Security and Encryption FAQ - Revision 20.2

by Doctor Who

"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks."

Article 12 Universal Declaration of Human Rights

This FAQ/Tutorial is offered in good faith and is intended to be an encapsulation of my knowledge and experiences gained over the many years that I have been a computer/Net user. There are many roads to security and privacy on the Net, this is just one that I have personally pursued and can recommend from experiences gained.

There are countless reasons why someone may need the reassurance of anonymity. The most obvious is as a protection against an over-bearing Government. Many people reside in countries where human rights are dubious and they need anonymity to raise public awareness and publish these abuses to the world at large. This FAQ is to help such people. Privacy and anonymity are very important principles associated with both freedom of speech and democracy.

"Anonymity is a shield from the tyranny of the majority... It thus exemplifies the purpose behind the Bill of Rights, and of the First Amendment in particular: to protect unpopular individuals from retaliation - and their ideas from suppression - at the hand of an intolerant society."

Justice Stevens, McIntyre v. Ohio Elections Commission, 1996

This is a follow-on to the major revision 20. This latest revision now includes a method for achieving a high level of anonymity for your Email using Quicksilver.

It is assumed that plausible deniability is an essential requirement to the reader and the FAQ is slanted with this in mind.

Part 1 offers an overview approach to achieve security and anonymity. It is intended for the less knowledgeable user, perhaps someone new to computers and especially the Internet.

This first part can be skipped by the more knowledgeable user.

Part 2. In the second part will be the practical implementations of some of the programs mentioned in Part 1. In some cases this will include detailed setup instructions to help achieve the goal of true computer and Internet privacy and anonymity.

Links to the various programs mentioned are at the end of Part 2.

Part 1

1. How does encryption work?

Essentially the plaintext is combined with a mathematical algorithm (a set of rules for processing data) such that the original text cannot be deduced from the output file, hence the data is now in encrypted form. To enable the process to be secure, a key is combined with this algorithm. The key is protected by a passphrase. Obviously the process must be reversible, but only with the aid of the correct key. Without the key, the process should be extremely difficult. The mathematics of the encryption should be openly available for peer review. At first sight this may appear to compromize the encryption, but this is far from the case. Peer review ensures that there are no "back doors" or crypto weaknesses within the program. Although the algorithm is understood, it is the combination of its use with the passphrase that ensures secrecy.

Thus the passphrase is critical to the security of the data.

2. I want my Hard Drive and my Email to be secure, how can I achieve this?

You need PGP (Pretty Good Privacy) for your Email and DCPP (DriveCrypt Plus Pack) version 3.0 or TrueCrypt version 2.1 for your hard drive encrypted files.

Both DCPP and TrueCrypt are known as OTF (On-The-Fly) type programs. OTF means the encrypted data is only decrypted into RAM (Random Access Memory) and remains at all times encrypted on the drive. Thus a crash close will not leaves packets of plaintext on your drive. A very important feature.

PGP is available for all versions of Windows, Linux, Unix, Mac and others. The source code is available for compiling your own version should you wish.

DCPP is Win2000/NT/XP compliant but not compliant with Win98 or earlier. Regrettably, no source code is available. It has two unique advantages over other encryption programs. 1. It is a whole boot drive encryption program. 2. It offers a form of very good plausible deniability. More on this later in the FAQ.

TrueCrypt is a new, free and open source program of great promise.

As with DCPP it does not display any file header info to help a snooper identify the file's purpose. The header is encrypted and just shows as random garbage. It also allows encryption of a whole partition or drive and again does not display any info to help an attacker. The source code is freely available so it means anyone with the ability can compile the same program. The importance of this cannot be too strongly stressed. It means the risk of a hidden back-door is virtually eliminated.

Securstar the owners of DCPP also offer another program somewhat analogous to Truecrypt. It has the disadvantage of being closed source and not free, but offers the option of a hidden container within the outer encrypted container (or partition). It is called somewhat ambiguously, DriveCrypt.

DCPP, DriveCrypt and TrueCrypt have an additional crucial feature, they all offer strong plausible deniability - see later in the FAQ.

If the sighting of the source code is important to you, I suggest using PGP and TrueCrypt.

Note 1: PGP, although excellent to ensure your Email privacy, does nothing for anonymity. The difference is crucial.

I will assume that anonymity is also very high on your list of needs and so will concentrate on that issue further down the FAQ.

3. What is the difference between these encryption programs?

One of the difficulties before asymmetrical key encryption was discovered was how to get the key to the person wanting to send you an encrypted message. In the past trusted couriers were used to get these secret keys to a distant location, maybe an overseas embassy. Nowadays this is unneccessary because of the discovery of what is called public key cryptography. Two different keys are used. One key is secret and the other is made public. The most widespread program of this type for home and private use is PGP, invented by Phil Zimmerman. In fact it has become the de facto standard on the Net. This program is ideal for Email.

Anybody sending you mail simply encrypts their message to you with your PGP public key. It is analogous to someone sending you a box and a self locking padlock for you to send them secret papers, when only they have the key to open the box.

The public key is obviously not secret - in fact it may be spread far and wide so that anybody can find it if they wish to send you encrypted Email. The easiest way to ensure this is by submitting it to a public key server. Despite this facility, some prefer not to share their key, except within a small closed group. Your choice.

The only way to decrypt this incoming message is with your secret key. It is impossible to decrypt using the same key as was used to encrypt the message, the public key. Thus it is called asymmetrical encryption. It is a one way system of encryption, requiring the corresponding secret key to decrypt. PGP is simplicity itself to install and use. It even offers to send your newly generated public key to a key server.

Another very important advantage of PGP is it allows the option of a digital signature. This is the digital equivalent of someone signing a letter. Only this signature is very difficult to forge, unlike a paper and ink signature. This proves both the authenticity of a message and that it has not been tampered with.

For your normal hard drive encryption, you will need a symmetrical type of encryption program. This means the same key is used for both encryption and decryption. DCPP and TrueCrypt are of this type and especially good because they are OTF (On-The-Fly) type programs.

Both DCPP, DriveCrypt and TrueCrypt use the passphrase to encrypt a randomly created key. In DCPP this is stored encrypted in the keystore and in DriveCrypt and TrueCrypt it is encrypted within the header and the plaintext of the key is the device used to encrypt (and decrypt) the contents of the disk on an as needed basis into RAM memory.

One question often asked by newbies is whether the passphrase is stored somewhere within the encrypted file. No. The passphrase is passed through a hash, such as SHA-1. It is the hash output that is stored within the headers of the encrypted container. The program will compare this hash with the hash it produces from your passphrase that you type in to mount (open) the container. If they are identical, the program will use your passphrase to decrypt the key that the program generated to encrypt the disk or container. It is this key that will then be used to decrypt the disk or container on the fly.

Hashing is a one way action only; it is impossible to derive the key from the hash output. The hashing process is simply a way of checking that the correct passphrase has been input. If the program was somehow altered to force it to use an incorrect passphrase, the output would be garbage.

