doing will not be linkable to the next thing you are going to do you should use this feature.</p>
+<p>The selected "Change Identity" option will tear down all you current circuits and build new ones which means that the computers you route your Internet traffic through will be changed to some others. This is very useful if you experience bad performance or even time-outs accessing some Internet resource as you might have better luck with the new circuits that are built. Also, if you ever want to make sure that one thing you are doing will not be linkable to the next thing you are going to do you should use this feature.</p>
+<p>TorK also makes it easy to use some of the Tor Networks more advanced features. For example, if you switch back to the "Anonymize" tab you will find an entry for "Anonymous Websites and Web Services" which allows you to set up <a href="http://www.torproject.org/hidden-services.html";>hidden services</a> by clicking its icon (an English style police hat). Another feature that might be useful when you are using __INCOGNITO__ from a restrictive network can be found in "Settings menu -> Configure TorK -> Firewall/Censor evasion". This makes it possible to use <a href="https://www.torproject.org/bridges.html";>bridges</a> as entry points to the Tor network in order to circumvent censorship systems trying to block your access to the Tor network.</p>
+<p>Lastly TorK will assist you setting up yourself as a Tor server, helping out the Tor Network by relaying other people's traffic. You also have the possibility to act as an exit node, which means that other Tor users' traffic will exit in the clear from your computer. You should really think through if you want to do the latter (act as an exit node) as your ISP might start sending you complaints for other people's file sharing traffic that happens to exit from you, and potentially even worse things that might attract the attention of the police. But simply relaying traffic is completely safe and will only cost you some bandwidth (how much can be configured). However, at the same time you will get more anonymity – it will be impossible for eavesdroppers to distinguish the Tor traffic you are relaying from that you are generating for your own Tor usage use (while web browsing etc.). So if you have bandwidth to spare, you might want to consider doing this.</p>
+
+<p>In order to succeed with setting up a relay you might have to do something about your firewall or router if you have one, like enable port-forwarding for ports 9001 and 9030 – if you do not know what this is or how to do it you should either look it up on your favourite search engine or simply skip it. The next step would be to actually enable it in TorK, which only requires a few clicks. First press the button with a plus icon called "More options" which will make a few more buttons appear. One of them says "Run as a server" when you hover the mouse cursor above it. Simply click it and choose "Relay Tor traffic" and follow the instructions. After that you will just have to wait for a while before the connections start rushing in.</p>
+
+
<h3><a name="ff"></a>Browsing the web with Firefox</h3>
<p>Given Mozilla Firefox's recent surge in popularity many of you have probably used it before. Its user interface is like any other modern web browser, but there are a few things we want to mention, some that is special with this particular installation. Do you remember what we said <a href="#how">earlier</a> about end-to-end encryption and its importance while using Tor? Here is how it looks in Firefox when you are using a secure, end-to-end encrypted connection:</p>
<p align=center><a href="img/ff-ssl.png"><img src="img/ff-ssl.png" width=404 height=311 border=0></a></p>
-<p>Notice the locks in the status bar and address bar (which also has turned yellowish) – these are the indicators that a secure connection using <a href="http://en.wikipedia.org/wiki/Secure_Sockets_Layer";>SSL</a> is being used. You should try to only use services that use secure connections when you are required to send sensitive information (like login credentials), otherwise its very easy for an eavesdropper to steal whatever information you are sending. In this case what we are trying to do is logging in on an email account at <a href="http://lavabit.com/";>lavabit</a>, using their <a href="https://lavabit.com/apps/webmail/src/login.php";>webmail interface</a>. Let us proceed with logging in there so we can se how it is possible to send end-to-end encrypted email with any webmail service out there with the nifty <a href="http://getfiregpg.org/";>FireGPG</a> extension:</p>
+<p>Notice the locks in the status bar and address bar (which also has turned yellowish) and that the address begins with "http<strong>s</strong>://" – these are the indicators that a secure connection using <a href="http://en.wikipedia.org/wiki/Secure_Sockets_Layer";>SSL</a> is being used. You should try to only use services that use secure connections when you are required to send sensitive information (like passwords), otherwise its very easy for an eavesdropper to steal whatever information you are sending. In this case what we are trying to do is logging in on an email account at <a href="http://lavabit.com/";>lavabit</a>, using their <a href="https://lavabit.com/apps/webmail/src/login.php";>webmail interface</a>. Let us proceed with logging in there so we can se how it is possible to send end-to-end encrypted email with any webmail service out there with the nifty <a href="http://getfiregpg.org/";>FireGPG</a> extension:</p>
<p align=center><a href="img/ff-compose-1.png"><img src="img/ff-compose-1.png" width=404 height=311 border=0></a></p>
@@ -125,25 +139,38 @@
<p align=center><a href="img/ff-firegpg.png"><img src="img/ff-firegpg.png" width=96 height=137 border=0></a></p>
-<p>In the menu we choose "Sign and encrypt" and we get a dialogue asking me to select the public key to encrypt it with (Bob's) and the private key to sign it with (mine). After doing this the message is only readable by Bob, and in addition Bob will be able to verify that it was in fact the sender who wrote it. The signed and encrypted text will look like this:</p>
