BlogSafer

edited CreditsPage

email@hidden () — Wed, 11 Jul 2007 18:28:11 +0000

edited CreditsPage

email@hidden () — Thu, 12 Apr 2007 16:29:48 +0000

The project was managed by CurtHopkins of the CommitteetoProtectBloggers.
The technical consultant was MarshallKirkpatrick.
W.S. Primezero Labs provided us with a few lines as well. Countless people were good enough to read over these translations, though needless to say any problems in the guides are not their fault. And thanks to everyone who reviewed the translations and the technical materials.
These guides were designed as a practical synthesis of available materials on anonymization. Among our many sources were Global Voices Online's Technicalguidetoanonymousblogging, the Electronic Frontier Foundation's HowToBlogSafely and the filtering case studies of the OpenNetInitiative. An exhaustive listing would fill pages.
Additional information came from the news media, academic and techincal studies, and, most importantly, individual bloggers. These included bloggers with an interest in the target areas who work outside of them, bloggers who work on online free speech issues in general and, above all, those bloggers working in countries that discourage or punish free speech. They are the source of this project and to them goes the lion's share of the credit. Due to both the great number of bloggers whose work we drew on, as well as the danger that some of them work in, we cannot list them individually here.

edited SideBar

email@hidden () — Tue, 10 Apr 2007 03:33:17 +0000

Click the WalkieTalkie button below to speak with anyone currently on the BlogSafer site.
FrontPage
To edit the wiki, write the administrator for the password: committeetoprotectbloggers at gmail dot com.
~~Click the WalkieTalkie button below to speak with anyone currently on the BlogSafer site.~~

edited FrontPage

email@hidden () — Tue, 10 Apr 2007 03:32:12 +0000

edited FrontPage

email@hidden () — Tue, 10 Apr 2007 03:31:47 +0000

BlogSafer: Speak Freely and Stay Free
Across the globe, countries that discourage free speech have followed their citizens into the blogosphere. According to one count, in the last two years at least 30 bloggers (and there are no doubt more) have been interrogated, arrested, tortured and sentenced to long prison terms for the "crime" of speaking critically about their governments. Regardless of your culture, your country, your politics or religion, we believe you deserve to speak your mind without falling afoul of state power. Unfortunately, what you deserve and what you get are not always the same thing. So, for those of you who wish to speak out on your blogs, but who do not wish to risk imprisonment or worse for doing so, we have prepared guides that will help you to blog more safely by blogging more anonymously.
But please note: Blogging can never be completely anonymous. With enough time, resources and political will, a group or government can discover who you are. We cannot guarantee that even if you follow the instructions on these guides to the letter that you will run no risk. You always take a chance when you speak your mind to people who cannot tolerate dissent. But we hope that these guides will enable you to minimize those risks, or at least be more aware of them.
By RSS feed at http://feeds.feedburner.com/Anoniblog
Or by email by providing your email address here:
subscribe: ~~Powered~~
Powered by FeedBlitz
While we cannot guarantee the security of any email addresses entered here, we hope that some people will subscribe to changes and help tend to this wiki over time.
Help publicize BlogSafer by posting an anoniblog button on your site.
Copy and paste this code.
href="http://anoniblog.pbwiki.com/">
~~<img~~ <img border="0" src="http://anoniblog.pbwiki.com/badge.php" /></a>
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, clickthislink or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.
.

edited SideBar

email@hidden () — Tue, 10 Apr 2007 03:29:54 +0000

edited SideBar

email@hidden () — Tue, 10 Apr 2007 03:29:30 +0000

FrontPage
To edit the wiki, write the administrator for the password: committeetoprotectbloggers at gmail dot com.
Click the WalkieTalkie button below to speak with anyone currently on the BlogSafer site.

edited SideBar

email@hidden () — Tue, 10 Apr 2007 03:24:33 +0000

FrontPage
To edit the wiki, write the administrator for the password: committeetoprotectbloggers at gmail dot com.
~~Push and click the WalkieTalkie to speak to anyone else looking at this page.~~

edited SideBar

email@hidden () — Tue, 10 Apr 2007 03:23:43 +0000

edited SideBar

email@hidden () — Tue, 10 Apr 2007 03:22:45 +0000

FrontPage
To edit the wiki, write the administrator for the password: committeetoprotectbloggers at gmail dot com.
Push and click the WalkieTalkie to speak to anyone else looking at this page.

edited FrontPage

email@hidden () — Tue, 10 Apr 2007 03:21:38 +0000

Help publicize BlogSafer by posting an anoniblog button on your site.
Copy and paste this code.
<a href="http://anoniblog.pbwiki.com/">
<img border="0" src="http://anoniblog.pbwiki.com/badge.php" /></a>
Across the globe, countries that discourage free speech have followed their citizens into the blogosphere. According to one count, in the last two years at least 30 bloggers (and there are no doubt more) have been interrogated, arrested, tortured and sentenced to long prison terms for the "crime" of speaking critically about their governments. Regardless of your culture, your country, your politics or religion, we believe you deserve to speak your mind without falling afoul of state power. Unfortunately, what you deserve and what you get are not always the same thing. So, for those of you who wish to speak out on your blogs, but who do not wish to risk imprisonment or worse for doing so, we have prepared guides that will help you to blog more safely by blogging more anonymously.
But please note: Blogging can never be completely anonymous. With enough time, resources and political will, a group or government can discover who you are. We cannot guarantee that even if you follow the instructions on these guides to the letter that you will run no risk. You always take a chance when you speak your mind to people who cannot tolerate dissent. But we hope that these guides will enable you to minimize those risks, or at least be more aware of them.
Enter your email to subscribe: Powered by FeedBlitz
While we cannot guarantee the security of any email addresses entered here, we hope that some people will subscribe to changes and help tend to this wiki over time.
Help publicize BlogSafer by posting an anoniblog button on your site.
Copy and paste this code.
<a href="http://anoniblog.pbwiki.com/">
<img border="0" src="http://anoniblog.pbwiki.com/badge.php" /></a>
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, clickthislink or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.
.

edited Resources

email@hidden () — Tue, 19 Dec 2006 02:49:59 +0000

http://www.anonymizer.com/ Anonymizer
http://www.anonymouse.org Anonymouse
http://www.http-tunnel.com/html/ HTTP Tunnel
http://www.peacefire.org/circumventor/simple-circumventor-instructions.html Peacefire's Circumventor
!!Proxies
http://www.privoxy.org/ Privoxy
http://www.publicproxyservers.com/index.html Public Proxy Servers
http://tools.rosinstrument.com/proxy/ Rosinstrument
http://www.samair.ru/proxy/ Samair
http://serifos.eecs.harvard.edu/cgi-bin/blossom.pl?proxy=1/ Blossom (perspective access network tool)
http://www.gnupg.org/ Gnu PG (encryption)
http://invisiblog.com/ Invisiblog (anonymous web publishing)
http://www.opennetinitiative.net/ Open Net Initiative (filtering information)
http://www.privacy-ecosystem.com/ Privacy Ecosystem (IP lookup)
http://tor.eff.org/ TOR (onion routing)
http://portal.unesco.org/ci/en/ev.php-URL_ID=21010&URL_DO=DO_TOPIC&URL_SECTION=201.html Unesco's The Net for Journalists (guide to blogging-as-journalism in the developing world)
http://theory.kaos.to/projects.html/ Anonym.OS (anonymizing tools CD)

edited FrontPage

email@hidden () — Tue, 19 Dec 2006 02:38:34 +0000

!!!Help publicize BlogSafer by posting an ''anoniblog ''button on your site. Copy and paste this code.

Copy and paste this code.
**
**

edited FrontPage

email@hidden () — Wed, 15 Nov 2006 23:07:57 +0000

---
! BlogSafer: The Anoniblogging Wiki
**Add a BlogSafer button to your site. Copy this code and paste it into your sidebar:
---
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, %5Bhttp://creativecommons.org/licenses/by-nc-sa/2.5/ | click this link%5D or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

edited FrontPage

email@hidden () — Wed, 15 Nov 2006 23:07:38 +0000

!!!Help publicize BlogSafer by posting an ''anoniblog ''button on your site. Copy and paste this code.
**

!!!Help publicize BlogSafer by posting an ''anoniblog ''button on your site. Copy and paste this code.
**
**
---

edited FrontPage

email@hidden () — Wed, 15 Nov 2006 23:07:10 +0000

Help publicize BlogSafer by posting an ''anoniblog ''button on your site. Copy and paste this code.
!!!Help publicize BlogSafer by posting an ''anoniblog ''button on your site. Copy and paste this code.
**

**
---

edited FrontPage

email@hidden () — Wed, 15 Nov 2006 23:06:48 +0000

Help publicize BlogSafer by posting an ''anoniblog ''button on your site. Copy and paste this code.

---
Across the globe, countries that discourage free speech have followed their citizens into the blogosphere. According to one count, in the last two years at least 30 bloggers (and there are no doubt more) have been interrogated, arrested, tortured and sentenced to long prison terms for the "crime" of speaking critically about their governments. Regardless of your culture, your country, your politics or religion, we believe you deserve to speak your mind without falling afoul of state power. Unfortunately, what you deserve and what you get are not always the same thing. So, for those of you who wish to speak out on your blogs, but who do not wish to risk imprisonment or worse for doing so, we have prepared guides that will help you to blog more safely by blogging more anonymously.
But please note: **Blogging can never be completely anonymous.** With enough time, resources and political will, a group or government can discover who you are. We cannot guarantee that even if you follow the instructions on these guides to the letter that you will run no risk. You always take a chance when you speak your mind to people who cannot tolerate dissent. But we hope that these guides will enable you to minimize those risks, or at least be more aware of them.

edited FrontPage

email@hidden () — Wed, 15 Nov 2006 22:30:39 +0000

! BlogSafer: The Anoniblogging Wiki
**Add a BlogSafer button to your site. Go to %5Bhttp://anoniblog.pbwiki.com/admin.php | Settings%5D, copy the code and paste it into your sidebar. (The password is blogsafe4u.) **

Across the globe, countries that discourage free speech have followed their citizens into the blogosphere. According to one count, in the last two years at least 30 bloggers (and there are no doubt more) have been interrogated, arrested, tortured and sentenced to long prison terms for the "crime" of speaking critically about their governments. Regardless of your culture, your country, your politics or religion, we believe you deserve to speak your mind without falling afoul of state power. Unfortunately, what you deserve and what you get are not always the same thing. So, for those of you who wish to speak out on your blogs, but who do not wish to risk imprisonment or worse for doing so, we have prepared guides that will help you to blog more safely by blogging more anonymously.
But please note: **Blogging can never be completely anonymous.** With enough time, resources and political will, a group or government can discover who you are. We cannot guarantee that even if you follow the instructions on these guides to the letter that you will run no risk. You always take a chance when you speak your mind to people who cannot tolerate dissent. But we hope that these guides will enable you to minimize those risks, or at least be more aware of them.
---
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, %5Bhttp://creativecommons.org/licenses/by-nc-sa/2.5/ | click this link%5D or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.
! BlogSafer: The Anoniblogging Wiki
**Add a BlogSafer button to your site. Copy this code and paste it into your sidebar:
---
Contact: chopkins4145 at charter dot net.
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, %5Bhttp://creativecommons.org/licenses/by-nc-sa/2.5/ | click this link%5D or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

edited WhatWikiIs

email@hidden () — Tue, 19 Sep 2006 03:20:10 +0000

Wikis are fantastic tools to allow for collaborative writing. Every visitor to a wiki can edit any page on the wiki. Editing is done in a very simple text language that is much easier to learn and read than HTML.
You can play around in the SandBox to get used to editing your wiki; you can also check out WikiStyle to learn more about wiki style rules. Enjoy!

edited SandBox

email@hidden () — Tue, 19 Sep 2006 03:19:41 +0000

!! Pictures!
%5Bhttp://pbwiki.com/sandwch2.jpg%5D

edited Resources

email@hidden () — Tue, 19 Sep 2006 03:19:12 +0000

http://mixmaster.sourceforge.net/ Mixmaster
http://www.noreply.org/ Noreply.org
http://riot.eu.org/anon/ Riot
Contact: chopkins4145@charter.net

edited MalaysiaAnonymousBloggingGuide

email@hidden () — Tue, 19 Sep 2006 03:18:37 +0000

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

Contact the authors at Contact the authors at anoniblog@hushmail.com.
chopkins4145@charter.net.

edited IranAnonymousBloggingGuide

email@hidden () — Tue, 19 Sep 2006 03:18:04 +0000

هدایت نادرست ارسال کننده های «Mix Master» بدان معنا است که بین 2 ساعت تا دو روز طول می کشد تا پیغام شما به سرورها برسد و شما باید در خصوص سر زدن به وبلاگتان بسیار دقت کنید. اگر مکراً به آن وارد شوید، آدرس IP آن مکراً در لاگ وبلاگ ظاهر خواهد شد و نشان خواهد داد که احتمالاً شما نویسنده آن هستید. شما می توانید تا حدودی اطمینان داشته باشد که مالکان «Invisiblog» از هویت شما اطلاعی ندارند.
این است که استفاده «Invisiblog» مشکل اصلی سیستم ازآن برای بیشتر افراد مشکل است. بیشتر افراد ایجاد GPG را چالشی بزرگی تلقی می کنند و در فهم پیچیدگی های کلید های عمومی و خصوصی مشکل دارند. ابزارهای رمزنویسی کاربر پسند تر، مانند «Ciphire» https://www.ciphire.com/، برای کمک به کاربرانی که از مهارت فنی کمتری برخوردار هستند طراحی شده است.، اما حتی اینها هم دشواری های خاص خود را دارند. موضوع دیگری که کار را برای شما به عنوان وبلاگ نویس ایرانی دشوار می سازد این است که اگر مقامات مربوطه کامپیوتر شما را بگیرند و کلید خصوصی شما را کشف کنند، این کار به خودی خود فوق العاده شک برانگیز خواهد بود و ممکن است به عنوان شواهدی دال بر این که شما نویسنده وبلاگ بوده اید مورد استناد قرار گیرد. در ایران، که رمز نویسی منع می شود، با ارسال پیام های ایمیلی در لفافه ای از رمز نویسی قوی، مانند «Mix Master»، ممکن است خطر کنید و توجه مقامات مسئول اینترنت را جلب نمایید.
حقوقی
این سند مطابق مجوز Creative Commons بچاپ رسیده است. به عبارت دیگر شما میتوانید با آن طبق خواسته خود عمل کنید: به آن چیزی اضافه کنید، از آن چیزی کم کنید، و یا آنرا به هر گونه که برای شما و دوستان وبلاگ نویس مناسب باشد تغییر دهید. لطفاً یک نسخه از متون اضافه یا کم شده را به ما ارسال نمایید تا ما بتوانیم آنرا در چاپهای بعدی راهنما بگنجانیم. همچنین، در صورتیکه مایل به دیدن اطلاعات اضافی درچاپهای بعدی باشید، ما را از آن آگاه سازید. آدرس ایمیل ما: این سند مطابق مجوز Creative Commons بچاپ رسیده است. به عبارت دیگر شما میتوانید با آن طبق خواسته خود عمل کنید: به آن چیزی اضافه کنید، از آن چیزی کم کنید، و یا آنرا به هر گونه که برای شما و دوستان وبلاگ نویس مناسب باشد تغییر دهید. لطفاً یک نسخه از متون اضافه یا کم شده را به ما ارسال نمایید تا ما بتوانیم آنرا در چاپهای بعدی راهنما بگنجانیم. همچنین، در صورتیکه مایل به دیدن اطلاعات اضافی درچاپهای بعدی باشید، ما را از آن آگاه سازید. آدرس ایمیل ما: anoniblog@hushmail.com
chopkins4145@charter.net
ما صحت اطلاعات مندرج در این راهنما را تضمین نمیکنیم. مسئولیت هر گونه ریسک استفاده ازآن بعهده خواننده میباشد.

edited FrontPage

email@hidden () — Tue, 19 Sep 2006 03:17:26 +0000

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, %5Bhttp://creativecommons.org/licenses/by-nc-sa/2.5/ | click this link%5D or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.
Contact: chopkins4145@charter.net.

edited FrontPage

email@hidden () — Tue, 19 Sep 2006 03:17:01 +0000

edited ChineseAnonymousBloggingGuide

email@hidden () — Tue, 19 Sep 2006 03:11:13 +0000

我们不保证本文所涉及信息的正确性。读者将对应用本文带来的任何风险负完全责任。
本文是以Creative Commons “署名-非商业性使用-相同方式分享2.5” 版的授权形式发表。如需查看该授权文本，请访问 http://creativecommons.org/licenses/by-nc-sa/2.5/或写信给Creative Commons, 地址：543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

edited ArabicAnonymousBloggingGuide

email@hidden () — Tue, 19 Sep 2006 03:10:48 +0000

Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA
anoniblog@hushmail.com

edited AnonymousBloggingApologia

email@hidden () — Tue, 19 Sep 2006 03:10:20 +0000

Anyone who wishes to take a public stand is welcome to do so. If you make an informed choice to stand up and be counted, we have no right to insist you do not do so. But an anonymous source, even if less than ideal, can still do tremendous good. As an example, look at %5Bhttp://zimpundit.blogspot.com/ | Zimbabwean Pundit%5D and %5Bhttp://www.sokwanele.com/thisiszimbabwe/ | This is Zimbabwe%5D. Zimbabwe has no free press and all foreign press has been ejected. If it weren't for these two anonymous bloggers we would not know about the violent and repeated destruction of urban squatters' housing. We would not know about the continuing ejection of commercial farmers and the giving of those farms to political friends of the President.
Most of the bloggers who have been %5Bhttp://committeetoprotectbloggers.civiblog.org/blog/_archives/2005/11/25/1421765.html | arrested%5D in the past two years were easy to find because they followed the advice of some purist critics of anonymous blogging: They used their real names and details of their lives. Considering the likelihood that the harrassment of bloggers will %5Bhttp://committeetoprotectbloggers.civiblog.org/blog/_archives/2005/11/22/1417333.html | continue%5D, we believe anonymous blogging should remain a valid option and comprehensive instructions on how to do so should be available.

edited AnoniHelpPage

email@hidden () — Tue, 19 Sep 2006 03:09:56 +0000

edited FrontPage

email@hidden () — Sun, 27 Aug 2006 02:04:44 +0000

edited Resources

email@hidden () — Tue, 01 Aug 2006 03:22:35 +0000

!!Other Tools
http://ctblog.daria.be/ Committee to Protect Bloggers (archives of free speech organization)
http://adoptablog.irisnetwork.ca/ Adopt a Blog (social hosting)
http://serifos.eecs.harvard.edu/cgi-bin/blossom.pl?proxy=1/ Blossom (perspective access network tool)
http://www.gnupg.org/ Gnu PG (encryption)

edited CreditsPage

email@hidden () — Mon, 17 Apr 2006 22:54:08 +0000

These guides were designed as a practical synthesis of available materials on anonymization. Among our many sources were Global Voices Online's %5Bhttp://cyber.law.harvard.edu/globalvoices/?p=125 | Technical guide to anonymous blogging%5D, the Electronic Frontier Foundation's %5Bhttp://www.eff.org/Privacy/Anonymity/blog-anonymously.php | How To Blog Safely%5D and the filtering case studies of the %5Bhttp://www.opennetinitiative.net/modules.php?op=modload&name=Archive&file=index&req=viewarticle&artid=1 | OpenNet Initiative%5D. An exhaustive listing would fill pages.
Additional information came from the news media, academic and techincal studies, and, most importantly, individual bloggers. These included bloggers with an interest in the target areas who work outside of them, bloggers who work on online free speech issues in general and, above all, those bloggers working in countries that discourage or punish free speech. They are the source of this project and to them goes the lion's share of the credit. Due to both the great number of bloggers whose work we drew on, as well as the danger that some of them work in, we cannot list them individually here.
Related projects and sites include:
%5Bhttp://committeetoprotectbloggers.civiblog.org | Committee to Protect Bloggers%5D
%5Bhttp://blogswana.wordpress.com | Blogswana%5D
%5Bhttp://www.enoughzimbabwe.org | Enough is Enough%5D
%5Bhttp://morphemetales.blogspot.com | Morpheme Tales%5D
%5Bhttp://www.marshallk.com | Marshall Kirkpatrick%5D

edited Resources

email@hidden () — Fri, 07 Apr 2006 03:36:03 +0000

!!Other Tools

http://adoptablog.irisnetwork.ca/ Adopt a Blog (social hosting)

http://serifos.eecs.harvard.edu/cgi-bin/blossom.pl?proxy=1/ Blossom (perspective access network tool)

http://www.gnupg.org/ Gnu PG (encryption)

http://invisiblog.com/ Invisiblog (anonymous web publishing)

http://www.opennetinitiative.net/ Open Net Initiative (filtering information)

edited FrontPage

email@hidden () — Thu, 30 Mar 2006 03:06:00 +0000

edited SideBar

email@hidden () — Thu, 30 Mar 2006 03:05:09 +0000

FrontPage

edited SideBar

email@hidden () — Wed, 29 Mar 2006 22:45:35 +0000

var sc_security="a33e1ffb";

edited SideBar

email@hidden () — Wed, 29 Mar 2006 22:45:14 +0000

sideb

edited FrontPage

email@hidden () — Thu, 16 Mar 2006 08:11:04 +0000

edited FrontPage

email@hidden () — Thu, 16 Mar 2006 08:09:48 +0000

edited FrontPage

email@hidden () — Thu, 16 Mar 2006 08:08:54 +0000

---

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, %5Bhttp://creativecommons.org/licenses/by-nc-sa/2.5/ | click this link%5D or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

added SideBar

email@hidden () — Thu, 23 Feb 2006 18:32:13 +0000

sidebar

edited Resources

email@hidden () — Thu, 02 Feb 2006 19:42:36 +0000

http://www.opennetinitiative.net/ Open Net Initiative (filtering information)

http://tor.eff.org/ TOR (onion routing)

http://portal.unesco.org/ci/en/ev.php-URL_ID=21010&URL_DO=DO_TOPIC&URL_SECTION=201.html Unesco's The Net for Journalists (guide to blogging-as-journalism in the developing world)

http://theory.kaos.to/projects.html/ Anonym.OS (anonymizing tools CD)

!!Remailers

edited Resources

email@hidden () — Tue, 31 Jan 2006 00:06:13 +0000

!Resources

!!Anonymous Email Accounts

http://www.hushmail.com/ Hushmail

http://mail.lycos.com/ Lycos Email

http://www.operamail.com/scripts/common/index.main?signin=1&lang=us Opera Web Mail

http://anoniblog.blogharbor.com/blog/_archives/2005/9/8/1208552.html Yahoo! Mail

!!Anoniblogging Guides

http://cyber.law.harvard.edu/dyn/globalvoices/wiki/index.php/AnonBlog Anon Blog Guide (Berkman Center)

http://www.searchlores.org/noanon.htm Anonimity Lores (Searchlores)

http://www.zensur.freerk.com/ Freerk's How to Bypass Internet Censorship

http://www.eff.org/Privacy/Anonymity/blog-anonymously.php How to Blog Safely (EFF)

http://security.ngoinabox.org/ NGO in a Box

http://privateblogging.noreply.org/privateblogging/ Private Blogging Wiki

http://www.ethanzuckerman.com/CN_circumvent_censorship.pdf RSF on Circumvention (Chinese)

http://www.rsf.org/rubrique.php3?id_rubrique=542 RSF's Handbook for Bloggers & Cyber-Dissidents

!!Blog Hosting

http://www.blogharbor.com Blog Harbor

http://www.blogger.com/start Blogger

http://www.blogsome.com/ Blogsome

http://www.livejournal.com/ Livejournal

http://www.seo-blog.org/ Seoblog

http://weblogs.us/ Weblogs.us

!!Circumventors

http://www.anonymizer.com/ Anonymizer

http://www.anonymouse.org Anonymouse

http://www.peacefire.org/circumventor/simple-circumventor-instructions.html Peacefire's Circumventor

!!Proxies

http://www.publicproxyservers.com/index.html Public Proxy Servers

http://tools.rosinstrument.com/proxy/ Rosinstrument

http://www.samair.ru/proxy/ Samair

!!Other Tools

http://adoptablog.irisnetwork.ca/ Adopt a Blog (social hosting)

http://www.gnupg.org/ Gnu PG (encryption)

http://invisiblog.com/ Invisiblog (anonymous web publishing)

http://www.opennetinitiative.net/ Open Net Initiative (filtering information)

http://tor.eff.org/ TOR (onion routing)

!!Remailers

https://www.ciphire.com/ Ciphire

http://mixmaster.sourceforge.net/ Mixmaster

http://www.noreply.org/ Noreply.org

!Resources

!!Anonymous Email Accounts

http://www.hushmail.com/ Hushmail

http://mail.lycos.com/ Lycos Email

http://www.operamail.com/scripts/common/index.main?signin=1&lang=us Opera Web Mail

http://anoniblog.blogharbor.com/blog/_archives/2005/9/8/1208552.html Yahoo! Mail

!!Anoniblogging Guides

http://cyber.law.harvard.edu/dyn/globalvoices/wiki/index.php/AnonBlog Anon Blog Guide (Berkman Center)

http://www.searchlores.org/noanon.htm Anonimity Lores (Searchlores)

http://www.zensur.freerk.com/ Freerk's How to Bypass Internet Censorship

http://www.eff.org/Privacy/Anonymity/blog-anonymously.php How to Blog Safely (EFF)

http://security.ngoinabox.org/ NGO in a Box

http://privateblogging.noreply.org/privateblogging/ Private Blogging Wiki

http://www.ethanzuckerman.com/CN_circumvent_censorship.pdf RSF on Circumvention (Chinese)

http://www.rsf.org/rubrique.php3?id_rubrique=542 RSF's Handbook for Bloggers & Cyber-Dissidents

!!Blog Hosting

http://www.blogharbor.com Blog Harbor

http://www.blogger.com/start Blogger

http://www.blogsome.com/ Blogsome

http://www.livejournal.com/ Livejournal

http://www.seo-blog.org/ Seoblog

http://weblogs.us/ Weblogs.us

!!Circumventors

http://www.anonymizer.com/ Anonymizer

http://www.anonymouse.org Anonymouse

http://www.peacefire.org/circumventor/simple-circumventor-instructions.html Peacefire's Circumventor

!!Proxies

http://www.publicproxyservers.com/index.html Public Proxy Servers

http://tools.rosinstrument.com/proxy/ Rosinstrument

http://www.samair.ru/proxy/ Samair

!!Other Tools

http://adoptablog.irisnetwork.ca/ Adopt a Blog (social hosting)

http://www.gnupg.org/ Gnu PG (encryption)

http://invisiblog.com/ Invisiblog (anonymous web publishing)

http://www.opennetinitiative.net/ Open Net Initiative (filtering information)

http://tor.eff.org/ TOR (onion routing)

http://portal.unesco.org/ci/en/ev.php-URL_ID=21010&URL_DO=DO_TOPIC&URL_SECTION=201.html Unesco's The Net for Journalists (guide to blogging-as-journalism in the developing world)

!!Remailers

https://www.ciphire.com/ Ciphire

http://mixmaster.sourceforge.net/ Mixmaster

http://www.noreply.org/ Noreply.org

http://riot.eu.org/anon/ Riot

reverted ChineseAnonymousBloggingGuide

email@hidden () — Thu, 19 Jan 2006 11:01:47 +0000

!匿名博客写作指导---中国篇

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/chinese+abg+-+final.doc | Chinese Anonymous Blogging Guide%5D here.

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

!!前言

中国目前已经成为世界上互联网最发达的国家之一，现有网民9千4百万，并且这个数字正以每年18%的速度增长。网站、BBS（网上公告板）、即时消息软件、手机和博客（blog, 网络日志）都使中国的人际交流以及中国与世界的沟通更为便捷。

尽管BBS仍然是目前网上最流行的大众言论发表工具，博客却正在迅速成长。当前中国国内撰写博客的网民约有60万之多，并且人数与日俱增。博客的迅速走红有诸多原因。首先，博客能帮助你建立一个读者群体。如果你的博客里有引人入胜的趣事，卓尔不群的观点或独一无二的信息，别人就会成为你的博客网站的忠实读者。

其次，博客使你能够与读者对话。当你在报章杂志或传统的网站上发表文章的时候，信息往往是一种从你到读者的单向流动。然而当有了每篇blog后附加的点评栏以及独特的博客文化，突然间，我们发现自己正身处于信息双向流动的快车道中。人们可以即时地在某篇blog之后对作者的言论作出反应。有时读者们甚至会在他人的blog下就某个话题长篇大论地交流讨论。而在此同时，博客文化也在鼓励博客作者根据读者指出的错误或提供的最新消息及时修改自己的帖子。于是，在博客的撰写过程中，读者的参与程度大大地提高了。

博客广受欢迎的另外一个原因是它的普及性。在被称为“博客圈子”的博客世界里，全球现有1700万个博客站点，并且正以每天4万个新博客的速度增长。就连很多记者都持续跟踪某些博客站点以获取新的素材、信息及寻找各种相关问题的专家。就这样，从家乡父老到全国人民甚至世界各地的网友都可能会读到你的博客。

但令中国的博客们犯愁的是，根据国家法律，他们必须与监管机构进行登记，并且被禁止就某些话题撰写文章，或允许其他网友就此类话题发表评论。然而，有时为正义之事打破禁律却是必需的。

安全地博客之必要性

作为博客，有时我们有自己的理由要讲些他人讳言之事。也许是某个地方官员有贪污腐败行为，也许是某家工厂正在向饮用水源排放污水。也许，我们坚信，为了繁荣昌盛，中国必须朝着一个明确的方向，一个现在还停滞不前的方向前进。换句话说，我们或许会觉得自己有义务，为了明天的强盛，在这一分这一秒讲出事实。

然而出于自私的既得利益或毫无意义的恐惧，某些人将你的博客当作禁忌，并因此企图封杀你甚至恶意地伤害你。本文旨在为各位介绍一些可供使用的工具和方法，使你得以免受某些别有用心之人的追查。

安全地博客就是匿名写作

为避免某些腐败分子或鼠目寸光之人为了封杀你而使你遭受不公正的待遇，你需要以匿名的方式地撰写博客。或许我们并不能说成是“匿名地、安全地撰写博客”而应该说是“更隐秘、更安全地撰写博客”。这样说的原因是基于这样一个重要的事实：只要有足够的人力、财力和决心，任何一个博客的身份都能被发现。

同样的道理，谁也没有无限多的人力、财力等资源。但当你的自我保护工作做得不够的时候，他们确实有足够的能力查出你的身份。因此，有以下几个问题需要你自己来回答：

我所说的事情是否如此不为有权有势者所容以至于他们企图封杀我？

我所说的事情是否如此事关重大以至于引起他们的不满？

如果你对以上问题的回答都是肯定的，那么你也许应该以匿名的方式撰写博客

我需要多大程度的安全性和隐秘性以使自己躲避他们的追查？

无论你如何回答这个问题，确保你所做的总是比现有的实际需要更进一步，因为侵扰和调查的强度可能会瞬间改变。

如果你决定以匿名的方式撰写博客，你需要了解：你的身份可以通过两种主要途径暴露。其一是在你撰写的内容里泄露你的身份。例如，如果你写了：“我是矿产部副部长的首席助理纪检会计师”，很有可能阅读你博客的人会得以查出你是谁。

另一个暴露身份的途径是，某些人也许会从你的网络浏览器或电子邮件软件提供的信息里识别你的身份。每台接入互联网的电脑都拥有，或与其他电脑共享一个称为IP地址的识别码。这是一组由4个数字组成的地址，每个数字的数值在0-255之间，数字之间以点隔开，例如：213.24.124.38。

有的时候，权利机关不需要费太多的功夫就可以从你的帖子追踪到你的电脑。如果你使用家中的电脑上网，并且用拨号的方式接入某个互联网服务提供商（ISP），该ISP将记录你的电脑何时接入，接触、使用了什么信息等资料。所有国内的ISP都被要求记录此类信息。

好在，上网的时候，有许多方法可以用来隐藏你的身份。一条通用的法则就是越高的安全性需要你做越多的工作来隐藏身份。其中某些保护自己身份的策略需要相当程度的专业知识和技术操作。但不用担心，它们都是从最基本、最常识性的方法着手的。

隐藏身份的基本方法

决不使用你的真实姓名。不仅仅在你的blog上，我们指的是在注册和创建博客时你就必须使用笔名。另外，在注册基于网页（在网页上进行操作）的电子邮箱时，也需要使用化名。因为要追踪家用或工作单位的电子邮件账户的信息往来是很容易的事，除非你使用会在后文会详细讨论的邮件转发器；所以我们建议你使用基于网页的电子邮件，这一方法也将在后文详述。

由于在中国国内使用博客主机及电子邮件服务都需要身份证明，而且在使用这类服务时你的IP地址（每台电脑的特有地址）会被记录，甚至于国内的主机还曾经发生过在毫无预告的情况下被完全关闭的事情，因此，使用海外运营商提供的网络服务将是最佳的选择。但你也不能使用那些已经在中国开展业务的外国公司的服务，因为他们会与政府配合协作，在封杀敏感内容方面他们有时比中国的运营商更加眼明手快。所以，你不能使用Yahoo（雅虎）提供的电子邮箱，也不应使用MSN空间作为你的博客主机。