4. I have Windows, am I safe?

Windows is a closed source operating system which is a law to itself. Each new update that is released by Microsoft seems to need more updates to fix the security holes discovered in the first releases of the update. It has been an ongoing process over many years with no end in sight.

These weaknesses can manifest themselves as security holes when on the Net. A further problem with this operating system is its seeming determination to write to your hard disk all sorts of information that may be hidden from your view in all sorts of places that could be found by a forensic examination of your computer.

This is a two fold problem. Firstly, the problem of Windows having the potential of security holes that might be exploited by snoops and hackers using the Net and a different security problem of writing all sorts of information to sometimes hidden folders that might not be obvious by a cursory check by you, but easily found by a forensic examination.

If you wish to protect yourself from these potential weaknesses you need to first of all have an effective firewall and an effective anti-virus program. That will hopefully help to minimize the threats from outside. That is only the start. You also need to replace your Windows Internet Explorer browser for something a lot more secure. I like FireFox or Mozilla. Even these need strengthening by the use of specialist programs. More about that later in the FAQ.

Secondly, you are well advised to encrypt your whole drive to protect yourself from what Windows will write to your hard drive. There are so-called wipe and cleaner programs to remove cookies and many other files that Windows will save to your hard drive for future reference. But at the end of the day, the only truly effective counter measure against these potential weaknesses is to encrypt your whole boot drive.

In some countries, even this might not be enough. Such countries can force you to hand over your passphrases to these encrypted drives on pain of imprisonment. As more and more judicial systems seem to be leaning ever closer to this sort of injustice (injustice because the culprit is being forced to self-incriminate himself which is in direct violation of Article 5 of the Bill of Rights. The right to refuse to be a witness against oneself.

Because of these encroachments on our liberty I propose a method of plausible deniability. This means you can justify all your files and folders that are on your computer.

5. Which program do you recommend for this whole drive encryption?

Unfortunately, there is at present no modern whole boot drive encryption program with open source which also allows a hidden operating system accessible on boot. Of the many different boot drive encryption programs, I like DCPP. It is truly simple to install. The new and vastly improved key registration process is helpful. But best of all it offers truly excellent plausible deniability for its presence on your system.

It encrypts the whole partition. So if you want to keep part of your drive in plaintext you will need to divide your hard drive into independent partitions or have two separate hard drives. Unlike both DriveCrypt and TrueCrypt, it does not destroy the data within the partition it encrypts. This is obviously essential as its main advantage is its ability to encrypt your boot drive.

A further major advantage over previously recommended encryption programs is that the passphrase is input at Bios level, before Windows is loaded.

The importance of this is difficult to over-emphasize.

This means it is impossible for any software key-logging program that may be on your computer to detect your passphrase. Such programs are sometimes picked up on the Net or arrive via Email and could circumvent all your efforts at security. It is even conceivable that a snooper or hacker could steal your passphrase as you type it in, if this is done whilst the operating system is running. I am sure someone will mention that there are hardware keyboard logging devices which of course could grab your passphrase when you start up.

However, common sense local site security should minimize this risk.

A Bios level input of the passphrase in conjunction with whole boot drive encryption is just about the Holy Grail of security - without a hardware keyboard logging device, very difficult to intercept and snoop.

6. Are there other OTF programs?

Yes, there are several. But so far as I know only DCPP operates from boot and includes the opportunity of creating a second (hidden) boot operating system.

Others, such as TrueCrypt only encrypt data files, not the Windows operating system.

TrueCrypt also offers strong plausible deniability because it allows you to encrypt a partition that appears to be unused and without a drive letter. The method of ensuring this is simply explained in the manual that accompanies TrueCrypt. The author must be congratulated for doing an excellent job of this program.

It is important to note that just simply publishing the source code does not guarantee safety. It just means the author is allowing his program to be subjected to peer review. Hopefully many will take the trouble to go through the code and compile it for themselves.

7. How difficult is it to break one of these programs?

Very difficult, in fact for all practical purposes, it is considered impossible. In most cases, the weakest link will be your passphrase, or being compromized by a key-logger through not having good security on your desktop.

Your passphrase should be long. Remember, every extra character you enter makes a dictionary search for the right phrase twice as long. Each time a bit is added it doubles the number crunching time to crack into the program.

Each keyboard character roughly equates to 8 bits, and is represented on the drive as two hexadecimal characters. This suggests a 20 character passphrase is equal strength to the encryption. In practice, probably not. Remember a keyboard has around 96 different combinations of key strokes, thus multiplying this number by itself 20 times is a hugely large combination, ensuring a high probability of defeat at guessing a passphrase. But few people can remember a truly random 20 character passphrase. So most people use a less than random one. This means it should be longer to help compensate for this lack of entropy.

You should also use at least part of both lines of the passphrase input screen with DCPP. If you like, two passphrases.

8. Why?

Because any passphrase cracker cannot find the correct key until it has exhausted a key search as wide as the last character you enter. A strong hint that you should make sure the last character of your passphrase is well along the bottom line! For higher security you should spread it around on both lines.

Although TrueCrypt has a single line entry it will accept a long passphrase of at least 57 characters from my simple tests.

Be sure that if any serious snooper wants to view your secret data, they will find a way without wasting their time attempting a brute force attack upon your DCPP or TrueCrypt container. In some countries rubber hose cryptography may be the rule. In some "civilized" countries there are more sinister methods, such as tempest or the use of a trojan (see later in FAQ).

Fortunately, tempest and trojan attacks are far less likely to succeed against DCPP than all the other programs. Hence my strong and enthusiastic support for this program.

9. What about simple file by file encryption?

I recommend either PGP Tools which comes free with PGP or Kremlin. Of course this is not necessary for files within your encrypted drive. But is essential to clear files off your computer that are outside your encrypted drive.

PGP Tools is a long winded process just to encrypt a single file, as it asks you to first choose a key before entering the passphrase. Kremlin is quicker because it allows you to right click on the file to be encrypted, a password box opens and that is it. It also similarly allows you to wipe any file by right clicking. This can also be done by PGP. Another recommended program to erase individual files is Eraser.

10. How can I encrypt files on a floppy?

Use either TrueCrypt, DCPP, PGP Tools or Kremlin.

11. Does using Encryption slow things up?

Negligibly on any modern computer. The length of your passphrase is immaterial to the speed of decryption. But different encryption algorithms vary significantly. One of the fastest is Twofish and probably the slowest is 3DES (triple DES). This applies only to symmetrical encryption programs. PGP uses RSA generated keys, which in turn are used to encrypt/decrypt a randomly generated session key. The RSA key is very slow, but as it is only used to encrypt/decrypt the 128 bit CAST5 or IDEA session key its slowness is not noticed.

12. Do I need a PGP passphrase if I store my keyrings within my encrypted drive?

Definitely. Just because you have encrypted your drive does not relieve you of the necessity of protecting yourself whilst online.

13. I use Mac, OS2, Linux, (fill in your choice), what about me?

Use either BestCrypt (by Jetico - do a Google search) or PGPDisk.

There are others, but I know nothing about them.

