Why stay anonymous online?
In today’s society there are people and automated devices that are recording your deepest, most private thoughts and activities.
Each day we voluntarily divulge the most
intimate details of our lives through
social networking accounts,
email,
banking apps,
online games and more. In addition, governments and corporations can
censor and block our traffic based on whatever standards are in place that
day.
This is because many phone providers route your
calls over media using the Internet Protocol at some point within their
network. For example, long distance providers transfer calls over VoIP all
the time.
Once the data is compiled the attacker can build
an incredibly accurate profile of not only your online life but your
real-world life as well.
You have to understand that these “intruders into our lives” are scanning huge blocks of Internet addresses at a time. They don’t care who you are. Your computer is simply another target IP address as they scan through thousands of computers and devices in their search for more information.
Once collected they take all the information and
funnel it into databases where they can search through it later for
high-valued loot.
Don’t believe me? Just read the following story
about what our own government does:
The NSA
is Building The Country’s Biggest Spy Center - Watch What You Say - Big
Brother Goes Live September 2013.
In comes Whonix, the Anonymous Operating
System!
The purpose of Whonix is to allow Internet users
the ability to stay anonymous online. This is most beneficial to users in
regimes that
censor and
monitor access to the Internet, but it can also be used by anyone who
values their privacy, or doesn’t want their activities tracked online.
One machine acts as a gateway or router and runs only Tor, a sophisticated anonymity software. This machine is called the Whonix-Gateway.
The other machine, which called the Whonix-Workstation,
is on a completely isolated network that only allows Internet connections to
be routed through the Whonix-Gateway.
The idea is similar to using a hard-to-follow
series of roads while driving in order to throw off somebody who is tailing
you.
However all of that outbound traffic is then routed in such a way that it can only pass through your virtual “Gateway”, which encrypts the packets and sends them over several hops on the TOR network prior to landing at their final destination.
How Whonix Works: Figure 1
Once your traffic leaves the Whonix Gateway it is routed directly through the TOR network.
Instead of taking a direct route from source to destination, data packets on the Tor network take a random path through several relays, so no observer at any single point can tell where the data came from or where it’s going.
The relays even take additional steps to erase
your tracks periodically along the way. How Whonix Works: Figure 2 Routing Through TOR
In the event that the Workstation user initiates
a request to a new website or Internet resource, the Gateway simply selects
an alternate path through the TOR network as seen in Figure 3.
How Whonix Works: Figure 3
Using An Alternate TOR Path
There is a bit of a caveat to this system, however.
As indicated by the red dotted-lines in the images above, the last hop in the TOR network passes the traffic in the clear to the final destination. One of the primary functions of this computer, as an exit node, is to decrypt the data packets before they are passed off to their final destination.
This means this exit node could be vulnerable to
a man-in-the-middle attack, or it could have even been placed there for the
specific purpose of monitoring exit traffic by a hacker or government
agency. While the exit node would still have no information regarding the IP
address or location of the original Workstation user, it would know the type
of Internet request that they sent to the destination server.
One would only have to install the appropriate
software on the Whonix Workstation in order to provide an end-to-end
encryption solution for the traffic. Another method to bypass the
man-in-the-middle scenario would be to employ the use of TOR
Private
Bridges or
Private Exit Nodes.
The Workstation output should look similar to the following :
How Whonix Works: Figure 4
Workstation output
from the “whonixcheck” command
Be sure to watch for my article in the next few days detailing step-by-step instructions on how to install VirtualBox and Whonix on your computer. Let me know what you think of this anonymity solution in the comments below…
UPDATE: 01/09/2013 The Whonix development team forwarded the following important information about the anonymity provided from their product and Tor:
|