Other Privacy and Anonymising Services

JonDoNYM, also known as Java Anonymizing Proxy (JAP), is another anonymizing service. It consists of three main components: a hardened Firefox browser, a proxy program, and a mix-based anonymity network.

Components

1. Hardened Firefox Browser (JonDoFox):
   • The first component is a custom and hardened Firefox browser called JonDoFox, which you can download from the provided link.
   • While you can use any browser with the JonDoNYM network, it is recommended to use the provided browser unless you follow the advice in the browser section to harden your own browser.
   • Alternatively, you can use the Tor browser if you configure the proxies correctly.
2. IP Changer (Proxy Program):
   • The second component is the IP changer, a free open-source proxy program written in Java.
   • This proxy program is installed or placed on your device and configured to route your browser’s traffic through it.
   • Since it is written in Java, it is platform-independent and runs on Mac, Windows, and Linux.
3. JonDoNYM Network:
   • The third component is the JonDoNYM network, a mix-based anonymity system consisting of around 40 mixing servers called mixers.
   • The network includes premium cascades (each with three mixers) and free cascades (each with two mixers).
   • Mixing provides anonymity by randomizing traffic through fixed cascades of anonymizing mixes.

Key Features

1. Premium vs. Free Cascades:
   • Premium cascades support both TCP and UDP, while free cascades only support TCP.
   • The mixing process delays incoming packets from multiple user clients or adjacent mixers for random periods and forwards them in a randomized order.
2. Trusted Nodes:
   • Unlike Tor, JonDoNYM is a closed system where each mixer is a trusted node verified and certified by John Dew’s company, GMBH.
   • The operators of the mixers must abide by strict rules, prohibiting them from saving connection data or exchanging such data with other operators.
3. Operator Oversight:
   • The operators are independent and unrelated entities or private individuals whose identities are published.
   • The high barrier to becoming a mix operator ensures oversight by the community of trusted mix operators.

Comparison with Tor

1. Operator Verification:
   • JonDoNYM has a formal process for operators, unlike Tor, where anyone can become a relay without verification.
   • This oversight makes it difficult for an adversary to take over a mixer or cascade, as they are spread over multiple countries and jurisdictions.
2. Sybil Attacks:
   • JonDoNYM is less susceptible to Sybil attacks compared to Tor, as each mix participates in just one cascade.
   • Each cascade has a static pair of entry and exit IP addresses, similar to one-hop VPN services.

Security and Anonymity

1. User Anonymity:
   • User anonymity in JonDoNYM relies on the mix operators’ integrity and discretion.
   • The system prevents adversaries from observing, compromising, or manipulating their servers, similar to VPN services.
2. Law Enforcement Challenges:
   • Uncovering individual users is more difficult with JonDoNYM compared to other VPN or proxy services.
   • It would require the cooperation of several states and organizations, making it by magnitude more difficult.
3. Surveillance Reports:
   • JonDoNYM publishes an annual report of all surveillance actions taken and reported by mix operators.
   • Examples show that law enforcement has faced challenges in obtaining data due to the independence of mix operators and the lack of cooperation from all operators in a cascade.

JonDoNYM offers a robust anonymizing service with a mix-based network and trusted operators. While it may not provide 100% security, it significantly enhances user anonymity compared to other VPN or proxy services. The formal oversight and strict rules governing mix operators make it a reliable choice for those seeking privacy and anonymity online.

Installation and Secure Configuration of JonDoNYM

Let’s go through the installation and secure configuration of JonDoNYM (Java Anonymizing Proxy). As always, I recommend using Debian and installing it in a virtual machine (VM) for isolation and compartmentalization.

Installation on Different Platforms

1. Windows Installation:
   • If you prefer to install it on Windows, check out the provided link for a simple download and install process.
   • You have the option to install it or use the portable version.
2. Mac Installation:
   • On Mac, it’s a straightforward DMG file installation. Follow the instructions to drag and drop it into the Applications folder.
3. Debian Installation:
   • On Debian, there are .deb packages, but it’s better to install it from a repository to keep it up to date.
   • The provided instructions cover Debian, other Linux versions, and BSD.

Steps for Debian Installation

1. Adding the Repository:
   • Switch to root and add JonDoNYM to the list of repositories.
   • Use the echo command to add the repository. Adjust the version number based on your Debian release.
2. Adding the Key:
   • Import the key and verify it using apt-key finger.
3. Updating and Installing:
   • Run aptitude update (or apt-get update) to refresh the package list.
   • Install the package using aptitude install JohnDoFox-en for the English version.

Starting and Configuring JonDoNYM

1. Starting the IP Changer:
   • Start the IP changer (JonDoNYM) by clicking on it. It may take a few seconds to initialize.
   • Upon first start, it connects to the free version (to cascade). You can change cascades or switch off anonymity if needed.
2. Testing the Anonymity:
   • Open JonDoNYM Fox, the hardened browser provided with JonDoNYM.
   • Check the proxy settings in the browser preferences to ensure they are set to port 4001.
   • Test the anonymity using the built-in test feature.
3. Customizing Security Settings:
   • Review the security settings in the preferences. The defaults are generally good, but you can customize them if needed.
   • You can also configure custom proxy settings and change the user agent.
4. Switching Proxies:
   • The browser allows you to switch between no proxy, Tor proxy, and custom proxy settings.
   • For example, switching to Tor proxy requires Tor to be running on port 9050.