14. How can I ensure I do not leave traces of unwanted plaintext files on my system?

If you are using DCPP this should not be a problem. But one thing that needs addressing is the possibility of Windows dumping your keyfile data which is held in RAM memory only, onto the encrypted drive. To avoid this catastrophe you must disable the Windows hibernation (power saving) feature. When Windows goes into hibernation it will dump everything that is in RAM memory onto the boot drive by-passing the DCPP drivers. By-passing these drivers means it writes everything to disk in plaintext including the keyfile data, which unlocks your most secret partition. This will defeat the whole purpose of having encryption.

Although your whole drive will be encrypted I would still install a program to clean out bloat and cookies. My recommendation for this is Windows Washer.

To wipe unused space on your drive I recommend Zapempty. Although a Dos based program, it runs easily even within Win XP. This is a part of a zipped file of wipe utilities called Extract Zapempty onto the drive you wish to clean up and double click on it. I recommend keeping copies in the root of every partition on your computer.

15. What programs do I put in my newly Encrypted Drive?

In previous versions of this FAQ I was wary that some programs might write critical data to your boot drive. However, this is far less of a security risk with it being encrypted. What is far more important now is that these programs do not leak private information whilst you are on the Net. For what it is worth, here are some I recommend:

For your Web browsing I strongly recommend FireFox or Mozilla as the browser. Anything other than Microsoft Internet Explorer.

For Usenet I recommend either Agent or Gravity or Xnews. These latter
two are free.

Agent is simple and very easy to use. The commercial version also
supports automatic decoding of yEnc coded files.

For your Email I have 2 different recommendations:

i. Agent, as mentioned above

ii. Quicksilver

Quicksilver is both open source and free.

Do not use Outlook or Outlook Express as they both suffer from the
usual Windows holes.

Use Quicksilver for both Email and light Usenet posting with strong anonymity via the Mixmaster remailer system. When downloading Quicksilver, remember to run update immediately after installation, to download and install the Zipped files for News, Nym, POP and PGP and Mixmaster. Quicksilver will offer to install all downloaded files for you.

Both of these programs will also work with PGP. Agent will require you to copy and paste, but Quicksilver has built-in support and works seamlessly with PGP. I particularly commend Quicksilver for its intuitive ease of use. This makes Nym maintenance much simpler.

I used to recommend JBN, but it is slowly becoming obsolescent. It is not fully compatible with PGP versions 7 or later and does not support SMTP (Simple Mail Transfer Protocol) authentication. But it is still the favorite of many.

You must also have a virus checker and a firewall. For the virus checker, I use Norton's. This will also find adware and spyware. For the firewall I recommend Zonealarm.

Remember, just because your drive is encrypted does not relieve you of an obligation to cover your tracks whilst Online.

16. How do I "cover my tracks"?

Never surf naked. Always, always use a proxy. There are now easy ways to use a proxy. In the early days it was necessary to find and hand select the proxies you wished to use. This was a laborious process and needed expert knowledge of which programs to use to find and exploit them. Some still prefer to do it this way. I call it rolling your own. It has the distinct advantage of user choice and control over each proxy to be used in a chain. However, this may offer anonymity, but not necessarily privacy. Meaning no encryption. I like privacy and anonymity, so I use other methods - see later in FAQ. The suggested method also has the merit of ease of use and total transparency once the programs are set up.

17. Earlier on you mentioned plausible deniability, what is it?

Plausible deniability is the ability to offer irrefutable justification for every single file, folder, container, partition and drive that might contain encrypted data. DCPP version 3.0 offers a world first because it allows dual booting into either of two entirely separate boot operating systems, each invisible to the other. One of these may be called your honeypot operating system, meaning it contains encrypted data that you are prepared to show under duress. The second (hidden) operating system will contain your most secret data that you never release. Its presence can only be known by correctly guessing the second secret passphrase for that operating system. No other way exists to prove there is a second operating system. Examination by forensics of your first encrypted boot drive can only show the usual random data that is associated with an encrypted drive. Nothing else.

This is excellent plausible deniability.

18. What if encryption is illegal in my country?

In that case, I suggest using the stego feature of DriveCrypt. But ensure you create your own WAV file, by making your own recording. Once the stego encrypted file is created within the WAV file, make sure to wipe the original recording to prevent forensic analysis showing their low level data are not identical.

Of course, you will need to install DriveCrypt in traveller mode. This means running it off a floppy. But you will still need to hide the floppy effectively in the case of a search. I am sorry I cannot help you here. It must be down to your own initiative.

19. Are there any other precautions I should take?

Make copies of all your PGP keys, a text file of all your passwords and program registration codes, copies of INI files for critical programs, secret Bank Account numbers, plus anything else that is so critical your life would be inconvenienced if it were lost. These individual files should all be stored in a folder called "Safe" on your encrypted drive. A copy of this folder should be stored on an encrypted CD, preferably within the hidden part if using DriveCrypt 4.2 and stored off-site.

If you are going to rely on any variation of the ploys suggested here, then you should keep this FAQ within your hidden drive.

You need to take further precautions whilst you are online against threats from hackers and snoops.

20. What are these threats?

They are known as Tempest and Trojan attacks.

21. What is a Tempest attack?

Tempest is an acronym for Transient ElectroMagnetic Pulse Emanation Surveillance. This is the science of monitoring at a distance electronic signals carried on wires or displayed on a monitor. Although of only slight significance to the average user, it is of enormous importance to serious cryptography snoopers. To minimize a tempest attack you should screen all the cables between your computer and your accessories, particularly your monitor. A flat screen (non CRT) monitor offers a considerable reduction in radiated emissions and is recommended.

22. What is a Trojan?

A trojan (from the Greek Trojan Horse), is a hidden program that monitors your key-strokes and then either copies them to a secret folder for later recovery or sends them to a server when you next go online. This may be done without your knowledge. Such a trojan may be secretly placed on your computer or picked up on your travels on the Net. It might be sent by someone hacking into your computer whilst you are online, or received by Email.

The United States Government has openly admitted it will be employing such techniques. They call it Magic Lantern. It was originally promulgated as a counter-terrorism weapon. But who knows how it will be used in practice.

In view of these changed tactics, it is mandatory that these possible attacks be countered. My suggestion is two-pronged. First use DCPP to enjoy plausible deniability with whole boot drive encryption and use specialist programs to thwart efforts by hackers and snoops to break into your system whilst online.

23. How do I do this?

First of all you must have a truly effective firewall. It is not sufficient for a firewall to simply monitor downloaded data, but to also monitor all attempts by programs within your computer that may try and send data out. I recommend Zonealarm. This firewall very cleverly makes an encrypted hash of each program to ensure that a re-named or modified version of a previously acceptable program cannot squeeze through and "phone home". You also need a good anti-virus checker.

But that is but the start. You also need a Web browser that does not leak information, plus a method of passing data across your ISP's servers fully encrypted to prevent prying eyes from watching all that you do on the Net. More about this later in the FAQ.