在以匿名的方式撰写博客时有这样一条基本原则，那就是：绝对不要使用任何需要付费或需要经由政府部门注册才能使用的服务，也不要考虑那些必须向政府报告的运营商。当然更加不能在权力机关登记注册。下面列举一些可用的网络服务，请注意其中某些博客主机不支持中文。

基于网页的免费电子邮件服务商：

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

免费博客主机：

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

LiveJournal: http://www.livejournal.com/

SeoBlog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

不要在你的博客里写下任何可能泄露身份的信息。基于上文讨述过的原因，你不能使用别人知道是在指你的绰号。不要使用可能被用来识别你身份的昵称。不要谈论你所居住的街道或社区，你的职业或工作单位，你认识的人的详细信息或你曾去哪里旅行，等等。因为如果你不这么做的话，就会为调查者留下得以查出你真实身份的线索。

当然，这类做法也有缺陷。当你注册使用某个电子邮件或博客账户时，你使用的网页服务器会记录你的IP地址。如果这个IP地址以某种角度指向你，比如说你使用的是家里或工作单位的电脑，你就可能会被发现。

这个问题在许多国家可以通过在网吧上网来解决。诚然，中国也有许许多多的网吧，然而按照规定，每个网吧在允许你使用电脑前都需要你出示有效的身份证件。这一规定的执行是为了了解你在何时使用了哪台电脑，以及在上网时查看了些什么内容。如果某些人有权调阅此类信息，你的身份就会暴露。当然你也可以碰碰运气，也许你并不会被发现。如果找得到的话，你也可以试试在无证经营的网吧上网。

更进一步隐藏自己身份的方法是，你可以在设置电子邮件、博客账户或发表文章时，使用一台多人公用的电脑。你知道在哪里可以找到这样一台你既可以放心使用又不会暴露身份的电脑吗？如果有的话，这也是一个可行的选择。

匿名代理服务器

如果你愿意的话，可以使用一种被称为“代理服务器”的东西，尽管这样做会费些周折。假使你通过代理服务器上网，所到之处将留下代理服务器的IP地址，而不是你自己电脑的地址。

你可以在下面列举的代理服务器中选择一个，或在Google之类的搜索引擎里自行寻找。

Public Proxy Servers: http://www.publicproxyservers.com/index.html

Rosinstrument: http://tools.rosinstrument.com/proxy/

Samair: http://www.samair.ru/proxy/

选好之后，打开你的网络浏览器的“使用偏好”或“选项”栏。通常在诸如“常规”、“网络连接”或“安全”等栏目里，可以找到设置通过代理服务器上网的选项。以下是各种浏览器的设置指南： http://www.freeproxy.ru/en/free_proxy/howuse.htm。

激活“手动配置代理服务器”，输入该服务器的HTTP代理和SSL代理的IP地址并保存设定，然后重启你的浏览器。

由于你向网页服务器调用的页面需要绕道而行，打开网页的速度会变得慢一些。举个例子，假设你正在使用Hushmail，你并不是直接与它连接，而是先连接到代理服务器，再由代理服务器与Hushmail连接。同样的，当Hushmail向你发送页面时，数据会先到达代理服务器，然后你才能收到它。这样做会令你在浏览某些网站时遇到一些问题，特别是那些需要你登录的站点。

代理服务器并不是完美的。中国的互联网监管机构封锁了很多已知的代理服务器。网民们有时换了新代理服务器却发现它们已被政府部门封锁了，而这一怪圈还将继续存在。另一个问题是，那些希望封杀你的人或组织可能会发现你曾经使用过代理服务器。以他们的标准衡量，光这一条就可以被说成是叛国行为。针对这种情况，你可以选用一种“交互”的方法来代替。

“交互”法

由于代理服务器也像其它的网站一样受到同一类法律法规的制约，因此你使用的代理服务器有可能被以法律的名义强制要求披露你的姓名。同时，就像前文提到的，它们经常会被封锁。使用Circumventor是解决这个问题的一条途径。

为了使用这一方法，你需要一个身在海外并可以信赖的朋友。而且这个朋友还需要在他的电脑上安装设置Circumventor。他可以从Peacefire网站下载Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html，然后将其安装在Windows操作系统上。安装过程稍许有些麻烦。首先，他需要在系统里安装Perl语言，再安装OpenSA网页服务器软件，然后才能正式安装Circumventor。

完成这些软件的安装后，你的朋友还得让他的电脑在互联网上一直保持在线状态，这样你就可以把他的电脑作为代理服务器使用，而不必每次使用时都要请他上网。在这些都设置好之后，你就可以通过在你朋友的电脑上以Circumventor建立的代理服务器，在网上浏览网页、发表blog和使用电子邮件了。你甚至还可以在网吧里使用它，因为这个代理服务器并不在国家的过滤名单之上，所以它不太会引起别人的怀疑。

但世上没有完美的东西（惊讶吗？）。上文提到的方法有一个问题：你朋友那台运行Windows操作系统的电脑会经常重启。每一回重启之后，它再次上网时都将被分配到一个新的IP地址。每次遇到这样的情况，你的朋友都需要联络你以告知新的IP地址（也许用手机通话是最佳的联络方式）。每当这样的情况发生因而你们需要联络时，这个代理服务器就有可能被政府部门发现。

另一个交互的可选方案是使用Adopt-a-Blog http://www.adoptablog.org/。这项服务可谓是为被封锁的博客度身定做的。你可以与该网站联络并向其发出一个请求，让某个境外人士在他们自己的服务器上建立一个博客站点。这些为你的博客提供主机的的服务器被封锁的可能性很小，而且即使它今后被封锁了，你的博客也将会被转移到另一台服务器上去。

如果你认识身在海外并且值得信赖的朋友，另一个方案就是让他为你建立一个博客站点，然后你可以使用代理服务器在这个博客上发帖，或者通过基于网页的电子邮件、加密电子邮件或者使用邮件转发器（详见下文），将你的文章发给你的朋友并请他们代为发帖。国内的电子邮件有时会遭到审查，但对于互联网骨干网层面上的大量邮件往来都进行审查是不可能的。大多数情况下审查只是由电子邮件服务提供商对邮件进行过滤。

Tor洋葱路由

Tor是一种将代理服务器概念的复杂程度提升到一个新境界的“洋葱路由”系统。每个从洋葱路由网络发出的网络请求将通过2至20台电脑转发，使追踪网络请求原始出处的工作变得困难重重。洋葱路由链上的每一步都是加密的，这使得政府部门追踪文章来源的工作更为难上加难。此外，每台路由链上的电脑只认识其隔壁的邻居。换言之，路由器B知道它从路由器A收到一个调用网页的请求，而且路由器B需要把这个请求发送给路由器C。但这个请求本身是加密了的，即路由器B实际上并不知道所请求的网页是什么或到底是哪台路由器最先发出对网页服务器的请求。

虽然这一技术非常复杂，但是安装Tor http://tor.eff.org/cvs/tor/doc/tor-doc-win32.html 的过程却异常简单。你只要先下载Tor的安装文件，把它装进你的系统，然后再下载并安装一个与Tor协同工作的代理服务器软件——Privoxy，就万事俱备了。

使用Tor系统会使你有时看起来像是在使用一台位于哈佛大学的电脑，而有时又像是在德国上网，你的所在看上去随着你每次不同时间的刷新或登录而瞬息万变。Tor在每次发出网络请求时不断改变你的IP地址，以此保护你的身份不被泄露。

这一方法也会有几个意想不到的结果。当你通过Tor使用Google进行搜索时，Google可能会变更你的默认使用语言。某一次搜索的结果也许会是英语的；另一次可能就是日语、德语、丹麦语或荷兰语的，短短几分钟里可能会千差万别。某些网站，例如Wikipedia（维基百科）,可能会禁止来自Tor系统的连接。有时你浏览网站的速度也会有一定幅度的降低。另外，你肯定得使用你家里的电脑因为你不能在一台公用的电脑上安装Tor。尽管如此，对于Tor系统来说，更多的不安还是来自于它多发的故障：它有时可能会罢工。你的ISP也可能会禁用某些Tor路由器。

以下是几个中文版Tor指南的连接: http://del.icio.us/tag/%E5%8C%BF%E5%90%8D%E6%B5%8F%E8%A7%88 和 http://zh.wikipedia.org/wiki/Wikipedia:%E7%8B%80%E6%B3%81%E5%9B%9E%E5%A0%B1

TORPARK

Tor的安装对于电脑技术不精的用户来说仍然稍嫌困难。尽管它比大多数匿名技术简单得多，但仍有些窍门不易掌握。此外，如果你在网吧上网，你得以在网吧的电脑上安装Tor的可能性也不太大。

好在还有一个替代的方法。在一个新近推出的名为Torpark http://torpark.nfshost.com/的工具软件里，编写它的程序员们将一个最新的Alpha测试版Firefox Deer Park浏览器 http://www.mozilla.org/projects/firefox/和Tor以及一套安装文件整合在了一起，制作出一个容量约为20MB的软件包，使其可以放进一个USB闪盘 http://en.wikipedia.org/wiki/Keydrive 里。

在将你的USB闪盘插进使用Windows 2000或者XP的电脑并运行Torpark程序后，系统会打开一个匿名的浏览器窗口，使你在浏览网页时留下极少踪迹甚至根本无迹可循。

在使用Torpark时，你只要点一下鼠标就可以打开一个脚本程序、一个DOS窗口和一个浏览器程序，然后该浏览器就可以通过Tor浏览网页了。在拔出USB闪盘后系统里那些显而易见的历史纪录将被删除。以这种方法浏览网页时，速度会有些慢，但还令人满意，感觉与通过Tor浏览网页一样。

这个方法也有些问题：那些大量使用样式表的网页很可能会变得很难看，因为某些图形或其它类型的文件会装载失败。某些图片会显得支离破碎。但大多数时候，你可以正常地浏览网页。

有3个难题可能会妨碍某些用户将Torpark作为他们的首选浏览工具：

第一，并不是所有人都有USB闪盘。对某些人来说，以一个合理的价格购买到闪盘也许会比较困难。有些地方可能根本买不到闪盘或者其价位令许多人觉得高不可攀。

第二，很多网吧不允许你在他们的电脑上使用USB闪盘。由于在国内的网吧上网时，你在网上的一举一动都几乎肯定被纪录在案，因此在网吧使用TorPark的可能性将成倍地降低，更不用说这样做本来就不够理智。

第三，Tor用来传送和隐藏数据包的服务器都在一个名单上列明，这类服务器的数量并不多而且名单对外公开。在任何一个使用网络防火墙的国家，比如中国，我们可以合情合理地推测那些网管们将会封锁与名单上的服务器http://proxy.org/tor.shtml之间的通讯，并且会在任何新的服务器被添加进来时立即将他们列入黑名单。

中文版的Torpark可以在 http://torpark.nfshost.com/ 下载，另外还包括英语、法语、斯洛文尼亚语、俄语、朝鲜语、希伯来语、波兰语、土耳其语及许多其它语言版本。

TOUCHNET BROWSER

Touchnet Browser（触网浏览器）是一款支持多标签浏览的 http://zh.wikipedia.org/wiki/%E7%BD%91%E9%A1%B5%E6%B5%8F%E8%A7%88%E5%99%A8%E5%88%97%E8%A1%A8 o 网页浏览器列表" 网页浏览器，是一款 http://zh.wikipedia.org/w/index.php?title=%E5%85%B1%E4%BA%AB%E8%BD%AF%E4%BB%B6&action=edit" \o "共享软件" 共享软件。由于使用了 http://zh.wikipedia.org/wiki/Internet_Explorer \o "Internet Explorer" Internet Explorer的内核，其界面与Internet Explorer类似，因此使用IE浏览器的用户能够较快熟悉操作。它的主要功能有自动更换 http://zh.wikipedia.org/wiki/%E4%BB%A3%E7%90%86%E6%9C%8D%E5%8A%A1%E5%99%A8 \o "代理服务器" 代理服务器，在线更新代理服务器列表；Ping http://zh.wikipedia.org/wiki/%E7%BD%91%E7%AB%99 \o "网站" 网站， http://zh.wikipedia.org/wiki/%E5%85%8B%E9%9A%86 \o "克隆" 克隆 http://zh.wikipedia.org/wiki/%E7%BD%91%E9%A1%B5 \o "网页" 网页；多 http://zh.wikipedia.org/wiki/%E8%AF%AD%E8%A8%80 \o "语言" 语言互译；语音朗读；查找 http://zh.wikipedia.org/wiki/%E5%9F%9F%E5%90%8D \o "域名" 域名注册信息，站点信息，缓存页等。虽然不少功能通过第三方工具同样能实现，但是Touchnet Browswer基本都可以通过菜单或按钮直接使用，因此相对方便。

Mixmaster, Invisiblog及GPG

除了以上介绍的方法之外，现在还有很多其它无须借助代理服务器的方法可供选择。Invisiblog（隐形博客） http://www.invisiblog.com/就是其中之一。当你使用Invisiblog时，与其它大多数博客服务器通过网页发帖不同，它是通过MixMaster邮件转发系统，在加密签名后，以一种特殊格式的电子邮件形式发帖的。

这个方法看起来有点复杂，实际情况也的确如此。这里介绍一下它的使用方法。首先，到GPG网站http://www.gnupg.org创建一个“公共密钥加密系统”（公共密钥加密技术能够确保只有正确的收件人才能阅读你发出的邮件。这项技术还允许使用者对文件进行数字“签名”，这个签名几乎不可能伪造）。

接着，你需要安装Mixmaster http://mixmaster.sourceforge.net/邮件发送系统，该系统是专为隐藏电子邮件的发件人而设计的。Mixmaster借助一系列匿名邮件转发器（一种计算机程序，用来隐去电子邮件中所有的身份信息并将邮件送达目的地）以极高的隐秘性发送电子邮件。在使用2到20个邮件转发器后，即便一个或多个转发器被他人侵入，因而记录下发件人的信息，电子邮件仍将很难被追踪。

然而麻烦的是，你在安装Mixmaster之前还得先编译它的源代码，这项工作需要用到大量的技术知识。

在设置好之后，你就可以使用Mixmaster向Invisiblog发送一封邮件，并且在这个邮件中写上你的公共密钥。Invisiblog会以这个密钥为你创建一个新的博客站点，并用一个类似于 http://invisiblog.com/ac4589d7001ac238 的名字命名（斜杠后的字符串为你的GPG密钥的最后16位）。在你的Invisiblog建立好之后，你就能以先用公共密钥对你的文本邮件签名，再通过Mixmaster发送的方式发帖了。

Mixmaster转发器所使用的“歪打正着”的邮件发送方法意味着你发送的邮件可能需要2小时到2天左右的才能送达服务器。所以你在查看你的博客时必须尽量小心。如果你过于频繁地查看你的博客，你的IP地址就会经常出现在Invisiblog的记录里，显得这一IP地址之后的你很有可能就是某个博客的作者。当然，Invisiblog的主人根本不知道你是谁，这一点你大可放心。

Invisiblog系统的主要问题是它的使用方法对于大多数人来说太困难了。他们觉得光是安装设置GPG就是个挑战并且很难搞懂公共密钥、私人密钥这些复杂的概念。为了帮助那些技术不精的用户，还有人设计了一些使用较为简便的工具用来撰写和发送加密邮件，比如Ciphire https://www.ciphire.com/，但这类工具对某些人来说还是太难用了。另一个令广大中国博客感到为难的地方在于，一旦权力机关没收你的电脑并发现了你的私人密钥，这个密钥本身就会令他们觉得非常可疑，而且它还可能被用来作为证据以证明你是某个博客站点的作者。在国内，监管机构本来就不鼓励使用加密技术，如果你发送的邮件都用类似Mixmaster这样的工具进行极复杂的加密，你将增加自己的风险因为这样做会引起互联望监管机构对你的注意。

结语

你所言之事是否如此关系重大而需要大声疾呼？这个问题将由你回答。如果你的答案是肯定的，并且你的正义言论会引起强权人物的不快并企图封杀你时，撇开你个人的安全和自由不说，你也必须为了中国，为了世界而采取行动，来确保你的言论能够一以贯之地为世人所闻。因此，你必须决定到底使用上文所提的哪种或几种方法才能够保证你不被暴露。

我们的介绍已经囊括了最基本的匿名方法，诸如以匿名的方式撰写博客和基于网页的电子邮件；通过代理服务器上网；交互法，如：使用Circumventor代理，Adopt-a-Blog以及在他人的协助下写作博客；Tor服务器提供的洋葱路由服务；最后还有非常复杂的用电子邮件发帖的博客系统，如Invisiblog。

在以上提到的方法里，没有任何一种或几种的组合能做到万无一失。你仍然有可能被那些讨厌你的腐败分子或鼠目寸光之人发现，并遭到封杀。因此，你必须万事小心谨慎。你是博客圈子的同道中人，全世界的人民都站在你这一边，所以，最最重要的是，我们希望你在任何时候都能保持安全和自由

请把这篇文章转发给你认为会从中获益的朋友。也欢迎你在其中加入你自己的想法，经历和成败教训—当然我们也要求你在为本文增色时不忘警告读者们仗义直言的危险性，以及各种匿名技术、工具和操作方法在现有条件下的优势和劣势。也许你有我们不知道的信息，也许你知晓其它我们不曾提到的方法，让我们互通有无，共同进步吧。

本文以“创作共享理念授权同意书”的授权形式发表。换言之，你可以任意对本文进行修改：添加或删减某些内容，重新排版或进行其它任何使本文对广大博客更有帮助的修改。请将你添加的内容或修改部分的副本寄给我们，这样我们就可以将你的作品整合在在本文今后的修订版中。另外，如果你希望在我们的后续的版本中读到有关某个方面的信息，请告诉我们。我们的电子邮件地址是： anoniblog@hushmail.com。

法律声明

我们不保证本文所涉及信息的正确性。读者将对应用本文带来的任何风险负完全责任。

!匿名博客写作指导---中国篇

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/chinese+abg+-+final.doc | Chinese Anonymous Blogging Guide%5D here.

!!前言

中国目前已经成为世界上互联网最发达的国家之一，现有网民9千4百万，并且这个数字正以每年18%的速度增长。网站、BBS（网上公告板）、即时消息软件、手机和博客（blog, 网络日志）都使中国的人际交流以及中国与世界的沟通更为便捷。

尽管BBS仍然是目前网上最流行的大众言论发表工具，博客却正在迅速成长。当前中国国内撰写博客的网民约有60万之多，并且人数与日俱增。博客的迅速走红有诸多原因。首先，博客能帮助你建立一个读者群体。如果你的博客里有引人入胜的趣事，卓尔不群的观点或独一无二的信息，别人就会成为你的博客网站的忠实读者。

其次，博客使你能够与读者对话。当你在报章杂志或传统的网站上发表文章的时候，信息往往是一种从你到读者的单向流动。然而当有了每篇blog后附加的点评栏以及独特的博客文化，突然间，我们发现自己正身处于信息双向流动的快车道中。人们可以即时地在某篇blog之后对作者的言论作出反应。有时读者们甚至会在他人的blog下就某个话题长篇大论地交流讨论。而在此同时，博客文化也在鼓励博客作者根据读者指出的错误或提供的最新消息及时修改自己的帖子。于是，在博客的撰写过程中，读者的参与程度大大地提高了。

博客广受欢迎的另外一个原因是它的普及性。在被称为“博客圈子”的博客世界里，全球现有1700万个博客站点，并且正以每天4万个新博客的速度增长。就连很多记者都持续跟踪某些博客站点以获取新的素材、信息及寻找各种相关问题的专家。就这样，从家乡父老到全国人民甚至世界各地的网友都可能会读到你的博客。

但令中国的博客们犯愁的是，根据国家法律，他们必须与监管机构进行登记，并且被禁止就某些话题撰写文章，或允许其他网友就此类话题发表评论。然而，有时为正义之事打破禁律却是必需的。

安全地博客之必要性

作为博客，有时我们有自己的理由要讲些他人讳言之事。也许是某个地方官员有贪污腐败行为，也许是某家工厂正在向饮用水源排放污水。也许，我们坚信，为了繁荣昌盛，中国必须朝着一个明确的方向，一个现在还停滞不前的方向前进。换句话说，我们或许会觉得自己有义务，为了明天的强盛，在这一分这一秒讲出事实。

然而出于自私的既得利益或毫无意义的恐惧，某些人将你的博客当作禁忌，并因此企图封杀你甚至恶意地伤害你。本文旨在为各位介绍一些可供使用的工具和方法，使你得以免受某些别有用心之人的追查。

安全地博客就是匿名写作

为避免某些腐败分子或鼠目寸光之人为了封杀你而使你遭受不公正的待遇，你需要以匿名的方式地撰写博客。或许我们并不能说成是“匿名地、安全地撰写博客”而应该说是“更隐秘、更安全地撰写博客”。这样说的原因是基于这样一个重要的事实：只要有足够的人力、财力和决心，任何一个博客的身份都能被发现。

同样的道理，谁也没有无限多的人力、财力等资源。但当你的自我保护工作做得不够的时候，他们确实有足够的能力查出你的身份。因此，有以下几个问题需要你自己来回答：

我所说的事情是否如此不为有权有势者所容以至于他们企图封杀我？

我所说的事情是否如此事关重大以至于引起他们的不满？

如果你对以上问题的回答都是肯定的，那么你也许应该以匿名的方式撰写博客

我需要多大程度的安全性和隐秘性以使自己躲避他们的追查？

无论你如何回答这个问题，确保你所做的总是比现有的实际需要更进一步，因为侵扰和调查的强度可能会瞬间改变。

如果你决定以匿名的方式撰写博客，你需要了解：你的身份可以通过两种主要途径暴露。其一是在你撰写的内容里泄露你的身份。例如，如果你写了：“我是矿产部副部长的首席助理纪检会计师”，很有可能阅读你博客的人会得以查出你是谁。

另一个暴露身份的途径是，某些人也许会从你的网络浏览器或电子邮件软件提供的信息里识别你的身份。每台接入互联网的电脑都拥有，或与其他电脑共享一个称为IP地址的识别码。这是一组由4个数字组成的地址，每个数字的数值在0-255之间，数字之间以点隔开，例如：213.24.124.38。

有的时候，权利机关不需要费太多的功夫就可以从你的帖子追踪到你的电脑。如果你使用家中的电脑上网，并且用拨号的方式接入某个互联网服务提供商（ISP），该ISP将记录你的电脑何时接入，接触、使用了什么信息等资料。所有国内的ISP都被要求记录此类信息。

好在，上网的时候，有许多方法可以用来隐藏你的身份。一条通用的法则就是越高的安全性需要你做越多的工作来隐藏身份。其中某些保护自己身份的策略需要相当程度的专业知识和技术操作。但不用担心，它们都是从最基本、最常识性的方法着手的。

隐藏身份的基本方法

决不使用你的真实姓名。不仅仅在你的blog上，我们指的是在注册和创建博客时你就必须使用笔名。另外，在注册基于网页（在网页上进行操作）的电子邮箱时，也需要使用化名。因为要追踪家用或工作单位的电子邮件账户的信息往来是很容易的事，除非你使用会在后文会详细讨论的邮件转发器；所以我们建议你使用基于网页的电子邮件，这一方法也将在后文详述。

由于在中国国内使用博客主机及电子邮件服务都需要身份证明，而且在使用这类服务时你的IP地址（每台电脑的特有地址）会被记录，甚至于国内的主机还曾经发生过在毫无预告的情况下被完全关闭的事情，因此，使用海外运营商提供的网络服务将是最佳的选择。但你也不能使用那些已经在中国开展业务的外国公司的服务，因为他们会与政府配合协作，在封杀敏感内容方面他们有时比中国的运营商更加眼明手快。所以，你不能使用Yahoo（雅虎）提供的电子邮箱，也不应使用MSN空间作为你的博客主机。

在以匿名的方式撰写博客时有这样一条基本原则，那就是：绝对不要使用任何需要付费或需要经由政府部门注册才能使用的服务，也不要考虑那些必须向政府报告的运营商。当然更加不能在权力机关登记注册。下面列举一些可用的网络服务，请注意其中某些博客主机不支持中文。

基于网页的免费电子邮件服务商：

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

免费博客主机：

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

LiveJournal: http://www.livejournal.com/

SeoBlog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

不要在你的博客里写下任何可能泄露身份的信息。基于上文讨述过的原因，你不能使用别人知道是在指你的绰号。不要使用可能被用来识别你身份的昵称。不要谈论你所居住的街道或社区，你的职业或工作单位，你认识的人的详细信息或你曾去哪里旅行，等等。因为如果你不这么做的话，就会为调查者留下得以查出你真实身份的线索。

当然，这类做法也有缺陷。当你注册使用某个电子邮件或博客账户时，你使用的网页服务器会记录你的IP地址。如果这个IP地址以某种角度指向你，比如说你使用的是家里或工作单位的电脑，你就可能会被发现。

这个问题在许多国家可以通过在网吧上网来解决。诚然，中国也有许许多多的网吧，然而按照规定，每个网吧在允许你使用电脑前都需要你出示有效的身份证件。这一规定的执行是为了了解你在何时使用了哪台电脑，以及在上网时查看了些什么内容。如果某些人有权调阅此类信息，你的身份就会暴露。当然你也可以碰碰运气，也许你并不会被发现。如果找得到的话，你也可以试试在无证经营的网吧上网。

更进一步隐藏自己身份的方法是，你可以在设置电子邮件、博客账户或发表文章时，使用一台多人公用的电脑。你知道在哪里可以找到这样一台你既可以放心使用又不会暴露身份的电脑吗？如果有的话，这也是一个可行的选择。

匿名代理服务器

如果你愿意的话，可以使用一种被称为“代理服务器”的东西，尽管这样做会费些周折。假使你通过代理服务器上网，所到之处将留下代理服务器的IP地址，而不是你自己电脑的地址。

你可以在下面列举的代理服务器中选择一个，或在Google之类的搜索引擎里自行寻找。

Public Proxy Servers: http://www.publicproxyservers.com/index.html

Rosinstrument: http://tools.rosinstrument.com/proxy/

Samair: http://www.samair.ru/proxy/

选好之后，打开你的网络浏览器的“使用偏好”或“选项”栏。通常在诸如“常规”、“网络连接”或“安全”等栏目里，可以找到设置通过代理服务器上网的选项。以下是各种浏览器的设置指南： http://www.freeproxy.ru/en/free_proxy/howuse.htm。

激活“手动配置代理服务器”，输入该服务器的HTTP代理和SSL代理的IP地址并保存设定，然后重启你的浏览器。

由于你向网页服务器调用的页面需要绕道而行，打开网页的速度会变得慢一些。举个例子，假设你正在使用Hushmail，你并不是直接与它连接，而是先连接到代理服务器，再由代理服务器与Hushmail连接。同样的，当Hushmail向你发送页面时，数据会先到达代理服务器，然后你才能收到它。这样做会令你在浏览某些网站时遇到一些问题，特别是那些需要你登录的站点。

代理服务器并不是完美的。中国的互联网监管机构封锁了很多已知的代理服务器。网民们有时换了新代理服务器却发现它们已被政府部门封锁了，而这一怪圈还将继续存在。另一个问题是，那些希望封杀你的人或组织可能会发现你曾经使用过代理服务器。以他们的标准衡量，光这一条就可以被说成是叛国行为。针对这种情况，你可以选用一种“交互”的方法来代替。

“交互”法

由于代理服务器也像其它的网站一样受到同一类法律法规的制约，因此你使用的代理服务器有可能被以法律的名义强制要求披露你的姓名。同时，就像前文提到的，它们经常会被封锁。使用Circumventor是解决这个问题的一条途径。

为了使用这一方法，你需要一个身在海外并可以信赖的朋友。而且这个朋友还需要在他的电脑上安装设置Circumventor。他可以从Peacefire网站下载Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html，然后将其安装在Windows操作系统上。安装过程稍许有些麻烦。首先，他需要在系统里安装Perl语言，再安装OpenSA网页服务器软件，然后才能正式安装Circumventor。

完成这些软件的安装后，你的朋友还得让他的电脑在互联网上一直保持在线状态，这样你就可以把他的电脑作为代理服务器使用，而不必每次使用时都要请他上网。在这些都设置好之后，你就可以通过在你朋友的电脑上以Circumventor建立的代理服务器，在网上浏览网页、发表blog和使用电子邮件了。你甚至还可以在网吧里使用它，因为这个代理服务器并不在国家的过滤名单之上，所以它不太会引起别人的怀疑。

但世上没有完美的东西（惊讶吗？）。上文提到的方法有一个问题：你朋友那台运行Windows操作系统的电脑会经常重启。每一回重启之后，它再次上网时都将被分配到一个新的IP地址。每次遇到这样的情况，你的朋友都需要联络你以告知新的IP地址（也许用手机通话是最佳的联络方式）。每当这样的情况发生因而你们需要联络时，这个代理服务器就有可能被政府部门发现。

另一个交互的可选方案是使用Adopt-a-Blog http://www.adoptablog.org/。这项服务可谓是为被封锁的博客度身定做的。你可以与该网站联络并向其发出一个请求，让某个境外人士在他们自己的服务器上建立一个博客站点。这些为你的博客提供主机的的服务器被封锁的可能性很小，而且即使它今后被封锁了，你的博客也将会被转移到另一台服务器上去。

如果你认识身在海外并且值得信赖的朋友，另一个方案就是让他为你建立一个博客站点，然后你可以使用代理服务器在这个博客上发帖，或者通过基于网页的电子邮件、加密电子邮件或者使用邮件转发器（详见下文），将你的文章发给你的朋友并请他们代为发帖。国内的电子邮件有时会遭到审查，但对于互联网骨干网层面上的大量邮件往来都进行审查是不可能的。大多数情况下审查只是由电子邮件服务提供商对邮件进行过滤。

Tor洋葱路由

Tor是一种将代理服务器概念的复杂程度提升到一个新境界的“洋葱路由”系统。每个从洋葱路由网络发出的网络请求将通过2至20台电脑转发，使追踪网络请求原始出处的工作变得困难重重。洋葱路由链上的每一步都是加密的，这使得政府部门追踪文章来源的工作更为难上加难。此外，每台路由链上的电脑只认识其隔壁的邻居。换言之，路由器B知道它从路由器A收到一个调用网页的请求，而且路由器B需要把这个请求发送给路由器C。但这个请求本身是加密了的，即路由器B实际上并不知道所请求的网页是什么或到底是哪台路由器最先发出对网页服务器的请求。

虽然这一技术非常复杂，但是安装Tor http://tor.eff.org/cvs/tor/doc/tor-doc-win32.html 的过程却异常简单。你只要先下载Tor的安装文件，把它装进你的系统，然后再下载并安装一个与Tor协同工作的代理服务器软件——Privoxy，就万事俱备了。

使用Tor系统会使你有时看起来像是在使用一台位于哈佛大学的电脑，而有时又像是在德国上网，你的所在看上去随着你每次不同时间的刷新或登录而瞬息万变。Tor在每次发出网络请求时不断改变你的IP地址，以此保护你的身份不被泄露。

这一方法也会有几个意想不到的结果。当你通过Tor使用Google进行搜索时，Google可能会变更你的默认使用语言。某一次搜索的结果也许会是英语的；另一次可能就是日语、德语、丹麦语或荷兰语的，短短几分钟里可能会千差万别。某些网站，例如Wikipedia（维基百科）,可能会禁止来自Tor系统的连接。有时你浏览网站的速度也会有一定幅度的降低。另外，你肯定得使用你家里的电脑因为你不能在一台公用的电脑上安装Tor。尽管如此，对于Tor系统来说，更多的不安还是来自于它多发的故障：它有时可能会罢工。你的ISP也可能会禁用某些Tor路由器。

以下是几个中文版Tor指南的连接: http://del.icio.us/tag/%E5%8C%BF%E5%90%8D%E6%B5%8F%E8%A7%88 和 http://zh.wikipedia.org/wiki/Wikipedia:%E7%8B%80%E6%B3%81%E5%9B%9E%E5%A0%B1

TORPARK

Tor的安装对于电脑技术不精的用户来说仍然稍嫌困难。尽管它比大多数匿名技术简单得多，但仍有些窍门不易掌握。此外，如果你在网吧上网，你得以在网吧的电脑上安装Tor的可能性也不太大。

好在还有一个替代的方法。在一个新近推出的名为Torpark http://torpark.nfshost.com/的工具软件里，编写它的程序员们将一个最新的Alpha测试版Firefox Deer Park浏览器 http://www.mozilla.org/projects/firefox/和Tor以及一套安装文件整合在了一起，制作出一个容量约为20MB的软件包，使其可以放进一个USB闪盘 http://en.wikipedia.org/wiki/Keydrive 里。

在将你的USB闪盘插进使用Windows 2000或者XP的电脑并运行Torpark程序后，系统会打开一个匿名的浏览器窗口，使你在浏览网页时留下极少踪迹甚至根本无迹可循。

