Okay so there has been a LOT of misconceptions, half-truth's, and flat
out lies concerning internet logs, VPN's, VPS's and YOUR anonymity.
What I plan on covering in this :
- What exactly are logs?
- What information is logged?
- How does that information link to you?
The safety and details of (clearing all misconceptions):
- Google
- Websites
- ISP
- VPN'S
- VPS's
- Proxies
Other logs and risks.
Questions/Answers
Alright so lets get started :)
What exactly are logs?
Now this is a simple question with a very complicated answer.
What exactly are logs? Well they are obviously records, chances are they are on what you have been up to! (the simple answer).
Logs are created by a computer service or program to record "events".
Events can be a rather large list of things : From you turning the
computer on, to you typing and saving a text file, to someone connecting
to your computer.
Lets make a text diagram shall we ?
a basic opening of an application.
(your input) --> (the system)-->(application)-->result
Input : You click it.
System: Gets the event's "mouse clicks here"->"Application is here"->"open application".
Application: gets the event's "Start loading code"->"Started code"->"Done loading check if loaded correctly"
Now for each of these events (except for perhaps the mouse click) there is a new log created.
an example of a log would look like
PHP Code:
date[20013, Jan 1] Time 21:02 :
Action :: Application Virginity was started by user $4EverAlone ;
date[20013, Jan 1] Time 21:07 :
Action :: Application Virginity Loaded by user $4EverAlone ;
date[20013, Jan 1] Time 21:07 :
Action :: Application Virginity ran successfully by user $4EverAlone ;
Remember this stuff, it will come up later.
What information is logged?
There are many different types of logs, it all depends on who's logging the information.
Generally though whats logged is the action done, the time, who did the action, and any information pertaining to the action.
Websites: who did what - when - what url - the user/ user info .
you sortah get the idea right?
Don't worry, I know this is a really short section. I plan on getting
back to all of this in more details in the safety and details portion.
How does that information link to you?
ok so this is the important part: LISTEN UP.
1. Every computer that is logged in, has a user.
The user can be admin, system, anything. But they have a userID also.
This will link all local logs (logs that your computer stores) with the account.
2. MAC address (Media Access Control address). This was made to be able
to uniquely identify any device that would be "networking". Your
cellphone,Itouch,PDA,laptop,DSi. All of it.
Originally the MAC address was intended to be a permanent individual identifier, it is quite easy to spoof.
3. IP address . Well this everyone should be somewhat familiar with, right? just incase you missed out on this :
An IP is assigned to each individual device on a network, or the
internet. It is used to identify(be used as a name) and locate(send
packets to/from).
Now here is the fun thing, IP's are created by the IANA (internet
assigned numbers authority...Yeah they had to put authority in there
because saying "IM WITH THE IAN" left the ladies with the wrong
impression).
The numbers are then distributed around the world to five different regional internet registries.
From they are given to ISP's (internet service providers). Then to you.
Just one look at your IP will tell them which area of the world you are in.
Then they go to the registrar who gives them the ISP's number, who gives
them your number, who is already being dragged out the front door by
two FED's in black jackets carrying a briefcase and a giant purple
dildo.
4. Cookies. No not the ones Nana makes. These are baked in the depths of satans loins.
Its a piece of data stored from a website in your browser, and can be retrieved by the website.
Alright *few*
all that typing is done. Now that you get the basics of whats going on, lets get down to what you really want to know.
ARE YOU REALLY ANONYMOUS/SAFE ?
You sure you want to know?
Google
Ah, our best friend (besides our right hand). Big brother google is
always watching out for us, or better phrased is always watching us.
They log EVERY single search you make, and even more.
When you go to a website, they log your information. When you get an add from google, they log your information.
Google is your worst nightmare.
a "log" from google search archives:
PHP Code:
123.45.67.89-1/Jan/2013 10:11:32-http://www.google.com/search?q=do+feds+really+carry+around+dildo's-Chrome 2.0.0.7;WindowsNT 5.1-740674ce2123e969
Now what this says is this
"123.45.67.89 " - IP adress (OH HEY . I KNOW WHO YOU ARE NOW )
"1/Jan/2013 10:11:32 - Time (Yes, we need to know the very second that you looked up porn )
"http://www.google.com/search?q=do+feds+really+carry+around+dildo's" -
The search that you used (Incase your wondering. Yes, yes they do. )
"Chrome 2.0.0.7;
Windows NT 5.1 " - Browser and operating system (Hey I bet if we all
use IE that they will just think their systems messing up).
"740674ce2123a969" -The Cookie * <- evil. As google says "Like an IP
address, a cookie doesn’t tell Google who a user actually is or where
they live – it only identifies a computer" (Well shit, it wasn't me
officer. The computer did it ).
Although google claims to anonymise the IP addresses after 9 months and
alter the cookies after 18, it is still a VERY large risk.
They claim the ip address will look like "123.45.67.XXX" Unfortunately,
this still will give the general location and your ISP provider.
Websites
The damnation of us all. Web logs.
These can be extremely annoying due to the extent of the information they gather.
When you connect to a website, its generally logged for two purposes. 1. Security. 2. "Statistics".
How do they log this/what do they log?
They can log MANY things. IP, MAC, and unfortunately they generally drop a few cookies into your browser.