24. How will I know when a trojan has modified an acceptable program?

Zonealarm will pop up a screen telling you a changed (or new) program is trying to connect to the Net and do you wish to allow it. If it is one of your regular programs, be very wary and always initially say NO until you can check why this program is not now acceptable to Zonealarm. If it is a strange program, then obviously say, NO and investigate.

25. What about TrueCrypt and DriveCrypt 4.2?

Both TrueCrypt and DriveCrypt 4.2 offer the prospect of excellent plausible deniability. No header information and the ability to install them on an unused partition, perhaps at the end of a large drive. The passphrase is only held in RAM memory so much more difficult to compromize. An examination of your drive will only show garbage. This is certainly not the case with some encryption programs.

DriveCrypt 4.2 also allows the creation of a hidden container within an existing encrypted container or partition. Excellent plausible deniability. As with TrueCrypt the passphrase must be input after boot when Windows is running.

26. How important is the passphrase?

Critically important. It is almost certainly the weakest link in the encryption chain with most home/amateur users. I provide links at the end of Part 2 of the FAQ. Some of these should either help directly or give further links about how to create an effective passphrase.

For the newbies: never choose a single word, no matter how unusual you think it is. A passphrase must be that, a phrase, a series of words, characters and punctuation intermixed. One method that I believe would help is to deliberately mis-spell common words in a phrase. Scruggle in place of struggle, matrificent in place of magnificent. These could be the start of a longer phrase. Taking this a step further, invent words that are pronounceable but totally meaningless for example, alamissis or grafexion. I recommend a minimum of eight words, but obviously do not use either of those two. Use four (or more) on each line with DCPP, together with a few figures.

27. How can I prevent someone using my computer when I am away?

With DCPP nobody can boot into your secret drive. So no problem.

However, if you are truly paranoid (and who isn't?) I would guard against someone adding a hardware keyboard logger. These can be very small and easily disguised as an RF trap on the keyboard lead. Obviously, this is far more likely if your computer is also used by others or can be accessed by others in your absence.

28. I use the Net for Web browsing, Usenet and Email, am I safe?

Whilst you are online anyone could be monitoring your account. They do not need access to your computer to do this. They need only to have access to your ISP. If you live in the British Isles be aware that all ISP's are required to keep logs of your online activities, including which Web sites you visit.

To minimize these risks you must encrypt the data passing across your ISP's servers.

My suggestion is to use a combination of several programs. Each is easily set up (see Part 2). Between them you will be secure and anonymous. The best news, all these programs are free and open source!

29. How is this achieved?

You need four main programs besides the news client such as Agent (my favorite) and the Web browser such as FireFox (again my favorite) and the Email client such as Quicksilver, (yes, another favorite).

These programs are: Stunnel, Freecap, Privoxy and Tor.

They are all very easy to use and really can be setup by a newbie if you follow the setup instructions I offer in Part 2. The best part of all is they are totally transparent to the user. Once setup there is no maintenance or searching for proxies, etc. It is all automatic.

30. Tell me more about these programs?

Stunnel encrypts the data between you and your news server and is very simple to use.

Freecap is also easy to setup and acts as the bridge between Stunnel and Tor.

Tor is a connection-based low-latency (meaning fast) anonymous communication system that protects TCP (Transmission Control Protocol) streams for Usenet, web browsing, instant messaging, irc, ssh, etc.

In basic language Tor is a socks server that accepts and encrypts data from any program that is "socksified", meaning set up to communicate with it.

Tor is a new program and is still in Beta development mode. But it is still a fully functioning Socks proxying system that offers the promise of great anonymity and privacy. It is free and open source. It is being improved almost on a daily basis. The latest version now has a Windows install facility.

Tor will build automatically and transparently to the client (you) an anonymous and encrypted route across the Net. It uses multiple layers of encryption, each node only knowing the previous and next node, so with several nodes your data becomes anonymised. The principle is like an onion with many layers of encryption and anonymity. Thus it is called onion routing. Where the data eventually emerges it is sent on to its destination, perhaps a news server and ordinarily in the clear. But by using Stunnel, the data will still be encrypted all the way into the news server or the remailer, whichever you are using.

For Web browsing we need Privoxy. This again acts as a bridge between your browser and Tor.

A web proxy is a service, based on a software such as Privoxy, that clients (i.e. browsers) can use instead of connecting directly to the web servers on the Internet. The clients then ask the proxy to fetch the objects they need (web pages, images, movies etc) on their behalf, and when the proxy has done so, it hands the results back to the client.

There are many reasons to use web proxies, such as security (firewalling), efficiency (caching) and others, and there are just as many different proxies to accommodate those needs.

Privoxy is a proxy that is solely focused on privacy protection and junk elimination. Sitting between your browser(s) and the Internet, it is in a perfect position to filter outbound personal information that your browser is leaking, as well as inbound junk. It uses a variety of techniques to do this, all of which are under your control via the various configuration files and options.

Privoxy will bridge the connection between your browser and Tor the Socks proxy host. It will minimize pop up ads, etc. But its main advantage is it will help prevent information leakage from your desktop to any third party trying to sniff your data. Used in conjunction with Tor it ensures all your Web browsing is totally anonymous.

There is no need to close Privoxy if you wish to use your news client or whatever. These programs are totally transparent to you once they are running.

The best news is, these programs are much faster than the old hand rolled system of choosing multiple proxies. In the previous version of this FAQ I had recommended JAP. Tor in conjunction with Stunnel and Privoxy is much faster. In fact it seems at least on a par with the fastest SSH host service I have come across. But far superior in terms of anonymity and especially so because it is free. The only service you now need to sign up for anonymously is your news provider.

Full setup instructions for these programs are offered in Part 2.

31. Is the data encrypted after it leaves the remote server and Tor?

Yes, provided you are using Stunnel. The only precaution you must take to ensure both privacy and anonymity, is to ensure you use Stunnel in combination with FreeCap. More about this in Part 2.

32. How do I subscribe anonymously to a news provider?

Obviously never ever use a credit card. You can either send cash or some may accept E-Gold. Privacy.Li offer a proxy service on your behalf to sign you up themselves to your choice of news provider. They offer their own service but at present it does not allow a secure (SSL) connection right into the news server.

I believe there are now at least 4 news servers offering Stunnel encrypted connections through port 563. These are: Easynews, Newscene, Maganetnews, and Octanews. There are also remailers that accept a Stunnel encrypted connection, which significantly improves your Email security. More about this in Part 2.

Privacy.Li will act as a proxy, in this case meaning they will sign you up anonymously to your choice of news povider, or indeed any other service you wish. They accept many types of payment, including cash and E-Gold.

E-Gold is not intended to be anonymous. But provided you sign up using your choice of details and (most importantly) immediately disable the security protocols which sense your IP address, you should be Ok. If you don't you may find your access blocked. With anonymous access from different IP addresses using Tor, it is very important to do this.

33. How do I create a secure/anonymous Email account with Quicksilver?

I recommend creating a Nym. To do this you should first of all finger (download) a copy of the Nym help file. Quicksilver will do this for you if you go to finger on the menu and input Read it carefully before attempting to create your own Nym. Once you have decided on your course of action, use the Quicksilver Nym Wizard to help you create a Nym. It is quite involved because of the necessary procedures that have to be negotiated with Nym.Alias.Net (often called NAN). After sending in your create request, you will receive an Email asking you to confirm receipt. This is to prove your reply chain back to your normal Email address is working. After you have sent the confirmation you should receive another Email telling you, your Nym is alive and active.