在使用Torpark时，你只要点一下鼠标就可以打开一个脚本程序、一个DOS窗口和一个浏览器程序，然后该浏览器就可以通过Tor浏览网页了。在拔出USB闪盘后系统里那些显而易见的历史纪录将被删除。以这种方法浏览网页时，速度会有些慢，但还令人满意，感觉与通过Tor浏览网页一样。

这个方法也有些问题：那些大量使用样式表的网页很可能会变得很难看，因为某些图形或其它类型的文件会装载失败。某些图片会显得支离破碎。但大多数时候，你可以正常地浏览网页。

有3个难题可能会妨碍某些用户将Torpark作为他们的首选浏览工具：

第一，并不是所有人都有USB闪盘。对某些人来说，以一个合理的价格购买到闪盘也许会比较困难。有些地方可能根本买不到闪盘或者其价位令许多人觉得高不可攀。

第二，很多网吧不允许你在他们的电脑上使用USB闪盘。由于在国内的网吧上网时，你在网上的一举一动都几乎肯定被纪录在案，因此在网吧使用TorPark的可能性将成倍地降低，更不用说这样做本来就不够理智。

第三，Tor用来传送和隐藏数据包的服务器都在一个名单上列明，这类服务器的数量并不多而且名单对外公开。在任何一个使用网络防火墙的国家，比如中国，我们可以合情合理地推测那些网管们将会封锁与名单上的服务器http://proxy.org/tor.shtml之间的通讯，并且会在任何新的服务器被添加进来时立即将他们列入黑名单。

中文版的Torpark可以在 http://torpark.nfshost.com/ 下载，另外还包括英语、法语、斯洛文尼亚语、俄语、朝鲜语、希伯来语、波兰语、土耳其语及许多其它语言版本。

TOUCHNET BROWSER

Touchnet Browser（触网浏览器）是一款支持多标签浏览的 http://zh.wikipedia.org/wiki/%E7%BD%91%E9%A1%B5%E6%B5%8F%E8%A7%88%E5%99%A8%E5%88%97%E8%A1%A8 o 网页浏览器列表" 网页浏览器，是一款 http://zh.wikipedia.org/w/index.php?title=%E5%85%B1%E4%BA%AB%E8%BD%AF%E4%BB%B6&action=edit" \o "共享软件" 共享软件。由于使用了 http://zh.wikipedia.org/wiki/Internet_Explorer \o "Internet Explorer" Internet Explorer的内核，其界面与Internet Explorer类似，因此使用IE浏览器的用户能够较快熟悉操作。它的主要功能有自动更换 http://zh.wikipedia.org/wiki/%E4%BB%A3%E7%90%86%E6%9C%8D%E5%8A%A1%E5%99%A8 \o "代理服务器" 代理服务器，在线更新代理服务器列表；Ping http://zh.wikipedia.org/wiki/%E7%BD%91%E7%AB%99 \o "网站" 网站， http://zh.wikipedia.org/wiki/%E5%85%8B%E9%9A%86 \o "克隆" 克隆 http://zh.wikipedia.org/wiki/%E7%BD%91%E9%A1%B5 \o "网页" 网页；多 http://zh.wikipedia.org/wiki/%E8%AF%AD%E8%A8%80 \o "语言" 语言互译；语音朗读；查找 http://zh.wikipedia.org/wiki/%E5%9F%9F%E5%90%8D \o "域名" 域名注册信息，站点信息，缓存页等。虽然不少功能通过第三方工具同样能实现，但是Touchnet Browswer基本都可以通过菜单或按钮直接使用，因此相对方便。

Mixmaster, Invisiblog及GPG

除了以上介绍的方法之外，现在还有很多其它无须借助代理服务器的方法可供选择。Invisiblog（隐形博客） http://www.invisiblog.com/就是其中之一。当你使用Invisiblog时，与其它大多数博客服务器通过网页发帖不同，它是通过MixMaster邮件转发系统，在加密签名后，以一种特殊格式的电子邮件形式发帖的。

这个方法看起来有点复杂，实际情况也的确如此。这里介绍一下它的使用方法。首先，到GPG网站http://www.gnupg.org创建一个“公共密钥加密系统”（公共密钥加密技术能够确保只有正确的收件人才能阅读你发出的邮件。这项技术还允许使用者对文件进行数字“签名”，这个签名几乎不可能伪造）。

接着，你需要安装Mixmaster http://mixmaster.sourceforge.net/邮件发送系统，该系统是专为隐藏电子邮件的发件人而设计的。Mixmaster借助一系列匿名邮件转发器（一种计算机程序，用来隐去电子邮件中所有的身份信息并将邮件送达目的地）以极高的隐秘性发送电子邮件。在使用2到20个邮件转发器后，即便一个或多个转发器被他人侵入，因而记录下发件人的信息，电子邮件仍将很难被追踪。

然而麻烦的是，你在安装Mixmaster之前还得先编译它的源代码，这项工作需要用到大量的技术知识。

在设置好之后，你就可以使用Mixmaster向Invisiblog发送一封邮件，并且在这个邮件中写上你的公共密钥。Invisiblog会以这个密钥为你创建一个新的博客站点，并用一个类似于 http://invisiblog.com/ac4589d7001ac238 的名字命名（斜杠后的字符串为你的GPG密钥的最后16位）。在你的Invisiblog建立好之后，你就能以先用公共密钥对你的文本邮件签名，再通过Mixmaster发送的方式发帖了。

Mixmaster转发器所使用的“歪打正着”的邮件发送方法意味着你发送的邮件可能需要2小时到2天左右的才能送达服务器。所以你在查看你的博客时必须尽量小心。如果你过于频繁地查看你的博客，你的IP地址就会经常出现在Invisiblog的记录里，显得这一IP地址之后的你很有可能就是某个博客的作者。当然，Invisiblog的主人根本不知道你是谁，这一点你大可放心。

Invisiblog系统的主要问题是它的使用方法对于大多数人来说太困难了。他们觉得光是安装设置GPG就是个挑战并且很难搞懂公共密钥、私人密钥这些复杂的概念。为了帮助那些技术不精的用户，还有人设计了一些使用较为简便的工具用来撰写和发送加密邮件，比如Ciphire https://www.ciphire.com/，但这类工具对某些人来说还是太难用了。另一个令广大中国博客感到为难的地方在于，一旦权力机关没收你的电脑并发现了你的私人密钥，这个密钥本身就会令他们觉得非常可疑，而且它还可能被用来作为证据以证明你是某个博客站点的作者。在国内，监管机构本来就不鼓励使用加密技术，如果你发送的邮件都用类似Mixmaster这样的工具进行极复杂的加密，你将增加自己的风险因为这样做会引起互联望监管机构对你的注意。

结语

你所言之事是否如此关系重大而需要大声疾呼？这个问题将由你回答。如果你的答案是肯定的，并且你的正义言论会引起强权人物的不快并企图封杀你时，撇开你个人的安全和自由不说，你也必须为了中国，为了世界而采取行动，来确保你的言论能够一以贯之地为世人所闻。因此，你必须决定到底使用上文所提的哪种或几种方法才能够保证你不被暴露。

我们的介绍已经囊括了最基本的匿名方法，诸如以匿名的方式撰写博客和基于网页的电子邮件；通过代理服务器上网；交互法，如：使用Circumventor代理，Adopt-a-Blog以及在他人的协助下写作博客；Tor服务器提供的洋葱路由服务；最后还有非常复杂的用电子邮件发帖的博客系统，如Invisiblog。

在以上提到的方法里，没有任何一种或几种的组合能做到万无一失。你仍然有可能被那些讨厌你的腐败分子或鼠目寸光之人发现，并遭到封杀。因此，你必须万事小心谨慎。你是博客圈子的同道中人，全世界的人民都站在你这一边，所以，最最重要的是，我们希望你在任何时候都能保持安全和自由

请把这篇文章转发给你认为会从中获益的朋友。也欢迎你在其中加入你自己的想法，经历和成败教训—当然我们也要求你在为本文增色时不忘警告读者们仗义直言的危险性，以及各种匿名技术、工具和操作方法在现有条件下的优势和劣势。也许你有我们不知道的信息，也许你知晓其它我们不曾提到的方法，让我们互通有无，共同进步吧。

本文以“创作共享理念授权同意书”的授权形式发表。换言之，你可以任意对本文进行修改：添加或删减某些内容，重新排版或进行其它任何使本文对广大博客更有帮助的修改。请将你添加的内容或修改部分的副本寄给我们，这样我们就可以将你的作品整合在在本文今后的修订版中。另外，如果你希望在我们的后续的版本中读到有关某个方面的信息，请告诉我们。我们的电子邮件地址是： anoniblog@hushmail.com。

法律声明

我们不保证本文所涉及信息的正确性。读者将对应用本文带来的任何风险负完全责任。

本文是以Creative Commons “署名-非商业性使用-相同方式分享2.5” 版的授权形式发表。如需查看该授权文本，请访问 http://creativecommons.org/licenses/by-nc-sa/2.5/或写信给Creative Commons, 地址：543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

reverted AnoniHelpPage

email@hidden () — Thu, 19 Jan 2006 11:01:15 +0000

Wikis are easy to use as group help desks. If you have any issues you'd like help with, log in to edit this page and post your question below. If you are able to answer any questions here, please log in and do so. As a self-supporting resource, over time this wiki will need to find its answers from its own community of users.

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

Wikis are easy to use as group help desks. If you have any issues you'd like help with, log in to edit this page and post your question below. If you are able to answer any questions here, please log in and do so. As a self-supporting resource, over time this wiki will need to find its answers from its own community of users.

Questions:

reverted AnonymousBloggingApologia

email@hidden () — Thu, 19 Jan 2006 11:00:52 +0000

!Anonymous Blogging Apologia

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

There has been a great deal of discussion regarding anonymous blogging in the blogosphere. Those who decry it do so they say because of the unreliability of anonymous writing. How can we trust the information if we don't know its source? What if the source itself has an unpleasant agenda. These are good points. But in the reality of a world in which critics of certain regimes get interrogated, fired from their jobs, tortured, expelled and sentenced to long prison terms for dissent, it is an uncertainty we have to live with.

Anyone who wishes to take a public stand is welcome to do so. If you make an informed choice to stand up and be counted, we have no right to insist you do not do so. But an anonymous source, even if less than ideal, can still do tremendous good. As an example, look at %5Bhttp://zimpundit.blogspot.com/ | Zimbabwean Pundit%5D and %5Bhttp://www.sokwanele.com/thisiszimbabwe/ | This is Zimbabwe%5D. Zimbabwe has no free press and all foreign press has been ejected. If it weren't for these two anonymous bloggers we would not know about the violent and repeated destruction of urban squatters' housing. We would not know about the continuing ejection of commercial farmers and the giving of those farms to political friends of the President.

!Anonymous Blogging Apologia

There has been a great deal of discussion regarding anonymous blogging in the blogosphere. Those who decry it do so they say because of the unreliability of anonymous writing. How can we trust the information if we don't know its source? What if the source itself has an unpleasant agenda. These are good points. But in the reality of a world in which critics of certain regimes get interrogated, fired from their jobs, tortured, expelled and sentenced to long prison terms for dissent, it is an uncertainty we have to live with.

Anyone who wishes to take a public stand is welcome to do so. If you make an informed choice to stand up and be counted, we have no right to insist you do not do so. But an anonymous source, even if less than ideal, can still do tremendous good. As an example, look at %5Bhttp://zimpundit.blogspot.com/ | Zimbabwean Pundit%5D and %5Bhttp://www.sokwanele.com/thisiszimbabwe/ | This is Zimbabwe%5D. Zimbabwe has no free press and all foreign press has been ejected. If it weren't for these two anonymous bloggers we would not know about the violent and repeated destruction of urban squatters' housing. We would not know about the continuing ejection of commercial farmers and the giving of those farms to political friends of the President.

Most of the bloggers who have been %5Bhttp://committeetoprotectbloggers.civiblog.org/blog/_archives/2005/11/25/1421765.html | arrested%5D in the past two years were easy to find because they followed the advice of some purist critics of anonymous blogging: They used their real names and details of their lives. Considering the likelihood that the harrassment of bloggers will %5Bhttp://committeetoprotectbloggers.civiblog.org/blog/_archives/2005/11/22/1417333.html | continue%5D, we believe anonymous blogging should remain a valid option and comprehensive instructions on how to do so should be available.

reverted IranAnonymousBloggingGuide

email@hidden () — Thu, 19 Jan 2006 11:00:00 +0000

!Persian Anonymous Blogging Guide

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/persian+abg+-+final.doc | Iran Anonymous Blogging Guide%5D here.

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

راهنمای وبلاگ نویسی بصورت ناشناس – ایران

مقدمه

ایران کشوری است که سیم کشی ارتباطاتی گستردهای دارد . ایران دارای پنج میلیون استفاده کننده ازاینترنت است و انتظار میرود که تعداد آنان تا سال 2009 به 20 میلیون نفر برسد. وبلاگ نویسی تبدیل به یکی از روشهای رایج مبادله اطلاعات، اخبار و عقاید در ایران شده است. در واقع ، فارسی، بعد اززبانهای انگلیسی ، پرتغالی و فرانسوی، چهارمین زبان در دنیا برای وب لاگ نویسی است.

در طی دو سال گذشته عناصر مخالف اصلاح طلبی در دولت ایران، بیش از 100 روزنامه و نشریات اینترنتی مستقل و اصلاح طلب را توقیف کرده اند. اما نمیتوان یک جمعیت رک گو با تاریخچه دیرینه روشنفکری را به راحتی وادار به سکوت نمود. از آنجاییکه آنها مطالب زیادی برای گفتن دارند اما امکان کمتری برای بازگو کردن آنرا دارند، ایرانیان برای بچاپ رساندن عقاید خود، به وبلاگ نویسی رو آورده اند. نرم افزارهای بسیاری در بازار برای وبلاگ نویسی به زبان فارسی موجود میباشند و چند تن ازچهره های شناخته شده ایرانی مانند معاون سابق رئیس جمهور، محمد ابطحی که در سایت http://webneveshteha.com/en/ مینویسد، در آن شرکت میکنند وبا اینکار ، روی مشروع بودن وبلاگ نویسی صحه میگذارند حتی اگر سانسورکنندگان سعی کرده باشند که آنرا توقیف نمایند.

ایران در حال حاضر بیش از 200,000 وبلاگ نویس دارد، و همچنین مشمول یکی از بیشترین میزان سانسور اینترنت در دنیا است. بعد از اینکه سانسور کنندگان روزنامه های مستقل را توقیف نمودند، به این امر واقف شدند که در واقع تنها کاری که به انجام رسانده اند این بود که ابراز کنندگان عقاید را وادار به فرار بطرف فضای وبلاگ نویسی کنند و شروع به تعقیب آن پرداختند. در طی دو سال گذشته بیست وبلاگ نویس ایرانی توقیف شده اند. بسیاری تحت شکنجه قرار گرفته اند ، برخی مملکت را ترک کرده اند، و برخی در زندان بسر میبرند ، و یکی از آنها محکوم به 14 سال زندان شده است.

از آنجاییکه قوانین ایران در اختیارمقامات هستند (و هیچگاه بالعکس آن) ، به سادگی میتوان با وجود نداشتن قصد سوئی، پشت میله های زندان افتاد. با در نظر گرفتن این امر، در صورتیکه بخواهید به وبلاگ نویسی بپردازید ، بیش از هر زمان باید توجه داشته باشید که چگونه میتوانید بدون خطر اینکار را انجام دهید.

وبلاگ نویسی بدون خطر به معنای وبلاگ نویسی بصورت ناشناس است

وبلاگ نویسی بدون خطر چه مفهومی دارد؟ آن تا حد زیادی به معنی وبلاگ نویسی بصورت ناشناخته است. بیشتر وبلاگ نویس ها و دیگر استفاده کنندگان از اینترنت که در ایران توقیف شدند به آن دلیل به دام افتادند که هیچگونه اقدامی برای پنهان کردن هویت خود نکرده بودند. از آنجاییکه تمامی و بلاگها ، حتی بی ضررترین آنها ممکن است به نوعی سرکشی تلقی شوند ، ما نمیتوانیم با خیال راحت کسی را در ایران به استفاده از نام واقعی خود برای وبلاگ نویسی تشویق کنیم. اتخاذ این تصمیم بدون تردید با شماست، اما لطفاً در نظر داشته باشید که بسیاری از اشخاصی که درون یک سلول زندان را دیده اند، هیچوقت، حتی برای یک لحظه فکر نکرده بودند که ممکن است در معرض خطرباشند.

قصد ما جنجال آفرینی نیست ، و فقط میخواهیم که ایمنی را حفظ کنیم. این چنین استنباط میشود که هر کس یا هر جایی با داشتن منابع و وقت کافی، میتواند هویت کسی را روی اینترنت شناسائی کند. راه حل برای ناشناخته باقی ماندن، صرف وقت و تلاش بیشتر از آن حدی که دولت برای کشف آن وقت صرف کند ،است. برخی از مردم در بعضی از نقاط ، ممکن است که بتوانند وقت تقریباً کمی را وقف حفظ امنیت خود کنند. دیگران ممکن است مجبور به انجام اقدامات بیشتری باشند. این نشریه روشها و ابزار اصلی مورد لزوم برای وبلاگ نویسی بصورت ناشناخته ، و همچنین راههایی برای گذشت ازموانعی که در راه جاده اینترنتی ایران گذاشته شده است را عنوان میکند.

برای کشف هویت شما هنگام وبلاگ نویسی دو راه اصلی وجود دارد . یکی از آنها از راه اعلام هویت تان از طریق متن ارسالی است. به عنوان مثال ، اگر شما بنویسید " من یک دانشجوی سال سوم تحصیلی در دانشگاه تهران هستم واز شهر قم هستم ". امکان اینکه کسی که وبلاگ شما را میخواند بتواند حدس بزند که شما کی هستید، بسیار زیاد است.

راه دیگر برای کشف هویت شما ازطریق اطلاعاتی است که مرورگر اینترنت و یا برنامه ایمیل شما ارائه میدهد. هر کامپیوتری که با اینترنت ارتباط داشته باشد دارای آدرسی است بنانم استIP، و آن یک سری چهار شماره ای از0 الی255 است که با نقطه مجزا شده است، به عنوان مثال: .213.24.124.38

با کمی کار، مقامات ممکن است بتوانند هر گونه نوشته ای را روی کامپیوترتان ردیابی کنند. اگر از کامپیوتری در منزلتان دارید و از سرویسگر اینترنتی (ISP) استفاده میکنید، این سرویسگر اینترنتی میتواند تاریخچه اینکه کدام کامپیوتر در چه ساعتی شماره گیری میکند و به چه نوع اطلاعاتی دسترسی پیدا میکند را داشته باشد.

هنگام استفاده از اینترنت، چندین روش برای پنهان کردن هویت تان وجود دارد. به عنوان قاعده کلی، هر چقدرکه میزان امنیت مورد نظرتان بیشتر باشد به همان نسبت مجبور به انجام اقدامات بیشتری خواهید بود. بعضی از فنون حفاظت هویت شما روی اینترنت مستلزم آگاهی فنی و کار زیاد است، اما همگی آنها اساساً با مقیاس های قضاوت صحیح آغاز میشوند.

Hushmail: http://www.hushmail.com/

ایمیل Lycos l: http://mail.lycos.com/

:Opera Mail http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

میزبانی رایگان وبلاگ :

Blogger http://www.blogger.com/start

:Blogsome http://www.blogsome.com/

:Livejournal http://www.livejournal.com/

:Seoblog http://www.seo-blog.org/

Weblog.us http://weblogs.us/

اقدامات اولیه برای وبلاگ نویسی به صورت ناشناس

هرگز از نام واقعی خود استفاده نکنید. منظورمان فقط در وبلاگتان نیست. بلکه منظورمان این است که هنگام ثبت نام برای وبلاگ، باید از یک نام مستعار استفاده کنید. هنگامی که برای ایمیل مبتنی بر شبکه ثبت نام می کنید، نیز از یک اسم جعلی استفاده نمایید. به راحتی می توا ن مسیر ارسال ایمیل از خانه یا محل کارتان را رد یابی نمود مگر آنکه شما از یک ارسال کننده مجدد ایمیل استفاده کنید، که بعداً در مورد آن صحبت خواهیم کرد؛ بنابراین توصیه می کنیم از یک ایمیل مبتنی بر شبکه، که بعداً به طور مفصل راجع به آن صحبت خواهد شد، استفاده نمایید.

یک اصل کلی خوب برای وبلاگ نویسی به صورت ناشناس: هرگز از خدماتی استفاده نکنید که مستلزم پرداخت پول یا ثبت نام از طریق ارگان های دولتی است و یا از خدماتی بهره می گیرد که لازم است به دولت گزارش گردد.

و البته نزد مقامات مسئول نیز ثبت نام نکنید. لطفاً توجه داشته باشید که ممکن است برخی از این خدمات ایجاب کند که شما از الفبای لاتین استفاده کنید.

ارائه کنندگان ایمیل مبتنی بر شبکه

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

میزبانی رایگان وبلاگ:

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

Livejournal: http://www.livejournal.com/

Seoblog: http://www.seo-blog.org/

Weblogs.us: http://weblogs.us/

روند مسدود کردن و فیلتر گذاری وبلاگ های شخصی و سایت های ارائه کننده وبلاگ، مانند http://persianblog.com/ «PersianBlog» و http://www.blogger.com « Blogger»، متناوب است اما به طور کلی به نظر می رسد که رو به افزایش باشد. بی ثباتی در مسدود کردن وبلاگ ها بخشی از روش آزمایش شده و موفق تهدید و ارعاب است: ایجاد بی ثباتی عمومی. متأسفانه هیچ راه حلی برای آن وجود ندارد و فقط باید انعطاف پذیر و هوشیار بود. هنگام انتخاب سایت میزبان، به خاطر داشته باشید که میزبان ایرانی موظف خواهد بود هر گونه اطّلاعاتی که دولت بخواهد را در اختیار آن قرار دهد. میزبان خارجی ممکن است ملزم به این کار نباشد ( اگر چه بسیاری از سایت های میزبان در چین با انجام چنین کاری موافقت کرده اند)، اما استفاده از یک سایت میزبان ممکن است مشکوک تلقی شود.

از به کار بردن هر گونه اطلاعات هویتی در وبلاگ خود خودداری کنید. بنا بر دلایلی که در بالا شرح داده شد، هرگز از یک لقب، به عنوان مثال، که مردم می دانند لقب شما است استفاده نکنید. از به کار بردن اسم مستعار و لقبی که به گونه ای شما را معرفی می کند اجتناب کنید. در مورد خیابان یا محله، روش امرار معاش یا محل کار، یا جزئیات مربوط به افرادی که می شناسید، جاهایی که سفر کرده اید و غیره حرفی نزنید. در غیر این صورت سر نخهای را در اختیار مأمورین بازرسی قرار خواهید داد.

این راهکار یک ایراد دارد و آن اینکه وقتی شما برای ایمیل یا وبلاگ ثبت نام می کنید، سرور شبکه ای که شما به آن وارد می شوید آدرس IP شما را ثبت می کند. اگر رد یابی آدرس IP به شما منتهی شود، مثلاً در صورت ارسال پیام از کامپیوتر شخصی خود در خانه یا محل کار، ممکن است شما گیر بیافتید.

اقدام دیگری که شما می توانید برای مخفی کردن هویت خود اتخاذ کنید این است که کار خود را با استفاده از کامپیوترهایی که زیاد مورد استفاده قرار می گیرند انجام دهید. به جای ایجاد ایمیل شبکه و یا وبلاگ خود از طریق کامپیوترخانه یا محل کارتان، می توانید آنها را از طریق یک کامپیوتر در یک کافی نت، کتابخانه یا لابراتوار کامپیوتر دانشگاه ایجاد کنید. در تهران به تنهایی 1500 کافی نت وجود دارد. اگر احیاناً کسی IP مورد استفاده برای ارسال یک دیدگاه یا پیام را ردیابی کند، متوجه خواهد شد که ارسال لز یک کافی نت انجام شده است، جایی که عده زیادی می توانسته اند از کامپیوتر ها استفاده کرده باشند.

البته این راهکار نیز معایب خاص خود را دارد. اگر کافی نت و یا لابراتوار کامپیوتر اطلاع داشته باشد که چه کسی در چه زمانی از چه کامپیوتری استفاده می کند، ممکن است هویت شما مورد سؤظن قرار گیرد. هرگز هنگام نیمه شب یا سایر اوقاتی که احتمال دارد شما تنها فردی باشید که به این مکان ها مراجعه می کند، از کامپیوترهای موجود در این مکان ها استفاده نکنید. در صورت استفاده از کافی نت، همواره کافی نت محل مراجعه خود را تغییر دهید. اگر مقامات مسئول تصمیم بگیرند که به بازرسی یک وبلاگ بپردازند و کشف کنند که همه پیام های ارسالی از یک کافی نت به خصوص ارسال شده است بعید نیست که پلیس را به آن جا بفرستند تا مراقب مراجعه کنندگان باشد.

پروکسی های ناشناس

اگر مایل باشید، می توانید زحمت استفاده از آنچه « پروکسی » نامیده می شود را بر خود هموار سازید. در صورت دستیابی به اینترنت از طریق یک پروکسی، شما به جای آن که آدرس کامپیوتر مورد استفاده خود را بر جا بگذارید، آدرسIP سرور پروکسی را از خود بر جای خواهید گذاشت.

مشکل استفاده از پروکسی ها و ناشناس کننده ها ( که بعداً پیرامون آن صحبت خواهیم کرد) در ایران این است که اکثر آنها از قبل مسدود شده است و یافتن پروکسی که مسدود نشده باشد ممکن است مدتی طول بکشد. یک راه حل دیگر (که در ذیل به آن خواهیم پرداخت) این است که از «Circumventor» یا راه حل «اجتماعی» دیگر استفاده شود.

برای استفاده از یک پروکسی، ابتدا از یکی از فهرست های زیر یک سرور پروکسی را انتخاب کنید، یا این که خودتان از طریق یک موتور جستجو مانند گوگل یکی را پیدا کنید http://www.google.co

Public Proxy Servers: http://www.publicproxyservers.com/index.html

Rosinstrument: http://tools.rosinstrument.com/proxy/

Samair: http://www.samair.ru/proxy/

حالا قسمت « preferences» یا «options» جستجوگر شبکه خود را باز کنید. زیر تب «general»، «network» یا «security» ( معمولاً ) گزینه ای را برای ایجاد یک پروکسی به منظور دستیابی به اینترنت بیابید. در این سایت می توانید یک سری دستورالعمل ها را برای جستجوگرهای مختلف بیابید:

http://www.freeproxy.ru/en/free_proxy/howuse.htm

«manual proxy configuration » را فعال کنید، آدرس IP سرور پروکسی و درگاه را در فیلدهای مربوط به پروکسی HTTP و SSL وارد و تنظیمات خود را ذخیره کنید. حال جستجوگر خود را باز نشانی ( ری استارت) کنید.

اتصال شما به اینترنت اندکی کندتر به نظر خواهد رسید زیرا هر صفحه ای را که از سرور شبکه تقاضا می کنید یک مسیر انحرافی را طی می کند. به عنوان مثال، به جای آن که مستقیماً به «Hushmail» متصل شوید شما به پروکسی وصل می شوید و بعد پروکسی به «Hushmail» وصل می کردد. وقتی «Hushmail» صفحه ای را برای شما ارسال می کند، اول به پروکسی می رود وبعد از پروکسی برای شما می آید. همچنین ممکن است با مشکلاتی در خصوص دستیابی به وب سایت ها، به ویژه آنهایی که می خواهید در آنها ثبت نام کنید مواجه گردید.

علاوه بر این که مسئولین اینترنت در ایران هر گونه پروکسی را که بیابند مسدود می کنند، مشکل دیگر این است که ممکن است متوجه شوند که شما از پروکسی استفاده کرده اید. این به خودی خود می تواند نوعی طغیان تعبیر شود. یک راه حل دیگر استفاده از راه حل های «اجتماعی» است.

راه حل های «اجتماعی»

یک راه برای مقابله با مسدود کردن بی حد و حصر پروکسی ها، استفاده از «Circumventor» است. برای این کار نیاز به دوستی قابل اعتماد در خارج از ایران خواهید داشت. لازم است او برنامه «Circumventor» را روی کامپیوتر خود نصب کند. دوست شما برنامه «Circumventor» را از سایت زیر دانلود و آن را روی سیستم

http://www.peacefire.org/circumventor/simple-circumventor-instructions.html

ویندوز خود نصب می کند. انجام چنین کاری آسان نیست. ابتدا باید برنامه «Perl» را روی سیستم خود نصب کند، بعد برنامه «OpenSA» و بعد«Circumventor».

بعد از نصب این برنامه ها، لازم خواهد بود که او کامپیوترش را همواره متصل به اینترنت نگه دارد تا شما بتوانید بدون آن که هر بار درخواست کنید، از آن به عنوان یک پروکسی استفاده کنید. اما به محض ایجاد پروکسی، شما قادر خواهید بود در شبکه گشت و گذار کنید، مطالبی را برای وبلاگ خود ارسال کنید و از ایمیل خود استفاده نمایید. این کارها همه از طریق پروکسی انجام می گیرد که دوست شما با استفاده از برنامه«Circumventor» روی کامپیوتر خود ایجاد نموده است. حتی می توانید از آن در یک کافی نت نیز استفاده کنید زیرا پروکسی در فهرست فن آوری فیلتر گذاری دولت یا امثال آن وجود ندارد، بنابراین چندان مشکوک نیست.

هیچ چیز کامل نیست. ( تعجب کردید؟) مشکل این سیستم این است: کامپیوتر دوست شما که سیستم عامل آن ویندوز است اغلب ری بوت می کند. هر بار ری بوت می کند، آدرس IP جدیدی به آن اختصاص می یابد و هر بار که این اتفاق می افتد دوست شما مجبور خواهد بود با شما تماس بگیرد و آدرس را به شما بگوید. (شاید تماس از طریق سلفن بهترین راه حل برای این مشکل باشد.) همیشه این احتمال وجود دارد که پروکسی توسط دولت شتاسایی شود.

اگر فرد قابل اعتمادی را در خارج از ایران می شناسید، راه حل دیگر این است که از او بخواهید وبلاگی برای شما ایجاد کند و شما مطالب خود را یا با استفاده از پروکسی یا با تماس گرفتن با او از طریق ایمیل مبتنی بر شبکه، ایمیل رمزی، یا با استفاده از سیستم ارسال مجدد ایمیل ارسال نمایید. با در نظر گرفتن تعداد کثیری از ابرانیان مقیم خارج از کشور، شاید بتوانید با یکی از آنها تماس بگیرید، گرچه ممکن است شخصاً کسی را نشناسید. به هر حال صلاح در این است که خیلی زود به افرادی که نمی شناسید اطمینان نکنید. ایرانیان مقیم خارج از کشور و گروه های مدافع حقوق بشر ممکن است مایل باشند شما را به افراد قابل اعتمادی که مایل به کمک هستند معرفی نمایند.

مسیر یابی پیازی TOR

«Tor»، که نوعی «مسیر یابی پیازی» است، مفهوم سرور های پروکسی را به سطح جدیدی از پیشرفت و پیچیدگی ارتقاء می دهد. هر درخواستی که از طریق یک شبکه مسیر یابی پیازی انجام گیرد از 2 تا 20 کامپیوتر دیگر می- گذرد و این امر ردیابی کامپیوتری که درخواست از آن منشأ گرفته را مشکل می سازد. هر مرحله از زنجیر مسیر یابی پیازی رمزنویسی شده است که این خود کار دولت را برای ردیابی پیام های ارسالی شما مشکل تر می سازد. به علاوه، هر یک از کامپیوترهای موجود در شبکه فقط نزدیک ترین همسایگان خود را می شناسد. به عبارت دیگر مسیریاب B می داند که درخواستی را برای یک صفحه از مسیریاب A دریافت کرده است و باید درخواست را به مسیریاب C انتقال دهد. اما خود درخواست رمزنویسی شده است: مسیریاب B عملاً نمی داند که شما چه صفحه ای را درخواست کرده اید، یا این که سرانجام چه مسیر یابی صفحه را از سرور شبکه درخواست می کند.

جای تعجب است که علیرغم پیچیدگی های این فناوری، به آسانی می توان «Tor» http://tor.eff.org/cvs/tor/doc/tor-doc-win32.html رانصب کرد. شما برنامه نصب کننده ای را دانلود می کنید که ابتدا «Tor» را روی سیستم شما نصب می کند.

سیستم «Tor» موجب خواهد شد در یک لحظه این گونه به نظر برسد که شما از کامپیوتری از دانشگاه هاروارد استفاده می کنید و در لحظه دیگر به نظر می رسد که شما در آلمان هستید، و به این ترتیب هر بار که شما بارگذاری مجدد می کنید و یا وارد سایت می شوید همواره تغییر می کند. «Tor» هویت شما را از درخواستی به درخواست دیگر تغییر می دهد و به این ترتیب به شما کمک می کند تا هویت خود را پنهان کنید.