+<p>In the menu we choose "Sign and encrypt" and we get a dialogue asking us to select the public key to encrypt it with (Bob's) and the private key to sign it with (your). After doing this the message is only readable by Bob, and in addition Bob will be able to verify that the message was written by you. The signed and encrypted text will look something like this:</p>
<p align=center><a href="img/ff-compose-2.png"><img src="img/ff-compose-2.png" width=404 height=311 border=0></a></p>
-<p>At this stage we are ready to press send. When Bob receives this email he can also use FireGPG to decrypt it in a very similar way – he will just have to select the encrypted text, get the FireGPG menu and choose "Verify" or "Decrypt", or both. This can be done with any so called PGP block. There is one important limitation in FireGPG, though. It cannot generate new keys, so you will have to use another application for that. We recommend using the GNU Privacy Assistant, which can be found under the Utilities section of the K-menu.</p>
+<p>At this stage we are ready to press send. When Bob receives this email he can also use FireGPG to decrypt it in a very similar way – he will just have to select the encrypted message and then use the FireGPG menu to choose "Verify" or "Decrypt", or both. This can be done with any so called PGP block. There is one important limitation in FireGPG, though. It cannot generate new keys, so you will have to use another application for that. We recommend using the <a href="#gpa">GNU Privacy Assistant</a>, found under the "Utilities" section of the K menu, or <a href="#kpgp">KPGP</a>, found in the "Utilities -> PIM" section.</p>
-<p>And then there is the issue with JavaScript, cookies and Adobe Flash that you might remember from an earlier section. To deal with these problems we use an extension called <a href="https://www.torproject.org/torbutton/";>Torbutton</a> which is specifically designed for this purpose in combination with Tor. While switched (indicated by "Tor enabled" in the Firefox status bar) on it will disable a lot of these things and handle the others in a more secure manner. But as we mentioned, this might cause disruptions in your web experience. For example, the popular video service <a href="http://www.youtube.com/";>youtube</a> will not work properly as you can see here when we are trying to watch <a href="http://www.youtube.com/watch?v=XIDxDMwwlsw";>this clip</a>:</p>
+<p>Returning to web browsing again we need to do something about the problems with JavaScript, cookies and Adobe Flash that you might remember from an earlier section. To deal with these problems we use an extension called <a href="https://www.torproject.org/torbutton/";>Torbutton</a> which is specifically designed for dealing with them (and other things) for Firefox in combination with Tor. Torbutton can be either switched on or off, indicated by "Tor enabled" and "Tor disabled" in the Firefox status bar in the bottom right of its window. It should be noted that these labels are a bit misleading for __INCOGNITO__ users as Tor cannot be switched off. So, in our case "Tor enabled" means that Torbutton will disable a lot of stuff that could harm anonymity, and "Tor disabled" simply means that you only get Tor and no additional protection. As such, you should only disable Torbutton for sites that you trust.</p>
+<p>But why would you ever disable Torbutton? Well, while it is enabled some sites might not work as you expect them to since certain features are disabled or will behave differently. For example, the popular video service <a href="http://www.youtube.com/";>youtube</a> will not work properly as you can see here when we are trying to watch <a href="http://www.youtube.com/watch?v=XIDxDMwwlsw";>this clip</a>:</p>
+
<p align=center><a href="img/ff-youtube-1.png"><img src="img/ff-youtube-1.png" width=404 height=311 border=0></a></p>
-<p>In order to get the video player to show up, we will have to disable Torbutton by clicking its panel in the Firefox status bar. Normally this would disable the use of Tor completely, but as we have mentioned earlier, nothing escapes Tor while running Incognito so your connection will still be anonymized. However, you will have to trust that Google (the current owner of youtube) is not doing anything fishy with all their JavaScripts, cookies etc. that could break your anonymity.</p>
+<p>In order to get the video player to show up, we will have to disable Torbutton by clicking its panel in the Firefox status bar. Normally this would disable the use of Tor completely, but as we have mentioned earlier, nothing escapes Tor while running __INCOGNITO__ so your connection will still be anonymized. However, you will have to trust that Google (the current owner of youtube) is not doing anything fishy with all their JavaScripts, the Flash-based video player etc. that could break your anonymity.</p>
<p>After disabling Torbutton we can finally learn how onion routing (the technique used by the Tor network) works from the guys in the TV series Numb3rs!</p>
<p align=center><a href="img/ff-youtube-2.png"><img src="img/ff-youtube-2.png" width=404 height=311 border=0></a></p>
-<p>There is also another web-browser installed, namely KDE's Konqueror which we will deal with later on in this article, although for other uses than web browsing. We do not encourage you to use Konqueror, not because it is a bad web browser, but simply because there is no Torbutton equivalent tool for it. When possible you should use Firefox and Torbutton instead unless you really know what you are doing.</p>
+<p>If you are reading this document as a local file in __INCOGNITO__ (which is the case if you have used the provided bookmarks) you might have noticed that most links do not work. This is also due to Torbutton since it is possible for others to steal any file from you otherwise. In order to visit them you will need to disable Torbutton and reload the page in a new tab. Indeed there are a few similar oddities related to toggling Torbutton on and off. If a web site does not work as expected after toggling Torbutton and pressing refresh you might have to do any of the following to get it to work:</p>
+<ul>
+ <li>Click the address field and press ENTER.