Of course you can use Yahoo or Hotmail, but I consider them only soft anonymous. But they can be hardened by socksifying your connection using Privoxy and Tor. More about how to do this in Part 2.

34. Can you briefly summarise all the above?

You need PGP and Quicksilver for your Email and DCPP and/or Truecrypt for encryption of your hard drive. These recommended Programs should help you achieve a very high level of plausible deniability and privacy.

You need to be anonymous online. To achieve this you need to follow the suggestions that follow in Part 2. Most importantly You must subscribe anonymously to your choice of independent news provider.

Part 2

35. What programs should I get?

There are seven programs recommended for security and anonymity:

DCPP, PGP, TrueCrypt, Stunnel, FreeCap, Privoxy and Tor.

And three others recommended for Email, Usenet and Web browsing:
Quicksilver, Agent and FireFox.

In all cases where there is a choice of download, ensure you download the version that is compliant with your operating system, e.g. Windows XP or whatever.

36. Should I just download them all right away?

It depends. If you are wanting to show reasons why all your connections to your ISP are secure, then by all means download them all and install them onto your Drive C. If not, wait until you have created your secret hidden drive and only then install them onto that drive. Meanwhile, you must download and install DCPP at this time. Install DCPP onto your Drive C (and your Drive D when it is dual bootable). Its presence need not arouse suspicion, provided you follow the instructions further down the FAQ.


37. OK, I have downloaded and installed DCPP, what must I do next?

Create a second bootable drive on say, Drive D. You must immediately defrag this drive, reasons later. Now install all your programs and defrag after each one is installed. Finally restore all your data from My Documents or wherever. This is your honeypot data that is there to be discovered as backup data to your regular Drive C.

Do a final defrag before proceeding further.

38. How do I achieve maximum plausible deniability?

You must have two separate bootable drives. Drive C is your regular drive, it need not be encrypted. Your second bootable Drive D is the one we shall concentrate on.

Run DCPP on this Drive D. Install Boot authentication first. Before re-booting create an Emergency Repair (ER) floppie disk.

Test both Boot Authentication and your floppie allow you to boot. Now encrypt your Drive D. Immediately after this encryption process has finished and before re-booting, update your ER disk. This is vital.

Next you use DCPP to clone your operating system. This is where some care is required over the size of the passphrase. At this stage use a relatively simple one of around 8 characters per line. Reasons follow.

39. So far, so good. What now?

The first encrypted drive (Drive D) is your honeypot encrypted partition containing data you are prepared to reveal. The second (hidden) boot partition is your truly secret one with a different passphrase. Now you must encrypt that second cloned operating system. As soon as it is done, update your ER disk. In fact I suggest making a pair.

When booting you can input either passphrase and boot into either the honeypot encrypted drive or the hidden operating system drive.

Clever, very clever. Superb plausible deniability.

Or is it?

What happens when an attacker finds that the dates of all the files in the first partition have never been opened perhaps for months?

Read on.

My justification for this scenario is that Drive D is an encrypted backup of my Drive C. It is encrypted to minimize the risk of it being corrupted should my computer catch a virus. When dismounted (closed), my encrypted drive will be shown by Windows to be unformatted. As such, Windows will not normally write to it. Thus it offers a layer of security that should I lose all of my Drive C, I can recover by booting into my encrypted Drive D. I am not going to argue the fine print here. This is my justification for having encrypted my Drive D. If there are viruses which can cause Windows to format Drive D, so what? I will argue I am ignorant of such things.

"Yes, the files do show I never use it. That is because I have never yet had need to. It is there as an encrypted backup for the day when I do need it. Being encrypted Windows cannot read or write to the drive (unless it is mounted, of course). Thus the drive is a safe haven if I am attacked by a nasty virus".

This is your explanation for this drive and the fact the file dates are old.

If doubts are raised they are impossible to prove without correctly guessing your second passphrase. Even if your attacker convinces you he knows DCPP offers the possibility of a hidden partition there is a plausible defence. See further on.

Of course after installing DCPP onto Drive D and creating a hidden encrypted partition, there is no need to bother about encrypting your Drive C. In fact I would go even further and suggest there is no further need for Boot Authentication. This is needed to encrypt Drive D, but can safely be removed from within Drive C after the event. Of course, it is axiomatic that you first create and test one or better several Emergency Repair (ER) disks to allow future access.

For security at least one of these should be stored offsite.

40. Is it as straight forward as this?

Not quite. After creating the first encrypted partition on your second hard drive you have to avoid a couple of slight bugs. I am sure that they will be addressed, but for now a little care is required.

After the first installation and encryption of your honeypot drive, you can then create a clone of this drive within the same partition. Naturally and essentially you choose another most secret passphrase. This is where I found the first small bug. You must defrag your drive completely before you proceed. I had two very large blocks of data separated by around a gigabyte of disk space that windows considered defragmented, despite my repeatedly telling Windows to defrag. But DCPP told me there was insufficient space to clone the operating system. This with over 50 Gigs of free space! This is what I have learnt from Shaun Hollingsworth (the program's Author):

"Defragmentation is a problem. Last week I did some work on a windows based "consolidation tool" and managed to move all the files to the start of the drive, BUT windows 2000 and Windows XP, WILL NOT allow any folder data to be moved!! Even the offical "diskkeeper" style defragger won't allow this, and it DOES NOT SHOW any folder data, in the white space area. My test machine, ended up with nothing but folder data, at the end of the drive, yet it wouldn't show up anything visible on DiskKeeper (XP standard defragger)."

This is a concern. To get around this, I re-formatted the second drive and started over. Immediately after installing Windows I defragged the drive. I did this after each program was added. By this ruse, I managed to get Windows to tightly pack everything. Actually not quite true, there were a few gaps, but thankfully DCPP ignored these. From what Shaun has said, above, we know that Windows can write folder data all over the place on your drive. These do not necessarily show up when defragging, causing DCPP to (correctly) report there is insufficient space to clone.

Shaun has suggested one work around is by using Norton's Ghost to backup the to-be-encrypted partition and then to restore. He tells me this will ensure all data are then packed together at the start of the drive.

However, another little bug raised its head when I tried again to get it to clone. I found that the password input screen DCPP displayed before it would clone only allowed a shorter passphrase to be input. There is no error as such, just that DCPP tells you it has found the keystore but cannot open it because either it is corrupt or it is the wrong passphrase.

Tests showed it was not a corrupt keystore, therefore the culprit logically had to be the passphrase input screen, which indeed was the cause of the problem. I expect that shortly this will be addressed.

However, as long as this bug remains, it offers you the chance of further plausible deniability. See further on.