این روش نیز پیامدهای نامطلوب متعددی دارد. وقتی شما از طریق «Tor» از گوگل استفاده می کنید، ممکن است زبان را تغییر دهد به این ترتیب ممکن است یک جستجوی شما به زبان انگلیسی، دیگری به زبان ژاپنی، آلمانی، دانمارکی یا هلندی باشد و همۀ اینها ظرف فقط چند دقیقه روی دهد. برخی سایت ها، به عنوان مثال «Wikipedia»، امکان اتصال از طریق «Tor» را به کاربر نمی دهند. ممکن است گهگاه گشت و گذار در شبکه اندکی کند شود؛ و البته شما متکی به کامپیوتر خانگی خود هستید زیرا نمی توانید «Tor» را روی یک کامپیوتر عمومی نصب کنید. البته چیزی که بسیار نگران کننده است این است که«Tor» گاهی اوقات درست عمل نمی کند: ممکن است بعضی وقتها از کار بیافتد و ممکن است ISP شما بعضی از مسیر یاب های «Tor» را مسدود کند.

TOR PARK

نصب «TOR» برای کاربرد عادی مشکل است. گر چه از اکثر فن آوریهای ناشناس سازی آسان تر است، باز هم می تواند مشکل باشد. همچنین، اگر شما از یک کافی نت به اینترنت وصل شوید، این امکان وجود ندارد که شما روی کامپیوتر های مورد استفاده خود «TOR» نصب کنید.

به هر حال، راه حلی برای این مشکل وجود دارد. افرادی که ابزار جدیدی به نام «TOR PARK» http://torpark.nfshost.com/ را ابداع کرده اند، ورژن جدید «Firefox Deer Park browser» http://www.mozilla.org/projects/firefox/ را با «TOR» و یک برنامه نصب کننده ترکیب کرده اند و یک بسته نرم افزاری MB 20 که برای نصب روی کلید «USB» http://en.wikipedia.org/wiki/Keydrive طراحی شده است را تولید کرده اند.

وقتی کلید«USB» خود را در درگاه کامپیوتر مجهز به ویندوز 2000 با XP قرار می دهید و برنامه

«Tor Park» را اجرا می کنید، پنجره جستجوگر ناشناس باز خواهد شد و به شما این امکان را خواهد داد که بدون آنکه ردی از خود بر جای بگذارید، در شبکه گشت و گذار کنید.

یک کلیک نسخه ای را آغاز می کند، یک پنجره DOS و یک جستجو گر را باز می کند که بعد از طریق «TOR» گشت و گذار می کند. بیرون آوردن کلید«USB» ردهای واضح را از روی سیستم پاک می کند. تجربه جستجو با «TOR» تجربه ای کند اما رضایت بخش است.

این روش مشکلاتی را دارد: صفحات سنگین خوب نمایش داده نمی شوند، زیرا بعضی از گرافیک ها و فایل ها بارگذاری نمی شوند و نیز برخی از تصاویر می شکنند، اما عموماً می توانید به طور مؤثر در شبکه گشت و گذار کنید.

سه مشکل عمده وجود دارد که ممکن است بعضی کاربران را از کاربرد «TOR» به عنوان روش گشت و گذار ارجح خود باز دارد:

اولاً، همه کلید «USB» ندارند.ممکن است دست یابی به یک کلید با قیمت مناسب برای برخی افراد مشکل باشد. ممکن است این کلید عرضه نشود و یا قیمت بالای آن تهد ید آن را برای بسیاری از افراد غیرممکن سازد.

ثانیاً، ممکن است بسیاری از کافی نت ها به شما اجازه ندهند که یک کلید«USB» را به کامپیوترشان وصل کنید.

و بالاخره، اینکه «TOR» از یک فهرست کوچک منتشر شده از سرورهایی استفاده می کند که بسته ها را انتقال می دهند و مخفی می کنند. در هر کشوری که از یک دیوار آتشین (firewall) استفاده شود، منطق حکم می کند که تصور شود که مسئولین مسیر سرورهایی که در حال حاضر فهرست شده اند http://proxy.org/tor.shtml را مسدود می کنند و هر سروری جدیدی را به محض این که روی خط قرار می گیرد، به لیست سیاه اضافه می کنند.

«Tor Park» را می توان به زبان های انگلیسی، چینی، فرانسه اسلوونی، روسی، کره ای، عبری، لهستانی و ترکی و سایر زبان های دیگر از سایت http://torpark.nfshost.com/ دانلود کرد، اما هنوز قابل دانلود کردن به زبان فارسی یا عربی نیست.

MIXMASTER, INVISIBLOG AND GPG

راه حل های دیگری نیز وجود دارد که نیاز به سرورها ی پروکسی ندارد. یکی از این سرویس ها «Invisiblog» http://www.invisiblog.com/ است. شما از طریق شبکه چیزی را برای «Invisiblog» نمی فرستید، کاری که شما با اکثر سرورهای وبلاگ می کنید. شما با استفاده از ایمیل های فرمت شده ویژه، که از طریق سیستم ارسال مجدد ایمیل «Mix Master» ارسال می شود و به صورت رمز نویسی امضا شده است، پیام خود را برای آن ارسال می کنید. این کار پیچیده به نظر می رسد. بله، کار پیچیده ای است اما آنچه شما باید انجام دهید از این قرار است: اول، به «GPG» http://www.gnupg.org بروید و یک سیستم رمز نویسی «کلید عمومی » ایجاد کنید.

( رمز نویسی کلید عمومی تکنیکی است که به شما این امکان را می دهد که پیام هایی را ارسال کنید که تنها دریافت کننده پیام قادر به خواندن آن باشد. رمز نویسی کلید عمومی همچنین این امکان را برای کاربر فراهم می کند که اسناد را با یک امضای دیجیتال که جعل آن تقریباً غیر ممکن است امضا نماید).

سپس، «Mix Master» http://mixmaster.sourceforge.net/ را نصب کنید، که سیستم ارسال پیامی است که برای پنهان نمودن منشأ یک پیغام ایمیلی طراحی شده است. «Mix Master» از زنجیره ای از ارسال کننده های مجدد ناشناس ( برنامه های کامپیوتری که کلیه اطلاعات هویتی را از ایمیل پاک می کند و آن را به مقصدش ارسال می کند) برای ارسال بیغام های ایمیل با درجه بالایی از ناشناسی استفاده می کند. با استفاده از زنجیره ای متشکل از 2 تا 20 ارسال کننده مجدد، ردیابی پیام بسیار مشکل است، حتی اگر یک یا چند تا از ارسال کننده های مجدد مورد سوءظن قرار گیرند و اطلاعات فرستنده را ثبت کنند.

متأسفانه، ناچار هستید«Mix Master» را با گردآوری کد مبدأ آن «بسازید» و این پروژه ای است که دانش فنی زیادی را می طلبد.

پس از نصب، شما یک پیغام «Mix Master» را برای «Invisiblog» ارسال می کنید که شامل کلید عمومی شما است. «Invisiblog» از این برای ایجاد وبلاگ جدید برای شما استفاده می کند با نامی مانند «invisiblog.com/ac4589d7001ac238». ( رشته طولانی 16 بایت آخر کلید GPG شما است.) هنگامی که «Invisiblog» شما ایجاد شد، شما پیام های بعدی خود را با نوشتن یک پیام به صورت متن و امضای آن با کلید عمومی خود از طریق «Mix Master» می فرستید.

هدایت نادرست ارسال کننده های «Mix Master» بدان معنا است که بین 2 ساعت تا دو روز طول می کشد تا پیغام شما به سرورها برسد و شما باید در خصوص سر زدن به وبلاگتان بسیار دقت کنید. اگر مکراً به آن وارد شوید، آدرس IP آن مکراً در لاگ وبلاگ ظاهر خواهد شد و نشان خواهد داد که احتمالاً شما نویسنده آن هستید. شما می توانید تا حدودی اطمینان داشته باشد که مالکان «Invisiblog» از هویت شما اطلاعی ندارند.

این است که استفاده «Invisiblog» مشکل اصلی سیستم ازآن برای بیشتر افراد مشکل است. بیشتر افراد ایجاد GPG را چالشی بزرگی تلقی می کنند و در فهم پیچیدگی های کلید های عمومی و خصوصی مشکل دارند. ابزارهای رمزنویسی کاربر پسند تر، مانند «Ciphire» https://www.ciphire.com/، برای کمک به کاربرانی که از مهارت فنی کمتری برخوردار هستند طراحی شده است.، اما حتی اینها هم دشواری های خاص خود را دارند. موضوع دیگری که کار را برای شما به عنوان وبلاگ نویس ایرانی دشوار می سازد این است که اگر مقامات مربوطه کامپیوتر شما را بگیرند و کلید خصوصی شما را کشف کنند، این کار به خودی خود فوق العاده شک برانگیز خواهد بود و ممکن است به عنوان شواهدی دال بر این که شما نویسنده وبلاگ بوده اید مورد استناد قرار گیرد. در ایران، که رمز نویسی منع می شود، با ارسال پیام های ایمیلی در لفافه ای از رمز نویسی قوی، مانند «Mix Master»، ممکن است خطر کنید و توجه مقامات مسئول اینترنت را جلب نمایید.

حقوقی

این سند مطابق مجوز Creative Commons بچاپ رسیده است. به عبارت دیگر شما میتوانید با آن طبق خواسته خود عمل کنید: به آن چیزی اضافه کنید، از آن چیزی کم کنید، و یا آنرا به هر گونه که برای شما و دوستان وبلاگ نویس مناسب باشد تغییر دهید. لطفاً یک نسخه از متون اضافه یا کم شده را به ما ارسال نمایید تا ما بتوانیم آنرا در چاپهای بعدی راهنما بگنجانیم. همچنین، در صورتیکه مایل به دیدن اطلاعات اضافی درچاپهای بعدی باشید، ما را از آن آگاه سازید. آدرس ایمیل ما: anoniblog@hushmail.com

ما صحت اطلاعات مندرج در این راهنما را تضمین نمیکنیم. مسئولیت هر گونه ریسک استفاده ازآن بعهده خواننده میباشد.

!Persian Anonymous Blogging Guide

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/persian+abg+-+final.doc | Iran Anonymous Blogging Guide%5D here.

reverted CreditsPage

email@hidden () — Thu, 19 Jan 2006 10:59:36 +0000

**This wiki and the guides on it are the fruits of %5Bhttp://www.spiritofamerica.net/cgi-bin/soa/project.pl?rm=view_project&request_id=104 | Spirit of America's Anonymous Blogging Campaign%5D.**

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

The project was managed by %5Bhttp://morphemetales.blogspot.com | Curt Hopkins%5D of the %5Bhttp://committeetoprotectbloggers.civiblog.org | Committee to Protect Bloggers%5D.

The technical consultant was %5Bhttp://www.marshallk.com | Marshall Kirkpatrick%5D.

The Arabic translation was donated by %5Bhttp://arabic.tharwaproject.com/ | The Tharwa Project%5D. (The English version of their site is %5Bhttp://www.tharwaproject.com/ | here%5D.) We appreciate their help. The Persian guide was translated by A.J. and the Chinese by Oregon's own W.S. Countless people were good enough to read over these translations, though needless to say any problems in the guides are not their fault. And thanks to everyone who reviewed the translations and the technical materials.

These guides were designed as a practical synthesis of available materials on anonymization. Among our many sources were Global Voices Online's %5Bhttp://cyber.law.harvard.edu/globalvoices/?p=125 | Technical guide to anonymous blogging%5D, the Electronic Frontier Foundation's %5Bhttp://www.eff.org/Privacy/Anonymity/blog-anonymously.php | How To Blog Safely%5D and the filtering case studies of the %5Bhttp://www.opennetinitiative.net/modules.php?op=modload&name=Archive&file=index&req=viewarticle&artid=1 | OpenNet Initiative%5D. An exhaustive listing would fill pages.

**This wiki and the guides on it are the fruits of %5Bhttp://www.spiritofamerica.net/cgi-bin/soa/project.pl?rm=view_project&request_id=104 | Spirit of America's Anonymous Blogging Campaign%5D.**

The project was managed by %5Bhttp://morphemetales.blogspot.com | Curt Hopkins%5D of the %5Bhttp://committeetoprotectbloggers.civiblog.org | Committee to Protect Bloggers%5D.

The technical consultant was %5Bhttp://www.marshallk.com | Marshall Kirkpatrick%5D.

The Arabic translation was donated by %5Bhttp://arabic.tharwaproject.com/ | The Tharwa Project%5D. (The English version of their site is %5Bhttp://www.tharwaproject.com/ | here%5D.) We appreciate their help. The Persian guide was translated by A.J. and the Chinese by Oregon's own W.S. Countless people were good enough to read over these translations, though needless to say any problems in the guides are not their fault. And thanks to everyone who reviewed the translations and the technical materials.

These guides were designed as a practical synthesis of available materials on anonymization. Among our many sources were Global Voices Online's %5Bhttp://cyber.law.harvard.edu/globalvoices/?p=125 | Technical guide to anonymous blogging%5D, the Electronic Frontier Foundation's %5Bhttp://www.eff.org/Privacy/Anonymity/blog-anonymously.php | How To Blog Safely%5D and the filtering case studies of the %5Bhttp://www.opennetinitiative.net/modules.php?op=modload&name=Archive&file=index&req=viewarticle&artid=1 | OpenNet Initiative%5D. An exhaustive listing would fill pages.

Additional information came from the news media, academic and techincal studies, and, most importantly, individual bloggers. These included bloggers with an interest in the target areas who work outside of them, bloggers who work on online free speech issues in general and, above all, those bloggers working in countries that discourage or punish free speech. They are the source of this project and to them goes the lion's share of the credit. Due to both the great number of bloggers whose work we drew on, as well as the danger that some of them work in, we cannot list them individually here.

reverted MalaysiaAnonymousBloggingGuide

email@hidden () — Thu, 19 Jan 2006 10:59:13 +0000

!ANONYMOUS BLOGGING GUIDE - MALAYSIA

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/malaysia+abg+-+final.doc | Malaysia Anonymous Blogging Guide%5D here.

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

!!INTRODUCTION

Over the past several years, as blogging has gained in popularity, certain countries have developed as strong blogging communities. It is uncertain what makes one country embrace blogging so enthusiastically. Academics will need to pursue this question. What is certain, however, is that Malaysia is one such country in which bloggers have thriven, one source counting 20,000 Malaysian blogs. Part of blogging’s popularity may be the advanced technical state of the country. Part of it may be the synergy between Malaysia, Singapore and Indonesia, all countries with relatively thriving blogging scenes. Finally, Malaysia’s harsh climate for the press may have driven people to find ways to express themselves in areas where the government finds it more difficult to pursue.

Malaysia, unlike other countries with an interest in controlling the press, has yet to institute full-fledged Internet filtering. But that seems to be looming on the horizon. Malaysia has approved recommendations to restrict access to pornography. In addition, schools and libraries are now required to install filtering software. Other measures to be introduced include optional filtering services on ISPs, a complaint center where Internet users can report obscene content and awareness campaigns against pornography. But some are questioning these moves, suggesting that the implementation of a filtering infrastructure for pornography can easily be configured to block political content. In addition to the overblocking associated with filtering software (blocking sites that share words with blocked sites even if the sites in question are not offensive), Malaysia could easily add additional sites to the block lists for political reasons once the filtering infrastructure is in place. Malaysia has a record of harassing online publications for political reasons.

As one Malaysian journalist wrote, “Legitimate Internet censorship provides a backdoor entry to ban dissent or alternative viewpoints.”

Among the direct threats to bloggers (and other online sites) in the last year are the interrogation of three prominent bloggers by the nation’s security service and the interrogation of the editors of several online news sites. This being the case, it makes sense for Malaysian bloggers to seriously consider their safety. Because blogging can be as useful in the dissemination of information, both within a country and internationally, as standard journalism, sometimes more so, the scrutiny is likely to increase. Because Malaysia is a country whose leaders are nervous about instability based on offense, and because Internet filtering, both technically and culturally, tends toward over-kill, you may want to take the measures necessary to blog safely.

!!TO BLOG SAFELY IS TO BLOG ANONYMOUSLY

What does it mean to blog safely? To a great degree, it means to blog anonymously. Most bloggers and other online users arrested around the world for critical speech were discovered because they took no pains at all to disguise who they were. Since all but the most innocuous blogs may be suspected of being rebellious in some way, we cannot in good conscience encourage anyone to blog using their real name. The decision to do so, of course, is up to you. But please bear in mind that many of those who have seen the inside of a jail cell never thought for a moment that they were in danger.

We’re not trying to be alarmist, just safe. It has been said that anyone or any state with enough resources and time will be able to find out the identity of anyone on the Internet. The key is to put more effort and time into staying anonymous than anyone in the government will put into discovering it. Some people in some places may need to devote relatively little work in order to say safe. Others may need to do quite a bit of work.

This document will outline the primary methods and tools for anonymous blogging, as well as some ways to navigate the Internet when it is filtered. Although this document is focusing on the situation of bloggers in Malaysia, it may also be applicable to the situation of bloggers in Singapore and Indonesia.

**There are two major ways your identity can be discovered** while blogging. One is by revealing your identity through the content you post. For instance, if you write, "I'm a third-year education student at the University Putri Malaysia and I come from Georgetown," there's a good chance that someone reading your blog will be able to figure out who you are.

The other way to get discovered is if someone identifies you from information your web browser or email program provides. Every computer attached to the Internet has, or shares, an address called an IP address. That is a series of four numbers from 0-255, separated by dots, for instance: 213.24.124.38.

With a little work, the authorities may be able to trace any posting you make back to your computer. If you use a home computer and dial into an Internet service provider (ISP), this ISP will have a record of which computer dials in at what time and accesses which information.

There are a number of ways you can hide your identity when using the Internet. As a general rule, the more secure you want to be, the more work you will need to do to hide your identity. Some of the strategies for protecting identity online require a great deal of technical knowledge and work. But they all start with basic, common sense measures.

!!BASIC ANONYMIZATION MEASURES

**Never use your real name**. We don’t mean just on your blog. We mean when signing up for your blog you must use a pseudonym. And when you are signing up for your web-based email, also use a fake name. It is very easy to trace traffic from your home or work email unless you use a remailer, which we will talk about later; so we advise you use a web-based email, which we will also talk about in greater depth later.

A good general rule for anonymous blogging: Never use any service that you must pay for or that you sign up for via the government or that uses a service that must report to the government. And do not register with the authorities, of course. Please note that some of these services may require you to use the Latin alphabet.

''Free web-based email providers'':

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

''Free weblog hosting'':

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

Livejournal: http://www.livejournal.com/

Seoblog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

The trend toward blocking and filtering individual blogs; blog hosts, such as Blogger http://www.blogger.com; and photo sharing sites such as Flicker http://www.flickr.com/, is intermittent. The uncertainty of the blocking is part of a tried-and-true method of intimidation: creating systemic uncertainty. Also, again due to the extreme centralization, should the government or the ISU decide to block a hosting service, it can be done almost immediately. The ISU is transparent in its filtering. If something is blocked, you are given as a reader, the option of requesting that it be unblocked. The risk you run in making such a request is that you announce who you are and what kind of things you wish to read.

**Do not use any identifying information on your blog**. For the reasons discussed above, do not use a nickname, for instance, that people know is yours. Do not use one that identifies you somehow. Do not talk about your street or neighborhood, what you do for a living or where you work, or specifics about who you know, where you have traveled and so forth. Otherwise, you will be providing investigators with leads to your identity.

Here's the problem with this strategy. When you sign up for an email service or a weblog, the web server you are accessing logs your IP address. If that IP address can be traced to you, for instance if you are using your computer at home or at work, you could be found.

One additional step you could take to hide your identity is to do your work on heavily-used computers. Rather than setting up your webmail and blogging accounts from your home or work computer, you could set them up from a computer in a cybercafe, a library, or a university computer lab. Should anyone trace the IP used to post a comment or a post they will discover that the post was made from a cybercafe, where any number of people might have been using the computers.

There are flaws in this strategy as well. If the Internet café or computer lab keeps track of who is using what computer at what time, your identity could be compromised. Do not use computers at places like these in the middle of the night or other times when you are likely to be the only person there. If you use Internet cafés, change which ones you use often. If the authorities decide to look into a blog and discover that all the posts are coming from a specific café, it would not be hard to send police to watch who visits.

!!ANONYMOUS PROXIES

If you choose to, you can take the trouble to use what is called a “proxy.” If you access the Internet through a proxy, you will leave behind the IP address of the proxy server, instead of the address of the computer you are using.

The difficulty in using proxies and anonymizers (we will cover these later) is that they are frequently among the first sites to be blocked by a government seeking control of its people. That is currently not the case in Malaysia, but it is something to watch out for. Should Malaysia begin to block proxies, you may have to search for new proxies as old ones are blocked. Another option (also covered below) is to use Peacefire’s Circumventor program, or another “social” option.

To use a proxy, first choose a proxy server from one of these lists, or find one yourself on a search engine like Google http://www.google.com.

!!!!!Public Proxy Servers: http://www.publicproxyservers.com/index.html

!!!!!Rosinstrument: http://tools.rosinstrument.com/proxy/

!!!!!Samair: http://www.samair.ru/proxy/

Now, open the “preferences” or “options” section of your web browser. Under the “general”, “network” or “security” tab (usually), find an option to set up a proxy to access the Internet. Here is a set of instructions http://www.freeproxy.ru/en/free_proxy/howuse.htm for various browsers.

Turn on “manual proxy configuration”, enter the IP address of the proxy server and port into the fields for HTTP proxy and SSL proxy and save your settings. Restart your browser.

Your connection to the web will seem a bit slower because every page you request from a web server takes a detour. Instead of connecting directly to Hushmail, for instance, you connect to the proxy, which then connects to Hushmail. When Hushmail sends a page to you, it goes to the proxy first, then to you. You may also notices some trouble accessing websites, especially those that want you to log in.

A final problem is that if authorities discover you have been using a proxy, that in itself may constitute “proof” of wrongdoing.

!!“SOCIAL” OPTIONS

One way around the excessive blocking of proxies is to use Peacefire’s Circumventor.

To do this, you will need a friend outside of Malaysia whom you trust. They will need to set up Circumventor on their computer. Your friend downloads Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html from the Peacefire site and installs it on his Windows system. It is not easy to do. First, he needs to install Perl on his system, then OpenSA, then Circumventor.

After these installations, he will needs to keep his computer connected to the Internet constantly, so you can use it as a proxy without asking each time. But you will, once it is set up, be able to surf the web, post to your blog, and use your email, all through the proxy your friend has created on his machine by using Circumventor. You can even use it at an Internet café, because the proxy is not listed as such in the state’s filtering technology, so it is not very suspicious.

Nothing is perfect. (Are you surprised?) Here’s the problem with this system: your friend’s computer, running Windows, often reboots. Each time it does, it is assigned a new IP address. And every time this happens, your friend will need to contact you with the address. (Probably cellular phone calls are best for this.) There is always the chance that this proxy will be recognized in time as such by the government.

Another social option is to use Adopt-a-Blog http://www.adoptablog.org/. Designed primarily for blocked blogs in China, you can contact this service with a request that someone outside your country host a blog on their server. The server hosting your blog is unlikely to be blocked and, if it becomes blocked, your blog is moved to a different server.

If you know someone trustworthy outside the country, another option is to simply ask that person to set up a blog for you and then to post to it either using a proxy, or by contacting them via web-based email, encrypted email or by using a remailer system (see below). It is highly advisable, however, not to trust anyone quickly whom you do not know. Established human rights and free speech groups might be willing to connect you with trustworthy people willing to help. Members of the Malaysian expatriate community may also be helpful.

!!TOR ONION ROUTING

Tor, an “onion routing” system takes the idea of proxy servers to a new level of complexity. Each request made through an onion routing network goes through two to 20 additional computers, making it hard to trace what computer originated a request. Each step of the Onion Routing chain is encrypted, making it harder for the government to trace your posts. Furthermore, each computer in the chain only knows its nearest neighbors. In other words, router B knows that it got a request for a web page from router A, and that it's supposed to pass the request on to router C. But the request itself is encrypted: router B doesn't actually know what page you are requesting, or what router will finally request the page from the web server.

Given the complexity of the technology, it is surprisingly easy to install Tor http://tor.eff.org/cvs/tor/doc/tor-doc-win32.html. You download an installer which first installs Tor on your system, and then downloads and installs Privoxy, a proxy that works with Tor.

The Tor system will make it look at one point like you are on a computer at Harvard University, and then it looks like you are in Germany, and so forth, changing all the time as you reload or sign on at different times. Tor is changing your identity from request to request, helping to protect keep your identity private.

This has some a couple of unintended consequences. When you use Google through Tor, it may switch languages on you. One search may be in English; another may be Japanese, German, Danish or Dutch, all in the course of a few minutes. Some sites, Wikipedia, for instance, may not allow connections from a Tor system. Your surfing may slow down quite a bit at times. And, of course, you are reliant on your home computer, since you cannot install Tor on a public machine. Most worrisome, though, is Tor’s occasional malfunctioning: it may sometimes stop working. Your ISP may block some Tor routers.

!!TORPARK

TOR is somewhat difficult to install for a non-technical user. Although much easier than most anonymizing technologies, it can still be tricky. Also, if you are accessing the Internet from an Internet café, it is unlikely you will be able to install TOR on the computers you are using.

Now there is an alternative. The people behind a new tool called Torpark http://torpark.nfshost.com/ have combined an alpha version of the new Firefox Deer Park browser http://www.mozilla.org/projects/firefox/ with TOR and an installer, to produce a 20MB package designed to fit on a USB key http://en.wikipedia.org/wiki/Keydrive.

When you insert your USB key into the port of a computer equipped with Windows 2000 or XP and you run the Torpark application, an anonymized browser window will open, allowing you to surf the web, leaving few or no traces behind.

One click starts a script, opens a DOS window and a browser, which then surfs through TOR. Ejecting the USB key removes obvious traces from the system. The browsing experience is the slow, but satisfactory, experience you get when browsing with TOR.

There are some problems: Stylesheet-heavy pages tend to look bad, as some graphics and files fail to load. Some images break. But for the most part, you can surf the web effectively.

There are three difficulties that may prevent some users from adopting Torpark as their preferred method of surfing.

First, not everyone has a USB key. Securing access to a reasonably priced key may be difficult for some people. There may be a lack of supply or the price may place it out of reach for many. Second, many Internet cafés may not allow you to attach a USB key to their machines. Finally, TOR uses a small, published list of servers that transfer and obscure packets. In any country that employs a firewall, it is reasonable to assume that the administrators block traffic from the servers that are currently listed http://proxy.org/tor.shtml and add any new servers to the blacklist when they come online.

Torpark can be downloaded http://torpark.nfshost.com/ in English, Chinese, French, Slovenian, Russian, Korean, Hebrew, Polish and Turkish and other languages.

!!MIXMASTER, INVISIBLOG AND GPG

There are a number of additional options that do no require proxy servers. One such service is Invisiblog http://www.invisiblog.com/. You do not post to Invisiblog via the web, as you do with most blog servers. You post to it using specially formatted email, sent through the Mixmaster remailer system, signed cryptographically.

That sounds complicated. It is. But here is what you do. First, go to GPG http://www.gnupg.org and set up a “public-key encryption system.” (Public-key encryption is a technique that allows you to send messages to a person that only the recipient can read. Public key encryption also allows people to “sign” documents with a digital signature that is almost impossible to forge.)

Then, set up Mixmaster http://mixmaster.sourceforge.net/, a mailing system designed to obscure the origins of an email message. Mixmaster uses a chain of anonymous remailers (computer programs that strip all identifying information off an email and send it to its destination) to send email messages with a high degree of anonymity. By using a chain of 2 to 20 remailers, the message is very difficult to trace, even if one or more of the remailers is “compromised” and is recording sender information.

Unfortunately, you have to “build” Mixmaster by compiling its source code, a project that requires a great deal of technical know-how.

Once set up, you send a Mixmaster message to Invisiblog, which includes your public key. Invisiblog will use this to set up a new blog for you, with a name like “invisiblog.com/ac4589d7001ac238”. (The long string is the last 16 bytes of your GPG key.) Once your Invisiblog is set up, you send future posts to by writing a text message, signing it with your public key and sending it via Mixmaster.

The misdirection of Mixmaster mailers means that it takes anywhere from two hours to two days for your message to reach the servers. And you must be very careful about looking at your blog. If you look at it too often, your IP address will appear in the blog's log frequently, signaling that you are probably its author. You can be somewhat reassured by the fact that the owners of Invisiblog have no idea who you are.

The main problem with the Invisiblog system is the fact that it is very difficult for most people to use. Most people find GPG a challenge to set up and have difficulty understanding the complexities of public and private keys. More user-friendly cryptographic tools, like Ciphire https://www.ciphire.com/, have been set up to help less technically proficient users, but even they can be difficult. These tools are also frequently blocked by repressive regimes. Another issue that makes this difficult is that if the authorities ever take your computer and find your private key, it would be considered highly suspicious in itself and might be used as evidence that you were the author of the blog. If you do succeed in sending out mail messages wrapped in strong encryption, like Mixmaster, you run the risk of attracting the attention of the Internet authorities.

!!CONCLUSION

You have a right to be heard. Your voice is important to Malaysia, both for its present and its future. However, contradicting the accepted common truths of a nation can be frowned upon, and a government that is on the defensive politically can be challenging to those who wish to add their voices to the discussion of their country’s future. Someone who cares about this future can do no good mute. You must remain in possession of your voice.

To that end, we have covered basic anonymization measures, such as pseudonymous blogging and web-based email; proxies; social options, such as individual Circumventor proxies, Adopt-a-Blog and assisted blogging; Tor servers’ onion routing; and very complex email-based blogging systems like Invisiblog.

None of these, nor any combination, is foolproof. There will always remain a chance that you will be discovered and the authorities, which fear the intellect of their own people, will succeed in silencing you. Be very careful. You are fellow bloggers, as well as fellow human beings, and we wish above all for you to remain free and safe.

Please forward this document to anyone you think might benefit from reading it. You are also welcome to add to it your ideas, experiences and experiments—though we ask you leave in place all warnings about the dangers of speaking up and the provisional nature of all anonymizing techniques, tools and processes. Perhaps you have information we do not. Perhaps you know of additional measures to take that we have not covered. Let’s share with each other and take care of one another.

!!LEGAL

We make no warranty as to the accuracy of the information contained in these guides. The reader assumes all responsibility for the risk of using them.

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

Contact the authors at anoniblog@hushmail.com.

!ANONYMOUS BLOGGING GUIDE - MALAYSIA

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/malaysia+abg+-+final.doc | Malaysia Anonymous Blogging Guide%5D here.

!!INTRODUCTION

Over the past several years, as blogging has gained in popularity, certain countries have developed as strong blogging communities. It is uncertain what makes one country embrace blogging so enthusiastically. Academics will need to pursue this question. What is certain, however, is that Malaysia is one such country in which bloggers have thriven, one source counting 20,000 Malaysian blogs. Part of blogging’s popularity may be the advanced technical state of the country. Part of it may be the synergy between Malaysia, Singapore and Indonesia, all countries with relatively thriving blogging scenes. Finally, Malaysia’s harsh climate for the press may have driven people to find ways to express themselves in areas where the government finds it more difficult to pursue.

Malaysia, unlike other countries with an interest in controlling the press, has yet to institute full-fledged Internet filtering. But that seems to be looming on the horizon. Malaysia has approved recommendations to restrict access to pornography. In addition, schools and libraries are now required to install filtering software. Other measures to be introduced include optional filtering services on ISPs, a complaint center where Internet users can report obscene content and awareness campaigns against pornography. But some are questioning these moves, suggesting that the implementation of a filtering infrastructure for pornography can easily be configured to block political content. In addition to the overblocking associated with filtering software (blocking sites that share words with blocked sites even if the sites in question are not offensive), Malaysia could easily add additional sites to the block lists for political reasons once the filtering infrastructure is in place. Malaysia has a record of harassing online publications for political reasons.

As one Malaysian journalist wrote, “Legitimate Internet censorship provides a backdoor entry to ban dissent or alternative viewpoints.”

Among the direct threats to bloggers (and other online sites) in the last year are the interrogation of three prominent bloggers by the nation’s security service and the interrogation of the editors of several online news sites. This being the case, it makes sense for Malaysian bloggers to seriously consider their safety. Because blogging can be as useful in the dissemination of information, both within a country and internationally, as standard journalism, sometimes more so, the scrutiny is likely to increase. Because Malaysia is a country whose leaders are nervous about instability based on offense, and because Internet filtering, both technically and culturally, tends toward over-kill, you may want to take the measures necessary to blog safely.

!!TO BLOG SAFELY IS TO BLOG ANONYMOUSLY

What does it mean to blog safely? To a great degree, it means to blog anonymously. Most bloggers and other online users arrested around the world for critical speech were discovered because they took no pains at all to disguise who they were. Since all but the most innocuous blogs may be suspected of being rebellious in some way, we cannot in good conscience encourage anyone to blog using their real name. The decision to do so, of course, is up to you. But please bear in mind that many of those who have seen the inside of a jail cell never thought for a moment that they were in danger.

