Advice for HackerOtherPenetration TestingTor

How to Avoid NSA Spying? Government Spying on Internet

Government Spying on Internet: First, let’s review what will get you busted. Your IP address is sent somewhere whenever you decide to visit a website online, and your ISP has all the details on your IRL identity. No matter who you claim to be online or how many precautions you take, once the authorities have your ISP identifying information that’s all they need to make an inquiry.

Government agencies have a power beyond ordinary sleuthing to spy on your online actions and understanding how they do it is essential to avoid becoming the next Julian Assange and living in a small embassy for the rest of your stressed life.

How to Avoid NSA Spying? Government Spying on Internet

For example, it is believed that the NSA has the technical sophistication to decipher 1024 bit encrypted data. Private SSL or TLS protocols go up to about 512 bits. So even if you had 1024 bit encryption, one frequent problem is that Windows, Mac and Android users are sometimes forced to use 512 bits because of what is called a FREAK Attack (Factoring RSA Export Keys), an SSL TLS vulnerability.

The term Brute Force Decryption describes a deciphering threat that utilizes a computer with greater resources that is sure to overpower shorter encryption keys. Super computers owned by the government can easily overpower encryption if necessary—so don’t count on outsmarting the government in encryption software alone. NSA can also use something called “Grover’s algorithm” and Shor’s algorithm which can basically crack encryptions and search for single terms in private files.

Also Read: The Most Common Mistakes Made in Anonymous Surfing Online!

If you’re trying to hide from the NSA you’re competing with “good guy” hackers and so their goal would be to break into your computer and recover evidence. Supposedly, some hackers believe that 2048 bit encryption as well as a stated “full security” from those super-algorithms would be something close to safe. Local law enforcement are obviously not as well equipped to spy on you to that level so they will spend more time using undercover agents and looking for common mistakes.

Another less common mistake is when you make the mistake of using an external drive without bothering to encrypt information. While it is a good idea to use a Flash drive in general, saving data on the drive or even a second external hard drive is not a completely foolproof plan.

External hard drives that connect to a computer are still accessible to the internal hard drive and processor, especially if the BIOS allow the master hard drive to scan all drives and keep logging records for maintenance. Even if you use a USB drive for saving files, they should always be encrypted.

Some hackers would also go so far as to recommend turning off scripts like Javascript, Flash and others, and using a minimal browser to avoid more threats.

Understand that if the NSA suspects you’re a dangerous terrorist or whistleblower (Islamic, Australian or homegrown) they can and probably will try to decrypt your TOR data, although this would be a fairly uncommon scenario.

Also Read: These Are The Only Ways to Surf Anonymously Online!

The bigger risk for you individually is that they will find you without needing your IP address at all. They may need it eventually to prove something in court, but they don’t need it to start with. They can start an investigation with just your aggregated internet data, your so-called digital fingerprint. This collection of user information is stored on your browsing devices, and this identification can be aggregated and analyzed to identify a likely suspect. For example, plug-ins and browsers you use can leak data; everything from screen size to installed fonts and other small snippets of information and this can be organized into a case file that identifies you. This information can narrow you down out of millions of other users, who do not share your digital fingerprint.

Thus the alternative theory is that the more unique your user settings the clearer your digital fingerprint becomes to investigators. The goal then, some suggest, is to try to blend in with most other users and try not to configure your browser beyond the default.

What About TOR Security Breaches?

Wouldn’t the easy answer be to just use TOR and VPN together, upgrade your system and VPN provider software, and get to it? No, because as usual, the government is one step ahead. US Naval Intelligence practically invented TOR (or the technology that would evolve into TOR) for their own purposes, so you have to figure the government is smart—they know you’re downloading TOR as a starting point and ARE watching you. How?

TOR operates by obfuscating IP address data, passing your information through other servers before you reach the final destination. At this time, the NSA still uses specialist code breakers to crack encrypted messages and this is a fairly complicated way to spy on people—meaning they don’t have the resources to search every single person individually.

What’s a much easier way to catch the most foolish amateur criminals? Make sure security breaches exist in computer devices and in programs, such as Mozilla, which aggregates digital fingerprints from users. The government practically admits to installing these “backdoor features” on devices, operating systems and websites (most notoriously Google, Facebook, Windows 10, etc).

When it comes to internet encryption, you are best served by using less well known, or even minimal browsers where you can shut off and other functions that can be vulnerable to hackers, who may be targeting you.

The obvious question is, does the FBI, NSA or any government agency install back door spying software on TOR itself? It would certainly make sense, since the government designed the technology and since TOR is publicly and legally available to anyone that wants to download it.

That said, the belief is currently that TOR is not “loaded” with spyware. The government designed it so well that it seems to work just as it should—securely, protecting the user efficiently whether his actions are heroic or illegal. Edward Snowden recently stated that the NSA hasn’t been able to compromise TOR as of yet, and that PROPER encryption is still proving to be the best way to avoid detection.

What might be happening with users who claim TOR is compromised, is that they are using TOR wisely but are leaving digital fingerprints in other ways. They blame it on TOR without realizing their other mistakes.

Local law enforcement, already limited in resources, probably (and correctly assumes) that most criminals are going to give themselves away soon enough by being overconfident or ignorant of the way anonymizing software works. Agents and police officials who are investigating someone look for human error first, and encryption cracking second.

