laklak wrote:TOR and decent VPN and you'll be OK for 99% of what you do. Unless you're into child porn or a terrorist, of course. Then you should rely on old fashioned letters and one-time code sheets.
Terrorists using old fashioned letters and one-time pad seem logic to me even if I don't know any cases in which orders were transmitted by terrorists to others terrorists with this means.
Happily for us the majority of terrorists use electronical means to communicate like those who took part in November 2015 Paris attacks (
https://en.wikipedia.org/wiki/November_ ... is_attacks ) and that help intelligence services and police force to done investigations.
It would be not easy for intelligence services and police force to investigate if terrorists were smart enough to use one-time pad and papers.
I'd like to recall one-time pad is inefficient if it's not used correctly like use two time the same key or if the key isn't random.
To know more about one-time pad also known as Vernam cipher :
https://en.wikipedia.org/wiki/One-time_padYou spoke about pedoporn customers but you forget to speak about drug dealers , weapons traffickers , money counterfeiters and others kind of criminal activities.
A customer of pedopornography
(In my example the felon don't download contents but view it) can reduce the risks to be busted with the methods I will explain to you even if no strategy can have a reliability to 100%.
If someone is only using one relay in a foreign country between the home connection and Internet
(VPN , Proxy server , VNC server etc...) to dissimulate his / her IP address he / she can be catch if authorities ask to all ISPs of their country jurisdiction who was using which relay at that time nor use logs kept by intelligence services charged of mass surveillance.
They would have a relevant list of suspects from ISPs if he / she using a connection of an ISP from the country jurisdiction.
If the person is using an ISPs from another country than country jurisdiction infos given by ISPs would be not useful and in this situation it could be necessary to ask infos to secret services of the country.
If the person is using the same relay at another time. Logs will reduce the list of suspects then we wait another time etc... until find the good one.
They have another possibility. Intercept in live the telecommunication of the suspects without install something on computer target. If ciphered it would be necessary to break it but they are reputed to have problems to read ciphered telecommunications in the majority of situations.
But if a spyware
(Hardware or software) is installed on computer target they would be able to read telecommunications even if these are ciphered.
Law enforcement can also install a video surveillance system or / and bugs in your home and your computing skills wouldn't help you to avoid a conviction if you're physically monitored with wires or / and closed-circuit television.
Side-channel attack does exist
https://en.wikipedia.org/wiki/Side-channel_attack(This is an allegation from me and I don't know any real life case of an authority asking to all ISPs who was using which relay at which time. The same about intelligence services. I don't know any case of a child porn customers monitored with a side-channel attack).
If an Authority haven't the means to ask to all ISPs of its jurisdiction or to its intelligence services who was behind which relay at which time.
They can ask it to authorities of the place in which relay is located but they can answer like not answer
(That depend of countries involved and matters. Identify a political dissent isn't at the same level as identify a drug trafficker or pedophile sharing child porn. The level of matters depend of countries).
Onion routing
(Used by Tor , Tox , Tribler) , Garlic routing
(Used by I2P) , IP Spoofing
(It is using the IP of another terminal that our. It is like identity theft in real world) , Proxies and VPNs are way to hide our identity online but none of these method have an efficiency of 100%.
Onion routing :
https://en.wikipedia.org/wiki/Onion_routingTor :
https://en.wikipedia.org/wiki/Tor_(anonymity_network)
Tox :
https://en.wikipedia.org/wiki/Tox_(protocol)
Tribler :
https://en.wikipedia.org/wiki/TriblerGarlic routing :
https://en.wikipedia.org/wiki/Garlic_routingI2P :
https://en.wikipedia.org/wiki/I2PIP spoofing :
https://en.wikipedia.org/wiki/IP_address_spoofingProxy :
https://en.wikipedia.org/wiki/Proxy_serverVPN :
https://en.wikipedia.org/wiki/Virtual_private_networkIf the perpetrator of an offense use one of these methods and do the same things he / she is doing while he / she is connect without anonymity method
(Use Facebook under his / her real name , Send a picture of himself / herself , Use a nickname the individual did already used or similar , Use a password he / she did already used or similar , Tell a bit about its own life then another until it became possible to find the real identity etc...) these methods won't help the perpetrator if he / she is the hole in the anonymity system.
Activities the person do on Internet under his / her real IP address and method of anonymisation must not be the same.
For example if you connect to Instagram with a method of anonymisation you must not view the content of accounts that you did already viewed under your real IP.
Not forget to update and upgrade the computer. A software not updated can be dangerous if a hole in one of these can reveal your identity.
Avoid Flash and others scripts
(JavaScript and OpenGL for example) like this as they can allow to find your real IP. Don't install extensions for browsers.
Don't forget to change the language of your system then software used if you pretend to be from another country than real one.
A felon can be found because of a mistake like this.
A felon must think to hide its MAC address and serial numbers of its hardware when this is possible because a malware can infect its computer.
If it is infected and reveal any serial numbers a link can possibly be made with his / her real identity.