We’re not trying to be alarmist, just safe. It has been said that anyone or any state with enough resources and time will be able to find out the identity of anyone on the Internet. The key is to put more effort and time into staying anonymous than anyone in the government will put into discovering it. Some people in some places may need to devote relatively little work in order to say safe. Others may need to do quite a bit of work.

This document will outline the primary methods and tools for anonymous blogging, as well as some ways to navigate the Internet when it is filtered. Although this document is focusing on the situation of bloggers in Malaysia, it may also be applicable to the situation of bloggers in Singapore and Indonesia.

**There are two major ways your identity can be discovered** while blogging. One is by revealing your identity through the content you post. For instance, if you write, "I'm a third-year education student at the University Putri Malaysia and I come from Georgetown," there's a good chance that someone reading your blog will be able to figure out who you are.

The other way to get discovered is if someone identifies you from information your web browser or email program provides. Every computer attached to the Internet has, or shares, an address called an IP address. That is a series of four numbers from 0-255, separated by dots, for instance: 213.24.124.38.

With a little work, the authorities may be able to trace any posting you make back to your computer. If you use a home computer and dial into an Internet service provider (ISP), this ISP will have a record of which computer dials in at what time and accesses which information.

There are a number of ways you can hide your identity when using the Internet. As a general rule, the more secure you want to be, the more work you will need to do to hide your identity. Some of the strategies for protecting identity online require a great deal of technical knowledge and work. But they all start with basic, common sense measures.

!!BASIC ANONYMIZATION MEASURES

**Never use your real name**. We don’t mean just on your blog. We mean when signing up for your blog you must use a pseudonym. And when you are signing up for your web-based email, also use a fake name. It is very easy to trace traffic from your home or work email unless you use a remailer, which we will talk about later; so we advise you use a web-based email, which we will also talk about in greater depth later.

A good general rule for anonymous blogging: Never use any service that you must pay for or that you sign up for via the government or that uses a service that must report to the government. And do not register with the authorities, of course. Please note that some of these services may require you to use the Latin alphabet.

''Free web-based email providers'':

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

''Free weblog hosting'':

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

Livejournal: http://www.livejournal.com/

Seoblog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

The trend toward blocking and filtering individual blogs; blog hosts, such as Blogger http://www.blogger.com; and photo sharing sites such as Flicker http://www.flickr.com/, is intermittent. The uncertainty of the blocking is part of a tried-and-true method of intimidation: creating systemic uncertainty. Also, again due to the extreme centralization, should the government or the ISU decide to block a hosting service, it can be done almost immediately. The ISU is transparent in its filtering. If something is blocked, you are given as a reader, the option of requesting that it be unblocked. The risk you run in making such a request is that you announce who you are and what kind of things you wish to read.

**Do not use any identifying information on your blog**. For the reasons discussed above, do not use a nickname, for instance, that people know is yours. Do not use one that identifies you somehow. Do not talk about your street or neighborhood, what you do for a living or where you work, or specifics about who you know, where you have traveled and so forth. Otherwise, you will be providing investigators with leads to your identity.

Here's the problem with this strategy. When you sign up for an email service or a weblog, the web server you are accessing logs your IP address. If that IP address can be traced to you, for instance if you are using your computer at home or at work, you could be found.

One additional step you could take to hide your identity is to do your work on heavily-used computers. Rather than setting up your webmail and blogging accounts from your home or work computer, you could set them up from a computer in a cybercafe, a library, or a university computer lab. Should anyone trace the IP used to post a comment or a post they will discover that the post was made from a cybercafe, where any number of people might have been using the computers.

There are flaws in this strategy as well. If the Internet café or computer lab keeps track of who is using what computer at what time, your identity could be compromised. Do not use computers at places like these in the middle of the night or other times when you are likely to be the only person there. If you use Internet cafés, change which ones you use often. If the authorities decide to look into a blog and discover that all the posts are coming from a specific café, it would not be hard to send police to watch who visits.

!!ANONYMOUS PROXIES

If you choose to, you can take the trouble to use what is called a “proxy.” If you access the Internet through a proxy, you will leave behind the IP address of the proxy server, instead of the address of the computer you are using.

The difficulty in using proxies and anonymizers (we will cover these later) is that they are frequently among the first sites to be blocked by a government seeking control of its people. That is currently not the case in Malaysia, but it is something to watch out for. Should Malaysia begin to block proxies, you may have to search for new proxies as old ones are blocked. Another option (also covered below) is to use Peacefire’s Circumventor program, or another “social” option.

To use a proxy, first choose a proxy server from one of these lists, or find one yourself on a search engine like Google http://www.google.com.

!!!!!Public Proxy Servers: http://www.publicproxyservers.com/index.html

!!!!!Rosinstrument: http://tools.rosinstrument.com/proxy/

!!!!!Samair: http://www.samair.ru/proxy/

Now, open the “preferences” or “options” section of your web browser. Under the “general”, “network” or “security” tab (usually), find an option to set up a proxy to access the Internet. Here is a set of instructions http://www.freeproxy.ru/en/free_proxy/howuse.htm for various browsers.

Turn on “manual proxy configuration”, enter the IP address of the proxy server and port into the fields for HTTP proxy and SSL proxy and save your settings. Restart your browser.

Your connection to the web will seem a bit slower because every page you request from a web server takes a detour. Instead of connecting directly to Hushmail, for instance, you connect to the proxy, which then connects to Hushmail. When Hushmail sends a page to you, it goes to the proxy first, then to you. You may also notices some trouble accessing websites, especially those that want you to log in.

A final problem is that if authorities discover you have been using a proxy, that in itself may constitute “proof” of wrongdoing.

!!“SOCIAL” OPTIONS

One way around the excessive blocking of proxies is to use Peacefire’s Circumventor.

To do this, you will need a friend outside of Malaysia whom you trust. They will need to set up Circumventor on their computer. Your friend downloads Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html from the Peacefire site and installs it on his Windows system. It is not easy to do. First, he needs to install Perl on his system, then OpenSA, then Circumventor.

After these installations, he will needs to keep his computer connected to the Internet constantly, so you can use it as a proxy without asking each time. But you will, once it is set up, be able to surf the web, post to your blog, and use your email, all through the proxy your friend has created on his machine by using Circumventor. You can even use it at an Internet café, because the proxy is not listed as such in the state’s filtering technology, so it is not very suspicious.

Nothing is perfect. (Are you surprised?) Here’s the problem with this system: your friend’s computer, running Windows, often reboots. Each time it does, it is assigned a new IP address. And every time this happens, your friend will need to contact you with the address. (Probably cellular phone calls are best for this.) There is always the chance that this proxy will be recognized in time as such by the government.

Another social option is to use Adopt-a-Blog http://www.adoptablog.org/. Designed primarily for blocked blogs in China, you can contact this service with a request that someone outside your country host a blog on their server. The server hosting your blog is unlikely to be blocked and, if it becomes blocked, your blog is moved to a different server.

If you know someone trustworthy outside the country, another option is to simply ask that person to set up a blog for you and then to post to it either using a proxy, or by contacting them via web-based email, encrypted email or by using a remailer system (see below). It is highly advisable, however, not to trust anyone quickly whom you do not know. Established human rights and free speech groups might be willing to connect you with trustworthy people willing to help. Members of the Malaysian expatriate community may also be helpful.

!!TOR ONION ROUTING

Tor, an “onion routing” system takes the idea of proxy servers to a new level of complexity. Each request made through an onion routing network goes through two to 20 additional computers, making it hard to trace what computer originated a request. Each step of the Onion Routing chain is encrypted, making it harder for the government to trace your posts. Furthermore, each computer in the chain only knows its nearest neighbors. In other words, router B knows that it got a request for a web page from router A, and that it's supposed to pass the request on to router C. But the request itself is encrypted: router B doesn't actually know what page you are requesting, or what router will finally request the page from the web server.

Given the complexity of the technology, it is surprisingly easy to install Tor http://tor.eff.org/cvs/tor/doc/tor-doc-win32.html. You download an installer which first installs Tor on your system, and then downloads and installs Privoxy, a proxy that works with Tor.

The Tor system will make it look at one point like you are on a computer at Harvard University, and then it looks like you are in Germany, and so forth, changing all the time as you reload or sign on at different times. Tor is changing your identity from request to request, helping to protect keep your identity private.

This has some a couple of unintended consequences. When you use Google through Tor, it may switch languages on you. One search may be in English; another may be Japanese, German, Danish or Dutch, all in the course of a few minutes. Some sites, Wikipedia, for instance, may not allow connections from a Tor system. Your surfing may slow down quite a bit at times. And, of course, you are reliant on your home computer, since you cannot install Tor on a public machine. Most worrisome, though, is Tor’s occasional malfunctioning: it may sometimes stop working. Your ISP may block some Tor routers.

!!TORPARK

TOR is somewhat difficult to install for a non-technical user. Although much easier than most anonymizing technologies, it can still be tricky. Also, if you are accessing the Internet from an Internet café, it is unlikely you will be able to install TOR on the computers you are using.

Now there is an alternative. The people behind a new tool called Torpark http://torpark.nfshost.com/ have combined an alpha version of the new Firefox Deer Park browser http://www.mozilla.org/projects/firefox/ with TOR and an installer, to produce a 20MB package designed to fit on a USB key http://en.wikipedia.org/wiki/Keydrive.

When you insert your USB key into the port of a computer equipped with Windows 2000 or XP and you run the Torpark application, an anonymized browser window will open, allowing you to surf the web, leaving few or no traces behind.

One click starts a script, opens a DOS window and a browser, which then surfs through TOR. Ejecting the USB key removes obvious traces from the system. The browsing experience is the slow, but satisfactory, experience you get when browsing with TOR.

There are some problems: Stylesheet-heavy pages tend to look bad, as some graphics and files fail to load. Some images break. But for the most part, you can surf the web effectively.

There are three difficulties that may prevent some users from adopting Torpark as their preferred method of surfing.

First, not everyone has a USB key. Securing access to a reasonably priced key may be difficult for some people. There may be a lack of supply or the price may place it out of reach for many. Second, many Internet cafés may not allow you to attach a USB key to their machines. Finally, TOR uses a small, published list of servers that transfer and obscure packets. In any country that employs a firewall, it is reasonable to assume that the administrators block traffic from the servers that are currently listed http://proxy.org/tor.shtml and add any new servers to the blacklist when they come online.

Torpark can be downloaded http://torpark.nfshost.com/ in English, Chinese, French, Slovenian, Russian, Korean, Hebrew, Polish and Turkish and other languages.

!!MIXMASTER, INVISIBLOG AND GPG

There are a number of additional options that do no require proxy servers. One such service is Invisiblog http://www.invisiblog.com/. You do not post to Invisiblog via the web, as you do with most blog servers. You post to it using specially formatted email, sent through the Mixmaster remailer system, signed cryptographically.

That sounds complicated. It is. But here is what you do. First, go to GPG http://www.gnupg.org and set up a “public-key encryption system.” (Public-key encryption is a technique that allows you to send messages to a person that only the recipient can read. Public key encryption also allows people to “sign” documents with a digital signature that is almost impossible to forge.)

Then, set up Mixmaster http://mixmaster.sourceforge.net/, a mailing system designed to obscure the origins of an email message. Mixmaster uses a chain of anonymous remailers (computer programs that strip all identifying information off an email and send it to its destination) to send email messages with a high degree of anonymity. By using a chain of 2 to 20 remailers, the message is very difficult to trace, even if one or more of the remailers is “compromised” and is recording sender information.

Unfortunately, you have to “build” Mixmaster by compiling its source code, a project that requires a great deal of technical know-how.

Once set up, you send a Mixmaster message to Invisiblog, which includes your public key. Invisiblog will use this to set up a new blog for you, with a name like “invisiblog.com/ac4589d7001ac238”. (The long string is the last 16 bytes of your GPG key.) Once your Invisiblog is set up, you send future posts to by writing a text message, signing it with your public key and sending it via Mixmaster.

The misdirection of Mixmaster mailers means that it takes anywhere from two hours to two days for your message to reach the servers. And you must be very careful about looking at your blog. If you look at it too often, your IP address will appear in the blog's log frequently, signaling that you are probably its author. You can be somewhat reassured by the fact that the owners of Invisiblog have no idea who you are.

The main problem with the Invisiblog system is the fact that it is very difficult for most people to use. Most people find GPG a challenge to set up and have difficulty understanding the complexities of public and private keys. More user-friendly cryptographic tools, like Ciphire https://www.ciphire.com/, have been set up to help less technically proficient users, but even they can be difficult. These tools are also frequently blocked by repressive regimes. Another issue that makes this difficult is that if the authorities ever take your computer and find your private key, it would be considered highly suspicious in itself and might be used as evidence that you were the author of the blog. If you do succeed in sending out mail messages wrapped in strong encryption, like Mixmaster, you run the risk of attracting the attention of the Internet authorities.

!!CONCLUSION

You have a right to be heard. Your voice is important to Malaysia, both for its present and its future. However, contradicting the accepted common truths of a nation can be frowned upon, and a government that is on the defensive politically can be challenging to those who wish to add their voices to the discussion of their country’s future. Someone who cares about this future can do no good mute. You must remain in possession of your voice.

To that end, we have covered basic anonymization measures, such as pseudonymous blogging and web-based email; proxies; social options, such as individual Circumventor proxies, Adopt-a-Blog and assisted blogging; Tor servers’ onion routing; and very complex email-based blogging systems like Invisiblog.

None of these, nor any combination, is foolproof. There will always remain a chance that you will be discovered and the authorities, which fear the intellect of their own people, will succeed in silencing you. Be very careful. You are fellow bloggers, as well as fellow human beings, and we wish above all for you to remain free and safe.

Please forward this document to anyone you think might benefit from reading it. You are also welcome to add to it your ideas, experiences and experiments—though we ask you leave in place all warnings about the dangers of speaking up and the provisional nature of all anonymizing techniques, tools and processes. Perhaps you have information we do not. Perhaps you know of additional measures to take that we have not covered. Let’s share with each other and take care of one another.

!!LEGAL

We make no warranty as to the accuracy of the information contained in these guides. The reader assumes all responsibility for the risk of using them.

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

Contact the authors at anoniblog@hushmail.com.

reverted Resources

email@hidden () — Thu, 19 Jan 2006 10:58:56 +0000

!Resources

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

!!Anonymous Email Accounts

http://www.hushmail.com/ Hushmail

http://mail.lycos.com/ Lycos Email

http://www.operamail.com/scripts/common/index.main?signin=1&lang=us Opera Web Mail

http://anoniblog.blogharbor.com/blog/_archives/2005/9/8/1208552.html Yahoo! Mail

!!Anoniblogging Guides

http://cyber.law.harvard.edu/dyn/globalvoices/wiki/index.php/AnonBlog Anon Blog Guide (Berkman Center)

http://www.searchlores.org/noanon.htm Anonimity Lores (Searchlores)

http://www.zensur.freerk.com/ Freerk's How to Bypass Internet Censorship

http://www.eff.org/Privacy/Anonymity/blog-anonymously.php How to Blog Safely (EFF)

http://security.ngoinabox.org/ NGO in a Box

http://privateblogging.noreply.org/privateblogging/ Private Blogging Wiki

http://www.ethanzuckerman.com/CN_circumvent_censorship.pdf RSF on Circumvention (Chinese)

http://www.rsf.org/rubrique.php3?id_rubrique=542 RSF's Handbook for Bloggers & Cyber-Dissidents

!!Blog Hosting

http://www.blogharbor.com Blog Harbor

http://www.blogger.com/start Blogger

http://www.blogsome.com/ Blogsome

http://www.livejournal.com/ Livejournal

http://www.seo-blog.org/ Seoblog

http://weblogs.us/ Weblogs.us

!!Circumventors

http://www.anonymizer.com/ Anonymizer

http://www.anonymouse.org Anonymouse

http://www.peacefire.org/circumventor/simple-circumventor-instructions.html Peacefire's Circumventor

!!Proxies

http://www.publicproxyservers.com/index.html Public Proxy Servers

http://tools.rosinstrument.com/proxy/ Rosinstrument

http://www.samair.ru/proxy/ Samair

!!Other Tools

http://adoptablog.irisnetwork.ca/ Adopt a Blog (social hosting)

http://www.gnupg.org/ Gnu PG (encryption)

http://invisiblog.com/ Invisiblog (anonymous web publishing)

http://www.opennetinitiative.net/ Open Net Initiative (filtering information)

http://tor.eff.org/ TOR (onion routing)

!!Remailers

https://www.ciphire.com/ Ciphire

http://mixmaster.sourceforge.net/ Mixmaster

http://www.noreply.org/ Noreply.org

!Resources

!!Anonymous Email Accounts

http://www.hushmail.com/ Hushmail

http://mail.lycos.com/ Lycos Email

http://www.operamail.com/scripts/common/index.main?signin=1&lang=us Opera Web Mail

http://anoniblog.blogharbor.com/blog/_archives/2005/9/8/1208552.html Yahoo! Mail

!!Anoniblogging Guides

http://cyber.law.harvard.edu/dyn/globalvoices/wiki/index.php/AnonBlog Anon Blog Guide (Berkman Center)

http://www.searchlores.org/noanon.htm Anonimity Lores (Searchlores)

http://www.zensur.freerk.com/ Freerk's How to Bypass Internet Censorship

http://www.eff.org/Privacy/Anonymity/blog-anonymously.php How to Blog Safely (EFF)

http://security.ngoinabox.org/ NGO in a Box

http://privateblogging.noreply.org/privateblogging/ Private Blogging Wiki

http://www.ethanzuckerman.com/CN_circumvent_censorship.pdf RSF on Circumvention (Chinese)

http://www.rsf.org/rubrique.php3?id_rubrique=542 RSF's Handbook for Bloggers & Cyber-Dissidents

!!Blog Hosting

http://www.blogharbor.com Blog Harbor

http://www.blogger.com/start Blogger

http://www.blogsome.com/ Blogsome

http://www.livejournal.com/ Livejournal

http://www.seo-blog.org/ Seoblog

http://weblogs.us/ Weblogs.us

!!Circumventors

http://www.anonymizer.com/ Anonymizer

http://www.anonymouse.org Anonymouse

http://www.peacefire.org/circumventor/simple-circumventor-instructions.html Peacefire's Circumventor

!!Proxies

http://www.publicproxyservers.com/index.html Public Proxy Servers

http://tools.rosinstrument.com/proxy/ Rosinstrument

http://www.samair.ru/proxy/ Samair

!!Other Tools

http://adoptablog.irisnetwork.ca/ Adopt a Blog (social hosting)

http://www.gnupg.org/ Gnu PG (encryption)

http://invisiblog.com/ Invisiblog (anonymous web publishing)

http://www.opennetinitiative.net/ Open Net Initiative (filtering information)

http://tor.eff.org/ TOR (onion routing)

!!Remailers

https://www.ciphire.com/ Ciphire

http://mixmaster.sourceforge.net/ Mixmaster

http://www.noreply.org/ Noreply.org

http://riot.eu.org/anon/ Riot

reverted SandBox

email@hidden () — Thu, 19 Jan 2006 10:58:42 +0000

!! Do whatever you want with it!

THANKS!!!

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

!!! Then click "Update" to see what happens.

reverted WhatWikiIs

email@hidden () — Thu, 19 Jan 2006 10:58:27 +0000

Wikis are fantastic tools to allow for collaborative writing. Every visitor to a wiki can edit any page on the wiki. Editing is done in a very simple text language that is much easier to learn and read than HTML.

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

Wikis are fantastic tools to allow for collaborative writing. Every visitor to a wiki can edit any page on the wiki. Editing is done in a very simple text language that is much easier to learn and read than HTML.

You can play around in the SandBox to get used to editing your wiki; you can also check out WikiStyle to learn more about wiki style rules. Enjoy!

reverted ZimbabweAnonymousBloggingGuide

email@hidden () — Thu, 19 Jan 2006 10:57:08 +0000

!Zimbabwe Anonymous Blogging Guide

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/zimbabwe+abg+-+final.doc | Zimbabwe Anonymous Blogging Guide%5D here.

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

!!INTRODUCTION

Anyone in Zimbabwe who seeks to express himself or herself must be acutely aware of the level of oppression in the country. The dictatorship of President Robert Mugabe has grown more and more tyrannical over the years to a point where, currently, the most benign criticism of the regime is likely to land one in a jail cell, or at least earn one a visit with the gentlemen of the Central Intelligence Organization.

Zimbabwe is one of the most wired countries in Africa. That is just one indication of the surfeit of “raw materials” for democracy that the country contains. No longer the “breadbasket of Southern Africa” Zimbabwe teeters on the edge of famine. Likewise, the brain drain has weakened the country intellectually. However, enough of the vigorous minds have remained that Mugabe has felt it necessary to increase restrictions on free speech to include the electronic realm.

First, he had the congress pass the Post and Telecommunications Act of 2000, which allowed the interception of email. Fourteen people were arrested for forwarding an anti-Mugabe message under this so-called law. When Zimbabwe’s Supreme Court declared these elements of that act unconstitutional, Mugabe had several other repressive laws passed to make up for them. Foremost among these is the Access to Information and Protection of Privacy Act.

The state of the country regarding free speech is this: There is none. There are no independent radio or television stations, no independent daily newspapers. There are no foreign reporters in the country. One of the most powerful groups to take up the slack are bloggers.

Mugabe, in April of this year, contracted with the Chinese government to secure access to their Internet censorship knowledge and technology. There has yet to be any report that these have been implemented and in October of this year even the Chinese found Mugabe so isolated it refused to help him with his food problems, outgrowth, in part, of his seizure of white-owned farms, which he gave as gifts to political supporters.

Bloggers press on. The efforts of these individuals, estimated to number between 50 and 100, exert a disproportionate influence on their country and on international discourse about Zimbabwe, due to several factors: The lack of any other information and the resolution and intelligence of the bloggers themselves, who have broken news such as the daylight murder of a woman by the police in Bulawayo and the bulldozing of housing for the poor in Harare.

None of you who are blogging in Zimbabwe, or who are considering it, need anyone else to remind you to take care when blogging. We may be able to help you, however, by laying out for you the different tools at your disposal that will allow you to blog safely and explaining how to use them.

By blogging safely, what do we mean? Zimbloggers know…

!!TO BLOG SAFELY IS TO BLOG ANONYMOUSLY

Most bloggers and other online users arrested around the world for critical speech were discovered because they took no pains at all to disguise who they were. Zimbabwe’s bloggers know better. And because they know better, none have been arrested. Yet.

Nevertheless, we stress: Since, in Zimbabwe, all blogs may be suspected of being rebellious in some way, we remind you: Do not blog using your real name.

It has been said that anyone or any state with enough resources and time will be able to find out the identity of anyone on the Internet. Zimbabwe’s cooperation with the Chinese government makes it a more dangerous opponent of bloggers than ever before. The key is to put more effort and time into staying anonymous than anyone in the government will put into discovering it. Some people in some places may need to devote relatively little work in order to say safe. Others may need to do quite a bit of work.

There are two major ways your identity can be discovered while blogging. One is by revealing your identity through the content you post. For instance, if you write, "I'm a third-year education student at the University of Zimbabwe, I come from Chegutu," there's a good chance that someone reading your blog will be able to figure out who you are.

The other way to get discovered is if someone identifies you from information your web browser or email program provides. Every computer attached to the Internet has, or shares, an address called an IP address. That is a series of four numbers from 0-255, separated by dots, for instance: 213.24.124.38.

With a little work, the authorities may be able to trace any posting you make back to your computer. If you use a home computer and dial into an Internet service provider (ISP), this ISP will have a record of which computer dials in at what time and accesses which information.

There are a number of ways you can hide your identity when using the Internet. As a general rule, the more secure you want to be, the more work you will need to do to hide your identity. Some of the strategies for protecting identity online require a great deal of technical knowledge and work. But they all start with basic, common sense measures.

!!BASIC ANONYMIZATION MEASURES

Never use your real name. We don’t mean just on your blog. We mean when signing up for your blog you must use a pseudonym. And when you are signing up for your web-based email, also use a fake name. It is very easy to trace traffic from your home or work email unless you use a remailer, which we will talk about later; so we advise you use a web-based email, which we will also talk about in greater depth later.

A good general rule for anonymous blogging: Never use any service that you must pay for or that you sign up for via the government or that uses a service that must report to the government. And do not register with the authorities, of course.

Free web-based email providers:

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

Free weblog hosting:

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

Livejournal: http://www.livejournal.com/

Seoblog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

Should Zimbabwe’s government pursue the Chinese model of Internet filtering, even these options will be difficult. For now, they should be relatively safer than not using them. Read more on the Chinese system here http://anoniblog.blogharbor.com/blog/_archives/2005/9/30/1271468.html and here http://www.opennetinitiative.net/studies/china/.

Do not use any identifying information on your blog. For the reasons discussed above, do not use a nickname, for instance, that people know is yours. Do not use one that identifies you somehow. Do not talk about your street or neighborhood, what you do for a living or where you work, or specifics about who you know, where you have traveled and so forth. Otherwise, you will be providing investigators with leads to your identity.

Here's the problem with this strategy. When you sign up for an email service or a weblog, the web server you are accessing logs your IP address. If that IP address can be traced to you, for instance if you are using your computer at home or at work, you could be found.

One additional step you could take to hide your identity is to do your work on heavily-used computers. Rather than setting up your webmail and blogging accounts from your home or work computer, you could set them up from a computer in a cybercafe, a library, or a university computer lab. Should anyone trace the IP used to post a comment or a post they will discover that the post was made from a cybercafe, where any number of people might have been using the computers.

There are flaws in this strategy as well. If the Internet café or computer lab keeps track of who is using what computer at what time, your identity could be compromised. Do not use computers at places like these in the middle of the night or other times when you are likely to be the only person there. If you use Internet cafés, change which ones you use often. If the authorities decide to look into a blog and discover that all the posts are coming from a specific café, it would not be hard to send police to watch who visits.

!!ANONYMOUS PROXIES

If you choose to, you can take the trouble to use what is called a “proxy.” If you access the Internet through a proxy, you will leave behind the IP address of the proxy server, instead of the address of the computer you are using.

The difficulty in using proxies and anonymizers (we will cover these later) is that they are frequently among the first sites to be blocked by a government seeking control of its people. That is currently not the case in Zimbabwe, but it is something to watch out for. Should Zim begin to block proxies, you may have to search for new proxies as old ones are blocked. Another option (also covered below) is to use Peacefire’s Circumventor program, or another “social” option.

To use a proxy, first choose a proxy server from one of these lists, or find one yourself on a search engine like Google http://www.google.com.

Public Proxy Servers: http://www.publicproxyservers.com/index.html

Rosinstrument: http://tools.rosinstrument.com/proxy/

Samair: http://www.samair.ru/proxy/

Now, open the “preferences” or “options” section of your web browser. Under the “general”, “network” or “security” tab (usually), find an option to set up a proxy to access the Internet. Here is a set of instructions http://www.freeproxy.ru/en/free_proxy/howuse.htm for various browsers.

Turn on “manual proxy configuration”, enter the IP address of the proxy server and port into the fields for HTTP proxy and SSL proxy and save your settings. Restart your browser.

Your connection to the web will seem a bit slower because every page you request from a web server takes a detour. Instead of connecting directly to Hushmail, for instance, you connect to the proxy, which then connects to Hushmail. When Hushmail sends a page to you, it goes to the proxy first, then to you. You may also notices some trouble accessing websites, especially those that want you to log in.

A final problem is that if authorities discover you have been using a proxy, that in itself may constitute “proof” of wrongdoing.

!!“SOCIAL” OPTIONS

One way around the excessive blocking of proxies is to use Peacefire’s Circumventor.

To do this, you will need a friend outside of Zimbabwe whom you trust. They will need to set up Circumventor on their computer. Your friend downloads Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html from the Peacefire site and installs it on his Windows system. It is not easy to do. First, he needs to install Perl on his system, then OpenSA, then Circumventor.

After these installations, he will needs to keep his computer connected to the Internet constantly, so you can use it as a proxy without asking each time. But you will, once it is set up, be able to surf the web, post to your blog, and use your email, all through the proxy your friend has created on his machine by using Circumventor. You can even use it at an Internet café, because the proxy is not listed as such in the state’s filtering technology, so it is not very suspicious.

Here’s the problem with this system: your friend’s computer, running Windows, often reboots. Each time it does, it is assigned a new IP address. And every time this happens, your friend will need to contact you with the address. (Probably cellular phone calls are best for this.) There is always the chance that this proxy will be recognized in time as such by the government.

Another social option is to use Adopt-a-Blog http://www.adoptablog.org/. Designed originally for blocked blogs in China, you can contact this service with a request that someone outside your country host a blog on their server. The server hosting your blog is unlikely to be blocked and, if it becomes blocked, your blog is moved to a different server.

If you know someone trustworthy outside the country, another option is to simply ask that person to set up a blog for you and then to post to it either using a proxy, or by contacting them via web-based email, encrypted email or by using a remailer system (see below). It is highly advisable, however, not to trust anyone quickly whom you do not know. Established human rights and free speech groups might be willing to connect you with trustworthy people willing to help.

!!TOR ONION ROUTING

Tor, an “onion routing” system takes the idea of proxy servers to a new level of complexity. Each request made through an onion routing network goes through two to 20 additional computers, making it hard to trace what computer originated a request. Each step of the Onion Routing chain is encrypted, making it harder for the government to trace your posts. Furthermore, each computer in the chain onlyknows its nearest neighbors. In other words, router B knows that it got a request for a web page from router A, and that it's supposed to pass the request on to router C. But the request itself is encrypted: router B doesn't actually know what page you are requesting, or what router will finally request the page from the web server.

Given the complexity of the technology, it is surprisingly easy to install Torhttp://tor.eff.org/cvs/tor/doc/tor-doc-win32.html. You download an installer which first installs Tor on your system, and then downloads and installs Privoxy, a proxy that works with Tor.

The Tor system will make it look at one point like you are on a computer at Harvard University, and then it looks like you are in Germany, and so forth, changing all the time as you reload or sign on at different times. Tor is changing your identity from request to request, helping to protect keep your identity private.

This has some a couple of unintended consequences. When you use Google through Tor, it may switch languages on you. One search may be in English; another may be Japanese, German, Danish or Dutch, all in the course of a few minutes. Some sites, Wikipedia, for instance, may not allow connections from a Tor system. Your surfing may slow down quite a bit at times. And, of course, you are reliant on your home computer, since you cannot install Tor on a public machine. Most worrisome, though, is Tor’s occasional malfunctioning: it may sometimes stop working. Your ISP may block some Tor routers.

!!TORPARK

TOR is somewhat difficult to install for a non-technical user. Although much easier than most anonymizing technologies, it can still be tricky. Also, if you are accessing the Internet from an Internet café, it is unlikely you will be able to install TOR on the computers you are using.

Now there is an alternative. The people behind a new tool called Torpark http://torpark.nfshost.com/ have combined an alpha version of the new Firefox Deer Park browser http://www.mozilla.org/projects/firefox/ with TOR and an installer, to produce a 20MB package designed to fit on a USB key http://en.wikipedia.org/wiki/Keydrive.

When you insert your USB key into the port of a computer equipped with Windows 2000 or XP and you run the Torpark application, an anonymized browser window will open, allowing you to surf the web, leaving few or no traces behind.

One click starts a script, opens a DOS window and a browser, which then surfs through TOR. Ejecting the USB key removes obvious traces from the system. The browsing experience is the slow, but satisfactory, experience you get when browsing with TOR.

There are some problems: Stylesheet-heavy pages tend to look bad, as some graphics and files fail to load. Some images break. But for the most part, you can surf the web effectively.

There are three difficulties that may prevent some users from adopting Torpark as their preferred method of surfing.

First, not everyone has a USB key. Securing access to a reasonably priced key may be difficult for some people. There may be a lack of supply or the price may place it out of reach for many, especially for Zimbabweans in the current environment.

Second, many Internet cafés may not allow you to attach a USB key to their machines. Should the recently-contracted Chinese filtering regime be put into place, it will be eventually be impossible to make any move online in an Internet café without it being known, though for now it can be done.

Finally, TOR uses a small, published list of servers that transfer and obscure packets. In any country that employs a firewall, it is reasonable to assume that the administrators block traffic from the servers that are currently listed http://proxy.org/tor.shtml and add any new servers to the blacklist when they come online. Again, that is mostly not the case in Zimbabwe today, but should the Chinese system be employed, it will become a reality

Torpark can be downloaded http://torpark.nfshost.com/ in English, Chinese, French, Slovenian, Russian, Korean, Hebrew, Polish and Turkish and other languages.

!!MIXMASTER, INVISIBLOG AND GPG

There are a number of additional options that do no require proxy servers. One such service is Invisiblog http://www.invisiblog.com/. You do not post to Invisiblog via the web, as you do with most blog servers. You post to it using specially formatted email, sent through the Mixmaster remailer system, signed cryptographically.

