I didn't know where to put this but here will work. Sticky? Maybe? This is really easy for noobs and I see so many people asking it...
This guide will go over the main things you should do to hide your identity online and be safe. This stuff isn't only for drug dealers and hackers everyday people can incorporate this stuff to protect themselves from others and even the government.
Probably the easiest tool to use to give a user an immense ammount of security is Tor. Tor is an internet browser that encrypts all traffic and masks your IP address. Tor is free and can be located here. Tor provides (as of right now) 128-bit AES encryption for the user. If you visit a website using Tor the website will not see your true IP address. It will see another IP that is in the Tor network.
Tor is not completely safe however. When you connect to the Tor network you are giving a thing called an 'entry node'. The entry node knows your IP address and sends it securely to the Tor network. The exit node, is where your request is decrypted and sent to the internet. The exit node does not know your computer’s IP, only the IP of the relay node. Using this model of 3 nodes it makes it harder, but not impossible to correlate your request to your original IP address.The FBI has been known to set up fake exit nodes to intercept and log traffic.
* Tor Download Page
* Tor on Wikipedia
* About Tor
Look up at your URL. The next before the domain you should see https://. You should see this on EVERY site. In HTTPS the S stands for secure. HTTPS will encrypt your requests so that only the server can decrypt them, and not somebody eavesdropping on your communication.
If somebody were to intercept your request over HTTP , they would see the data and would NOT have to work to decrypt it.
But if somebody were to intercept your request over HTTP , they would see encrypted data and would have to work to decrypt it.
Attackers can also inject malicious things into HTTP headers and links that would not be possible with HTTPS. Another thing about HTTPS is that different websites use different certificate encryptions. You a site's encryption algorithm for HTTPS by clicking the lock by your URL. Voat uses ANSI X9.62 ECDSA Signature with SHA256. Some sites using older hash algorithms such as MD5 or SHA1 or more vulnerable (especially MD5)
* HTTPS on Wikipedia
* HTTPS vs HTTP
* Nice Explanation
This is the most popular way to hide your identity and very commonly used. A VPN (service in most cases) connects a user's computer to a private and anonymous network of computers to hide the user's IP address and info. Below is a list of the best services and the worst.
- Express VPN - Known to be extremely fast
- IP Vanish - Cheap and reliable
- Nord VPN - Expensive but extremely secure
- Hide my Ass - Largest with IPs in over 190 countries
- Cyber Ghost - For those who want free
- WiTopia - Logs info and cooperates with feds
- Hotspot Shield - Caught selling info to authorities
- Steganos - Logs everything
- ExpressVPN - Pathetic security
ALWAYS research your VPN before buying it or using it.
* VPN Comparison
* VPN on Wikipedia
* Nice Article on VPNs
PGP (pretty good privacy) is hard to explain so here is an explanation from here:
"PGP stands for “Pretty Good Privacy,” and it’s most often used for sending encrypted messages between two people. PGP works by encrypting a message using a public key that’s tied to a specific user; when that user receives the message, they use a private key that’s known only to them to decrypt it.This system ensures that it’s easy to send encrypted communications, because the only thing needed to encrypt a message is a public key and the proper PGP program. But it’s also quite safe, as messages can only be decrypted with privately known keys that are password-protected.
In addition to encryption, PGP also allows for digital signatures. By signing your encrypted message with your private key, you provide a way for the recipient of the message to see if the content of the message has been changed. If even a single letter in the message is changed before it’s decrypted, the signature will be invalidated, alerting the recipient to foul play."
It is often used for messages to ensure their authenticity or for posts/comment/articles to assure that the text is not a gag order and is from the acclaimed poster.
This is a little more advanced and excessive than the other methods but it is impossible to crack according to your boy Snowden!
PGP on Wikipedia
If Tor is to browsers than Tails is to OSes. Tails is the Operating System for Security. It comes built in with Tor and PGP. All actions done on the OS are erased completely after logging off.
Tails can be done on a virtual machine or dual booted (or booted fully)