(I don't know any alleged case of someone identified with an action like this but I know the case of a citizen of USA and Ireland who was a pedoporn hoster catched because of his MAC address and Windows GUI).Someone perpetrating a felony must think to cover his / her webcam because a malware can infect the computer.
He / she must don't speak to avoid being identified by voice analysis if the computer have a mic inside because if the felon fall on a malware while using an anonymisation method he / she can be maybe identified.
(I don't know any alleged case of someone catched by one of these methods).
Use an OS based on Linux reduce the risk of infections by malwares.
Use your OS on live DVD. Tails is reputed to be a good one
(I did never used it).
What's tails ?
https://en.wikipedia.org/wiki/Tails_(operating_system)
The most paranoid felon would use a computer he did never used before.
He would bought it in a shop or another place without CCTV and pay for it in cash in a place where nobody known him / her. He wouldn't use Internet for this task.
He wouldn't take his / her phone to go to the shop.
The most paranoid felon who want to stay anonymous online can crack the Wi-Fi connection
(It's a misdemanors nor felony in majority of world jurisdictions) of their neighbor and do what I say previously.
I wouldn't like to be the neighbor who will maybe have law enforcement coming to his / her home.
Instead of doing this the felon can use a false identity to access to Internet in a Internet café but someone using a live CD / live DVD or live USB in a cyber café would be suspect and there are often CCTV in these places but if there are not CCTV you would let your fingerprint and DNA there anyway.
He / she can do worse like enter without authorization in a place with Internet connection.
Of course , if the felon is stupid he would use two time the same Wi-Fi connection and be potentially traced with radio direction finding if authorities did localized which connection was used and wait the felon to use RDF.
What's radio direction finding or RDF ?
https://en.wikipedia.org/wiki/Direction_findingWhen doing financial transactions for his / her illegal activities the criminal can use Bitcoin or another cryptocurrency and use one wallet by transaction. If he / she have two wallets it's better to have one platform for each but if the criminal have more than one hundred wallets it's not easy to apply the sentence
"One wallet , one platform" and in this case the user can use only three , four , five , six , seven or more.
What's Bitcoin ?
https://en.wikipedia.org/wiki/BitcoinWhat is a cryptocurrency ?
https://en.wikipedia.org/wiki/CryptocurrencyEverybody have its own writing style and its own speaking style and it can help law enforcement to identify the person.
You can try simulate being from another ethnic group , generation , country , education level than your and write some words with bad spelling.
It won't change what you are and there a day you will make a mistake that will prove you're not what you pretend to be like forget to put your browser in British English if you're an American who pretend being a British , write colour in place of color if you're a British who pretend to be an American etc...
Don't forget tor and the like are vulnerable to traffic analysis.
Explanations about mix network vulnerabilities :
https://en.wikipedia.org/wiki/Mix_netwo ... rabilities
General explanations about traffic analysis :
https://en.wikipedia.org/wiki/Traffic_analysisEric Eoin Marques is a citizen of Republic of Ireland and USA.
He was a pedoporn hoster.
It's alleged he was identified because he was using Windows with a non-updated version of Firefox vulnerable to a 0-day if the user have Windows like operating system and JavaScript enabled.
If he wasn't using Windows but Linux and a up-to-date system with noScript. He wouldn't be identified like this.
He did forget to forge the MAC address on his local network and the exploit send MAC address of users to law enforcement.
The exploit used in the 0-day vulnerability catch also the globally unique identifier
(GUID) of Windows.
GUID + MAC address = The most perfect way to identify a PC
Wikipedia explain you what I did say :
https://en.wikipedia.org/wiki/Freedom_HostingI know a case in which customers of CP were busted because they forget to deactivate flash.
There are also webRTC that is responsible of DNS leaks that permit to authorities to find target and this is another reason to disable JavaScript.
The majority of convicted felons are busted because they forget to use basic things that I explained to you.
The majority of those who perpetrates illegal stuffs forget one or many basic things that I explained to you and that help law enforcement a lot.
This is sad to say but many criminals will never be arrested.
For example. Think to these owner of small business in Western world who lose theirs business because of a hacker localized outside of the Western world who was never busted.
Anonymization method + localization of the perpetrator in a non collaborative jurisdiction don't help law enforcement.
International treaties of nowadays aren't sufficient and there are so many differences between laws of different countries that it doesn't facilitate international collaboration.
For example in some places possess a drawing depicting sex involving minors can lead to prosecutions when in others this is not the case.
Wikipedia speak about it :
https://en.wikipedia.org/wiki/Legal_sta ... ing_minorsRational Wiki speak about CP in general :
https://rationalwiki.org/wiki/Child_pornographyThe second example of difference between law in different countries of the world for which I will speak is about freedom of speech.
In the majority of country of the Western world write racist comments on public parts on Internet is a misdemeanor when in USA write racist messages isn't prohibited.
The third and last example is about freedom of speech.
In some country of the world like France
(My country) it is illegal to deny the existence of Jewish genocide during World War II but it is authorized to do so in USA.