That sounds complicated. It is. But here is what you do. First, go to GPG http://www.gnupg.org and set up a “public-key encryption system.” (Public-key encryption is a technique that allows you to send messages to a person that only the recipient can read. Public key encryption also allows people to “sign” documents with a digital signature that is almost impossible to forge.)

Then, set up Mixmaster http://mixmaster.sourceforge.net/, a mailing system designed to obscure the origins of an email message. Mixmaster uses a chain of anonymous remailers (computer programs that strip all identifying information off an email and send it to its destination) to send email messages with a high degree of anonymity. By using a chain of 2 to 20 remailers, the message is very difficult to trace, even if one or more of the remailers is “compromised” and is recording sender information.

Unfortunately, you have to “build” Mixmaster by compiling its source code, a project that requires a great deal of technical know-how.

Once set up, you send a Mixmaster message to Invisiblog, which includes your public key. Invisiblog will use this to set up a new blog for you, with a name like “invisiblog.com/ac4589d7001ac238”. (The long string is the last 16 bytes of your GPG key.) Once your Invisiblog is set up, you send future posts to by writing a text message, signing it with your public key and sending it via Mixmaster.

The misdirection of Mixmaster mailers means that it takes anywhere from two hours to two days for your message to reach the servers. And you must be very careful about looking at your blog. If you look at it too often, your IP address will appear in the blog's log frequently, signaling that you are probably its author. You can be somewhat reassured by the fact that the owners of Invisiblog have no idea who you are.

The main problem with the Invisiblog system is the fact that it is very difficult for most people to use. Most people find GPG a challenge to set up and have difficulty understanding the complexities of public and private keys. More user-friendly cryptographic tools, like Ciphire https://www.ciphire.com/, have been set up to help less technically proficient users, but even they can be difficult. These tools are also frequently blocked by repressive regimes. Another issue that makes this difficult is that if the authorities ever take your computer and find your private key, it would be considered highly suspicious in itself and might be used as evidence that you were the author of the blog. If you do succeed in sending out mail messages wrapped in strong encryption, like Mixmaster, you run the risk of attracting the attention of the Internet authorities.

!!CONCLUSION

You have a right to be heard. Your voice is important to Zimbabwe, both for its present and its future. And you are powerful. However, in speaking the truth on a blog you will be putting yourself in danger. So, please consider the possible consequences. If you are intent on proceeding, or continuing, do so as safely as possible and as anonymously as you can. Contradicting the fictions of a tyrant requires at least as much discretion and common sense as bravery. Someone who cares about this future can do no good mute. You must remain in possession of your voice.

To that end, we have covered basic anonymization measures, such as pseudonymous blogging and web-based email; proxies; social options, such as individual Circumventor proxies, Adopt-a-Blog and assisted blogging; Tor servers’ onion routing; and very complex email-based blogging systems like Invisiblog.

None of these, nor any combination, is foolproof. There will always remain a chance that you will be discovered and the authorities, which fear the intellect of their own people, will succeed in silencing you. Be very careful. You are fellow bloggers, as well as fellow human beings, and we wish above all for you to remain free and safe.

Please forward this document to anyone you think might benefit from reading it. You are also welcome to add to it your ideas, experiences and experiments—though we ask you leave in place all warnings about the dangers of speaking up and the provisional nature of all anonymizing techniques, tools and processes. Perhaps you have information we do not. Perhaps you know of additional measures to take that we have not covered. Let’s share with each other and take care of one another.

!!LEGAL

We make no warranty as to the accuracy of the information contained in these guides. The reader assumes all responsibility for the risk of using them.

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

!Zimbabwe Anonymous Blogging Guide

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/zimbabwe+abg+-+final.doc | Zimbabwe Anonymous Blogging Guide%5D here.

!!INTRODUCTION

Anyone in Zimbabwe who seeks to express himself or herself must be acutely aware of the level of oppression in the country. The dictatorship of President Robert Mugabe has grown more and more tyrannical over the years to a point where, currently, the most benign criticism of the regime is likely to land one in a jail cell, or at least earn one a visit with the gentlemen of the Central Intelligence Organization.

Zimbabwe is one of the most wired countries in Africa. That is just one indication of the surfeit of “raw materials” for democracy that the country contains. No longer the “breadbasket of Southern Africa” Zimbabwe teeters on the edge of famine. Likewise, the brain drain has weakened the country intellectually. However, enough of the vigorous minds have remained that Mugabe has felt it necessary to increase restrictions on free speech to include the electronic realm.

First, he had the congress pass the Post and Telecommunications Act of 2000, which allowed the interception of email. Fourteen people were arrested for forwarding an anti-Mugabe message under this so-called law. When Zimbabwe’s Supreme Court declared these elements of that act unconstitutional, Mugabe had several other repressive laws passed to make up for them. Foremost among these is the Access to Information and Protection of Privacy Act.

The state of the country regarding free speech is this: There is none. There are no independent radio or television stations, no independent daily newspapers. There are no foreign reporters in the country. One of the most powerful groups to take up the slack are bloggers.

Mugabe, in April of this year, contracted with the Chinese government to secure access to their Internet censorship knowledge and technology. There has yet to be any report that these have been implemented and in October of this year even the Chinese found Mugabe so isolated it refused to help him with his food problems, outgrowth, in part, of his seizure of white-owned farms, which he gave as gifts to political supporters.

Bloggers press on. The efforts of these individuals, estimated to number between 50 and 100, exert a disproportionate influence on their country and on international discourse about Zimbabwe, due to several factors: The lack of any other information and the resolution and intelligence of the bloggers themselves, who have broken news such as the daylight murder of a woman by the police in Bulawayo and the bulldozing of housing for the poor in Harare.

None of you who are blogging in Zimbabwe, or who are considering it, need anyone else to remind you to take care when blogging. We may be able to help you, however, by laying out for you the different tools at your disposal that will allow you to blog safely and explaining how to use them.

By blogging safely, what do we mean? Zimbloggers know…

!!TO BLOG SAFELY IS TO BLOG ANONYMOUSLY

Most bloggers and other online users arrested around the world for critical speech were discovered because they took no pains at all to disguise who they were. Zimbabwe’s bloggers know better. And because they know better, none have been arrested. Yet.

Nevertheless, we stress: Since, in Zimbabwe, all blogs may be suspected of being rebellious in some way, we remind you: Do not blog using your real name.

It has been said that anyone or any state with enough resources and time will be able to find out the identity of anyone on the Internet. Zimbabwe’s cooperation with the Chinese government makes it a more dangerous opponent of bloggers than ever before. The key is to put more effort and time into staying anonymous than anyone in the government will put into discovering it. Some people in some places may need to devote relatively little work in order to say safe. Others may need to do quite a bit of work.

There are two major ways your identity can be discovered while blogging. One is by revealing your identity through the content you post. For instance, if you write, "I'm a third-year education student at the University of Zimbabwe, I come from Chegutu," there's a good chance that someone reading your blog will be able to figure out who you are.

The other way to get discovered is if someone identifies you from information your web browser or email program provides. Every computer attached to the Internet has, or shares, an address called an IP address. That is a series of four numbers from 0-255, separated by dots, for instance: 213.24.124.38.

With a little work, the authorities may be able to trace any posting you make back to your computer. If you use a home computer and dial into an Internet service provider (ISP), this ISP will have a record of which computer dials in at what time and accesses which information.

There are a number of ways you can hide your identity when using the Internet. As a general rule, the more secure you want to be, the more work you will need to do to hide your identity. Some of the strategies for protecting identity online require a great deal of technical knowledge and work. But they all start with basic, common sense measures.

!!BASIC ANONYMIZATION MEASURES

Never use your real name. We don’t mean just on your blog. We mean when signing up for your blog you must use a pseudonym. And when you are signing up for your web-based email, also use a fake name. It is very easy to trace traffic from your home or work email unless you use a remailer, which we will talk about later; so we advise you use a web-based email, which we will also talk about in greater depth later.

A good general rule for anonymous blogging: Never use any service that you must pay for or that you sign up for via the government or that uses a service that must report to the government. And do not register with the authorities, of course.

Free web-based email providers:

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

Free weblog hosting:

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

Livejournal: http://www.livejournal.com/

Seoblog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

Should Zimbabwe’s government pursue the Chinese model of Internet filtering, even these options will be difficult. For now, they should be relatively safer than not using them. Read more on the Chinese system here http://anoniblog.blogharbor.com/blog/_archives/2005/9/30/1271468.html and here http://www.opennetinitiative.net/studies/china/.

Do not use any identifying information on your blog. For the reasons discussed above, do not use a nickname, for instance, that people know is yours. Do not use one that identifies you somehow. Do not talk about your street or neighborhood, what you do for a living or where you work, or specifics about who you know, where you have traveled and so forth. Otherwise, you will be providing investigators with leads to your identity.

Here's the problem with this strategy. When you sign up for an email service or a weblog, the web server you are accessing logs your IP address. If that IP address can be traced to you, for instance if you are using your computer at home or at work, you could be found.

One additional step you could take to hide your identity is to do your work on heavily-used computers. Rather than setting up your webmail and blogging accounts from your home or work computer, you could set them up from a computer in a cybercafe, a library, or a university computer lab. Should anyone trace the IP used to post a comment or a post they will discover that the post was made from a cybercafe, where any number of people might have been using the computers.

There are flaws in this strategy as well. If the Internet café or computer lab keeps track of who is using what computer at what time, your identity could be compromised. Do not use computers at places like these in the middle of the night or other times when you are likely to be the only person there. If you use Internet cafés, change which ones you use often. If the authorities decide to look into a blog and discover that all the posts are coming from a specific café, it would not be hard to send police to watch who visits.

!!ANONYMOUS PROXIES

If you choose to, you can take the trouble to use what is called a “proxy.” If you access the Internet through a proxy, you will leave behind the IP address of the proxy server, instead of the address of the computer you are using.

The difficulty in using proxies and anonymizers (we will cover these later) is that they are frequently among the first sites to be blocked by a government seeking control of its people. That is currently not the case in Zimbabwe, but it is something to watch out for. Should Zim begin to block proxies, you may have to search for new proxies as old ones are blocked. Another option (also covered below) is to use Peacefire’s Circumventor program, or another “social” option.

To use a proxy, first choose a proxy server from one of these lists, or find one yourself on a search engine like Google http://www.google.com.

Public Proxy Servers: http://www.publicproxyservers.com/index.html

Rosinstrument: http://tools.rosinstrument.com/proxy/

Samair: http://www.samair.ru/proxy/

Now, open the “preferences” or “options” section of your web browser. Under the “general”, “network” or “security” tab (usually), find an option to set up a proxy to access the Internet. Here is a set of instructions http://www.freeproxy.ru/en/free_proxy/howuse.htm for various browsers.

Turn on “manual proxy configuration”, enter the IP address of the proxy server and port into the fields for HTTP proxy and SSL proxy and save your settings. Restart your browser.

Your connection to the web will seem a bit slower because every page you request from a web server takes a detour. Instead of connecting directly to Hushmail, for instance, you connect to the proxy, which then connects to Hushmail. When Hushmail sends a page to you, it goes to the proxy first, then to you. You may also notices some trouble accessing websites, especially those that want you to log in.

A final problem is that if authorities discover you have been using a proxy, that in itself may constitute “proof” of wrongdoing.

!!“SOCIAL” OPTIONS

One way around the excessive blocking of proxies is to use Peacefire’s Circumventor.

To do this, you will need a friend outside of Zimbabwe whom you trust. They will need to set up Circumventor on their computer. Your friend downloads Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html from the Peacefire site and installs it on his Windows system. It is not easy to do. First, he needs to install Perl on his system, then OpenSA, then Circumventor.

After these installations, he will needs to keep his computer connected to the Internet constantly, so you can use it as a proxy without asking each time. But you will, once it is set up, be able to surf the web, post to your blog, and use your email, all through the proxy your friend has created on his machine by using Circumventor. You can even use it at an Internet café, because the proxy is not listed as such in the state’s filtering technology, so it is not very suspicious.

Here’s the problem with this system: your friend’s computer, running Windows, often reboots. Each time it does, it is assigned a new IP address. And every time this happens, your friend will need to contact you with the address. (Probably cellular phone calls are best for this.) There is always the chance that this proxy will be recognized in time as such by the government.

Another social option is to use Adopt-a-Blog http://www.adoptablog.org/. Designed originally for blocked blogs in China, you can contact this service with a request that someone outside your country host a blog on their server. The server hosting your blog is unlikely to be blocked and, if it becomes blocked, your blog is moved to a different server.

If you know someone trustworthy outside the country, another option is to simply ask that person to set up a blog for you and then to post to it either using a proxy, or by contacting them via web-based email, encrypted email or by using a remailer system (see below). It is highly advisable, however, not to trust anyone quickly whom you do not know. Established human rights and free speech groups might be willing to connect you with trustworthy people willing to help.

!!TOR ONION ROUTING

Tor, an “onion routing” system takes the idea of proxy servers to a new level of complexity. Each request made through an onion routing network goes through two to 20 additional computers, making it hard to trace what computer originated a request. Each step of the Onion Routing chain is encrypted, making it harder for the government to trace your posts. Furthermore, each computer in the chain onlyknows its nearest neighbors. In other words, router B knows that it got a request for a web page from router A, and that it's supposed to pass the request on to router C. But the request itself is encrypted: router B doesn't actually know what page you are requesting, or what router will finally request the page from the web server.

Given the complexity of the technology, it is surprisingly easy to install Torhttp://tor.eff.org/cvs/tor/doc/tor-doc-win32.html. You download an installer which first installs Tor on your system, and then downloads and installs Privoxy, a proxy that works with Tor.

The Tor system will make it look at one point like you are on a computer at Harvard University, and then it looks like you are in Germany, and so forth, changing all the time as you reload or sign on at different times. Tor is changing your identity from request to request, helping to protect keep your identity private.

This has some a couple of unintended consequences. When you use Google through Tor, it may switch languages on you. One search may be in English; another may be Japanese, German, Danish or Dutch, all in the course of a few minutes. Some sites, Wikipedia, for instance, may not allow connections from a Tor system. Your surfing may slow down quite a bit at times. And, of course, you are reliant on your home computer, since you cannot install Tor on a public machine. Most worrisome, though, is Tor’s occasional malfunctioning: it may sometimes stop working. Your ISP may block some Tor routers.

!!TORPARK

TOR is somewhat difficult to install for a non-technical user. Although much easier than most anonymizing technologies, it can still be tricky. Also, if you are accessing the Internet from an Internet café, it is unlikely you will be able to install TOR on the computers you are using.

Now there is an alternative. The people behind a new tool called Torpark http://torpark.nfshost.com/ have combined an alpha version of the new Firefox Deer Park browser http://www.mozilla.org/projects/firefox/ with TOR and an installer, to produce a 20MB package designed to fit on a USB key http://en.wikipedia.org/wiki/Keydrive.

When you insert your USB key into the port of a computer equipped with Windows 2000 or XP and you run the Torpark application, an anonymized browser window will open, allowing you to surf the web, leaving few or no traces behind.

One click starts a script, opens a DOS window and a browser, which then surfs through TOR. Ejecting the USB key removes obvious traces from the system. The browsing experience is the slow, but satisfactory, experience you get when browsing with TOR.

There are some problems: Stylesheet-heavy pages tend to look bad, as some graphics and files fail to load. Some images break. But for the most part, you can surf the web effectively.

There are three difficulties that may prevent some users from adopting Torpark as their preferred method of surfing.

First, not everyone has a USB key. Securing access to a reasonably priced key may be difficult for some people. There may be a lack of supply or the price may place it out of reach for many, especially for Zimbabweans in the current environment.

Second, many Internet cafés may not allow you to attach a USB key to their machines. Should the recently-contracted Chinese filtering regime be put into place, it will be eventually be impossible to make any move online in an Internet café without it being known, though for now it can be done.

Finally, TOR uses a small, published list of servers that transfer and obscure packets. In any country that employs a firewall, it is reasonable to assume that the administrators block traffic from the servers that are currently listed http://proxy.org/tor.shtml and add any new servers to the blacklist when they come online. Again, that is mostly not the case in Zimbabwe today, but should the Chinese system be employed, it will become a reality

Torpark can be downloaded http://torpark.nfshost.com/ in English, Chinese, French, Slovenian, Russian, Korean, Hebrew, Polish and Turkish and other languages.

!!MIXMASTER, INVISIBLOG AND GPG

There are a number of additional options that do no require proxy servers. One such service is Invisiblog http://www.invisiblog.com/. You do not post to Invisiblog via the web, as you do with most blog servers. You post to it using specially formatted email, sent through the Mixmaster remailer system, signed cryptographically.

That sounds complicated. It is. But here is what you do. First, go to GPG http://www.gnupg.org and set up a “public-key encryption system.” (Public-key encryption is a technique that allows you to send messages to a person that only the recipient can read. Public key encryption also allows people to “sign” documents with a digital signature that is almost impossible to forge.)

Then, set up Mixmaster http://mixmaster.sourceforge.net/, a mailing system designed to obscure the origins of an email message. Mixmaster uses a chain of anonymous remailers (computer programs that strip all identifying information off an email and send it to its destination) to send email messages with a high degree of anonymity. By using a chain of 2 to 20 remailers, the message is very difficult to trace, even if one or more of the remailers is “compromised” and is recording sender information.

Unfortunately, you have to “build” Mixmaster by compiling its source code, a project that requires a great deal of technical know-how.

Once set up, you send a Mixmaster message to Invisiblog, which includes your public key. Invisiblog will use this to set up a new blog for you, with a name like “invisiblog.com/ac4589d7001ac238”. (The long string is the last 16 bytes of your GPG key.) Once your Invisiblog is set up, you send future posts to by writing a text message, signing it with your public key and sending it via Mixmaster.

The misdirection of Mixmaster mailers means that it takes anywhere from two hours to two days for your message to reach the servers. And you must be very careful about looking at your blog. If you look at it too often, your IP address will appear in the blog's log frequently, signaling that you are probably its author. You can be somewhat reassured by the fact that the owners of Invisiblog have no idea who you are.

The main problem with the Invisiblog system is the fact that it is very difficult for most people to use. Most people find GPG a challenge to set up and have difficulty understanding the complexities of public and private keys. More user-friendly cryptographic tools, like Ciphire https://www.ciphire.com/, have been set up to help less technically proficient users, but even they can be difficult. These tools are also frequently blocked by repressive regimes. Another issue that makes this difficult is that if the authorities ever take your computer and find your private key, it would be considered highly suspicious in itself and might be used as evidence that you were the author of the blog. If you do succeed in sending out mail messages wrapped in strong encryption, like Mixmaster, you run the risk of attracting the attention of the Internet authorities.

!!CONCLUSION

You have a right to be heard. Your voice is important to Zimbabwe, both for its present and its future. And you are powerful. However, in speaking the truth on a blog you will be putting yourself in danger. So, please consider the possible consequences. If you are intent on proceeding, or continuing, do so as safely as possible and as anonymously as you can. Contradicting the fictions of a tyrant requires at least as much discretion and common sense as bravery. Someone who cares about this future can do no good mute. You must remain in possession of your voice.

To that end, we have covered basic anonymization measures, such as pseudonymous blogging and web-based email; proxies; social options, such as individual Circumventor proxies, Adopt-a-Blog and assisted blogging; Tor servers’ onion routing; and very complex email-based blogging systems like Invisiblog.

None of these, nor any combination, is foolproof. There will always remain a chance that you will be discovered and the authorities, which fear the intellect of their own people, will succeed in silencing you. Be very careful. You are fellow bloggers, as well as fellow human beings, and we wish above all for you to remain free and safe.

Please forward this document to anyone you think might benefit from reading it. You are also welcome to add to it your ideas, experiences and experiments—though we ask you leave in place all warnings about the dangers of speaking up and the provisional nature of all anonymizing techniques, tools and processes. Perhaps you have information we do not. Perhaps you know of additional measures to take that we have not covered. Let’s share with each other and take care of one another.

!!LEGAL

We make no warranty as to the accuracy of the information contained in these guides. The reader assumes all responsibility for the risk of using them.

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

Contact the authors at anoniblog@hushmail.com.

edited FrontPage

email@hidden () — Tue, 17 Jan 2006 18:08:19 +0000

! Blog Safer: The Anoniblogging Wiki

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

Across the globe, countries that discourage free speech have followed their citizens into the blogosphere. According to one count, in the last two years at least 30 bloggers (and there are no doubt more) have been interrogated, arrested, tortured and sentenced to long prison terms for the "crime" of speaking critically about their governments. Regardless of your culture, your country, your politics or religion, we believe you deserve to speak your mind without falling afoul of state power. Unfortunately, what you deserve and what you get are not always the same thing. So, for those of you who wish to speak out on your blogs, but who do not wish to risk imprisonment or worse for doing so, we have prepared guides that will help you to blog more safely by blogging more anonymously.

But please note: **Blogging can never be completely anonymous.** With enough time, resources and political will, a group or government can discover who you are. We cannot guarantee that even if you follow the instructions on these guides to the letter that you will run no risk. You always take a chance when you speak your mind to people who cannot tolerate dissent. But we hope that these guides will enable you to minimize those risks, or at least be more aware of them.

A wiki is a web site that anyone can make changes to and all previous versions are %5Bhttp://anoniblog.pbwiki.com/changes.php | permanently viewable in an archive%5D. __**To make changes here you can log in with any name and email, and the word "blogsafe4u".**__ We hope that these guides will improve with user participation. For help using this wiki, see %5Bhttp://yummy.pbwiki.com/WikiStyle | Wiki Style%5D. To learn more about wikis in general see %5Bhttp://en.wikipedia.org/wiki/Wiki | Wikipedia's definition of wiki%5D.

%5BAnoniHelpPage%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**This wiki is a %5Bhttp://www.spiritofamerica.net/ | Spirit of America%5D project. Donations to support it are much appreciated. %5Bhttp://www.spiritofamerica.net/projects/104 | Click here to make a donation%5D.**

---

While we cannot guarantee the security of any email addresses entered here, we hope that some people will subscribe to changes and help tend to this wiki over time.

---

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, %5Bhttp://creativecommons.org/licenses/by-nc-sa/2.5/ | click this link%5D or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

edited ZimbabweAnonymousBloggingGuide

email@hidden () — Tue, 17 Jan 2006 05:36:05 +0000

!Zimbabwe Anonymous Blogging Guide

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/zimbabwe+abg+-+final.doc | Zimbabwe Anonymous Blogging Guide%5D here.

!!INTRODUCTION

Anyone in Zimbabwe who seeks to express himself or herself must be acutely aware of the level of oppression in the country. The dictatorship of President Robert Mugabe has grown more and more tyrannical over the years to a point where, currently, the most benign criticism of the regime is likely to land one in a jail cell, or at least earn one a visit with the gentlemen of the Central Intelligence Organization.

Zimbabwe is one of the most wired countries in Africa. That is just one indication of the surfeit of “raw materials” for democracy that the country contains. No longer the “breadbasket of Southern Africa” Zimbabwe teeters on the edge of famine. Likewise, the brain drain has weakened the country intellectually. However, enough of the vigorous minds have remained that Mugabe has felt it necessary to increase restrictions on free speech to include the electronic realm.

First, he had the congress pass the Post and Telecommunications Act of 2000, which allowed the interception of email. Fourteen people were arrested for forwarding an anti-Mugabe message under this so-called law. When Zimbabwe’s Supreme Court declared these elements of that act unconstitutional, Mugabe had several other repressive laws passed to make up for them. Foremost among these is the Access to Information and Protection of Privacy Act.

The state of the country regarding free speech is this: There is none. There are no independent radio or television stations, no independent daily newspapers. There are no foreign reporters in the country. One of the most powerful groups to take up the slack are bloggers.

Mugabe, in April of this year, contracted with the Chinese government to secure access to their Internet censorship knowledge and technology. There has yet to be any report that these have been implemented and in October of this year even the Chinese found Mugabe so isolated it refused to help him with his food problems, outgrowth, in part, of his seizure of white-owned farms, which he gave as gifts to political supporters.

Bloggers press on. The efforts of these individuals, estimated to number between 50 and 100, exert a disproportionate influence on their country and on international discourse about Zimbabwe, due to several factors: The lack of any other information and the resolution and intelligence of the bloggers themselves, who have broken news such as the daylight murder of a woman by the police in Bulawayo and the bulldozing of housing for the poor in Harare.

None of you who are blogging in Zimbabwe, or who are considering it, need anyone else to remind you to take care when blogging. We may be able to help you, however, by laying out for you the different tools at your disposal that will allow you to blog safely and explaining how to use them.

By blogging safely, what do we mean? Zimbloggers know…

!!TO BLOG SAFELY IS TO BLOG ANONYMOUSLY

Most bloggers and other online users arrested around the world for critical speech were discovered because they took no pains at all to disguise who they were. Zimbabwe’s bloggers know better. And because they know better, none have been arrested. Yet.

Nevertheless, we stress: Since, in Zimbabwe, all blogs may be suspected of being rebellious in some way, we remind you: Do not blog using your real name.

It has been said that anyone or any state with enough resources and time will be able to find out the identity of anyone on the Internet. Zimbabwe’s cooperation with the Chinese government makes it a more dangerous opponent of bloggers than ever before. The key is to put more effort and time into staying anonymous than anyone in the government will put into discovering it. Some people in some places may need to devote relatively little work in order to say safe. Others may need to do quite a bit of work.

There are two major ways your identity can be discovered while blogging. One is by revealing your identity through the content you post. For instance, if you write, "I'm a third-year education student at the University of Zimbabwe, I come from Chegutu," there's a good chance that someone reading your blog will be able to figure out who you are.

The other way to get discovered is if someone identifies you from information your web browser or email program provides. Every computer attached to the Internet has, or shares, an address called an IP address. That is a series of four numbers from 0-255, separated by dots, for instance: 213.24.124.38.

With a little work, the authorities may be able to trace any posting you make back to your computer. If you use a home computer and dial into an Internet service provider (ISP), this ISP will have a record of which computer dials in at what time and accesses which information.

There are a number of ways you can hide your identity when using the Internet. As a general rule, the more secure you want to be, the more work you will need to do to hide your identity. Some of the strategies for protecting identity online require a great deal of technical knowledge and work. But they all start with basic, common sense measures.

!!BASIC ANONYMIZATION MEASURES

Never use your real name. We don’t mean just on your blog. We mean when signing up for your blog you must use a pseudonym. And when you are signing up for your web-based email, also use a fake name. It is very easy to trace traffic from your home or work email unless you use a remailer, which we will talk about later; so we advise you use a web-based email, which we will also talk about in greater depth later.

A good general rule for anonymous blogging: Never use any service that you must pay for or that you sign up for via the government or that uses a service that must report to the government. And do not register with the authorities, of course.

Free web-based email providers:

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

Free weblog hosting:

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

Livejournal: http://www.livejournal.com/

Seoblog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

Should Zimbabwe’s government pursue the Chinese model of Internet filtering, even these options will be difficult. For now, they should be relatively safer than not using them. Read more on the Chinese system here http://anoniblog.blogharbor.com/blog/_archives/2005/9/30/1271468.html and here http://www.opennetinitiative.net/studies/china/.

Do not use any identifying information on your blog. For the reasons discussed above, do not use a nickname, for instance, that people know is yours. Do not use one that identifies you somehow. Do not talk about your street or neighborhood, what you do for a living or where you work, or specifics about who you know, where you have traveled and so forth. Otherwise, you will be providing investigators with leads to your identity.

Here's the problem with this strategy. When you sign up for an email service or a weblog, the web server you are accessing logs your IP address. If that IP address can be traced to you, for instance if you are using your computer at home or at work, you could be found.

One additional step you could take to hide your identity is to do your work on heavily-used computers. Rather than setting up your webmail and blogging accounts from your home or work computer, you could set them up from a computer in a cybercafe, a library, or a university computer lab. Should anyone trace the IP used to post a comment or a post they will discover that the post was made from a cybercafe, where any number of people might have been using the computers.

There are flaws in this strategy as well. If the Internet café or computer lab keeps track of who is using what computer at what time, your identity could be compromised. Do not use computers at places like these in the middle of the night or other times when you are likely to be the only person there. If you use Internet cafés, change which ones you use often. If the authorities decide to look into a blog and discover that all the posts are coming from a specific café, it would not be hard to send police to watch who visits.

!!ANONYMOUS PROXIES

If you choose to, you can take the trouble to use what is called a “proxy.” If you access the Internet through a proxy, you will leave behind the IP address of the proxy server, instead of the address of the computer you are using.

The difficulty in using proxies and anonymizers (we will cover these later) is that they are frequently among the first sites to be blocked by a government seeking control of its people. That is currently not the case in Zimbabwe, but it is something to watch out for. Should Zim begin to block proxies, you may have to search for new proxies as old ones are blocked. Another option (also covered below) is to use Peacefire’s Circumventor program, or another “social” option.

To use a proxy, first choose a proxy server from one of these lists, or find one yourself on a search engine like Google http://www.google.com.

Public Proxy Servers: http://www.publicproxyservers.com/index.html

Rosinstrument: http://tools.rosinstrument.com/proxy/

Samair: http://www.samair.ru/proxy/

Now, open the “preferences” or “options” section of your web browser. Under the “general”, “network” or “security” tab (usually), find an option to set up a proxy to access the Internet. Here is a set of instructions http://www.freeproxy.ru/en/free_proxy/howuse.htm for various browsers.

Turn on “manual proxy configuration”, enter the IP address of the proxy server and port into the fields for HTTP proxy and SSL proxy and save your settings. Restart your browser.

Your connection to the web will seem a bit slower because every page you request from a web server takes a detour. Instead of connecting directly to Hushmail, for instance, you connect to the proxy, which then connects to Hushmail. When Hushmail sends a page to you, it goes to the proxy first, then to you. You may also notices some trouble accessing websites, especially those that want you to log in.

A final problem is that if authorities discover you have been using a proxy, that in itself may constitute “proof” of wrongdoing.

!!“SOCIAL” OPTIONS

One way around the excessive blocking of proxies is to use Peacefire’s Circumventor.

To do this, you will need a friend outside of Zimbabwe whom you trust. They will need to set up Circumventor on their computer. Your friend downloads Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html from the Peacefire site and installs it on his Windows system. It is not easy to do. First, he needs to install Perl on his system, then OpenSA, then Circumventor.

After these installations, he will needs to keep his computer connected to the Internet constantly, so you can use it as a proxy without asking each time. But you will, once it is set up, be able to surf the web, post to your blog, and use your email, all through the proxy your friend has created on his machine by using Circumventor. You can even use it at an Internet café, because the proxy is not listed as such in the state’s filtering technology, so it is not very suspicious.

Here’s the problem with this system: your friend’s computer, running Windows, often reboots. Each time it does, it is assigned a new IP address. And every time this happens, your friend will need to contact you with the address. (Probably cellular phone calls are best for this.) There is always the chance that this proxy will be recognized in time as such by the government.

Another social option is to use Adopt-a-Blog http://www.adoptablog.org/. Designed originally for blocked blogs in China, you can contact this service with a request that someone outside your country host a blog on their server. The server hosting your blog is unlikely to be blocked and, if it becomes blocked, your blog is moved to a different server.

If you know someone trustworthy outside the country, another option is to simply ask that person to set up a blog for you and then to post to it either using a proxy, or by contacting them via web-based email, encrypted email or by using a remailer system (see below). It is highly advisable, however, not to trust anyone quickly whom you do not know. Established human rights and free speech groups might be willing to connect you with trustworthy people willing to help.

!!TOR ONION ROUTING

Tor, an “onion routing” system takes the idea of proxy servers to a new level of complexity. Each request made through an onion routing network goes through two to 20 additional computers, making it hard to trace what computer originated a request. Each step of the Onion Routing chain is encrypted, making it harder for the government to trace your posts. Furthermore, each computer in the chain onlyknows its nearest neighbors. In other words, router B knows that it got a request for a web page from router A, and that it's supposed to pass the request on to router C. But the request itself is encrypted: router B doesn't actually know what page you are requesting, or what router will finally request the page from the web server.

Given the complexity of the technology, it is surprisingly easy to install Torhttp://tor.eff.org/cvs/tor/doc/tor-doc-win32.html. You download an installer which first installs Tor on your system, and then downloads and installs Privoxy, a proxy that works with Tor.

The Tor system will make it look at one point like you are on a computer at Harvard University, and then it looks like you are in Germany, and so forth, changing all the time as you reload or sign on at different times. Tor is changing your identity from request to request, helping to protect keep your identity private.

This has some a couple of unintended consequences. When you use Google through Tor, it may switch languages on you. One search may be in English; another may be Japanese, German, Danish or Dutch, all in the course of a few minutes. Some sites, Wikipedia, for instance, may not allow connections from a Tor system. Your surfing may slow down quite a bit at times. And, of course, you are reliant on your home computer, since you cannot install Tor on a public machine. Most worrisome, though, is Tor’s occasional malfunctioning: it may sometimes stop working. Your ISP may block some Tor routers.

