If your usual YouTube viewing selection covers a wild and random variety of music, tech subjects, cooking, history, and anything in-between, you will sooner or later be baffled by some of the “Recommended for you” videos showing up. When it features a ten-hour mix of Soviet propaganda choir music, you might start wondering what a world taken over by an artificial intelligence might actually look like, and realize that your browser’s incognito / private mode really isn’t just for shopping birthday presents in secret. Things get a bit tricky if you actually enjoy or even rely on the whole subscribing-to-channels concept though, which is naturally difficult to bring in line with privacy in today’s world of user-data-driven business models.
Entering the conversation: the FreeTube project, a cross-platform application whose mission is to regain privacy and put the control of one’s data back into the user’s hands. Bypassing YouTube and its player, the watch history and subscriptions — which are still possible — are kept only locally on your own computer, and you can import either of them from YouTube and export them to use within FreeTube on another device (or back to YouTube). Even better, it won’t load a video’s comments without explicitly telling it to, and of course it keeps out the ads as well.
Originally, the Invidious API was used to get the content, and is still supported as fallback option, but FreeTube comes with its own extractor API nowadays. All source code is available from the project’s GitHub repository, along with pre-built packages for Linux (including ARM), Windows, and Mac. The application itself is created using Electron, which might raise a few eyebrows as it packs an entire browser rendering engine and essentially just disguises a website as standalone application. But as the FAQ addresses, this allows easy cross-platform support and helps the project, which would have otherwise been Linux-only, to reach as many people as possible. That’s a valid point in our book.
Keep in mind though, FreeTube is only a player, and more of a wrapper around YouTube itself, so YouTube will still see your IP and interaction with the service. If you want to be fully anonymous, this isn’t a silver bullet and will require additional steps like using a VPN. Unlike other services that you could replace with a local alternative to avoid tracking and profiling, content services are just a bit trickier if you want to actually have a useful selection. So this is a great compromise that also just works out of the box for everyone regardless of their technical background. Let’s just hope it won’t break too much next time some API changes.
Love him or hate him, Edward Snowden knew a thing or two about anonymity. In June of 2013, he blew the whistle on the NSA’s out-of-control programs that can target virtually anyone plugged into the digital age. The former CIA employee was working as a contractor for the NSA, where he had access to highly classified documents for many of these general populace surveillance programs. He eventually took off to Hong Kong and released the documents to a handful of reporters. One of these documents was a power point presentation of the NSA complaining about how the TAILS operating system was a major thorn in their side. Naturally, Snowden insisted that the reporters and himself only communicate via the TAILS O/S. He used PGP, which is an encryption method with the highly sophisticated title of “Pretty Good Privacy”, and asked not to be quoted at length for fear of identification via stylometry.
In this article, we’re going to go over the basics of anonymity, and introduce you to methods of staying anonymous while online.
Continue reading “The Dark Arts: Anonymity”
A few weeks ago, Anonabox, the ill-conceived router with custom firmware that would protect you from ‘hackers’ and ‘legitimate governments’ drew the ire of tech media. It was discovered that this was simply an off-the-shelf router with an installation of OpenWrt, and the single common thread in the controversy was that, ‘anyone can build that. This guy isn’t doing anything new.’
Finally, someone who didn’t have the terrible idea of grabbing another off the shelf router and putting it up on Kickstarter is doing just that. [Adam] didn’t like the shortcomings of the Anonabox and looked at the best practices of staying anonymous online. He created a Tor dongle in response to this with a Beaglebone Black.
Instead of using wireless like the Anonabox and dozens of other projects, [Andy] is using the Beaglebone as a dongle/Ethernet adapter with all data passed to the computer through the USB port. No, it doesn’t protect your entire network; only a single device and only when it’s plugged in.
The installation process is as simple as installing all the relevent software, uninstalling all the cruft, and configuring a browser. [Adam] was able to get 7Mb/sec down and 250kb/sec up through his Tor-ified Ethernet adapter while only using 40% of the BBB’s CPU.
If you’re a network researcher or systems administrator, you know that network traces are often necessary, but not easy to share with colleagues and other researchers. To help with both ease of use and handling of sensitive information, the Institute of Telematics has developed PktAnon, a framework that anonymizes network traffic.
It works by using a profile-based scheme that supports various anonymization primitives, making it easy to switch between different network protocols and anonymization methods. New primitives can easily be added, and several pre-defined profiles are bundled into the distro. The profiles are all XML-based.
Essentially, there are two major uses for network traces: anonymizing user traffic in order to research it, and anonymizing in-house usage, thus preventing the leakage of sensitive information. It’s a rather rigid scheme, but using profiles for this was a stroke of genius that made it a lot easier, more flexible, and as a result, more useful and powerful.
UPDATE: Video can also be found here.
Ah, the life of the work-a-day hacker: sure, it’s glamorous, but all the paparazzi dogging your every step can get unbearably stressful. Thankfully, you have a recourse with these anti-paparazzi sunglasses. They work by mounting two small infrared lights on the front. The wearer is completely inconspicuous to the human eye, but cameras only see a big white blur where your face should be.
Building them is a snap: just take a pair of sunglasses, attach two small but powerful IR LEDS to two pairs of wires, one wire per LED. Then attach the LEDs to the glasses; the video suggests making a hole in the rim of the glasses to embed the LEDs. Glue or otherwise affix the wires to the temples of the glasses. At the end of the temples, attach lithium batteries. They should make contact with the black wire, but the red wires should be left suspended near the batteries without making contact. When you put them on the red wire makes contact, turning the lights on. It’s functional, but we’re thinking that installing an on/off switch would be more elegant and it would allow you to wear them without depleting the batteries.