Triple Trick

We've all read the reports about Internet companies and government agencies that are tracking people. Like many Linux users, you might be interested in making your system as "NSA-proof" as possible. The tools and techniques for cyberprivacy are far too numerous to cover in a single article, but most of the challenge boils down to three basic objectives:

• Secure data at rest
• Secure data in transit
• Clean up

Securing data at rest means encrypting the data as it sits in storage somewhere – which might be on your own drive or in a Dropbox or Carbonite folder in the cloud. Securing data in transit means encrypting and anonymizing information so no one can read your messages or trace your Internet activity. Cleaning up means you don't leave information around for others to find.

This article tours a trio of tools for keeping intruders, spies, and traffic analyzers off your trail. The software described helps you raise the bar to make it more difficult for anyone to snoop your data and your browsing habits. Some of these tools have appeared in previous articles, but it is still useful to see the information all in one place. I have no illusion that these tools are impregnable, fool-proof solutions. They simply make it more difficult for any entity to snoop, track, and analyze your activities.

Encrypting at Rest: TrueCrypt

Several open source tools offer the ability to encrypt data at rest. Some of these tools operate at the file and directory level, and others operate on a whole block device. One example of a block encryption tool is TrueCrypt [1]. See the article on block encryption elsewhere in this issue for more on TrueCrypt and the differences between disk-level versus file-level encryption. I'll just give you a quick tour of the GUI so you can see how easy it is to get started with encrypting your data.

TrueCrypt sports a nice graphic interface for those who don't want to go the command-line route. If you want to use TrueCrypt, you'll have to download it from the site; most Linux distributions don't support it from any of their installation tools. Installing TrueCrypt is quite simple, however: Download the tarball, unzip it, and follow the wizard shown in Figure 1.

Figure 1: The initial TrueCrypt setup screen.

To run TrueCrypt after you install it, open a terminal and issue the following command:

truecrypt &

The TrueCrypt application shown in Figure 2 will run.

Figure 2: The initial TrueCrypt screen.

From the TrueCrypt main window, you can:

• Create a volume: A "container" that acts as an encrypted directory and holds any file or subdirectory you wish. Any file or subdirectory dropped into this volume is automatically encrypted and decrypted, as long as you know the password to the volume.
• Specify the encryption algorithm you wish to use: In addition to AES, you can specify Serpent, Twofish, and Cascades. I almost always use AES with the highest key size possible. In the United States, that's 256 bits. In general, a larger key size means it will be harder to break the encryption. See the TrueCrypt website for more on the available encryption algorithms. [2]
• Hide and unhide volumes: TrueCrypt lets you hide an encrypted volume inside another encrypted volume. If someone manages to decrypt the outer volume (or if you are forced to reveal the password) the hidden volume will look like random data inside the outer volume. See the TrueCrypt website for more on hidden volumes [3].

Creating a Simple Volume

TrueCrypt uses convenient wizards to get you going. To create a simple volume (that basically acts as a giant TrueCrypt file and allows you to place new files inside it), simply click on the Create Volume button. The wizard will begin to create the volume. At the initial screen, select the Create an encrypted file container radio button, then click Next. Creating an encrypted file container means you won't be encrypting an entire partition or USB drive. You'll simply be creating a file inside a standard Linux partition or a directory or file on a USB drive.

At the next screen, you can specify whether you want to create a standard or hidden volume. Clicking Next takes you to the Volume Location window, which is where you tell TrueCrypt where the TrueCrypt volume should be stored. You can specify any location, including a directory off your home directory or a directory on a USB drive.

Creating an initial volume is quite straightforward. Remember that if you have existing files in a directory, TrueCrypt won't encrypt them. If you specify an existing file, that file will be overwritten, which means you'll lose any data in that file.

Encrypt an Entire Drive

To encrypt an entire drive, simply start the TrueCrypt wizard, then select Create a volume within a partition/drive and click Next. The remaining steps are similar to creating a simple volume, but instead of selecting a file or a directory for the file, you are asked to specify a volume, which can include any hard disk partition or USB drive.