!!TORPARK

TOR is somewhat difficult to install for a non-technical user. Although much easier than most anonymizing technologies, it can still be tricky. Also, if you are accessing the Internet from an Internet café, it is unlikely you will be able to install TOR on the computers you are using.

Now there is an alternative. The people behind a new tool called Torpark http://torpark.nfshost.com/ have combined an alpha version of the new Firefox Deer Park browser http://www.mozilla.org/projects/firefox/ with TOR and an installer, to produce a 20MB package designed to fit on a USB key http://en.wikipedia.org/wiki/Keydrive.

When you insert your USB key into the port of a computer equipped with Windows 2000 or XP and you run the Torpark application, an anonymized browser window will open, allowing you to surf the web, leaving few or no traces behind.

One click starts a script, opens a DOS window and a browser, which then surfs through TOR. Ejecting the USB key removes obvious traces from the system. The browsing experience is the slow, but satisfactory, experience you get when browsing with TOR.

There are some problems: Stylesheet-heavy pages tend to look bad, as some graphics and files fail to load. Some images break. But for the most part, you can surf the web effectively.

There are three difficulties that may prevent some users from adopting Torpark as their preferred method of surfing.

First, not everyone has a USB key. Securing access to a reasonably priced key may be difficult for some people. There may be a lack of supply or the price may place it out of reach for many, especially for Zimbabweans in the current environment.

Second, many Internet cafés may not allow you to attach a USB key to their machines. Should the recently-contracted Chinese filtering regime be put into place, it will be eventually be impossible to make any move online in an Internet café without it being known, though for now it can be done.

Finally, TOR uses a small, published list of servers that transfer and obscure packets. In any country that employs a firewall, it is reasonable to assume that the administrators block traffic from the servers that are currently listed http://proxy.org/tor.shtml and add any new servers to the blacklist when they come online. Again, that is mostly not the case in Zimbabwe today, but should the Chinese system be employed, it will become a reality

Torpark can be downloaded http://torpark.nfshost.com/ in English, Chinese, French, Slovenian, Russian, Korean, Hebrew, Polish and Turkish and other languages.

!!MIXMASTER, INVISIBLOG AND GPG

There are a number of additional options that do no require proxy servers. One such service is Invisiblog http://www.invisiblog.com/. You do not post to Invisiblog via the web, as you do with most blog servers. You post to it using specially formatted email, sent through the Mixmaster remailer system, signed cryptographically.

That sounds complicated. It is. But here is what you do. First, go to GPG http://www.gnupg.org and set up a “public-key encryption system.” (Public-key encryption is a technique that allows you to send messages to a person that only the recipient can read. Public key encryption also allows people to “sign” documents with a digital signature that is almost impossible to forge.)

Then, set up Mixmaster http://mixmaster.sourceforge.net/, a mailing system designed to obscure the origins of an email message. Mixmaster uses a chain of anonymous remailers (computer programs that strip all identifying information off an email and send it to its destination) to send email messages with a high degree of anonymity. By using a chain of 2 to 20 remailers, the message is very difficult to trace, even if one or more of the remailers is “compromised” and is recording sender information.

Unfortunately, you have to “build” Mixmaster by compiling its source code, a project that requires a great deal of technical know-how.

Once set up, you send a Mixmaster message to Invisiblog, which includes your public key. Invisiblog will use this to set up a new blog for you, with a name like “invisiblog.com/ac4589d7001ac238”. (The long string is the last 16 bytes of your GPG key.) Once your Invisiblog is set up, you send future posts to by writing a text message, signing it with your public key and sending it via Mixmaster.

The misdirection of Mixmaster mailers means that it takes anywhere from two hours to two days for your message to reach the servers. And you must be very careful about looking at your blog. If you look at it too often, your IP address will appear in the blog's log frequently, signaling that you are probably its author. You can be somewhat reassured by the fact that the owners of Invisiblog have no idea who you are.

The main problem with the Invisiblog system is the fact that it is very difficult for most people to use. Most people find GPG a challenge to set up and have difficulty understanding the complexities of public and private keys. More user-friendly cryptographic tools, like Ciphire https://www.ciphire.com/, have been set up to help less technically proficient users, but even they can be difficult. These tools are also frequently blocked by repressive regimes. Another issue that makes this difficult is that if the authorities ever take your computer and find your private key, it would be considered highly suspicious in itself and might be used as evidence that you were the author of the blog. If you do succeed in sending out mail messages wrapped in strong encryption, like Mixmaster, you run the risk of attracting the attention of the Internet authorities.

!!CONCLUSION

You have a right to be heard. Your voice is important to Zimbabwe, both for its present and its future. And you are powerful. However, in speaking the truth on a blog you will be putting yourself in danger. So, please consider the possible consequences. If you are intent on proceeding, or continuing, do so as safely as possible and as anonymously as you can. Contradicting the fictions of a tyrant requires at least as much discretion and common sense as bravery. Someone who cares about this future can do no good mute. You must remain in possession of your voice.

To that end, we have covered basic anonymization measures, such as pseudonymous blogging and web-based email; proxies; social options, such as individual Circumventor proxies, Adopt-a-Blog and assisted blogging; Tor servers’ onion routing; and very complex email-based blogging systems like Invisiblog.

None of these, nor any combination, is foolproof. There will always remain a chance that you will be discovered and the authorities, which fear the intellect of their own people, will succeed in silencing you. Be very careful. You are fellow bloggers, as well as fellow human beings, and we wish above all for you to remain free and safe.

Please forward this document to anyone you think might benefit from reading it. You are also welcome to add to it your ideas, experiences and experiments—though we ask you leave in place all warnings about the dangers of speaking up and the provisional nature of all anonymizing techniques, tools and processes. Perhaps you have information we do not. Perhaps you know of additional measures to take that we have not covered. Let’s share with each other and take care of one another.

!!LEGAL

We make no warranty as to the accuracy of the information contained in these guides. The reader assumes all responsibility for the risk of using them.

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

!Zimbabwe Anonymous Blogging Guide

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/zimbabwe+abg+-+final.doc | Zimbabwe Anonymous Blogging Guide%5D here.

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

!!INTRODUCTION

Anyone in Zimbabwe who seeks to express himself or herself must be acutely aware of the level of oppression in the country. The dictatorship of President Robert Mugabe has grown more and more tyrannical over the years to a point where, currently, the most benign criticism of the regime is likely to land one in a jail cell, or at least earn one a visit with the gentlemen of the Central Intelligence Organization.

Zimbabwe is one of the most wired countries in Africa. That is just one indication of the surfeit of “raw materials” for democracy that the country contains. No longer the “breadbasket of Southern Africa” Zimbabwe teeters on the edge of famine. Likewise, the brain drain has weakened the country intellectually. However, enough of the vigorous minds have remained that Mugabe has felt it necessary to increase restrictions on free speech to include the electronic realm.

First, he had the congress pass the Post and Telecommunications Act of 2000, which allowed the interception of email. Fourteen people were arrested for forwarding an anti-Mugabe message under this so-called law. When Zimbabwe’s Supreme Court declared these elements of that act unconstitutional, Mugabe had several other repressive laws passed to make up for them. Foremost among these is the Access to Information and Protection of Privacy Act.

The state of the country regarding free speech is this: There is none. There are no independent radio or television stations, no independent daily newspapers. There are no foreign reporters in the country. One of the most powerful groups to take up the slack are bloggers.

Mugabe, in April of this year, contracted with the Chinese government to secure access to their Internet censorship knowledge and technology. There has yet to be any report that these have been implemented and in October of this year even the Chinese found Mugabe so isolated it refused to help him with his food problems, outgrowth, in part, of his seizure of white-owned farms, which he gave as gifts to political supporters.

Bloggers press on. The efforts of these individuals, estimated to number between 50 and 100, exert a disproportionate influence on their country and on international discourse about Zimbabwe, due to several factors: The lack of any other information and the resolution and intelligence of the bloggers themselves, who have broken news such as the daylight murder of a woman by the police in Bulawayo and the bulldozing of housing for the poor in Harare.

None of you who are blogging in Zimbabwe, or who are considering it, need anyone else to remind you to take care when blogging. We may be able to help you, however, by laying out for you the different tools at your disposal that will allow you to blog safely and explaining how to use them.

By blogging safely, what do we mean? Zimbloggers know…

!!TO BLOG SAFELY IS TO BLOG ANONYMOUSLY

Most bloggers and other online users arrested around the world for critical speech were discovered because they took no pains at all to disguise who they were. Zimbabwe’s bloggers know better. And because they know better, none have been arrested. Yet.

Nevertheless, we stress: Since, in Zimbabwe, all blogs may be suspected of being rebellious in some way, we remind you: Do not blog using your real name.

It has been said that anyone or any state with enough resources and time will be able to find out the identity of anyone on the Internet. Zimbabwe’s cooperation with the Chinese government makes it a more dangerous opponent of bloggers than ever before. The key is to put more effort and time into staying anonymous than anyone in the government will put into discovering it. Some people in some places may need to devote relatively little work in order to say safe. Others may need to do quite a bit of work.

There are two major ways your identity can be discovered while blogging. One is by revealing your identity through the content you post. For instance, if you write, "I'm a third-year education student at the University of Zimbabwe, I come from Chegutu," there's a good chance that someone reading your blog will be able to figure out who you are.

The other way to get discovered is if someone identifies you from information your web browser or email program provides. Every computer attached to the Internet has, or shares, an address called an IP address. That is a series of four numbers from 0-255, separated by dots, for instance: 213.24.124.38.

With a little work, the authorities may be able to trace any posting you make back to your computer. If you use a home computer and dial into an Internet service provider (ISP), this ISP will have a record of which computer dials in at what time and accesses which information.

There are a number of ways you can hide your identity when using the Internet. As a general rule, the more secure you want to be, the more work you will need to do to hide your identity. Some of the strategies for protecting identity online require a great deal of technical knowledge and work. But they all start with basic, common sense measures.

!!BASIC ANONYMIZATION MEASURES

Never use your real name. We don’t mean just on your blog. We mean when signing up for your blog you must use a pseudonym. And when you are signing up for your web-based email, also use a fake name. It is very easy to trace traffic from your home or work email unless you use a remailer, which we will talk about later; so we advise you use a web-based email, which we will also talk about in greater depth later.

A good general rule for anonymous blogging: Never use any service that you must pay for or that you sign up for via the government or that uses a service that must report to the government. And do not register with the authorities, of course.

Free web-based email providers:

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

Free weblog hosting:

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

Livejournal: http://www.livejournal.com/

Seoblog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

Should Zimbabwe’s government pursue the Chinese model of Internet filtering, even these options will be difficult. For now, they should be relatively safer than not using them. Read more on the Chinese system here http://anoniblog.blogharbor.com/blog/_archives/2005/9/30/1271468.html and here http://www.opennetinitiative.net/studies/china/.

Do not use any identifying information on your blog. For the reasons discussed above, do not use a nickname, for instance, that people know is yours. Do not use one that identifies you somehow. Do not talk about your street or neighborhood, what you do for a living or where you work, or specifics about who you know, where you have traveled and so forth. Otherwise, you will be providing investigators with leads to your identity.

Here's the problem with this strategy. When you sign up for an email service or a weblog, the web server you are accessing logs your IP address. If that IP address can be traced to you, for instance if you are using your computer at home or at work, you could be found.

One additional step you could take to hide your identity is to do your work on heavily-used computers. Rather than setting up your webmail and blogging accounts from your home or work computer, you could set them up from a computer in a cybercafe, a library, or a university computer lab. Should anyone trace the IP used to post a comment or a post they will discover that the post was made from a cybercafe, where any number of people might have been using the computers.

There are flaws in this strategy as well. If the Internet café or computer lab keeps track of who is using what computer at what time, your identity could be compromised. Do not use computers at places like these in the middle of the night or other times when you are likely to be the only person there. If you use Internet cafés, change which ones you use often. If the authorities decide to look into a blog and discover that all the posts are coming from a specific café, it would not be hard to send police to watch who visits.

!!ANONYMOUS PROXIES

If you choose to, you can take the trouble to use what is called a “proxy.” If you access the Internet through a proxy, you will leave behind the IP address of the proxy server, instead of the address of the computer you are using.

The difficulty in using proxies and anonymizers (we will cover these later) is that they are frequently among the first sites to be blocked by a government seeking control of its people. That is currently not the case in Zimbabwe, but it is something to watch out for. Should Zim begin to block proxies, you may have to search for new proxies as old ones are blocked. Another option (also covered below) is to use Peacefire’s Circumventor program, or another “social” option.

To use a proxy, first choose a proxy server from one of these lists, or find one yourself on a search engine like Google http://www.google.com.

Public Proxy Servers: http://www.publicproxyservers.com/index.html

Rosinstrument: http://tools.rosinstrument.com/proxy/

Samair: http://www.samair.ru/proxy/

Now, open the “preferences” or “options” section of your web browser. Under the “general”, “network” or “security” tab (usually), find an option to set up a proxy to access the Internet. Here is a set of instructions http://www.freeproxy.ru/en/free_proxy/howuse.htm for various browsers.

Turn on “manual proxy configuration”, enter the IP address of the proxy server and port into the fields for HTTP proxy and SSL proxy and save your settings. Restart your browser.

Your connection to the web will seem a bit slower because every page you request from a web server takes a detour. Instead of connecting directly to Hushmail, for instance, you connect to the proxy, which then connects to Hushmail. When Hushmail sends a page to you, it goes to the proxy first, then to you. You may also notices some trouble accessing websites, especially those that want you to log in.

A final problem is that if authorities discover you have been using a proxy, that in itself may constitute “proof” of wrongdoing.

!!“SOCIAL” OPTIONS

One way around the excessive blocking of proxies is to use Peacefire’s Circumventor.

To do this, you will need a friend outside of Zimbabwe whom you trust. They will need to set up Circumventor on their computer. Your friend downloads Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html from the Peacefire site and installs it on his Windows system. It is not easy to do. First, he needs to install Perl on his system, then OpenSA, then Circumventor.

After these installations, he will needs to keep his computer connected to the Internet constantly, so you can use it as a proxy without asking each time. But you will, once it is set up, be able to surf the web, post to your blog, and use your email, all through the proxy your friend has created on his machine by using Circumventor. You can even use it at an Internet café, because the proxy is not listed as such in the state’s filtering technology, so it is not very suspicious.

Here’s the problem with this system: your friend’s computer, running Windows, often reboots. Each time it does, it is assigned a new IP address. And every time this happens, your friend will need to contact you with the address. (Probably cellular phone calls are best for this.) There is always the chance that this proxy will be recognized in time as such by the government.

Another social option is to use Adopt-a-Blog http://www.adoptablog.org/. Designed originally for blocked blogs in China, you can contact this service with a request that someone outside your country host a blog on their server. The server hosting your blog is unlikely to be blocked and, if it becomes blocked, your blog is moved to a different server.

If you know someone trustworthy outside the country, another option is to simply ask that person to set up a blog for you and then to post to it either using a proxy, or by contacting them via web-based email, encrypted email or by using a remailer system (see below). It is highly advisable, however, not to trust anyone quickly whom you do not know. Established human rights and free speech groups might be willing to connect you with trustworthy people willing to help.

!!TOR ONION ROUTING

Tor, an “onion routing” system takes the idea of proxy servers to a new level of complexity. Each request made through an onion routing network goes through two to 20 additional computers, making it hard to trace what computer originated a request. Each step of the Onion Routing chain is encrypted, making it harder for the government to trace your posts. Furthermore, each computer in the chain onlyknows its nearest neighbors. In other words, router B knows that it got a request for a web page from router A, and that it's supposed to pass the request on to router C. But the request itself is encrypted: router B doesn't actually know what page you are requesting, or what router will finally request the page from the web server.

Given the complexity of the technology, it is surprisingly easy to install Torhttp://tor.eff.org/cvs/tor/doc/tor-doc-win32.html. You download an installer which first installs Tor on your system, and then downloads and installs Privoxy, a proxy that works with Tor.

The Tor system will make it look at one point like you are on a computer at Harvard University, and then it looks like you are in Germany, and so forth, changing all the time as you reload or sign on at different times. Tor is changing your identity from request to request, helping to protect keep your identity private.

This has some a couple of unintended consequences. When you use Google through Tor, it may switch languages on you. One search may be in English; another may be Japanese, German, Danish or Dutch, all in the course of a few minutes. Some sites, Wikipedia, for instance, may not allow connections from a Tor system. Your surfing may slow down quite a bit at times. And, of course, you are reliant on your home computer, since you cannot install Tor on a public machine. Most worrisome, though, is Tor’s occasional malfunctioning: it may sometimes stop working. Your ISP may block some Tor routers.

!!TORPARK

TOR is somewhat difficult to install for a non-technical user. Although much easier than most anonymizing technologies, it can still be tricky. Also, if you are accessing the Internet from an Internet café, it is unlikely you will be able to install TOR on the computers you are using.

Now there is an alternative. The people behind a new tool called Torpark http://torpark.nfshost.com/ have combined an alpha version of the new Firefox Deer Park browser http://www.mozilla.org/projects/firefox/ with TOR and an installer, to produce a 20MB package designed to fit on a USB key http://en.wikipedia.org/wiki/Keydrive.

When you insert your USB key into the port of a computer equipped with Windows 2000 or XP and you run the Torpark application, an anonymized browser window will open, allowing you to surf the web, leaving few or no traces behind.

One click starts a script, opens a DOS window and a browser, which then surfs through TOR. Ejecting the USB key removes obvious traces from the system. The browsing experience is the slow, but satisfactory, experience you get when browsing with TOR.

There are some problems: Stylesheet-heavy pages tend to look bad, as some graphics and files fail to load. Some images break. But for the most part, you can surf the web effectively.

There are three difficulties that may prevent some users from adopting Torpark as their preferred method of surfing.

First, not everyone has a USB key. Securing access to a reasonably priced key may be difficult for some people. There may be a lack of supply or the price may place it out of reach for many, especially for Zimbabweans in the current environment.

Second, many Internet cafés may not allow you to attach a USB key to their machines. Should the recently-contracted Chinese filtering regime be put into place, it will be eventually be impossible to make any move online in an Internet café without it being known, though for now it can be done.

Finally, TOR uses a small, published list of servers that transfer and obscure packets. In any country that employs a firewall, it is reasonable to assume that the administrators block traffic from the servers that are currently listed http://proxy.org/tor.shtml and add any new servers to the blacklist when they come online. Again, that is mostly not the case in Zimbabwe today, but should the Chinese system be employed, it will become a reality

Torpark can be downloaded http://torpark.nfshost.com/ in English, Chinese, French, Slovenian, Russian, Korean, Hebrew, Polish and Turkish and other languages.

!!MIXMASTER, INVISIBLOG AND GPG

There are a number of additional options that do no require proxy servers. One such service is Invisiblog http://www.invisiblog.com/. You do not post to Invisiblog via the web, as you do with most blog servers. You post to it using specially formatted email, sent through the Mixmaster remailer system, signed cryptographically.

That sounds complicated. It is. But here is what you do. First, go to GPG http://www.gnupg.org and set up a “public-key encryption system.” (Public-key encryption is a technique that allows you to send messages to a person that only the recipient can read. Public key encryption also allows people to “sign” documents with a digital signature that is almost impossible to forge.)

Then, set up Mixmaster http://mixmaster.sourceforge.net/, a mailing system designed to obscure the origins of an email message. Mixmaster uses a chain of anonymous remailers (computer programs that strip all identifying information off an email and send it to its destination) to send email messages with a high degree of anonymity. By using a chain of 2 to 20 remailers, the message is very difficult to trace, even if one or more of the remailers is “compromised” and is recording sender information.

Unfortunately, you have to “build” Mixmaster by compiling its source code, a project that requires a great deal of technical know-how.

Once set up, you send a Mixmaster message to Invisiblog, which includes your public key. Invisiblog will use this to set up a new blog for you, with a name like “invisiblog.com/ac4589d7001ac238”. (The long string is the last 16 bytes of your GPG key.) Once your Invisiblog is set up, you send future posts to by writing a text message, signing it with your public key and sending it via Mixmaster.

The misdirection of Mixmaster mailers means that it takes anywhere from two hours to two days for your message to reach the servers. And you must be very careful about looking at your blog. If you look at it too often, your IP address will appear in the blog's log frequently, signaling that you are probably its author. You can be somewhat reassured by the fact that the owners of Invisiblog have no idea who you are.

The main problem with the Invisiblog system is the fact that it is very difficult for most people to use. Most people find GPG a challenge to set up and have difficulty understanding the complexities of public and private keys. More user-friendly cryptographic tools, like Ciphire https://www.ciphire.com/, have been set up to help less technically proficient users, but even they can be difficult. These tools are also frequently blocked by repressive regimes. Another issue that makes this difficult is that if the authorities ever take your computer and find your private key, it would be considered highly suspicious in itself and might be used as evidence that you were the author of the blog. If you do succeed in sending out mail messages wrapped in strong encryption, like Mixmaster, you run the risk of attracting the attention of the Internet authorities.

!!CONCLUSION

You have a right to be heard. Your voice is important to Zimbabwe, both for its present and its future. And you are powerful. However, in speaking the truth on a blog you will be putting yourself in danger. So, please consider the possible consequences. If you are intent on proceeding, or continuing, do so as safely as possible and as anonymously as you can. Contradicting the fictions of a tyrant requires at least as much discretion and common sense as bravery. Someone who cares about this future can do no good mute. You must remain in possession of your voice.

To that end, we have covered basic anonymization measures, such as pseudonymous blogging and web-based email; proxies; social options, such as individual Circumventor proxies, Adopt-a-Blog and assisted blogging; Tor servers’ onion routing; and very complex email-based blogging systems like Invisiblog.

None of these, nor any combination, is foolproof. There will always remain a chance that you will be discovered and the authorities, which fear the intellect of their own people, will succeed in silencing you. Be very careful. You are fellow bloggers, as well as fellow human beings, and we wish above all for you to remain free and safe.

Please forward this document to anyone you think might benefit from reading it. You are also welcome to add to it your ideas, experiences and experiments—though we ask you leave in place all warnings about the dangers of speaking up and the provisional nature of all anonymizing techniques, tools and processes. Perhaps you have information we do not. Perhaps you know of additional measures to take that we have not covered. Let’s share with each other and take care of one another.

!!LEGAL

We make no warranty as to the accuracy of the information contained in these guides. The reader assumes all responsibility for the risk of using them.

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

Contact the authors at anoniblog@hushmail.com.

edited WhatWikiIs

email@hidden () — Tue, 17 Jan 2006 05:35:21 +0000

Wikis are fantastic tools to allow for collaborative writing. Every visitor to a wiki can edit any page on the wiki. Editing is done in a very simple text language that is much easier to learn and read than HTML.

Wikis are fantastic tools to allow for collaborative writing. Every visitor to a wiki can edit any page on the wiki. Editing is done in a very simple text language that is much easier to learn and read than HTML.

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

You can play around in the SandBox to get used to editing your wiki; you can also check out WikiStyle to learn more about wiki style rules. Enjoy!

edited SandBox

email@hidden () — Tue, 17 Jan 2006 05:34:41 +0000

edited Resources

email@hidden () — Tue, 17 Jan 2006 05:33:48 +0000

!Resources

!!Anonymous Email Accounts

http://www.hushmail.com/ Hushmail

http://mail.lycos.com/ Lycos Email

http://www.operamail.com/scripts/common/index.main?signin=1&lang=us Opera Web Mail

http://anoniblog.blogharbor.com/blog/_archives/2005/9/8/1208552.html Yahoo! Mail

!!Anoniblogging Guides

http://cyber.law.harvard.edu/dyn/globalvoices/wiki/index.php/AnonBlog Anon Blog Guide (Berkman Center)

http://www.searchlores.org/noanon.htm Anonimity Lores (Searchlores)

http://www.zensur.freerk.com/ Freerk's How to Bypass Internet Censorship

http://www.eff.org/Privacy/Anonymity/blog-anonymously.php How to Blog Safely (EFF)

http://security.ngoinabox.org/ NGO in a Box

http://privateblogging.noreply.org/privateblogging/ Private Blogging Wiki

http://www.ethanzuckerman.com/CN_circumvent_censorship.pdf RSF on Circumvention (Chinese)

http://www.rsf.org/rubrique.php3?id_rubrique=542 RSF's Handbook for Bloggers & Cyber-Dissidents

!!Blog Hosting

http://www.blogharbor.com Blog Harbor

http://www.blogger.com/start Blogger

http://www.blogsome.com/ Blogsome

http://www.livejournal.com/ Livejournal

http://www.seo-blog.org/ Seoblog

http://weblogs.us/ Weblogs.us

!!Circumventors

http://www.anonymizer.com/ Anonymizer

http://www.anonymouse.org Anonymouse

http://www.peacefire.org/circumventor/simple-circumventor-instructions.html Peacefire's Circumventor

!!Proxies

http://www.publicproxyservers.com/index.html Public Proxy Servers

http://tools.rosinstrument.com/proxy/ Rosinstrument

http://www.samair.ru/proxy/ Samair

!!Other Tools

http://adoptablog.irisnetwork.ca/ Adopt a Blog (social hosting)

http://www.gnupg.org/ Gnu PG (encryption)

http://invisiblog.com/ Invisiblog (anonymous web publishing)

http://www.opennetinitiative.net/ Open Net Initiative (filtering information)

http://tor.eff.org/ TOR (onion routing)

!!Remailers

https://www.ciphire.com/ Ciphire

http://mixmaster.sourceforge.net/ Mixmaster

http://www.noreply.org/ Noreply.org

!Resources

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

!!Anonymous Email Accounts

http://www.hushmail.com/ Hushmail

http://mail.lycos.com/ Lycos Email

http://www.operamail.com/scripts/common/index.main?signin=1&lang=us Opera Web Mail

http://anoniblog.blogharbor.com/blog/_archives/2005/9/8/1208552.html Yahoo! Mail

!!Anoniblogging Guides

http://cyber.law.harvard.edu/dyn/globalvoices/wiki/index.php/AnonBlog Anon Blog Guide (Berkman Center)

http://www.searchlores.org/noanon.htm Anonimity Lores (Searchlores)

http://www.zensur.freerk.com/ Freerk's How to Bypass Internet Censorship

http://www.eff.org/Privacy/Anonymity/blog-anonymously.php How to Blog Safely (EFF)

http://security.ngoinabox.org/ NGO in a Box

http://privateblogging.noreply.org/privateblogging/ Private Blogging Wiki

http://www.ethanzuckerman.com/CN_circumvent_censorship.pdf RSF on Circumvention (Chinese)

http://www.rsf.org/rubrique.php3?id_rubrique=542 RSF's Handbook for Bloggers & Cyber-Dissidents

!!Blog Hosting

http://www.blogharbor.com Blog Harbor

http://www.blogger.com/start Blogger

http://www.blogsome.com/ Blogsome

http://www.livejournal.com/ Livejournal

http://www.seo-blog.org/ Seoblog

http://weblogs.us/ Weblogs.us

!!Circumventors

http://www.anonymizer.com/ Anonymizer

http://www.anonymouse.org Anonymouse

http://www.peacefire.org/circumventor/simple-circumventor-instructions.html Peacefire's Circumventor

!!Proxies

http://www.publicproxyservers.com/index.html Public Proxy Servers

http://tools.rosinstrument.com/proxy/ Rosinstrument

http://www.samair.ru/proxy/ Samair

!!Other Tools

http://adoptablog.irisnetwork.ca/ Adopt a Blog (social hosting)

http://www.gnupg.org/ Gnu PG (encryption)

http://invisiblog.com/ Invisiblog (anonymous web publishing)

http://www.opennetinitiative.net/ Open Net Initiative (filtering information)

http://tor.eff.org/ TOR (onion routing)

!!Remailers

https://www.ciphire.com/ Ciphire

http://mixmaster.sourceforge.net/ Mixmaster

http://www.noreply.org/ Noreply.org

http://riot.eu.org/anon/ Riot

edited MalaysiaAnonymousBloggingGuide

email@hidden () — Tue, 17 Jan 2006 05:32:51 +0000

!ANONYMOUS BLOGGING GUIDE - MALAYSIA

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/malaysia+abg+-+final.doc | Malaysia Anonymous Blogging Guide%5D here.

!!INTRODUCTION

Over the past several years, as blogging has gained in popularity, certain countries have developed as strong blogging communities. It is uncertain what makes one country embrace blogging so enthusiastically. Academics will need to pursue this question. What is certain, however, is that Malaysia is one such country in which bloggers have thriven, one source counting 20,000 Malaysian blogs. Part of blogging’s popularity may be the advanced technical state of the country. Part of it may be the synergy between Malaysia, Singapore and Indonesia, all countries with relatively thriving blogging scenes. Finally, Malaysia’s harsh climate for the press may have driven people to find ways to express themselves in areas where the government finds it more difficult to pursue.

Malaysia, unlike other countries with an interest in controlling the press, has yet to institute full-fledged Internet filtering. But that seems to be looming on the horizon. Malaysia has approved recommendations to restrict access to pornography. In addition, schools and libraries are now required to install filtering software. Other measures to be introduced include optional filtering services on ISPs, a complaint center where Internet users can report obscene content and awareness campaigns against pornography. But some are questioning these moves, suggesting that the implementation of a filtering infrastructure for pornography can easily be configured to block political content. In addition to the overblocking associated with filtering software (blocking sites that share words with blocked sites even if the sites in question are not offensive), Malaysia could easily add additional sites to the block lists for political reasons once the filtering infrastructure is in place. Malaysia has a record of harassing online publications for political reasons.

As one Malaysian journalist wrote, “Legitimate Internet censorship provides a backdoor entry to ban dissent or alternative viewpoints.”

Among the direct threats to bloggers (and other online sites) in the last year are the interrogation of three prominent bloggers by the nation’s security service and the interrogation of the editors of several online news sites. This being the case, it makes sense for Malaysian bloggers to seriously consider their safety. Because blogging can be as useful in the dissemination of information, both within a country and internationally, as standard journalism, sometimes more so, the scrutiny is likely to increase. Because Malaysia is a country whose leaders are nervous about instability based on offense, and because Internet filtering, both technically and culturally, tends toward over-kill, you may want to take the measures necessary to blog safely.

!!TO BLOG SAFELY IS TO BLOG ANONYMOUSLY

What does it mean to blog safely? To a great degree, it means to blog anonymously. Most bloggers and other online users arrested around the world for critical speech were discovered because they took no pains at all to disguise who they were. Since all but the most innocuous blogs may be suspected of being rebellious in some way, we cannot in good conscience encourage anyone to blog using their real name. The decision to do so, of course, is up to you. But please bear in mind that many of those who have seen the inside of a jail cell never thought for a moment that they were in danger.

We’re not trying to be alarmist, just safe. It has been said that anyone or any state with enough resources and time will be able to find out the identity of anyone on the Internet. The key is to put more effort and time into staying anonymous than anyone in the government will put into discovering it. Some people in some places may need to devote relatively little work in order to say safe. Others may need to do quite a bit of work.

This document will outline the primary methods and tools for anonymous blogging, as well as some ways to navigate the Internet when it is filtered. Although this document is focusing on the situation of bloggers in Malaysia, it may also be applicable to the situation of bloggers in Singapore and Indonesia.

**There are two major ways your identity can be discovered** while blogging. One is by revealing your identity through the content you post. For instance, if you write, "I'm a third-year education student at the University Putri Malaysia and I come from Georgetown," there's a good chance that someone reading your blog will be able to figure out who you are.

The other way to get discovered is if someone identifies you from information your web browser or email program provides. Every computer attached to the Internet has, or shares, an address called an IP address. That is a series of four numbers from 0-255, separated by dots, for instance: 213.24.124.38.

With a little work, the authorities may be able to trace any posting you make back to your computer. If you use a home computer and dial into an Internet service provider (ISP), this ISP will have a record of which computer dials in at what time and accesses which information.

There are a number of ways you can hide your identity when using the Internet. As a general rule, the more secure you want to be, the more work you will need to do to hide your identity. Some of the strategies for protecting identity online require a great deal of technical knowledge and work. But they all start with basic, common sense measures.

!!BASIC ANONYMIZATION MEASURES

**Never use your real name**. We don’t mean just on your blog. We mean when signing up for your blog you must use a pseudonym. And when you are signing up for your web-based email, also use a fake name. It is very easy to trace traffic from your home or work email unless you use a remailer, which we will talk about later; so we advise you use a web-based email, which we will also talk about in greater depth later.

A good general rule for anonymous blogging: Never use any service that you must pay for or that you sign up for via the government or that uses a service that must report to the government. And do not register with the authorities, of course. Please note that some of these services may require you to use the Latin alphabet.

''Free web-based email providers'':

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

''Free weblog hosting'':

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

Livejournal: http://www.livejournal.com/

Seoblog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

The trend toward blocking and filtering individual blogs; blog hosts, such as Blogger http://www.blogger.com; and photo sharing sites such as Flicker http://www.flickr.com/, is intermittent. The uncertainty of the blocking is part of a tried-and-true method of intimidation: creating systemic uncertainty. Also, again due to the extreme centralization, should the government or the ISU decide to block a hosting service, it can be done almost immediately. The ISU is transparent in its filtering. If something is blocked, you are given as a reader, the option of requesting that it be unblocked. The risk you run in making such a request is that you announce who you are and what kind of things you wish to read.