+ <li>Open a new tab and re-enter (or copy and paste) the address into the address field of the new tab and then press ENTER.
+</ul>
+<p>This is a security feature, also used for separating the different states in Firefox, which otherwise could lead to trouble (arguably a bit less so for __INCOGNITO__ users).</p>
+
+<p>As we hope you understand by know, there are reasons for all these quirks, and while they might be annoying we hope you will learn to cope with them. If not, feel free to disable Torbutton and never use it again, but in that case you should expect much less anonymity and security. There have been several demonstration of uncovering the true identities of Firefox users using Tor, but to the authors' knowledge Torbutton protects you against all of them.</p>
+
+<p>There is also another web browser installed, namely KDE's Konqueror which we will deal with <a href="#konq">later</a> on in this article, although for other uses than web browsing. We encourage you not to use Konqueror for web browsing, not because it is a bad web browser, but simply because there is no Torbutton or equivalent functionality for it. When possible (which should be always) you should use Firefox and Torbutton for your web browsing unless you really know what you are doing.</p>
+
+
<h3><a name="tb"></a>Emailing with Thunderbird</h3>
<p>Not everyone is happy using webmail (like the authors) but want to use a <em>real</em> email client instead. For that we have included Mozilla Thunderbird which looks like this:</p>
@@ -154,9 +181,9 @@
<p align=center><a href="img/tb-compose.png"><img src="img/tb-compose.png" width=324 height=257 border=0></a></p>
-<p>Notice that there are buttons for PGP encryption in both of the above pictures. Pressing any of these for the first time will start a guide for setting up PGP, possibly generating new keys if you don't have any.</p>
+<p>Notice that there are buttons for PGP encryption in both of the above windows (labelled with "Decrypt" and "OpenPGP"). These are provided by the <a href="http://http://enigmail.mozdev.org/";>Enigmail</a> extension, and pressing any of them for the first time will start a guide for setting up PGP, possibly generating new keys if you do not have any. Their web site is a great resource for learning how PGP encryption works so make sure to check it out.</p>
-<p>Setting up your account requires some knowledge about POP vs IMAP etc. and indeed that your email service supports these. Also, doing this usually takes some time which is a problem when running Incognito from a CD, so you might only want to consider using Thunderbird if you have a persistent home directory by <a href="#usb">running Incognito from USB</a>.</p>
+<p>Setting up your email account requires a tiny amount of knowledge, like what <a href="http://en.wikipedia.org/wiki/Post_Office_Protocol";>POP</a>, <a href="http://en.wikipedia.org/wiki/IMAP";>IMAP</a> and <a href="http://en.wikipedia.org/wiki/SMTP";>SMTP</a> is, and indeed that your email service supports these. Also, this initial configuration requires writing down the addresses of the servers involved, downloading mail, etc. which takes some time. This might be annoying to do each time, which is necessary when running __INCOGNITO__ from a CD, so you might want to consider using a persistent home directory by <a href="#usb">running __INCOGNITO__ from USB</a> if you want to use Thunderbird often. One more thing to consider is that Tor exit nodes usually block the plaintext SMTP port (25) in order to prevent spam. This is easily fixed by enabling end-to-end encryption with the email server through SSL, which you should do any way for all of POP, IMAP and SMTP as your password otherwise will be sent in plaintext.</p>
<h3><a name="konq"></a>Managing files with Konqueror</h3>
@@ -165,69 +192,128 @@
<p align=center><a href="img/konq.png"><img src="img/konq.png" width=354 height=257 border=0></a></p>
-<p>As we already have mentioned, we recommend that you do your web browsing in Firefox instead since there is nothing like Torbutton for Konqueror. If you <em>really</em> want to use Konqueror you should make sure to disable all plugins, JavaScript and cookies if you want to expect some anonymity, but even then Firefox and Torbutton is probably a more secure (and usable) alternative. There are no problems using Konqueror for file managing and as an FTP client however. In the latter case, just enter "ftp://" followed by the address to the FTP server in order to connect, and the same applies for SFTP although you prepend "sftp://" to the address.</p>
+<p>As we already have mentioned, we recommend that you do your web browsing in Firefox instead since there is nothing like Torbutton for Konqueror. If you <em>really</em> want to use Konqueror you should make sure to disable all plugins, JavaScript and cookies in order to expect some anonymity, but even then Firefox and Torbutton is probably a more secure (and usable) alternative. There are no problems using Konqueror for file managing or as an FTP client however. In the latter case, just enter "ftp://" followed by the address to the FTP server in order to connect, and the same applies for SFTP although you prepend "sftp://" to the address instead.</p>
<h3><a name="pidgin"></a>Chatting with Pidgin</h3>