(taken from the apache website) lets say you open a gif
here's the log
PHP Code:
127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 2326
What do they have ?
"127.0.0.1" - IP
"frank" - your user if you are logged in, or they could use a cookie instead.
[10/Oct..etc] - Time and date
"Get /apache_pb.gif HTTP/1.0" - What you opened with what protocol.
the 200 and 2326 aren't important but summ'd up they say if it worked and how big it was.
They can also include where you were referred from, what bowser you were using, your OS system.
They get the same type of log when you open a link.
ESPECIALLY MISSING PAGES OR PAGES YOU HAVE ERRORS ON.
They will also use cookies, these can track your history of browsing.
Where you went after. What you did, how long you were on. What you
searched for.
and pretty much EVERYTHING about you.
Here's something the NSA did "he National Security Agency's Internet
site has been placing files on visitors' computers that can track their
Web surfing activity despite strict federal rules banning most of them.
These files, known as "cookies," disappeared after a privacy activist
complained and The Associated Press made inquiries this week, and agency
officials acknowledged Wednesday they had made a mistake.
Until Tuesday, the NSA site created two cookie files that do not expire
until 2035 — likely beyond the life of any computer in use today.
"
(that's right NSA. We are onto you and your habit of watching our porn
).
ISP
Ok so I will put this pretty simple for everyone.
Your ISP practically is videotaping your every move.
Ok no not literally, but they have EVERYTHING.
Here is a list leaked in 2010 of some info
Scared yet?
They have ALL your information, they record EVERYTHING.
Depending on where you live they are required to hold logs for a long time.
They know where you have been, what page exactly. How long you were on it, every download you make.
They even record your emails. Not the actual content (per-say) but they
are recording who contacted who. (I would suspect google does this
also).
How can they do this?
Easy IP. Not your IP address but:
Internet Protocol.
Communication between two computers (websites are on servers which are "computers") is formed up of "packets" .
Imagine packets as a piece of paper, your computer hands the other a
piece of paper saying "give me porn". The other computer replies by
drawing you a picture, and giving it back.
Well your ISP keeps every little piece of paper.
Now your thinking "BUT I HAVE PROTECTION". Every girl can vouch for me as I say NEVER trust that there's any protection.
VPN'S
First lets just get what a VPN : Virtual Private Network.
Its an internet within the internet, right?
Ill spare you all the technical jargon and sum it up like this (then
give you the technical jargon): Remember the paper analogy?
Well you give the VPN your paper, the VPN then hides it under its black
trenchcoat until it reaches the website. The website takes the paper,
gives it back to the VPN. Now the VPN returns to you.
It "masks" who's sending the data. It encrypts it so if someone grabs it, they can't read it.
Which is GREAT !
but still not exactly safe.
The VPN services may CLAIM to not hold logs. But their ISP will.
It will say "User gave VPN this paper". The reason VPN's are so safe is
because it can be harder to narrow down which user the request came
from, but its still VERY possible.
And your computer will say "I connected with VPN :D "
Their vpn computer will say "yeah, that dude connected to me -.-"
Everything has a log.
Honestly, ISP has the power to see everything. They just don't have the time.
VPS
Okay so lets not use a vpn...LETS USE A VPS ! (Virtual Private Server).
Its a computer, that you connect to and control. The same as VPS, their ISP will have logs.
But not only that, remember the computer logs I told you about earlier ?
When you log into a computer there is a log, when you remotely log into one it also holds what IP you connected from.
When, where from, how long , EVERYTHING is stored.
So when the feds see the VPS's IP doing something at 3:45 AM.
They go to the computer, they check "what ip was logged in at 3:45 AM" and BAM your IP address pops up.
Its the same as a VPS, you may be a bit more "anonymized" but its not anonymous.
Proxies
Proxies and proxy chains/services (such as tor) are the same as the
previous, if not more vulnerable (Tor is a different story, which I am
not going to delve into at this point. It is one of the most secure ways
to "travel").
Its pretty much the mix between a VPS and VPN.
You connect to it, tell it to do something. It does it, and brings you the reply.
The only problem is, it doesn't encrypt your data (generally). And it
doesn't hide that you are the one sending the message (to everyone who
know's how proxies/vps/vpn's work in detail. Please forgive me for the
really crude explanations. I am trying to get the overal concept across.
) .
It still hides YOU, but not that you are controlling it.
Hacking a wifi/ other people's wifi
Yes this can be REALLY good. And yet still bad.
When you connect to an internet router you leave logs of your MAC
address, which yes you can spoof it. But even so, still a log.
Especially if you try to crack the password, then your leaving your fingerprints all over the place.
Public Wifi normally has security measures to record who you are, AVOID THEM AT ALL COSTS.
Find personal home's that have unprotected wifi in a public place. That will help you out.
I new a person who did something called "war dialing" .
Well the newer version anyway. He drove around and cracked a bunch of wifi passwords.
Well the fed's ended up tracking him down because he left a trail, literally.
Each cracked wifi was in a specific 'zone' and he lived in that zone.
Using his browsing habits from the hacked modems, they pieced together a lot.
all it takes is one cookie to say "oh hey im sending from this IP ** . Oh hey now im from This ip ** "
and you are DONE.