**Do not use any identifying information on your blog**. For the reasons discussed above, do not use a nickname, for instance, that people know is yours. Do not use one that identifies you somehow. Do not talk about your street or neighborhood, what you do for a living or where you work, or specifics about who you know, where you have traveled and so forth. Otherwise, you will be providing investigators with leads to your identity.

Here's the problem with this strategy. When you sign up for an email service or a weblog, the web server you are accessing logs your IP address. If that IP address can be traced to you, for instance if you are using your computer at home or at work, you could be found.

One additional step you could take to hide your identity is to do your work on heavily-used computers. Rather than setting up your webmail and blogging accounts from your home or work computer, you could set them up from a computer in a cybercafe, a library, or a university computer lab. Should anyone trace the IP used to post a comment or a post they will discover that the post was made from a cybercafe, where any number of people might have been using the computers.

There are flaws in this strategy as well. If the Internet café or computer lab keeps track of who is using what computer at what time, your identity could be compromised. Do not use computers at places like these in the middle of the night or other times when you are likely to be the only person there. If you use Internet cafés, change which ones you use often. If the authorities decide to look into a blog and discover that all the posts are coming from a specific café, it would not be hard to send police to watch who visits.

!!ANONYMOUS PROXIES

If you choose to, you can take the trouble to use what is called a “proxy.” If you access the Internet through a proxy, you will leave behind the IP address of the proxy server, instead of the address of the computer you are using.

The difficulty in using proxies and anonymizers (we will cover these later) is that they are frequently among the first sites to be blocked by a government seeking control of its people. That is currently not the case in Malaysia, but it is something to watch out for. Should Malaysia begin to block proxies, you may have to search for new proxies as old ones are blocked. Another option (also covered below) is to use Peacefire’s Circumventor program, or another “social” option.

To use a proxy, first choose a proxy server from one of these lists, or find one yourself on a search engine like Google http://www.google.com.

!!!!!Public Proxy Servers: http://www.publicproxyservers.com/index.html

!!!!!Rosinstrument: http://tools.rosinstrument.com/proxy/

!!!!!Samair: http://www.samair.ru/proxy/

Now, open the “preferences” or “options” section of your web browser. Under the “general”, “network” or “security” tab (usually), find an option to set up a proxy to access the Internet. Here is a set of instructions http://www.freeproxy.ru/en/free_proxy/howuse.htm for various browsers.

Turn on “manual proxy configuration”, enter the IP address of the proxy server and port into the fields for HTTP proxy and SSL proxy and save your settings. Restart your browser.

Your connection to the web will seem a bit slower because every page you request from a web server takes a detour. Instead of connecting directly to Hushmail, for instance, you connect to the proxy, which then connects to Hushmail. When Hushmail sends a page to you, it goes to the proxy first, then to you. You may also notices some trouble accessing websites, especially those that want you to log in.

A final problem is that if authorities discover you have been using a proxy, that in itself may constitute “proof” of wrongdoing.

!!“SOCIAL” OPTIONS

One way around the excessive blocking of proxies is to use Peacefire’s Circumventor.

To do this, you will need a friend outside of Malaysia whom you trust. They will need to set up Circumventor on their computer. Your friend downloads Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html from the Peacefire site and installs it on his Windows system. It is not easy to do. First, he needs to install Perl on his system, then OpenSA, then Circumventor.

After these installations, he will needs to keep his computer connected to the Internet constantly, so you can use it as a proxy without asking each time. But you will, once it is set up, be able to surf the web, post to your blog, and use your email, all through the proxy your friend has created on his machine by using Circumventor. You can even use it at an Internet café, because the proxy is not listed as such in the state’s filtering technology, so it is not very suspicious.

Nothing is perfect. (Are you surprised?) Here’s the problem with this system: your friend’s computer, running Windows, often reboots. Each time it does, it is assigned a new IP address. And every time this happens, your friend will need to contact you with the address. (Probably cellular phone calls are best for this.) There is always the chance that this proxy will be recognized in time as such by the government.

Another social option is to use Adopt-a-Blog http://www.adoptablog.org/. Designed primarily for blocked blogs in China, you can contact this service with a request that someone outside your country host a blog on their server. The server hosting your blog is unlikely to be blocked and, if it becomes blocked, your blog is moved to a different server.

If you know someone trustworthy outside the country, another option is to simply ask that person to set up a blog for you and then to post to it either using a proxy, or by contacting them via web-based email, encrypted email or by using a remailer system (see below). It is highly advisable, however, not to trust anyone quickly whom you do not know. Established human rights and free speech groups might be willing to connect you with trustworthy people willing to help. Members of the Malaysian expatriate community may also be helpful.

!!TOR ONION ROUTING

Tor, an “onion routing” system takes the idea of proxy servers to a new level of complexity. Each request made through an onion routing network goes through two to 20 additional computers, making it hard to trace what computer originated a request. Each step of the Onion Routing chain is encrypted, making it harder for the government to trace your posts. Furthermore, each computer in the chain only knows its nearest neighbors. In other words, router B knows that it got a request for a web page from router A, and that it's supposed to pass the request on to router C. But the request itself is encrypted: router B doesn't actually know what page you are requesting, or what router will finally request the page from the web server.

Given the complexity of the technology, it is surprisingly easy to install Tor http://tor.eff.org/cvs/tor/doc/tor-doc-win32.html. You download an installer which first installs Tor on your system, and then downloads and installs Privoxy, a proxy that works with Tor.

The Tor system will make it look at one point like you are on a computer at Harvard University, and then it looks like you are in Germany, and so forth, changing all the time as you reload or sign on at different times. Tor is changing your identity from request to request, helping to protect keep your identity private.

This has some a couple of unintended consequences. When you use Google through Tor, it may switch languages on you. One search may be in English; another may be Japanese, German, Danish or Dutch, all in the course of a few minutes. Some sites, Wikipedia, for instance, may not allow connections from a Tor system. Your surfing may slow down quite a bit at times. And, of course, you are reliant on your home computer, since you cannot install Tor on a public machine. Most worrisome, though, is Tor’s occasional malfunctioning: it may sometimes stop working. Your ISP may block some Tor routers.

!!TORPARK

TOR is somewhat difficult to install for a non-technical user. Although much easier than most anonymizing technologies, it can still be tricky. Also, if you are accessing the Internet from an Internet café, it is unlikely you will be able to install TOR on the computers you are using.

Now there is an alternative. The people behind a new tool called Torpark http://torpark.nfshost.com/ have combined an alpha version of the new Firefox Deer Park browser http://www.mozilla.org/projects/firefox/ with TOR and an installer, to produce a 20MB package designed to fit on a USB key http://en.wikipedia.org/wiki/Keydrive.

When you insert your USB key into the port of a computer equipped with Windows 2000 or XP and you run the Torpark application, an anonymized browser window will open, allowing you to surf the web, leaving few or no traces behind.

One click starts a script, opens a DOS window and a browser, which then surfs through TOR. Ejecting the USB key removes obvious traces from the system. The browsing experience is the slow, but satisfactory, experience you get when browsing with TOR.

There are some problems: Stylesheet-heavy pages tend to look bad, as some graphics and files fail to load. Some images break. But for the most part, you can surf the web effectively.

There are three difficulties that may prevent some users from adopting Torpark as their preferred method of surfing.

First, not everyone has a USB key. Securing access to a reasonably priced key may be difficult for some people. There may be a lack of supply or the price may place it out of reach for many. Second, many Internet cafés may not allow you to attach a USB key to their machines. Finally, TOR uses a small, published list of servers that transfer and obscure packets. In any country that employs a firewall, it is reasonable to assume that the administrators block traffic from the servers that are currently listed http://proxy.org/tor.shtml and add any new servers to the blacklist when they come online.

Torpark can be downloaded http://torpark.nfshost.com/ in English, Chinese, French, Slovenian, Russian, Korean, Hebrew, Polish and Turkish and other languages.

!!MIXMASTER, INVISIBLOG AND GPG

There are a number of additional options that do no require proxy servers. One such service is Invisiblog http://www.invisiblog.com/. You do not post to Invisiblog via the web, as you do with most blog servers. You post to it using specially formatted email, sent through the Mixmaster remailer system, signed cryptographically.

That sounds complicated. It is. But here is what you do. First, go to GPG http://www.gnupg.org and set up a “public-key encryption system.” (Public-key encryption is a technique that allows you to send messages to a person that only the recipient can read. Public key encryption also allows people to “sign” documents with a digital signature that is almost impossible to forge.)

Then, set up Mixmaster http://mixmaster.sourceforge.net/, a mailing system designed to obscure the origins of an email message. Mixmaster uses a chain of anonymous remailers (computer programs that strip all identifying information off an email and send it to its destination) to send email messages with a high degree of anonymity. By using a chain of 2 to 20 remailers, the message is very difficult to trace, even if one or more of the remailers is “compromised” and is recording sender information.

Unfortunately, you have to “build” Mixmaster by compiling its source code, a project that requires a great deal of technical know-how.

Once set up, you send a Mixmaster message to Invisiblog, which includes your public key. Invisiblog will use this to set up a new blog for you, with a name like “invisiblog.com/ac4589d7001ac238”. (The long string is the last 16 bytes of your GPG key.) Once your Invisiblog is set up, you send future posts to by writing a text message, signing it with your public key and sending it via Mixmaster.

The misdirection of Mixmaster mailers means that it takes anywhere from two hours to two days for your message to reach the servers. And you must be very careful about looking at your blog. If you look at it too often, your IP address will appear in the blog's log frequently, signaling that you are probably its author. You can be somewhat reassured by the fact that the owners of Invisiblog have no idea who you are.

The main problem with the Invisiblog system is the fact that it is very difficult for most people to use. Most people find GPG a challenge to set up and have difficulty understanding the complexities of public and private keys. More user-friendly cryptographic tools, like Ciphire https://www.ciphire.com/, have been set up to help less technically proficient users, but even they can be difficult. These tools are also frequently blocked by repressive regimes. Another issue that makes this difficult is that if the authorities ever take your computer and find your private key, it would be considered highly suspicious in itself and might be used as evidence that you were the author of the blog. If you do succeed in sending out mail messages wrapped in strong encryption, like Mixmaster, you run the risk of attracting the attention of the Internet authorities.

!!CONCLUSION

You have a right to be heard. Your voice is important to Malaysia, both for its present and its future. However, contradicting the accepted common truths of a nation can be frowned upon, and a government that is on the defensive politically can be challenging to those who wish to add their voices to the discussion of their country’s future. Someone who cares about this future can do no good mute. You must remain in possession of your voice.

To that end, we have covered basic anonymization measures, such as pseudonymous blogging and web-based email; proxies; social options, such as individual Circumventor proxies, Adopt-a-Blog and assisted blogging; Tor servers’ onion routing; and very complex email-based blogging systems like Invisiblog.

None of these, nor any combination, is foolproof. There will always remain a chance that you will be discovered and the authorities, which fear the intellect of their own people, will succeed in silencing you. Be very careful. You are fellow bloggers, as well as fellow human beings, and we wish above all for you to remain free and safe.

Please forward this document to anyone you think might benefit from reading it. You are also welcome to add to it your ideas, experiences and experiments—though we ask you leave in place all warnings about the dangers of speaking up and the provisional nature of all anonymizing techniques, tools and processes. Perhaps you have information we do not. Perhaps you know of additional measures to take that we have not covered. Let’s share with each other and take care of one another.

!!LEGAL

We make no warranty as to the accuracy of the information contained in these guides. The reader assumes all responsibility for the risk of using them.

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

Contact the authors at anoniblog@hushmail.com.

!ANONYMOUS BLOGGING GUIDE - MALAYSIA

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/malaysia+abg+-+final.doc | Malaysia Anonymous Blogging Guide%5D here.

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

!!INTRODUCTION

Over the past several years, as blogging has gained in popularity, certain countries have developed as strong blogging communities. It is uncertain what makes one country embrace blogging so enthusiastically. Academics will need to pursue this question. What is certain, however, is that Malaysia is one such country in which bloggers have thriven, one source counting 20,000 Malaysian blogs. Part of blogging’s popularity may be the advanced technical state of the country. Part of it may be the synergy between Malaysia, Singapore and Indonesia, all countries with relatively thriving blogging scenes. Finally, Malaysia’s harsh climate for the press may have driven people to find ways to express themselves in areas where the government finds it more difficult to pursue.

Malaysia, unlike other countries with an interest in controlling the press, has yet to institute full-fledged Internet filtering. But that seems to be looming on the horizon. Malaysia has approved recommendations to restrict access to pornography. In addition, schools and libraries are now required to install filtering software. Other measures to be introduced include optional filtering services on ISPs, a complaint center where Internet users can report obscene content and awareness campaigns against pornography. But some are questioning these moves, suggesting that the implementation of a filtering infrastructure for pornography can easily be configured to block political content. In addition to the overblocking associated with filtering software (blocking sites that share words with blocked sites even if the sites in question are not offensive), Malaysia could easily add additional sites to the block lists for political reasons once the filtering infrastructure is in place. Malaysia has a record of harassing online publications for political reasons.

As one Malaysian journalist wrote, “Legitimate Internet censorship provides a backdoor entry to ban dissent or alternative viewpoints.”

Among the direct threats to bloggers (and other online sites) in the last year are the interrogation of three prominent bloggers by the nation’s security service and the interrogation of the editors of several online news sites. This being the case, it makes sense for Malaysian bloggers to seriously consider their safety. Because blogging can be as useful in the dissemination of information, both within a country and internationally, as standard journalism, sometimes more so, the scrutiny is likely to increase. Because Malaysia is a country whose leaders are nervous about instability based on offense, and because Internet filtering, both technically and culturally, tends toward over-kill, you may want to take the measures necessary to blog safely.

!!TO BLOG SAFELY IS TO BLOG ANONYMOUSLY

What does it mean to blog safely? To a great degree, it means to blog anonymously. Most bloggers and other online users arrested around the world for critical speech were discovered because they took no pains at all to disguise who they were. Since all but the most innocuous blogs may be suspected of being rebellious in some way, we cannot in good conscience encourage anyone to blog using their real name. The decision to do so, of course, is up to you. But please bear in mind that many of those who have seen the inside of a jail cell never thought for a moment that they were in danger.

We’re not trying to be alarmist, just safe. It has been said that anyone or any state with enough resources and time will be able to find out the identity of anyone on the Internet. The key is to put more effort and time into staying anonymous than anyone in the government will put into discovering it. Some people in some places may need to devote relatively little work in order to say safe. Others may need to do quite a bit of work.

This document will outline the primary methods and tools for anonymous blogging, as well as some ways to navigate the Internet when it is filtered. Although this document is focusing on the situation of bloggers in Malaysia, it may also be applicable to the situation of bloggers in Singapore and Indonesia.

**There are two major ways your identity can be discovered** while blogging. One is by revealing your identity through the content you post. For instance, if you write, "I'm a third-year education student at the University Putri Malaysia and I come from Georgetown," there's a good chance that someone reading your blog will be able to figure out who you are.

The other way to get discovered is if someone identifies you from information your web browser or email program provides. Every computer attached to the Internet has, or shares, an address called an IP address. That is a series of four numbers from 0-255, separated by dots, for instance: 213.24.124.38.

With a little work, the authorities may be able to trace any posting you make back to your computer. If you use a home computer and dial into an Internet service provider (ISP), this ISP will have a record of which computer dials in at what time and accesses which information.

There are a number of ways you can hide your identity when using the Internet. As a general rule, the more secure you want to be, the more work you will need to do to hide your identity. Some of the strategies for protecting identity online require a great deal of technical knowledge and work. But they all start with basic, common sense measures.

!!BASIC ANONYMIZATION MEASURES

**Never use your real name**. We don’t mean just on your blog. We mean when signing up for your blog you must use a pseudonym. And when you are signing up for your web-based email, also use a fake name. It is very easy to trace traffic from your home or work email unless you use a remailer, which we will talk about later; so we advise you use a web-based email, which we will also talk about in greater depth later.

A good general rule for anonymous blogging: Never use any service that you must pay for or that you sign up for via the government or that uses a service that must report to the government. And do not register with the authorities, of course. Please note that some of these services may require you to use the Latin alphabet.

''Free web-based email providers'':

Hushmail: http://www.hushmail.com/

Lycos Email: http://mail.lycos.com/

Opera Mail: http://www.operamail.com/scripts/common/index.main?signin=1&lang=us

''Free weblog hosting'':

Blogger: http://www.blogger.com/start

Blogsome: http://www.blogsome.com/

Livejournal: http://www.livejournal.com/

Seoblog: http://www.seo-blog.org/

Weblog.us: http://weblogs.us/

The trend toward blocking and filtering individual blogs; blog hosts, such as Blogger http://www.blogger.com; and photo sharing sites such as Flicker http://www.flickr.com/, is intermittent. The uncertainty of the blocking is part of a tried-and-true method of intimidation: creating systemic uncertainty. Also, again due to the extreme centralization, should the government or the ISU decide to block a hosting service, it can be done almost immediately. The ISU is transparent in its filtering. If something is blocked, you are given as a reader, the option of requesting that it be unblocked. The risk you run in making such a request is that you announce who you are and what kind of things you wish to read.

**Do not use any identifying information on your blog**. For the reasons discussed above, do not use a nickname, for instance, that people know is yours. Do not use one that identifies you somehow. Do not talk about your street or neighborhood, what you do for a living or where you work, or specifics about who you know, where you have traveled and so forth. Otherwise, you will be providing investigators with leads to your identity.

Here's the problem with this strategy. When you sign up for an email service or a weblog, the web server you are accessing logs your IP address. If that IP address can be traced to you, for instance if you are using your computer at home or at work, you could be found.

One additional step you could take to hide your identity is to do your work on heavily-used computers. Rather than setting up your webmail and blogging accounts from your home or work computer, you could set them up from a computer in a cybercafe, a library, or a university computer lab. Should anyone trace the IP used to post a comment or a post they will discover that the post was made from a cybercafe, where any number of people might have been using the computers.

There are flaws in this strategy as well. If the Internet café or computer lab keeps track of who is using what computer at what time, your identity could be compromised. Do not use computers at places like these in the middle of the night or other times when you are likely to be the only person there. If you use Internet cafés, change which ones you use often. If the authorities decide to look into a blog and discover that all the posts are coming from a specific café, it would not be hard to send police to watch who visits.

!!ANONYMOUS PROXIES

If you choose to, you can take the trouble to use what is called a “proxy.” If you access the Internet through a proxy, you will leave behind the IP address of the proxy server, instead of the address of the computer you are using.

The difficulty in using proxies and anonymizers (we will cover these later) is that they are frequently among the first sites to be blocked by a government seeking control of its people. That is currently not the case in Malaysia, but it is something to watch out for. Should Malaysia begin to block proxies, you may have to search for new proxies as old ones are blocked. Another option (also covered below) is to use Peacefire’s Circumventor program, or another “social” option.

To use a proxy, first choose a proxy server from one of these lists, or find one yourself on a search engine like Google http://www.google.com.

!!!!!Public Proxy Servers: http://www.publicproxyservers.com/index.html

!!!!!Rosinstrument: http://tools.rosinstrument.com/proxy/

!!!!!Samair: http://www.samair.ru/proxy/

Now, open the “preferences” or “options” section of your web browser. Under the “general”, “network” or “security” tab (usually), find an option to set up a proxy to access the Internet. Here is a set of instructions http://www.freeproxy.ru/en/free_proxy/howuse.htm for various browsers.

Turn on “manual proxy configuration”, enter the IP address of the proxy server and port into the fields for HTTP proxy and SSL proxy and save your settings. Restart your browser.

Your connection to the web will seem a bit slower because every page you request from a web server takes a detour. Instead of connecting directly to Hushmail, for instance, you connect to the proxy, which then connects to Hushmail. When Hushmail sends a page to you, it goes to the proxy first, then to you. You may also notices some trouble accessing websites, especially those that want you to log in.

A final problem is that if authorities discover you have been using a proxy, that in itself may constitute “proof” of wrongdoing.

!!“SOCIAL” OPTIONS

One way around the excessive blocking of proxies is to use Peacefire’s Circumventor.

To do this, you will need a friend outside of Malaysia whom you trust. They will need to set up Circumventor on their computer. Your friend downloads Circumventor http://www.peacefire.org/circumventor/simple-circumventor-instructions.html from the Peacefire site and installs it on his Windows system. It is not easy to do. First, he needs to install Perl on his system, then OpenSA, then Circumventor.

After these installations, he will needs to keep his computer connected to the Internet constantly, so you can use it as a proxy without asking each time. But you will, once it is set up, be able to surf the web, post to your blog, and use your email, all through the proxy your friend has created on his machine by using Circumventor. You can even use it at an Internet café, because the proxy is not listed as such in the state’s filtering technology, so it is not very suspicious.

Nothing is perfect. (Are you surprised?) Here’s the problem with this system: your friend’s computer, running Windows, often reboots. Each time it does, it is assigned a new IP address. And every time this happens, your friend will need to contact you with the address. (Probably cellular phone calls are best for this.) There is always the chance that this proxy will be recognized in time as such by the government.

Another social option is to use Adopt-a-Blog http://www.adoptablog.org/. Designed primarily for blocked blogs in China, you can contact this service with a request that someone outside your country host a blog on their server. The server hosting your blog is unlikely to be blocked and, if it becomes blocked, your blog is moved to a different server.

If you know someone trustworthy outside the country, another option is to simply ask that person to set up a blog for you and then to post to it either using a proxy, or by contacting them via web-based email, encrypted email or by using a remailer system (see below). It is highly advisable, however, not to trust anyone quickly whom you do not know. Established human rights and free speech groups might be willing to connect you with trustworthy people willing to help. Members of the Malaysian expatriate community may also be helpful.

!!TOR ONION ROUTING

Tor, an “onion routing” system takes the idea of proxy servers to a new level of complexity. Each request made through an onion routing network goes through two to 20 additional computers, making it hard to trace what computer originated a request. Each step of the Onion Routing chain is encrypted, making it harder for the government to trace your posts. Furthermore, each computer in the chain only knows its nearest neighbors. In other words, router B knows that it got a request for a web page from router A, and that it's supposed to pass the request on to router C. But the request itself is encrypted: router B doesn't actually know what page you are requesting, or what router will finally request the page from the web server.

Given the complexity of the technology, it is surprisingly easy to install Tor http://tor.eff.org/cvs/tor/doc/tor-doc-win32.html. You download an installer which first installs Tor on your system, and then downloads and installs Privoxy, a proxy that works with Tor.

The Tor system will make it look at one point like you are on a computer at Harvard University, and then it looks like you are in Germany, and so forth, changing all the time as you reload or sign on at different times. Tor is changing your identity from request to request, helping to protect keep your identity private.

This has some a couple of unintended consequences. When you use Google through Tor, it may switch languages on you. One search may be in English; another may be Japanese, German, Danish or Dutch, all in the course of a few minutes. Some sites, Wikipedia, for instance, may not allow connections from a Tor system. Your surfing may slow down quite a bit at times. And, of course, you are reliant on your home computer, since you cannot install Tor on a public machine. Most worrisome, though, is Tor’s occasional malfunctioning: it may sometimes stop working. Your ISP may block some Tor routers.

!!TORPARK

TOR is somewhat difficult to install for a non-technical user. Although much easier than most anonymizing technologies, it can still be tricky. Also, if you are accessing the Internet from an Internet café, it is unlikely you will be able to install TOR on the computers you are using.

Now there is an alternative. The people behind a new tool called Torpark http://torpark.nfshost.com/ have combined an alpha version of the new Firefox Deer Park browser http://www.mozilla.org/projects/firefox/ with TOR and an installer, to produce a 20MB package designed to fit on a USB key http://en.wikipedia.org/wiki/Keydrive.

When you insert your USB key into the port of a computer equipped with Windows 2000 or XP and you run the Torpark application, an anonymized browser window will open, allowing you to surf the web, leaving few or no traces behind.

One click starts a script, opens a DOS window and a browser, which then surfs through TOR. Ejecting the USB key removes obvious traces from the system. The browsing experience is the slow, but satisfactory, experience you get when browsing with TOR.

There are some problems: Stylesheet-heavy pages tend to look bad, as some graphics and files fail to load. Some images break. But for the most part, you can surf the web effectively.

There are three difficulties that may prevent some users from adopting Torpark as their preferred method of surfing.

First, not everyone has a USB key. Securing access to a reasonably priced key may be difficult for some people. There may be a lack of supply or the price may place it out of reach for many. Second, many Internet cafés may not allow you to attach a USB key to their machines. Finally, TOR uses a small, published list of servers that transfer and obscure packets. In any country that employs a firewall, it is reasonable to assume that the administrators block traffic from the servers that are currently listed http://proxy.org/tor.shtml and add any new servers to the blacklist when they come online.

Torpark can be downloaded http://torpark.nfshost.com/ in English, Chinese, French, Slovenian, Russian, Korean, Hebrew, Polish and Turkish and other languages.

!!MIXMASTER, INVISIBLOG AND GPG

There are a number of additional options that do no require proxy servers. One such service is Invisiblog http://www.invisiblog.com/. You do not post to Invisiblog via the web, as you do with most blog servers. You post to it using specially formatted email, sent through the Mixmaster remailer system, signed cryptographically.

That sounds complicated. It is. But here is what you do. First, go to GPG http://www.gnupg.org and set up a “public-key encryption system.” (Public-key encryption is a technique that allows you to send messages to a person that only the recipient can read. Public key encryption also allows people to “sign” documents with a digital signature that is almost impossible to forge.)

Then, set up Mixmaster http://mixmaster.sourceforge.net/, a mailing system designed to obscure the origins of an email message. Mixmaster uses a chain of anonymous remailers (computer programs that strip all identifying information off an email and send it to its destination) to send email messages with a high degree of anonymity. By using a chain of 2 to 20 remailers, the message is very difficult to trace, even if one or more of the remailers is “compromised” and is recording sender information.

Unfortunately, you have to “build” Mixmaster by compiling its source code, a project that requires a great deal of technical know-how.

Once set up, you send a Mixmaster message to Invisiblog, which includes your public key. Invisiblog will use this to set up a new blog for you, with a name like “invisiblog.com/ac4589d7001ac238”. (The long string is the last 16 bytes of your GPG key.) Once your Invisiblog is set up, you send future posts to by writing a text message, signing it with your public key and sending it via Mixmaster.

The misdirection of Mixmaster mailers means that it takes anywhere from two hours to two days for your message to reach the servers. And you must be very careful about looking at your blog. If you look at it too often, your IP address will appear in the blog's log frequently, signaling that you are probably its author. You can be somewhat reassured by the fact that the owners of Invisiblog have no idea who you are.

The main problem with the Invisiblog system is the fact that it is very difficult for most people to use. Most people find GPG a challenge to set up and have difficulty understanding the complexities of public and private keys. More user-friendly cryptographic tools, like Ciphire https://www.ciphire.com/, have been set up to help less technically proficient users, but even they can be difficult. These tools are also frequently blocked by repressive regimes. Another issue that makes this difficult is that if the authorities ever take your computer and find your private key, it would be considered highly suspicious in itself and might be used as evidence that you were the author of the blog. If you do succeed in sending out mail messages wrapped in strong encryption, like Mixmaster, you run the risk of attracting the attention of the Internet authorities.

!!CONCLUSION

You have a right to be heard. Your voice is important to Malaysia, both for its present and its future. However, contradicting the accepted common truths of a nation can be frowned upon, and a government that is on the defensive politically can be challenging to those who wish to add their voices to the discussion of their country’s future. Someone who cares about this future can do no good mute. You must remain in possession of your voice.

To that end, we have covered basic anonymization measures, such as pseudonymous blogging and web-based email; proxies; social options, such as individual Circumventor proxies, Adopt-a-Blog and assisted blogging; Tor servers’ onion routing; and very complex email-based blogging systems like Invisiblog.

None of these, nor any combination, is foolproof. There will always remain a chance that you will be discovered and the authorities, which fear the intellect of their own people, will succeed in silencing you. Be very careful. You are fellow bloggers, as well as fellow human beings, and we wish above all for you to remain free and safe.

Please forward this document to anyone you think might benefit from reading it. You are also welcome to add to it your ideas, experiences and experiments—though we ask you leave in place all warnings about the dangers of speaking up and the provisional nature of all anonymizing techniques, tools and processes. Perhaps you have information we do not. Perhaps you know of additional measures to take that we have not covered. Let’s share with each other and take care of one another.

!!LEGAL

We make no warranty as to the accuracy of the information contained in these guides. The reader assumes all responsibility for the risk of using them.

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.5/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

Contact the authors at anoniblog@hushmail.com.

edited IranAnonymousBloggingGuide

email@hidden () — Tue, 17 Jan 2006 05:32:18 +0000

!Persian Anonymous Blogging Guide

Download Word version of %5Bhttp://anoniblog.pbwiki.com/f/persian+abg+-+final.doc | Iran Anonymous Blogging Guide%5D here.

edited CreditsPage

email@hidden () — Tue, 17 Jan 2006 05:31:38 +0000

**This wiki and the guides on it are the fruits of %5Bhttp://www.spiritofamerica.net/cgi-bin/soa/project.pl?rm=view_project&request_id=104 | Spirit of America's Anonymous Blogging Campaign%5D.**

The project was managed by %5Bhttp://morphemetales.blogspot.com | Curt Hopkins%5D of the %5Bhttp://committeetoprotectbloggers.civiblog.org | Committee to Protect Bloggers%5D.

The technical consultant was %5Bhttp://www.marshallk.com | Marshall Kirkpatrick%5D.

The Arabic translation was donated by %5Bhttp://arabic.tharwaproject.com/ | The Tharwa Project%5D. (The English version of their site is %5Bhttp://www.tharwaproject.com/ | here%5D.) We appreciate their help. The Persian guide was translated by A.J. and the Chinese by Oregon's own W.S. Countless people were good enough to read over these translations, though needless to say any problems in the guides are not their fault. And thanks to everyone who reviewed the translations and the technical materials.

These guides were designed as a practical synthesis of available materials on anonymization. Among our many sources were Global Voices Online's %5Bhttp://cyber.law.harvard.edu/globalvoices/?p=125 | Technical guide to anonymous blogging%5D, the Electronic Frontier Foundation's %5Bhttp://www.eff.org/Privacy/Anonymity/blog-anonymously.php | How To Blog Safely%5D and the filtering case studies of the %5Bhttp://www.opennetinitiative.net/modules.php?op=modload&name=Archive&file=index&req=viewarticle&artid=1 | OpenNet Initiative%5D. An exhaustive listing would fill pages.

**This wiki and the guides on it are the fruits of %5Bhttp://www.spiritofamerica.net/cgi-bin/soa/project.pl?rm=view_project&request_id=104 | Spirit of America's Anonymous Blogging Campaign%5D.**

**PLEASE NOTE THAT THIS WIKI WAS SET UP BY SPIRIT OF AMERICA (BELOW) WHO WORK ON US PSYOPS PROJECTS. SPIRIT OF AMERICA WAS SET UP BY A US GOVERNMENT THINK-TANK WITH FINANCE FROM THE OIL INDUSTRY. FOR DETAILS, SEE**:

%5Bhttp://bushout.blogspot.com/2005/01/iraq-model-full-story-i-was-busy.html%5D

The project was managed by %5Bhttp://morphemetales.blogspot.com | Curt Hopkins%5D of the %5Bhttp://committeetoprotectbloggers.civiblog.org | Committee to Protect Bloggers%5D.

The technical consultant was %5Bhttp://www.marshallk.com | Marshall Kirkpatrick%5D.

The Arabic translation was donated by %5Bhttp://arabic.tharwaproject.com/ | The Tharwa Project%5D. (The English version of their site is %5Bhttp://www.tharwaproject.com/ | here%5D.) We appreciate their help. The Persian guide was translated by A.J. and the Chinese by Oregon's own W.S. Countless people were good enough to read over these translations, though needless to say any problems in the guides are not their fault. And thanks to everyone who reviewed the translations and the technical materials.

These guides were designed as a practical synthesis of available materials on anonymization. Among our many sources were Global Voices Online's %5Bhttp://cyber.law.harvard.edu/globalvoices/?p=125 | Technical guide to anonymous blogging%5D, the Electronic Frontier Foundation's %5Bhttp://www.eff.org/Privacy/Anonymity/blog-anonymously.php | How To Blog Safely%5D and the filtering case studies of the %5Bhttp://www.opennetinitiative.net/modules.php?op=modload&name=Archive&file=index&req=viewarticle&artid=1 | OpenNet Initiative%5D. An exhaustive listing would fill pages.

Additional information came from the news media, academic and techincal studies, and, most importantly, individual bloggers. These included bloggers with an interest in the target areas who work outside of them, bloggers who work on online free speech issues in general and, above all, those bloggers working in countries that discourage or punish free speech. They are the source of this project and to them goes the lion's share of the credit. Due to both the great number of bloggers whose work we drew on, as well as the danger that some of them work in, we cannot list them individually here.