Understand that any information on the volume you choose will be destroyed. Don't specify partitions that contain valuable information or system files. If you want to use TrueCrypt to encrypt an entire partition, proceed carefully; do yourself a favor and back up any important data.

Your data at rest is considerably more secure with encryption. TrueCrypt is an easy and convenient encryption tool that even comes with a simple GUI for encrypting volumes and disks. See the article on block encryption elsewhere in this issue for more on TrueCrypt at the command line and other encryption techniques.

Encrypting in Transit: Tor

Anonymizing tools conceal your Internet activities so that no one will be able to trace or analyze where you go on the web. One powerful option for protecting data in transit is Tor [4], a sophisticated peer-based virtual private network designed to guard you and your information against profiling from any entity. Tor uses a distributed, peer-based network. Each computer that actively participates on the Tor network is called a relay. It is possible to connect to the Tor network as a mere user or as a relay.

With Tor, your network traffic is encrypted using public key encryption then routed and forwarded on a near-random basis through the Tor network. As a result, it is quite difficult for anyone to determine the sites you have visited. Ironically, Tor was created by the United States Navy. Called the "Onion Routing Project," Tor was designed to help protect Navy traffic from snooping.

A Tor network is a distributed virtual network designed to do two things: First, Tor encrypts traffic. Second, it randomizes traffic so that it is more difficult for any entity to analyze it. Tor is quite successful, and several government entities have gone on record recently, noting that the Tor network is quite good at randomizing and anonymizing traffic. Although governments regularly capture Tor-based traffic, they tend to find that traffic analysis and decryption of Tor data is fairly difficult.

How Does Tor Work?

Tor is the Napster or LimeWire of VPN servers: All you have to do is install some software, join with the Tor network, and you are on your way to encrypting and anonymizing your network.

You'll need to configure your web browser to access your system as you would any proxy server, such as Squid. Tor uses the SOCKS protocol for local network connections. This means when you configure your browser's proxy server settings, you'll want to use the SOCKS protocol and specify the port (usually TCP 9050).

The easy way to join up with a Tor network is to use the Tor Browser Bundle (TBB), which you can download from the Tor site. Simply download the software and participate in the Tor virtual private network scheme. The hard way is more interesting to me, because it allows you to contribute to the overall network. The hard way involves connecting to the Tor network as a relay, which helps add more randomization to the network.

To get started, download the Tor package using either the available tarball or the package available from your system repository. For example, I was able to download a copy of Tor using apt-get on my Ubuntu system without having to update any of the standard repositories. If you are using Tor to simply connect to the network, install the binary and use a system script to start the service (Listing  1).

When Tor runs in default mode, it listens for connections from your local machine on TCP port 9050. This port will accept only connections from your local machine. Once Tor is running, you should check its log files to make sure it has connected with the overall Tor network (Listing 2).

Listing 2 shows that Tor has gone out to find relays on the Internet. Because I made sure my firewall software wasn't blocking Tor-based connections, the process went quite quickly.

Your Browser as a Tor Client

To use Tor, you will need to configure your browser for a proxy server. In Firefox, go to Edit | Preferences. Then, click on the Advanced tab, then click on the Settings tab. You can then enter the SOCKS configuration information, as shown in Figure 3.

Figure 3: Configuring Firefox to use Tor.

The steps for configuring Opera, Chrome, or another browser are similar. Simply specify the correct SOCKS information. Once you have configured your browser, restart it. Then, point your web browser to the following URL to confirm that your system is communicating across Tor's relay network:

https://check.torproject.org

If your browser is not using the Tor network, you'll get a screen similar to Figure 4.

Figure 4: Message that you are not using Tor.

If your system and browser are properly configured and running, you will see the confirmation screen shown in Figure 5.

Figure 5: Confirmation that Tor is working in a browser.

Creating a Tor Relay

If you want to get deeper into using Tor, try becoming a relay. If you configure a relay system, you are contributing to the Tor network. Relaying servers communicate with the rest of the Tor network by default on TCP Port 9001.