-<p>For instant messaging Incognito includes the Pidgin Instant Messenger. It is a multi-protocol client, so you can run MSN, ICQ, IRC, AIM, Jabber and many other protocols at the same time, even with several instances of the same protocol. See the following protocol for a user with three different protocols enabled at the same time:</p>
+<p>For instant messaging __INCOGNITO__ includes the Pidgin Instant Messenger. It is a multi-protocol client, so you can run MSN, ICQ, IRC, AIM, Jabber and many other protocols at the same time, even with several instances of the same protocol. See the following picture for a Pidgin user with three different protocols enabled at the same time:</p>
<p align=center><a href="img/pidgin-main.png"><img src="img/pidgin-main.png" width=109 height=196 border=0></a></p>
-<p>Of course the issue of end-to-end encryption arises again. As we mentioned earlier, we have <a href="http://www.cypherpunks.ca/otr";>Off-the-record messaging</a> (commonly called simply OTR) for instant messaging, and Pidgin and many other instant messengers have support for that. There are several resources on how it works and how to use it on their web site, so we will just present you with a picture of how the chat window looks once you have established an encrypted conversation:</p>
+<p>Of course the issue of end-to-end encryption arises again. As we mentioned earlier, we have <a href="http://www.cypherpunks.ca/otr";>Off-the-record messaging</a> (commonly called OTR) for instant messaging, and Pidgin and many other instant messengers have support for that. There are several resources on how it works and how to use it on their web site. Basically all you need to do is choose "Start private conversation" in the OTR menu and a key will be generated automatically if you do not have one already. After that OTR will establish a private conversation if the other end's instant messenger supports it. This is will look something like this:</p>
<p align=center><a href="img/pidgin-chat.png"><img src="img/pidgin-chat.png" width=370 height=218 border=0></a></p>
-<p>OTR and other Pidgin plugins are enabled in the "Tools -> Plug-ins" section. Simply check the appropriate box for enabling any plugin you want. When the OTR plugin is enabled you can press the "Confifure Plug-in" button which opens a window where you can generate and manage keys. The use of OTR is heavily encouraged as many instant messaging protocols are sent in plaintext. Force your friends to migrate to clients with support for OTR!</p>
+<p>OTR and other Pidgin plugins are enabled in the "Tools menu -> Plug-ins" section. Simply check the appropriate box for enabling any plugin you want, and possibly you might also want to configure it by pressing the "Configure Plug-in" button. When this is done for the OTR plugin you get a dialogue that can be used to manage your keys among other things. The use of OTR is recommended as many instant messaging protocols normally send your messages in plaintext. Force your friends to migrate to clients with support for OTR!</p>
+
<h3><a name="misc"></a>Other applications</h3>
-<p>There are several other interesting security or Internet related applications included in Incognito which we list and present briefly here. We encourage the user to check them out.</p>
+<p>There are several other interesting security or Internet related applications included in __INCOGNITO__ which we list and present briefly here. Those that have graphical user interfaces (which most of them do) can be found in the K menu.</p>
<ul>
- <li><a href="http://www.gnupg.org/";>GNU Privacy Guard of GPG</a> – A Free implementation of PGP used for encryption of all sorts.
- <li><a href="http://www.gnupg.org/gpa.html";>GNU Privacy Assistant</a> – A graphical user interface for GnuPG.
- <li><a href="http://mixminion.net/";>Mixminion</a> – A type III anonymous remailer.
- <li><a href="http://keepassx.sourceforge.net/";>KeePassX</a> – A password manager and generator.
- <li><a href="http://www.kde-apps.org/content/show.php/Kvkbd?content=56019";>Kvkbd</a> – A virtual keyboard that can be used to safely enter passwords when suspecting that a hardware keylogger is present.
- <li><a href="http://www.truecrypt.org/";>TrueCrypt</a> – Disk encryption software.
- <li><a href="http://www.vidalia-project.net/";>Vidalia</a> – An alternative Tor controller.
- <li><a href="http://ktorrent.org/";>KTorrent</a> – A Bittorrent client. Please use this with care as it puts and relatively high burden on the Tor network. Only use it for small files if absolutely necessary.
- <li><a href="http://kopete.kde.org/";>kopete</a> – Another multi-protocol instant messenger with OTR support.
- <li><a href="http://www.kde.org/";>KSirc</a> – Another IRC client.
- <li><a href="http://www.xchat.org/";>XChat</a> – Yet another IRC client.
+ <li><a href="http://www.gnupg.org/";>GNU Privacy Guard</a> (GnuPG) – A Free implementation of OpenPGP used for encryption of all sorts.
+ <li><a name="gpa"></a><a href="http://www.gnupg.org/gpa.html";>GNU Privacy Assistant</a> – A graphical user interface for GnuPG. This application is very useful for generating and importing new keys.
+ <li><a name="kpgp"></a><a href="http://developer.kde.org/~kgpg/";>KGPG</a> – Another graphical user interface for GnuPG, very similar to GNU Privacy Assistant. This one has a text editor under the "File" menu which can be used to easily sign and/or encrypt any texts you write or paste into the text box. This might be useful for sending encrypted, anonymous email with TorK's Mixminion interface.
