Create a New Online Identity > Steps to Take
A clean start for your software, your identity and history.
Protecting yourself in this new cyber-world will take a whole new mind-set that to many of us is foreign. It may feel like you shouldn’t have to “sneak around” since you’ve done nothing wrong. The problem is, with your old identity, even though you’ve done nothing wrong, you’re already caught in their net. Don’t think so? Consider the new NSA Data Center in Utah with its exabytes (1 exabyte = 1 billion gigabytes) of storage capacity. According to a top official quoted in Wired Magazine’s article, “Everybody’s a target; everybody with communication is a target.” Never, we repeat never, use existing accounts that can be traced back to your old identity when signing up for, or downloading anonymity software.
Before you start signing up for new accounts, get a VPN for a month. Why a month? Because since you haven’t yet created a new online identity where you can purchase items anonymously, getting the VPN with your existing identity will tie it to you. After you’ve signed up for new accounts, the VPN you purchase for a month will be eliminated. Then with your new online identity, you can now purchase a VPN that is not associated with your old identity.
If you wish to open any account that will require phone verification, you can purchase a pre-paid cell sometimes called a ‘Burner Phone’ (sold at Walmart fairly cheaply). You should consider choosing a VPN service that attests to the fact that they do not track you (we use Private Internet Access). When using your new identity, DO NOT, again DO NOT use your credit card to sign up for these or any other services. Use Bitcoins, the Internet’s cash. There is no history of you using Bitcoins, the same as using cash, most likely. However, as you probably will use a credit/debit card to buy them, there is a history of that just like an ATM knows you withdrew cash.
Before you begin: By far the safest place to store your software, data and history is on an encrypted drive. Please see Resources if you’re interested in a security environment with all the steps listed below pre-installed and pre-configured on an encrypted USB Flash Drive we call the Freedom Drive.
This install is for Windows Users:
- Get a VPN for a month and install it.
- Using the VPN: Download and Install TrueCrypt.
- Create an encrypted volume with a ‘false bottom‘.
Note: This is where you will install all of your new software and and where you’ll place your data.
- Create an encrypted volume with a ‘false bottom‘.
- Using the VPN: Download Portable VirtualBox to the encrypted volume.
- Extract the files to a folder in the TrueCrypt volume.
- Using the VPN: Download the Kubuntu Operating System Installer.
- Use the installer to create a Kubuntu.iso (install cd) in a folder in the TrueCrypt volume.
- Using Portable VirtualBox: create a new Virtual Machine.
- Save in a folder within the TrueCrypt Volume.
- Install the Kubuntu OS (install cd created above) in the new Virtual Machine.
- In the new Virtual Machine running Kubuntu:
- Using the Muon Package Manager: Install gufw (GUI to configure your firewall).
- Using the Muon Package Manager: Install Kleopatra (GUI to configure your signing certificates).
- Using the Muon Package Manager: Install Firefox.
- Download and install the Linux version of TrueCrypt.
- Download and install the Linux version of Jitsi (encrypted messaging, phone and video).
- Configure your firewall, opening up the ports used by the SSH services.
- Harden Firefox’s security by adding the following extensions in this order:
- From Add-ons: AdBlock Plus
- From Add-ons: BetterPrivacy
- From Add-ons: DoNotTrackMe
- From Add-ons: Flashblock
- From Add-ons: Ghostery
- Download and Install: HTTPS-Everywhere from their website
- From Add-ons: Lightbeam
- From Add-ons: MaskMe
- From Add-ons: TrafficLight
- From Add-ons: WOT
- Avoid any direct contact with Google whenever possible. StartPage uses Google Search without invading your privacy.
- In Firefox, change your default search engine to StartPage using the drop-down menu in the search box. Choose Manage Search Engines and place StartPage at the top of the list.
- From Firefox, go to the https://www.startpage.com, and click the ‘Add to Firefox’, ‘Make my Homepage’ links and say yes to the ‘start using now’ question.
- While optional, we recommend that you move startpage to the #1 position in the search engine list and DuckDuckGo to #2, Bing to #3 and Google to LAST. Note that Startpage uses Google and DuckDuckGo Bing. Both Startpage and DuckDuckGo state that they do not share information, save your IP or track you.
- Download and install the Linux version of the Tor Browser
- Purchase enough bitcoins for your VPNs and any other software you will need to purchase.
- Be sure to create and save your bitcoin ‘wallet‘ in your TrueCrypt volume.
- Use your bitcoins to get your permanent VPN service.
- Using the VPN, download the Tor Browser Bundle saving it to the encrypted volume.
- Start Tor, which will start a hardened version of Firefox that will use the Tor network.
Hide your privacy protection software in an encrypted area. Use a ‘false bottom‘ just in case you are forced to reveal the password.
Hardening your Browser
We won’t use a Google product without protection from what we believe is the World’s biggest spy and as such won’t even consider Chrome for browsing. Firefox has some very good plugins that can protect you from spying and tracking. Also, you should use the ‘private window’ option at any site where you don’t want any history of your visit. Just as important, use StartPage and DuckDuckGo with ssl for all of your searches as they don’t save any information including your IP or search information. Startpage uses Google, and DuckDuckGo use Bing in their searches so all you to lose are the big company trackers.
A Note about VPNs
At minimum, you need a VPN between you and the Internet provider. However, some ISPs are monitoring the fact that you’re using a VPN. Once you connect to your VPN service, your ISP can’t see where you’re going, only that you’re connected but the fact that you’re even using a VPN may “flag” you. For even more protection, you can first connect to a random Proxy Server and then start your VPN. As there are so many Proxy Servers, it is not flagged by your Internet Service Provider. You can also add obfuscation software such as the Tor Obfsproxy which disguises your VPN traffic so that it can’t be seen by making it look like everyday Internet traffic.