To configure Tor to relay remote connections, edit the /etc/tor/torrc file and change the SocksPort value to read:

SocksPort 0

As a result, this system will not accept local connections. Of course, you can change the standard SocksPort value to anything you wish, but I prefer using the above value. Once you have made the above changes, restart Tor so that they take effect. Now, your system will become part of the Tor network. For more configuration options, see the box titled "Throttling and Listening Addresses."

RelayBandwidthRate 50 KB     # Throttle traffic to 50KB/s (400Kbps)

RelayBandwidthBurst 100 KB    # But allow bursts up to 100KB/s (800Kbps)

AccountingMax 1 GB

## Each period starts daily at midnight    (AccountingMax is per day)
AccountingStart month 9 11:00

SocksListenAddress 192.168.15.3:9050

Creating a Rendezvous Point

It is possible to mask your instance of your Tor system. A masked server is called a rendezvous point. In this case, Tor no longer listens on default ports. You can specify a port, which helps mask the instance. You can also make your system appear as if it is simply running a web server, when it is actually running Tor.

For example, you can advertise your Tor server as an SSL/TLS-protected web server that listens on the standard TCP port 443. Yet your system is actually simply forwarding connections on port 443 to Tor, which is listening on custom port number 9191:

ORListenAddress 0.0.0.0:9191

The preceding entry tells Tor to listen on the 9191 port. You will, however, need to forward your IP traffic from port 443 to the proper port using iptables:

iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 443 -j REDIRECT --to-ports 127.0.0.1:9191

The preceding entry tells your system to forward connections going to port 443 to the port you have specified. Remember that each time you edit the /etc/tor/torrc file, you will need to restart Tor.

Timing is Everything with Tor

As with most network-aware services, it's important to make sure your system has accurate clock settings. Your computer will have to work and play well with other systems, which means you'll need to be sure you have accurate information for the date, time zone, and clock time.

If your system doesn't have coherent time settings, your traffic will get dropped. System time is especially critical when configuring tor as a relay.

So, make sure you install and run a good Network Time Protocol (NTP) client, such as Open NTP (openntpd). You don't need to become an NTP server. Most Linux distros have these services already installed and running; however, if you don't have them, take the necessary steps. In my Ubuntu Linux system, I would issue the following command to get the client:

$ sudo apt-get install ntpdate

The following command installs the server, in case you should need it:

$ sudo apt-get install openntpd

Your commands will differ if you're using a Red Hat-based system, of course. Once you have installed the relevant NTP element, make sure you have edited the relevant files, which might include /etc/ntp.conf. Then, add at least two time server entries, such as:

server im.pool.ntp.org, server pool.ntp.org

You might need to edit your network perimeter firewall settings as well. Your network perimeter firewall will be the most likely culprit for blocking NTP-based traffic. However, I've also run into instances where zealous individuals use iptables to manage and block traffic types. So, make sure you have unblocked NTP-based ports on your local system in addition to your perimeter firewall.

Using Tor on SELinux

If you are using SELinux, you will need to do some extra configuration. The most common addition is to change your "targeted" file. Change to the following directory:

/etc/selinux/targeted

Then, using touch or another command, create a file named booleans.local. Then, all you need to do is open a text editor (e.g., vi, pico, or gedit), and edit the targeted file so that it contains the following:

"allow_ypbind=1"

You will need to restart networking so that Tor recognizes your change.

Cleaning Up: BleachBit

Cleaning up unnecessary files and application histories eliminates clues that an attacker could uncover to learn about what you've been doing.

Several tools are available for cleaning up your deleted files, including BleachBit, GtkOrphan, and Gconf-Cleaner. I have found that BleachBit is the best overall tool, because it scours the entire hard disk. Although tools such as GtkOrphan and Gconf-Cleaner were created by people who wanted to focus on specific operating system elements, such as GTK and GConf, BleachBit does as well or better at cleaning these environments.