+ <li><a href="http://mixminion.net/";>Mixminion</a> – A type III anonymous remailer. Remember that <a href="#tork">TorK</a> has a nice graphical interface for Mixminion.
+ <li><a name="keepassx"></a><a href="http://keepassx.sourceforge.net/";>KeePassX</a> – A password manager and generator. For password generation, look in the "Extras" menu. The generator has a pretty cool feature, namely that it show the quality (or <a href="http://en.wikipedia.org/wiki/Information_entropy";>information entropy</a>) of the password it will generate.
+ <li><a href="http://www.kde-apps.org/content/show.php/Kvkbd?content=56019";>Kvkbd</a> – A virtual keyboard that can be used to safely enter passwords using the mouse when you suspect that a hardware keylogger may be present.
+ <li><a href="http://www.truecrypt.org/";>TrueCrypt</a> – Disk encryption software. If you have access to some writeable media you can use TrueCrypt for creating an encrypted container (which in reality will take the form of an ordinary file on that media) on it that you can store files in securely.
+ <li><a name="vidalia"></a><a href="http://www.vidalia-project.net/";>Vidalia</a> – An alternative Tor controller.
+ <li><a href="http://ktorrent.org/";>KTorrent</a> – A Bittorrent client. Please use bittorrent with care as it is a real burden for the Tor network and generally frowned upon in the Tor community because of this. Just downloading a 10 MB file could be equivalent of hours of standard web browsing. Therefore you should only download small files when absolutely necessary.
+ <li><a href="http://www.xchat.org/";>XChat</a> – A more traditional IRC client compared to Pidgin (some people just prefer it that way). Unfortunately there is no OTR plugin or other means for end-to-end encryption provided so use this with care.
<li><a href="http://www.kde.org/";>Krdc</a> – A Remote Desktop client supporting VNC and RDP.
</ul>
-<h3><a name="usb"></a>Running Incognito from USB</h3>
+<h3><a name="macchanger"></a>Enabling MAC changer</h3>
-<p>Running Incognito from a CD has its virtues but it certainly also have its restrictions. While CDs are portable they usually don't fit in your pocket in a comfortable manner. But a USB memory stick certainly fits any pocket. In addition, CDs are read-only and thus no data can be saved to it, but that is, again, not the case with USB memory sticks. However, storing sensitive data on a USB memory stick could be dangerous if it got into the wrong hands. Similarly, if we get a virus or manages to damage the system in other ways, the system is tainted or unusable from that point, either with or without your knowledge. Clearly that is not good.</p>
+<p>If you paid attention when you started up __INCOGNITO__ you might have noticed an odd option in the language selection menu, namely the "Enable MAC changer" entry. Some further explanation is probably required in order to understand whether this is relevant for you or not.</p>
-<p>It is actually possible to get the best out of these two worlds at the same time. When running Incognito from a USB memory stick you have the option to create an encrypted container wherein your home directory is stored so that any files stored and settings made are saved persistently to the next boot. If you use a good password this deals with the dangers of storing sensitive data on it. But what about virus threats and the like? Well, when running from a USB memory stick, the system is still set up to not be writeable – it is loaded to RAM and any changes stays only there. It is only you persistent home directory which indeed is persistent.</p>
+<p>First of all, you should know that all network cards, both wired and wireless, have a unique identifier stored in them called their MAC address. This address is actually used to address your computer on the <em>local</em> network, but it will <em>never</em> get out on the Internet so people can <em>not</em> use it to trace you. However, other computers on the network could log it which then would provide proof that your computer have been connected to it. As such, this is not a concern if you are using __INCOGNITO__ with your home Internet connection as that can be linked to you any way, but if you are connecting your computer to an untrusted, public wireless network you might consider enabling it. It is never useful enabling this option if you are using a public computer – only use this if you are using a computer that can be linked to you on a public network.</p>
-<p>In order to get Incognito running on USB you currently first have to get the usual LiveCD installation first. Once Incognito has started up you will find a short cut to an installation guide in the desktop, called "Install to USB". The guide will tell you about your options and is self contained, basically you only need to insert a USB memory stick and hit the OK button to get it done. Then you restart the computer without the CD in, but with the USB memory stick connected instead. Incognito will start to boot just like from the CD but at a certain point a guide will start asking about if you want a persistent home directory or not. The encryption we mentioned earlier is optional but definitely recommended. Do <em>not</em> use at your own risk!</p>
+<p>The reason why this is not always enabled is that is might cause problems on some networks, so if you experience network problems while it is enabled you might want try disabling it.</p>
-<p>The encryption is protected with a password, so it is very important to choose a strong password. But what's a strong password? Well, there are many different opinions on that. What can be said is that to utilize the encryption algorithm used to its full extent you will need a password consisting of 40 randomly chosen characters of those available on the standard (western) keyboard. There should be around 90 different characters. Of course, such a password is almost impossible to memorize, so you will probably have to go for a shorter password. It can also help to device mnemonics to help remember them. Be creative!</p>