As this passphrase was used to create the second (and secret) keystore for the cloned operating system, I had to go back and create it over with a shorter passphrase. I would strongly urge you not to store this second keystore on your honeypot encrypted drive. I suggest creating and storing it on a floppy. Later after creating/updating your ER floppies, you should completely destroy the floppy. This ensures this critical keystore was never put onto your honeypot drive.

Note: There is no requirement to keep a copy of this keyfile. If at any future date you wish to decrypt this clone or the original you can use the ER disk recovery tools to do so.

The finding of a second keystore on your honeypot drive will totally destroy any attempt at plausible deniability. Or will it? On second thoughts, perhaps not. You could create a false keystore, one with a long (and different) passphrase to suggest you have been attempting to create a hidden drive but had failed. You can prove this is feasible because of the above bugs. Using a very long passphrase will prevent the creation of the clone. If your are told this is a known bug (perhaps from reading this FAQ), you act surprised and insist it is the first you know of it. Who can prove otherwise?

After you have cloned your drive, it then needs to be encrypted.

This might sound a little strange as you have just cloned an encrypted drive, but it makes sense if you think it through. This is essential. Before doing so, change the shortened passphrase you used to create this cloned drive to something far stronger, meaning far longer.

When booting you choose which passphrase to input. Either the honeypot encrypted drive passphrase or more likely the hidden drive with your ultra secret data within it. Or, you can just boot into your normal plaintext Drive C for non critical use.

It is absolutely essential that no further data are added to your honeypot drive at the risk of destroying altogether your hidden drive. This is no idle threat. To (slightly) help in this regard, when about to clone the operating system, you are offered a choice of spacing between the two partitions, input at least 200 megabytes or more for this gap space.

I would recommend that you initially test out both passphrases. But use your honeypot passphrase just once to test it works ok. Never again use it at all. Windows is a very pro-active operating system and it will do things you may not be expecting. Things such as automatic backing up of the registry, defragging, etc. Everyone must have noticed how their drive can sometimes be very active when they are not doing anything. This is Windows doing its thing. So mount once to test, then forget all about it. But do not forget the first passphrase, it may be your credibility lifeline.

41. Any more hints about this system?

You could remove Boot Authentication off your computer. Do this only after creating a couple or more Emergency Repair (ER) disks. You can now create a proper boot floppy or even an IMA file which can be used with Nero to create a bootable CDROM.

I notice that Drive C is still required to boot either of these encrypted partitions. So I recommend investing in significant quantities of RAM and switching off the pagefile. Just in case Windows decides it wants to write anything to your normal drive.

42. What about those other files: PGP, TrueCrypt, Stunnel, FreeCap, Privoxy and Tor, Agent, FireFox and Quicksilver?

Obviously all future downloads should be into your hidden drive.

Get them here:




Stunnel is used for NNTP secure connections to your news provider.

Stunnel requires the executable file plus 2 others.


stunnel-4.05.exe stunnel-4.05.exe.asc (digital signature file optional but recommended)

OpenSSL Libraries (required files):

libssl32.dll libeay32.dll

libssl32.dll.asc (optional) libeay32.dll.asc (optional)




Not essential, but strongly recommended:




43. Where do I put these files?

PGP should be installed onto your hidden operating system. It may offer to install onto your Drive C. Avoid that unless you want to deliberately offer a sanitised version on your Drive C.

Actually there is good reason to install all of the above onto your Drive C. this may sound alarming, but consider, their presence might be deduced if any snoop has been monitoring your ISP data. It will always pass across as encrypted data. If an examination of your hard drive were to show the absence of such programs, how do you show how you were doing it? The presence of these programs is not illegal at all. On the contrary, there are very good and sensible reasons why you want to avoid both spam and having your privacy invaded.

TrueCrypt should be installed only onto your hidden drive. This program should not be openly displayed. Its presence is best kept hidden. The plausible deniability it offers, if you choose to use it, is strengthened by its absence from your system.

For the other files, create a new folder called Proxy. Open Proxy and create the following sub-folders: FreeCap, Stunnel, Privoxy, Tor

Install by copying all of the downloaded files into their respective folders. Ensure the library files for Stunnel are in the same sub-folder. The latest version of Tor now includes a Windows install. This means it now install the Torrc file in Documents and Settings by default, so there should be no further error messages about a missing configuration file.

Each program can then have shortcuts made and placed on your desktop, or wherever you choose if different.

44. How do I configure Privoxy?

Privoxy is used for HTTP secure connections to the Web. It works in conjunction with Tor. The config.txt file looks daunting, but you just remove # from the beginning of any line to make that line active.

Scroll down to section 5.2 in config.txt

Copy and paste the following line:

forward-socks4a / .

Simply add it exactly as shown. The spacing and the period at the end are important.

By default it will run on startup and minimize to the task bar.

45. How do I configure Stunnel?

Stunnel is required for an NNTP secure connection to Usenet.

Copy and paste the following in Notepad and save it to a file called stunnel.conf in the Stunnel folder.

# config file for connecting to your secure news server client = yes [nntps] accept = 119 connect = # end of config file

Substitute the news server name given you by your news server after signing up with them. Whatever it is, add a colon ( and 563 for the port number, with no spaces.

This file does not exist until you create it. Stunnel cannot work without its presence. You will just get some server error. This might happen if you or Windows names it wrongly.

You may need to get Explorer to show extensions to known file types, otherwise Windows may save the file as stunnel.conf.txt. If you are not sure, go to Tools > Folder Options > View > uncheck "Hide extensions to known file types". Click on Apply, Ok.

This is the only configuration you need for Stunnel.

46. How do I configure FreeCap?

FreeCap is easy. First of all go > File > Settings > Default Proxy. Type into the server window and 9050 into Port. Click OK.

With the program back at the opening screen, drag and drop the Stunnel shortcut into the FreeCap open space. You will immediately see the Stunnel icon position itself along the top of the screen. Good. You have socksified Stunnel. That is all it takes. Whenever you run Stunnel you must start it by clicking on it from within FreeCap.

Socksifying secures the program and ensures it routes data over an encrypted connection socksified by FreeCap and into the Tor network.

Note: Some may experience problems with FreeCap. If you do, an excellent free for non-commercial use alternative (but not open source) is SocksCap. It is here:

47. How do I configure Tor?

Nothing to do. Just click on its shortcut and watch the green screen. Wait a few seconds for it to create its onion route across the Net. Once this is enabled it will display, "Tor has successfully opened a circuit. Looks like its working."

Minimize the program and that is it for Tor.

48. How do I configure my Browser?

To ensure your browser chooses this route you must now go to its Proxy settings Window. With FireFox this is > Tools > Options > Connection Settings.

Input into each line except Socks Host. Leave that line completely clear. Input 8118 into the Port window for each line, but again leave the Socks Host line clear. This is because Privoxy listens for connections on port 8118 by default. Remember we have already configured Privoxy with the line: forward-socks4a / . This is telling Privoxy to pass on its connections to Tor which is listening on Port 9050 by default.