BleachBit, as its name implies, has the ability to cleanse your disks of extraneous and "temporary" files that, well, aren't really all that temporary. It's the most popular application out there for data destruction. I run BleachBit from a standard terminal or from a standard menu. Figure 6 shows the initial BleachBit startup screen.

Figure 6: Launching BleachBit.

With BleachBit, you can:

• Delete browser cache and temp files.
• Eliminate Bash history traces.
• Remove all trace of files left behind by applications, runtime engines, and login environments such as Google Earth, Java, X11, KDE, and Gnome.
• Remove email temporary files.
• Delete all traces of video and voice calls, such as those with Skype.
• Eliminate cache files from text and word processing applications such as vi, OpenOffice and LibreOffice
• Remove caches from video applications such as xine, Vuze, and VLC.
• Conduct deep scans.

Using BleachBit is fairly simple. Figure 7 shows BleachBit configured to delete files related to Firefox. Like most people, I'm becoming a big Google Chrome fan, and BleachBit also has options for scouring all Chrome-related files. I'm not much of an Opera user, but BleachBit is there when I do use Opera.

Figure 7: Deleting Firefox files with BleachBit.

The Preferences Window shown in Figure 7 is open by default once you install BleachBit. This window allows you to specify the drives you wish to target.

The whitelist feature is particularly useful. Whitelists allow you to exclude specific directories and partitions on your disk. To use this feature, go to Edit | Preferences, and then select Whitelist. From there, simply click Add File or Add Folder and follow the friendly GUI. I've used this feature to exclude directories where I store files that I will never really need to delete.

In the General tab, I always keep the Hide irrelevant cleaners checkbox selected, because unselecting it causes the application to show me options that are more for legacy operating systems than for anything else. I select the Overwrite files to hide contents and Start BleachBit with computer options so I know it is always ready to use.

System and Deep Scans in BleachBit

For those who are not faint of heart and have lots of time on their hands, consider conducting a System scan and a Deep scan. A System scan focuses on deleting temporary system files that you no longer need. These system files are located in a Linux (or Windows or Mac) system directory, such as /var/, or in the /tmp/ directory.

A Deep scan goes even deeper than a System scan, searching the hard disk for files that are found outside of the normal system directories. The Deep scan goes hither, thither, and yon and searches for files such as the thumbs.db and DS_Store files in Windows systems. These files are not necessarily harmful. The thumbs.db file is simply a file that helps a system show "thumbnail" images of documents as you browse them. However, they can be used by applications to determine your document viewing and browsing habits. They are essentially metadata documents and, if left undeleted, can help individuals invade your privacy.

To conduct a System scan, scroll down to System and select the option. You will receive two warnings. The first tells you that the scan will take a long time. I don't conduct system and deep scans unless my system can sit idle for at least an hour or two; often I conduct them overnight.

The second warning informs you to select localizations in the Preferences section. This is BleachBit's fairly obscure way of saying you should consider omitting certain files and directories. Do this by, once again, going to Edit | Preferences and selecting the Whitelist tab. For example, I use a lot of custom settings for my calendaring application that I don't ever want deleted. So, I specify the location of these files, which happens to be the /usr/share/calendar/ directory before I run a system or deep scan.

The Memory portion of a Deep or System scan is experimental. Only once have I had a problem. My login environment started acting strangely, and I had to reboot. I didn't lose any data or functionality. The first time I ran these scans, I freed up almost a half a gigabyte of space. More importantly, I knew that these extraneous files had been deleted securely. Once I set up BleachBit to my liking, I'll run it once a week, or whenever there is something I need securely deleted.

Conclusion

It is hard to guarantee privacy on today's networks, but if you are serious about getting started, it might be time to start thinking about encrypting your disk data, anonymizing your Internet browsing, and making sure your files and application history are really deleted. This article peeled back the privacy onion and took a look at some important tools for flying under the radar.

No technology can take the place of being responsible and realistic in regard to the permanence of what you create online. Still, these powerful tools provide a measurable margin of choice and privacy today.