+<h3><a name="usb"></a>Running __INCOGNITO__ from USB</h3>
-<h3><a name="windows"></a>Running Incognito from within Microsoft Windows</h3>
+<p>Running __INCOGNITO__ from a CD has its virtues but it certainly also have its limitations. While CDs are portable they usually do not fit in your pocket in a comfortable manner. But a USB memory stick certainly fits any pocket or your key ring. In addition, CDs are read-only and thus no data can be saved to them, but that is, again, not the case with USB memory sticks. However, storing sensitive data on a USB memory stick could be dangerous if it got into the wrong hands. Similarly, if we get a virus or manages to damage the system in other ways, the system is tainted or unusable from that point and all consecutive boots, either with or without your knowledge. Clearly that is not good.</p>
-<p>Thanks to the QEMU virtual machine Incognito can be run as a process inside Microsoft Windows without the need to restart the computer. Simply insert the media when Windows is running and a menu should appear with the option to start Incognito. This is especially useful when you are using a computer you are not allowed to shutdown, which can be the case for public computers in certain Internet cafés or libraries. There are a few problems with this approach though. First of all, if the Windows installation is compromised with a software keylogger or virus, Incognito provides no protection against this. Secondly, performance is a low worse compared to running it on its own. As such, this is only recommended when the other alternative isn't an option.</p>
+<p>It is actually possible to get the best out of these two worlds at the same time. When running __INCOGNITO__ from a USB memory stick you have the option to create an encrypted container wherein your home directory is stored so that any files stored and settings made are saved persistently. If you use a good password this deals with the dangers of storing sensitive data on it. But what about virus threats and the like? Well, when running from a USB memory stick, the system is still set up to not be writeable – it is loaded to RAM so any changes stay only there and are not persistent. It is only your home directory which will be persistent.</p>
-<p>Since the Incognito developers do not have access to any Windows computers at the moment, any input if this actually works and how it performs etc. is welcome.</p>
+<p>In order to get __INCOGNITO__ running on USB you currently first have to get the usual LiveCD installation first. Once __INCOGNITO__ has started up from CD you will find a short cut to an installation guide in the &Incognito; section of the K menu, aptly called "Install Incognito to USB". The guide will tell you about your options and is self contained, and in most cases you only need to insert a USB memory stick and hit the OK button to get it done. Then you restart the computer without the CD in, but with the USB memory stick connected instead. __INCOGNITO__ will start to boot just like from the CD but at a certain point a guide will start asking about if you want a persistent home directory or not. The encryption we mentioned earlier is optional but definitely recommended.</p>
+<p>The encryption is protected with a password, so it is very important to choose a strong password. But what is a strong password? Of course, there are many different opinions on that. What can be said is that to utilize the encryption algorithm used to its full extent you will need a password consisting of 40 randomly chosen characters of those available on the standard (western) keyboard. There should be around 90 different characters. Of course, such a password is almost impossible to memorize, so you will probably have to go for something shorter. It can also help to device mnemonics to help remember them. Be creative! If you need help with generating the passwords you should check out <a href="#keepassx">KeePassX</a>'s built-in password generator.</p>
+
+<h3><a name="cold"></a>Cold boot attacks and memory sweeping</h3>
+
+<p>What happens if the police knocks on your door when you are running __INCOGNITO__? This is a tough one to deal with, and there is not that much that can be done actually. If you are really unlucky they have brought with them freeze spray and other equipment which can be used to mount a <a href="http://en.wikipedia.org/wiki/Cold_boot_attack";>cold boot attack</a>. This is done in order to get the contents of your RAM. Due to how modern computing works, basically everything that you are doing is stored in the RAM, so all information – including passwords, encryption keys and the secret plans you wrote in a text editor but then erased – may be stored in it in plain text. The more resent the activity, the more likely it is that it is still in the RAM.</p>
+
+<p>RAM is usually considered to be extremely volatile, meaning that its data starts to disintegrate rapidly once power is removed. However, it has been shown that the data might be recoverable for seconds or even minutes after this happens, and apparently freeze spray can be used to increase that period significantly. Once the power is restored the RAM state will keep getting refreshed, so if the power supply is portable the removed RAM modules' contents are in the hands of the attacker. Alternatively the computer can simply be reset (i.e. switched off and back on quickly), which barely even effects the power fed to RAM. Then a tiny LiveCD system is loaded with the ability to dump the RAM to some writeable media. In both cases the RAM contents can be analysed in a computer forensics laboratory which might turn into a major disaster depending on what they find.</p>
+
+<p>So, what should you do when you hear them knocking? You should calmly make a clean shut-down of __INCOGNITO__ using the "Log out" option in the K menu, then selecting "Turn off computer" in the window that appears. Then you wait, possibly trying to buy valuable time by barricading your door. The reason for this is that one of the last things __INCOGNITO__ does before shutting down completely is filling the RAM with random junk, erasing everything that was stored there before. Unfortunately this might take a couple of minutes depending on the speed of your processor and the amount of RAM installed, so while this is clearly not a perfect solution it seems it might be the best thing to do.</p>