Installing and configuring JonDoNYM is straightforward, especially when done in a virtual machine for added security. By following these steps, you can ensure a secure and anonymous browsing experience using JonDoNYM.

Use the JonDo Live-DVD

Download JonDo Live-DVD

Bulletproof Hosting Services (BPHS) and Offshore Hosting

We have discussed the various reasons for hosting your own server, such as storing data, running a web or mail server, using SSH or HTTP/HTTPS tunneling, or setting up an open VPN server. The list is extensive, and having a server in the cloud can be beneficial for security, privacy, and anonymity.

Choosing the Right Location

1. Adversary Influence:
   • It may be prudent to choose a server located outside the sphere of influence of your adversaries.
   • For example, if you are concerned about the Iranian government, you might consider a server hosted in the United States.
2. Hostile Locations:
   • Servers hosted in locations hostile to your adversaries can provide a layer of protection.

Bulletproof Hosting Services (BPHS)

1. Definition:
   • Bulletproof Hosting Services (BPHS) are servers that are resistant to influence and lenient on the type of content hosted.
   • These services are often used for illegal activities, but what is illegal in one place may not be in another.
2. Offshore Hosting:
   • Offshore hosting is similar to BPHS and is often used to avoid legal issues in certain jurisdictions.

Finding Bulletproof Hosting Services

1. Starting Point:
   • Websites like the one mentioned provide a list of offshore and bulletproof hosting services. This can be a good starting point for research.
   • Note: The quality and reliability of these services are not guaranteed, and caution is advised.
2. Accessing Providers:
   • Many providers advertise on Russian and Chinese forums, making them difficult to access for English speakers.
   • You can also search hacker and black hat forums, as well as the dark web, to find these providers.

Pricing and Risk Levels

1. Low-Risk Hosting:
   • Low-risk content hosting can cost as little as US$2 per month.
   • Providers may refuse service to customers engaging in malicious or fraudulent activities.
2. Middle-Tier Hosting:
   • Middle-tier hosting, predominantly based in Russia and Lebanon, can host medium and high-risk content for around US$70 for a dedicated server or US$20 for a virtual private server (VPS) per month.
3. High-Risk Hosting:
   • High-risk servers, often hosted in countries like China, Bolivia, Iran, and Ukraine, can cost around US$300 per month.
   • These servers are suitable for critical infrastructure projects or high-risk content.

Security and Anonymity

1. Caution:
   • Exercise caution when using bulletproof hosting services. Never connect to them from your real IP address or leave a money trail.
   • Using these services without proper anonymity measures defeats their purpose.
2. Mitigation Against Adversaries:
   • Offshore and bulletproof hosting can be a viable mitigation strategy against adversaries with significant influence.
   • They can be part of a comprehensive privacy and anonymity solution for storing data, running servers, or setting up hidden services.

Bulletproof Hosting Services and offshore hosting offer a way to host servers outside the influence of your adversaries. While they can be useful for privacy and anonymity, caution is essential to avoid leaving traces that could compromise your security. These services can be a valuable component of a broader strategy for maintaining privacy and anonymity online.

Botnets and Hacked Devices

Botnets are networks of hacked devices connected to the internet, typically under the control of a command and control server. These hacked devices are often referred to as “zombies” because they operate under the influence of the command and control server, with no control over their own actions.

Uses of Botnets

1. Various Purposes:
   • Botnets are used for a wide range of activities, including spamming, distributed denial of service (DDoS) attacks, ad fraud, manipulating likes on social media, and increasing the popularity of certain content.
   • They can also be used for anonymization, which is why we are discussing them here.
2. Anonymization:
   • Some serious hackers control large botnets and use them to bounce traffic from one bot to another, hiding their origin.
   • Access to a botnet for anonymization purposes can be purchased on Black Hat forums, providing buyers with access to shells or remote desktops on the hacked devices.

Risks and Concerns

1. Illegal and Unethical:
   • Using botnets for anonymization is illegal and unethical, as it involves exploiting hacked devices.
   • It is dangerous to send traffic through hacked devices due to the risk of your traffic being attacked, injected, or your browser being compromised.
2. Security Risks:
   • Sending traffic through a hacked device can expose you to various security risks, including malware, data theft, and other malicious activities.

Botnets and hacked devices are an anonymizing service that many hackers use instead of more conventional privacy and anonymity services. However, due to their illegal nature and the associated security risks, it is not recommended to use them. Awareness of these services is important, but it is crucial to prioritize ethical and secure methods for maintaining online privacy and anonymity.

Conclusion

JonDoNYM (Java Anonymizing Proxy) is a robust anonymizing service comprising a hardened Firefox browser, a proxy program, and a mix-based anonymity network. It offers a higher level of user anonymity compared to other VPN or proxy services, with trusted nodes and formal oversight. While not foolproof, it significantly enhances online privacy.

Additionally, bulletproof hosting services provide offshore server hosting to mitigate adversary influence, but they require caution to ensure security and anonymity. Botnets, although an anonymizing option, pose legal, ethical, and security risks and are not recommended.