49. How do I configure my news client?

You must now configure your news client by inputting into the window which asks for your news server name. If you have never used a proxy prior to this, go to the screen displaying "News Server". In Agent 1.91 this will be Options > User and System Profile > User. Enter for the server name. Click OK. The port is set in the Agent.ini file to 119. But do not change that. Stunnel has already been configured to listen on port 119 anyway and to forward through port 563.

Note: Stunnel can only be used with a news provider that offers a secure (NNTPS) connection by default on port 563. For other news providers, I suggest omitting Stunnel and socksifying (by dragging and dropping into FreeCap) the Agent shortcut. Not nearly as secure as your data will not be encrypted after it leaves the Tor network on its way to the News provider.

Each of these four programs, Stunnel, FreeCap (or SocksCap), Privoxy and Tor accepts connections from either your Web browser, into Privoxy and on to Tor, or from your News client into Stunnel, socksified by FreeCap and on to Tor, again.

Many programs can be socksified. But it must always be the final one in the chain, the one immediately prior to Tor that should be socksified.

50. How do I test these are all working?

Let's check the Web first.

Start Privoxy (which by default starts with Windows).

Open your browser and input: http://p.p/

You should see the Privoxy main page with the following:

"This is Privoxy 3.0.3 on localhost (, port 8118, enabled."

If you see that, be assured you have accessd via Privoxy.

If you see "p.p. could not be found, please check the name and try again." You are definitely not accessing via Privoxy.

Go back through the above and check everything very carefully.

Note: This is an internal test, not via the Web. It just proves that Privoxy was invoked to display that page from its own folder, which you will see displayed if you click on "View and change the current configuration"

You will then see a clear display of all the configuration settings.

Do not change anything unless you have a backup file and know what you are doing.

Let's assume your Web browser is functioning as it should and you see the p.p. page displaying the confirmatory message.

You should now test your news reader client.

51. How do I test my news connection is anonymous?

Open FreeCap and click on the Stunnel icon in the FreeCap Window. It is imperative that Stunnel be started only from within FreeCap and thus be socksified. Otherwise it will simply connect directly with your news provider. Certainly it is a secure (encrypted) connection but totally useless from an anonymity point of view. If the news provider logs connections, you have just destroyed your carefully built up anonymity for ever. The news provider will have logged your true IP address! A painful lesson.

Without opening Tor at this stage, start your news client. As a small precaution ensure you are in an appropriate newsgroup and attempt to download its headers. You should see connecting to displayed on the lower taskbar in Agent or wherever in the version you are using, followed by error reported by Winsock driver. Good. This proves Stunnel was attempting to connect to Tor, which is of course offline, thus no connection was possible.

Now start Tor. Try again. Hopefully this time you will have more success and it should connect to the news server and start downloading headers.

Go to a multimedia goup and start to download a large file. While the download is in progress, close Tor. You should see an immediate error about connection to server closed unexpectedly. Good.

Re-start Tor. Re-establish the connection with the server and start over. This time close FreeCap. Notice the download will continue. Do not panic! It is still accessing via Tor. Prove this for yourself by closing Tor and notice the download again stops immediately and there is the same Winsock error. Good.

If you have got this far, you have succeeded in creating a secure and truly anonymous network connection for both your browser and your Usenet posting/downloading.

52. Can I post binaries anonymously to Usenet with this system?

Absolutely. If you choose to use Agent, it will always use your news provider as the posting host. This is why I recommended you subscribe anonymously to this news provider. Nothing can then be traced back. If you are into heavy posting then you should use Power Post or something similar that allows you to choose whole folders of files for posting.

If you use Quicksilver for posting to Usenet it will always use one of the mail2news gateways. All data from your desktop is encrypted through to the first remailer and then on through the Mixmaster remailers and onto Usenet. The one and only down side is that the anonymous remailer network does not readily accept large files, such as binaries. Do not try and post as attachments, better to write it into the body of the message, if possible. But it is considered bad form to use the remailer network for binaries. The remailer network is intended for text files.

To post binaries, use Agent or Power Post or similar and post via your socksified Stunnel and Tor.

A warning: If you post illegal material, you may find your anonymous account closed without warning and no possibility of any refund!

53. OK, I can now surf the Web and browse Usenet anonymously, but what about Email?

I recommend Quicksilver. To socksify Quicksilver it is necessary to ensure that the port you intend using is enabled in both Tor and the SMTP remailer. There are presently no Tor exit servers with port 25 enabled, which is the default SMTP port. This is because of previous abuse. So to sendmail using Tor we have to be a bit clever and use a non-standard port for SMTP. This port needs to be one that is acceptable to both the Tor exit server and to the chosen remailer. Actually this is not strictly correct. It is possible to acces a hidden service on Tor whilst using port 25, but I found some problems. So to keep things as simple as possible here is my chosen solution. There may well be several routes to achieving this. I offer the one that I have been successful with. By all means experiment with other remailers and ports if you wish.

First a couple of perhaps obvious things. The following is to enable secure (encrypted) anonymous sending of Email via the Panta-rhei remailer and to receive Email via the Banana-split remailer. It is possible to use either for both purposes, but I prefer not to let my left hand know what the right hand is doing, so I split them. For maximum security I strongly recommend pointing your Nym reply block to a newsgroup, such as alt.anonymous.messages. You can set up Quicksilver to download all the messages in this group and to search through all these downloaded messages for your chosen subject, which identifies your mail.

The reason for downloading all messages is to prevent analysis of your downloading habits possibly identifying which messages are specifically for you. By using the banana-split hidden service this is very difficult anyway.

Quicksilver will then automatically decrypt these messages for you (after you have input your passphrase).

This sounds daunting, but believe me it is not. Just a little effort reading the Quicksilver help file/manual and you will be up and running in no time at all.

Note: There are many services offering so-called anonymous Email. Be very wary of them. Only the remailer network offers truly anonymous sending and receiving Email. Even this service is fraught with likely hazards if not used correctly. But at least you are in control and not some unknown admin who may or may not have your best interests at heart.

54. Why is the remailer network so secure and anonymous?

Although not perfect (nothing is), it does offer a level of anonymity well above and beyond what simple anonymous services (such as Hotmail) offer. It uses the Mixmaster remailers and has protocols to ensure your Email is very difficult to trace and decrypt. Remember, by using Quicksilver in the following recommended way, you are not just using Mixmaster, but also using Stunnel encryption which with SocksCap then sends all data through the Tor network and then on to a hidden service.

And all this is before the message is sent on through the Mixmaster remailer system!

Mixmaster is the type II remailer protocol and the most popular implementation of it. Remailers provide protection against traffic analysis and allow sending email anonymously or pseudonymously.

Mixmaster consists of both client and server installations and is designed to run on several operating systems including but not limited to *BSD, Linux and Microsoft Windows. It does not use PGP, but RSAREF with its own keys and key formats.

55. How do I configure Quicksilver?

First of all you need to create a default template in Quicksilver.

Go > Templates > and choose any existing template. Copy and paste the following:

Fcc: outbox Host: From: somebody@anybody.else Chain: panta,*,*; copies=2 To:

Save this as a template, naming it Panta-sendmail or whatever.