+
+<p>In general this is of equal concern to both CD and USB users, but there is one exception. If you run from USB and use an encrypted home partition you are not safe any longer. The key will be stored in RAM if you did not have time to shut-down __INCOGNITO__ cleanly. As such, a cold boot attack against a system with mounted encrypted partitions is very severe as it will give the attackers access to all data stored on them.</p>
+
+<p>As far as the authors know this is not standard procedure within law enforcement and similar anywhere in the world yet, but it might still be good to be prepared and stay on the safe side.</p>
+
+
+<h3><a name="vm"></a>__INCOGNITO__ and Virtualization</h3>
+
+<p>Certain users might not want to restart the computer every time they wish to use the Internet anonymously with__INCOGNITO__. For those, a so called <a href="http://en.wikipedia.org/wiki/Virtual_machine";>virtual machine</a> can be used to run __INCOGNITO__ inside the "host" operating system installed on the computer (e.g. Microsoft Windows, Mac OS X, etc.). Essentially these programs emulate real computers that you can run "guest" operating systems in so they appear in a window within the host operating system. Using one of these technologies allows for convenient access to __INCOGNITO__'s features in a protected environment while you at the same time have access to your normal, host operation system.</p>
+
+<p>There are a few security issues with this approach though. The main issue is if the host operating system is compromised with a software keylogger or virus, which __INCOGNITO__ does not provide any protection against (in fact, it is impossible). Secondly, performance is a usually a bit worse compared to running it on its own. As such, this is only recommended when the other alternative is not an option or when you are absolutely sure that your host system is clean. Additionally, some of these virtual machines are closed-source, so it is very difficult to determine if they do something that could break __INCOGNITO__'s security. In conclusion, use virtual machines with care.</p>
+
+<h4>QEMU</h4>
+<p>The open source <a href="http://bellard.org/qemu/";>QEMU</a> processor emulator and virtualizer handles __INCOGNITO__ nicely. In fact, QEMU is included in the __INCOGNITO__ distribution for Microsoft Windows users (more about this <a href="#windows">below</a>). In order to start it from the command-line, simply type something like:</p>
+
+ <pre>
+ <code>qemu -usb -soundhw sb16 -localtime -boot d -cdrom /path/to/incognito.iso</code>
+ </pre>
+
+<p>If you have severe performance problems you should look into KQEMU which is an accelerator module for QEMU, granting a more direct access to the systems hardware for additional speed. You will most likely need administrator privileges for installing KQEMU.</p>
+
+<h4>VMWare</h4>
+<p>__INCOGNITO__ works very well in <a href="">VMWare</a> with the following <a href="http://files1.cjb.net/incognito/incognito-vmware-1.0.zip";>VMWare Virtual Appliance</a> (<a href="http://files1.cjb.net/incognito/incognito-vmware-1.0.zip.asc";>signature</a>) devised by the __INCOGNITO__ developers. Simply unzip the file and follow the provided instructions in <code>README.txt</code> which is provided with the archive. The free (<a href="http://en.wikipedia.org/wiki/Gratis_versus_Libre";>as in beer</a>) <a href="http://www.vmware.com/products/player/";>VMWare Player</a> might be useful for this. In order to get good performance you will probably need administrator privileges when you install VMWare. Note that VMWare is closed source, so it might be hard to determine of it does anything that is bad for anonymity, although it is unlikely.</p>
+
+<h4>VirtualBox</h4>
+<p>Unfortunately __INCOGNITO__ does not work perfectly in <a href="http://virtualbox.org";>VirtualBox</a> yet, but we are working on it. That is not to say it does not work at all, just that you will have to tweak it a little. All will go well until the X server is starting, as it will fail due to problems with the auto-detected graphics driver. For some reason the correct driver is not detected, so when you get to the console you will have to change the graphics driver used in <code>/etc/X11/xorg.cong</code> to "vboxvideo", and then run the following command:</p>
+
+ <pre>
+ <code>/etc/init.d/xdm restart</code>
+ </pre>
+
+<p>in order to restart the X server. Of course, it is unacceptable to have to do this procedure at every startup, so this is only for testing purposes. Hopefully this will be fixed in a future release.</p>
+
+<h3><a name="windows"></a>Running __INCOGNITO__ from within Microsoft Windows</h3>
+
+<p>Thanks to QEMU, presented <a href="#vm">above</a>, __INCOGNITO__ can be run within Microsoft Windows without the need to restart the computer. QEMU ships with __INCOGNITO__, and is set up so you only have to insert the media when Windows is running and a menu should appear with the option to start __INCOGNITO__ through it. This is especially useful when you are using a computer you are not allowed to shut-down, which can be the case for public computers in certain Internet cafés or libraries. Also, for some some general remarks on QEMU and __INCOGNITO__ as well as some security concerns about this mode of operation, see the above section on <a href="#vm">__INCOGNITO__ and Virtualization</a>.</p>
+
+<p>Since the __INCOGNITO__ developers do not have access to any Windows computers at the moment, any input if this actually works and how it performs etc. is welcome.</p>
+
+
<h2><a name="conclusion"></a>Conclusion</h2>