TOR’s Not the Problem—Your Hardware Might Be

If TOR is safe, which it probably is, then that still leaves plenty of technology open to tampering and that is what hackers believe is going on with the NSA at the moment. “Drive by downloads” refer to installing malware at high traffic sites for spying purposes; a staple of the cyber criminal, but now a method being used by government agencies to stop pedophiles, terrorists and others who may be using TOR to break the law.

Technological advances in combating cyber crime have been firmly in place for the last fifteen years or so and it’s been well documented that a backdoor program can give the government access to the hardware device you use, regardless of TOR, which might include files, web history, location, device fingerprint, ISP and even your webcam.

Operation Torpedo

After years of governmental outcry over TOR’s hard-to-crack function, there has been a great effort put forth to create a darknet crawler, one that could collect Tor onion addresses.

The agents working to arrest pedophiliac site owners got a breakthrough when they found a forum board with an open administrative account and no password. They logged in and found the server’s IP address. Human error once again!

But there was one more smart move left by the FBI—they didn’t immediately arrest the individual hosting the child porn sites. They waited and spied on him and got all the search warrants and evidence they needed, and also modified the code on the servers to deliver their hacking tool to ANY other

servers that accessed the sites under investigation. They not only got the primary host user but 25 additional visitors to the site. They subpoenaed all the ISPs involved and they got every last person’s address, subscriber name and other personal information.

As you can see, there are many ways to circumvent TOR and many of them actually do just involve conducting surveillance on a suspected criminal, based on the FBI’s own developed software that turns one’s modern devices into spy tools.

Of course, comparatively, child porn and looking up “illegal information” for research purposes are hardly in the same league. It’s easy to argue, legally speaking that one was looking at a news site or deep web link and stumbled upon private information. It’s quite a different thing to be caught visiting a forum that advertises itself a Child Pornography Website. There isn’t a lot of defense once the person has been caught, and lawyers of the accused person in this case, were unable to mount a legitimate defense based on the FBI’s new method of surveillance.

Now where it will get complicated in the future is studying potential terrorists and whether they visited a terrorist website and if that implies guilt or premeditation of a crime.

There are certainly some activists in the IT industry that believe that the FBI’s NIT (Network Investigative Technique) law-abiding malware is a dangerous precedent. In the future if the FBI is allowed to further scale up this NIT operation, they may be able to use remote access to search any and all electronic storage media and seize devices for investigation with little to no warning.

What Does This Mean About Your Darknet Experience?

Now all of this isn’t suggesting that anonymity is impossible in this modern age. If the NIT was infiltrating every single device in existence and reporting back to the NSA / FBI in live time for review, obviously this book would be a lot shorter—we would just say “Don’t bother surfing the darknet!”

But the truth of the matter is that just because the NSA has the capacity to find you in mere minutes, doesn’t mean they have CAUSE to investigate you.

Knowing this information just emphasizes one of two logical scenarios: if you’re going to use the darknet for legal purposes, fact finding and innocent browsing you won’t have any problem. If one is going to use TOR for illegal purposes, he has to think like a criminal and that means using diligence in planning each and every move and securing every part of the process. Using TOR or a VPN is no longer an end-all to Internet security.

Investigators also have access to other modern digital identifiers, such as surveillance footage, facial recognition video hardware and software, and license plate recognition. Therefore, if you walk to a public place and peruse the darknet you’re leaving behind a “video trail” with which you could be convicted, if doing anything illegal.

Also Read: What is the Deep Web and Why Is It Worth Exploring?

Some merchandise may also have a barcode or RFID chip installed, making it very easy to track the device itself, and thus find where you live and what location from which you access the Internet.

Once they have just a bit of evidence, all they have to do is make a realistic hypothesis; such as comparing your background history. You may or may not be on a watch list (nobody really knows what the FBI has on them) or even a terrorist screening database. If this is the case, you probably won’t even know that you’re being placed under surveillance and if you don’t do anything illegal, then you probably won’t ever hear of it. If you’re already on a watch list and decide to do something blatantly stupid like collecting, storing or sharing illegal information, there won’t be much problem in getting a warrant, arrest and conviction.

Stereotyping and profiling remain another unfortunate problem in many countries as law enforcement sometimes “profiles” a person, by relying on statistics, stereotypes or supposition trying to find patterns and motivations in a person’s behavior.

Once they subpoena your IP information, they can also get far more details regarding your viewing habits, how long you looked at a page, how many pages were viewed and what you downloaded and stored.

What Silk Road 2.0 Taught Us

Let’s pretend you’re a criminal hoping to reach Silk Road notoriety (a fairly well known illegal drug and weapons store that was taken down); the case of Silk Road 2.0 should definitely intimidate you. The FBI, along with the cooperation of 17 other countries, over the course of six months ran Operation Onymous, which finally identified the source of Silk Road 2.0 (the re-launch of the banned site) and brought it down.

What’s particularly interesting about this case is that no one actually knows how the government pulled this one off—and for good reason, since they may use their techniques again to bring down other criminal empires. No one shared any information, though some hackers and IT specialists speculate it could have been by finding TOR entry guards or exit nodes that they planted there. This would allow them to infiltrate the darknet structure and monitor snippets of traffic for evidence.

As we’ve seen, the darknet itself is just one avenue of exploration for government agencies. Email is a huge risk considering how it’s easy to make a mistake in basic communication apart from TOR.

Noor Qureshi

Experienced Founder with a demonstrated history of working in the computer software industry. Skilled in Network Security and Information Security.

Related Articles

Back to top button