Now go > Tools > News Accounts > New > put into the News Server box. Clear the Login ID and password boxes (unless you are choosing to use your regular news provider, in which case you must enter your user name in Login ID and your password in the Password box). Click "New".

Enter the name of the news group, e.g. alt.anonymous.messages and the subject line you chose when creating your reply block. If you cannot remember it, go > Nym Wizard (the shades at top right on menu) Modify an Existing Account > Next > > > until you reach the screen displaying your reply block. Just copy and paste the subject line into the correct window and your done!

56. How do I configure Stunnel?

As you have already configured Stunnel for your regular news provider it is possible to use the same settings in Stunnel with Quicksilver to receive the Email that your Nym has (hopefully) forwarded to alt.anonymous.messages. Superior anonymity is achieved by using a hidden service, such as that offered by Banana-split. This is also a secure connection using Stunnel and ensures that your Nym is not associated with your news provider user id. If this is your choice you should create another folder called, say, Stunnel-2. Copy the existing files in your existing Stunnel folder to Stunnel-2. Now open this copy of stunnel.conf and copy and paste the following in place of what is already there:

#Bananasplit/Panta configuration

client = yes

[BANANA_NNTPS_563] accept = 119 connect = tyrndfbdb2x6g3vg.onion:563 delay = no

[Panta_TLS_MAIL] accept = 25 connect =

Create a shortcut to stunnel.exe in the new Stunnel-2 folder. Drag and drop this shortcut into the FreeCap window. To avoid confusing these two Stunnel icons, I suggest right clicking on them and choose "Modify" and re-naming them to something that will easily distinguish between them, such as Meganetnews (if this was your regular news provider) and Panta or Banana or whatever. When you want to use Usenet, you choose the Meganetnews icon (or whatever you chose to name it). When you wish to check or send Email, close the first Stunnel (by right clicking on it on the taskbar) and open the second one. Easy.

If you wish to continue using your regular news provider, then simply copy and past the following and add it to your existing stunnel.conf file:

[Panta_TLS_MAIL] accept = 25 connect =

This will allow secure and anonymous posting, avoiding your existing ISP SMTP server altogether. In fact it should be impossible for your ISP to even know you are sending or receiving Email. Better yet, even Banana admin cannot know what you are doing, as you are contacting a hidden service. But this is just the start of the journey your Email will travel before it reaches its destination. True anonymity.

Note: You can use banana-split for Usenet posting and downloading, but it offers just 24 groups! Thus best kept for your Email only.

57. In previous revisions you have recommended using SSH and a remote host server, why not in this revision?

Because it is slower, less secure and costs money. There are free host servers around, but why bother when there are the likes of Panta and Banana?

58. Surely all this is totally over the top for the majority of users?

It is certainly over the top for 99 per cent of users for 99 per cent of the time. If, however, you are the one in a hundredth and you do not much like the idea of being at risk for 1 per cent of the time, then no, it is not over the top at all.

In any case, using these tactics helps create smoke which in turn helps protect those who really do need all the protection and security they can get.

Remember this FAQ is intended to help many different people. Some may be living in deprived conditions, in countries where human rights abuses are a daily fact of life.

59. Can I use IRC/ICQ/Yahoo/MSM in this way?

No idea. I rarely use instant messaging and then only with a few friends in plain vanilla. You can use a program called Trillian. There is now a Pro version which will allow an encrypted conversation between a group and even allows file exchange (I believe). I have only used the beta version, text only. It appears to do all they claim for it. Both parties need to be using Trillian for the encryption to be effective. You can use it as a stand alone, but it will not then support encryption.

Trillian is here:

It might be possible to socksify Trillian. If so, then yes this could be a very useful way to be anonymous on IRC (Internet Relay Chat).

I am sure there are other ways to achieve this, but I am sorry this is beyond this FAQ. My knowledge is limited because I have never tried it myself.

60. Why not use MS Internet Explorer instead of FireFox?

MSIE is a dangerous program designed by MS to allow remote servers access to your computer's registry. Although designed for use by MS to allow easy updating of the Windows Operating System, this feature could be used by any site to access your IP address, even your machine ID and your personal registration details or worse, far worse, your saved passphrases. This can be done even if you have logged onto a site through a chain of proxies. In other words Microsoft Internet Explorer is an absolute no-no as far as anonymity is concerned.

As alternatives, I have already mentioned FireFox and Mozilla.

61. What about backing up my Data?

Although not strictly relevant to a FAQ mainly concerned with privacy, nevertheless, this is so important a few words are needed.

Create another encrypted container using DriveCrypt 4.2 on an external hard drive. Open this partition and copy some innocuous data from your normal plaintext drive. Now close this container and create a hidden container, following the instructions in the documentation that comes with DriveCrypt. Now copy all your secret data across into this secret container. Restoring is just as simple. Just open the secret container and copy into your DCPP partition.

TrueCrypt can be used by creating an encrypted partition at the end of the drive. Follow the TrueCrypt help files on how to make this part of the drive appear as unformatted and without a drive letter to Windows. All your secret data can now be copied into this TrueCrypt partition.

62. Lastly, what do you say to the charge that this FAQ may be useful to criminals?

I did take time to have a re-think after the events of 9/11. However, on balance I believe it is still the right thing to do. Like gun control, if we ban weapons only the police and criminals will have them. Banning encryption or anonymity is not going to make criminals stop using encryption or attempting to be anonymous.

It is almost laughable for anyone to be so naive as to believe that passing any law would make the least difference to a criminal. I believe that the individual should be allowed to choose, not the Government on his behalf.

Who benefits the most if Governments are allowed to reduce our freedom of choice? The Government or us?

Those that give up a little freedom to gain a little security will lose both.

This ends the FAQ.

Here is my PGP key and fingerprint:

Fingerprint: F463 7DCB C8BD 1924 F34B 8171 C958 C5BB

To contact me, please post to news:alt.privacy with the subject "Att: Doctor Who" (without the quotes) or send encrypted mail to my Nym:

Links to items specifically mentioned or recommended in the FAQ:






or here:

Stunnel is used for NNTP secure connections to your news provider.

Stunnel requires the executive file plus 2 others.


stunnel-4.05.exe stunnel-4.05.exe.asc (digital signature file optional but recommended)

OpenSSL Libraries (required files):

libssl32.dll libeay32.dll

libssl32.dll.asc (optional) libeay32.dll.asc (optional)



Quicksilver is here:

Mixmaster (required by Quicksilver and Jack B. Nymble):



Windows Washer is here:

pecunix is here:





Agent is here:

Norton's A/V is here:

Zonealarm: htttp://

Other links that might be of interest:


SSL Proxy info:



Thumbs Plus:


A Proxy site listing:

News Providers:



Nym remailers:, home page: Http://, home page:

In case you need convincing:

Useful programs:

Partition Magic:








WinRAR is here:

YProxy is here:

Media Player Classic:

Some anonymity sites:

Other additional useful sites:

Beginner's Guide to PGP:

PGP for beginners:

FAQ for PGP Dummies:


The SSH home page:

Anonymous Posting:

Anonymity Info:

Nym Creation:

General info:

Revision 20.2