-<p>By offering you Incognito we hope that you have the technological means to stay anonymous on the Internet. However, we want to emphasize that staying anonymous is <em>not</em> only a technological problem &ndsah; there is no tool, including Incognito and Tor, that will magically make you anonymous. You will have to behave as well. While a precise knowledge of the architecture of the Internet, cryptology and traffic analysis techniques certainly can help you with that, we believe that good ol' fashioned common sense and a handful of caution will get you far enough. Among other things, that includes choosing good passwords and not writing them down in stupid places, using end-to-end encryption whenever possible, not trusting everyone and everything but being a bit suspicious in general, being very careful when dealing with identifying information such as name, whereabouts and so on – any such piece of information will help a would be adversary to get closer to you.</p>
+<p>By offering you __INCOGNITO__ we hope that you have the technological means to stay anonymous on the Internet. However, we want to emphasize that staying anonymous is <em>not</em> only a technological problem – there is no tool, including __INCOGNITO__ and Tor, that will magically make you anonymous on the Internet. You will have to behave as well. While deep technical knowledge of the architecture of the Internet, cryptology and traffic analysis techniques, and the applications used certainly can help you with that (mainly by knowing what <em>not</em> to do), we believe that some good ol' fashioned common sense and caution will be enough in most cases. Among other things, that includes:
-<p>Also, please try to follow any instructions given by security tools as much to the letter as possible. There are situations where one can be creative or improvise solutions, but you should really try to learn when that is appropriate. For instance, when using PGP you are often asked to verify the authenticity of any key that you have just got. Usually this works by presenting you with the key's so called fingerprint, which is a unique identifier for that key. Verification should then be done by asking the other party to send you the fingerprint through some safe channel, which could be anything from telling it by telephone or VoiP (which is hard for an attacker to manipulate on the fly) or even face-to-face. This is of course not always possible, but here is one of those places you can be creative. For example, you could send the fingerprint hidden in an image by some means and so on. An alternative method to fingerprints, used by OTR, is to simply ask both parties of a shared secret that both should know. In this case, don't choose just anything – if someone is watching you they probably know which high school you went to, your maiden name and similar.</p>
+<ul>
+ <li>Choosing good passwords and not writing them down in stupid places.
+ <li>Using end-to-end encryption whenever possible.
+ <li>Not trusting everyone and everything but being a bit suspicious in general.
+ <li>;aking an effort for properly authenticating with everyone you are communicating with.
+ <li>Being very careful when dealing with identifying information such as name, whereabouts, the local time and so on. Any such piece of information that you leak will help a would be adversary to get closer to you.
+</ul>
-<p>This is probably the place where we are expected to wish you good luck, but we won't. Relying on luck simply isn't good practice. Stay cool and be smart! Thanks for you time!</p>
+<p>Also, please try to follow the instructions given by security tools as much to the letter as possible. There are situations where one can be creative or improvise solutions, but you should really try to learn when that is appropriate before you do it. For instance, when using PGP encryption you are often asked to verify the authenticity of any new public key that you have just got. If you do not do this it is possible that you are using a compromised key sent by an attacker in a <a href="http://en.wikipedia.org/wiki/Man_in_the_middle_attack";>man-in-the-middle attack</a>. Usually the authentication works by presenting you with the key's so called fingerprint, which is a unique identifier for that key. Verification should then be done by asking the other party to send you the fingerprint through some safe channel, which could be anything from telling it by telephone or VoiP (which is hard for an attacker to manipulate on the fly) or even face-to-face, and then making sure that they are the same. Assuming the channel is safe the key sent by the other party and the one stamped on the key should be identical, otherwise something is wrong.</p>
+<p>The above methods of fingerprint verification are of course not always possible, but here is one of those places you can be creative. For example, you could send the fingerprint hidden in an innocent looking image by some means, although this is admittedly not bulletproof. You could make this method safer by first sending the picture to your unknowing recipient and telling him or her how the fingerprint is hidden when you know that it has been received. Additionally, these kinds of tricky exchanges are always better to make over interactive communication channels such as IRC or with instant messaging since that will decrease the window of opportunity for any eavesdropper to interfere. Email is not very suitable as delays are long which gives the attacker ample time to act. An alternative authentication method to fingerprints, used by OTR, is to simply ask both parties of a shared secret that both should know. In this case, do not choose just anything – if someone is watching you they probably know which high school you went to, the size of your shoes and similar facts.</p>
-<p>The Tor™ trademark and the Tor Onion Logo are trademarks of The Tor Project.</p>
+<p>This is probably the place where we are expected to wish you good luck, but we will not. Relying on luck simply is not good practice in these situations. Stay cool and be smart! Thanks for you time!</p>
+
+<p>The Tor™ trademark and the Tor Onion Logo are trademarks of <a href="https://www.torproject.org";>The Tor Project.</a></p>
+
</body>
</html>