This guide was originally written by Ethan Zuckerman in 2005 and
updated by Global Voices contributors in 2007 and 2009. The most recent update
was in February 2012.
Introduction
Disclaimer
Step 1: Use Tor to disguise your IP.
a) Download the Tor Browser Bundle.
b) Extract the Tor Browser Bundle to your USB key.
c) Connect to Tor.
d) What if Tor never connects?
Step 2: Create an anonymous email account.
a) Choose a webmail provider.
b) Sign up for an email account.
c) Log into your new email account.
Step 3: Create an anonymous blog.
a) Sign up for a WordPress account.
b) Activate your WordPress account.
c) Log into your new blog.
Step 4: Post to your blog.
a) Write your blog post offline.
b) Upload your blog post.
c) Edit the timestamp.
d) Cover your tracks.
Some parting thoughts.
One of the great joys of working on Global Voices has been having the chance to work with people who are expressing themselves despite powerful forces working to keep them silent. I've worked with a number of authors who've wanted to write about political or personal matters online, but who felt they couldn't write online unless they could ensure that their writing couldn't be traced to their identity. These authors include human rights activists in dozens of nations, aid workers in repressive countries as well as whistleblowers within companies and governments.
I wrote a technical guide to anonymous blogging some months back and posted it on Global Voices, outlining several different methods for blogging anonymously. Since then, I've led workshops in different corners of the world and have gotten comfortable teaching a particular set of tools - Tor, WordPress and various free email accounts - which used in combination can provide a very high level of anonymity. The guide that follows below doesn't offer you any options - it just walks you through one particular solution in detail.
You can feel free to ignore the "why" sections of the guide if you want a quicker read and if you're the sort of person who doesn't need to know why to do something. I hope to format this more prettily at some point in the future, allowing the "why" sections to be expanded and compressed, making the whole document a lot shorter.
If I've been unclear somewhere in the document or got something wrong, please let me know in the comments - this is a draft which I hope to clean up before posting it on Global Voices. Should you find it useful and want to disseminate it further, feel free - like almost everything on this site, it's licensed under a Creative Commons 2.5 Attribution license, which means you're free to print it on coffee cups and sell them, if you think there's a market and money to be made.
If you follow these directions exactly, you'll sharply reduce the chances that your identity will be linked to your online writing through technical means - i.e., through a government or law enforcement agency obtaining records from an Internet Service Provider. Unfortunately, I cannot guarantee that the directions work in all circumstances, including your circumstances, nor can I accept liability, criminal or civil, should use or misuse of these directions get you into legal, civil or personal trouble.
These directions do nothing to prevent your writing from being linked to your identity through other technical means, like keystroke logging (the installation of a program on your computer to record your keystrokes) or traditional surveillance (watching the screen of your computer using a camera or telescope). The truth is, most people get linked to their writing through non-technical means: they write something that leaves clues to their identity, or they share their identity with someone who turns out not to be trustworthy. I can't help you on those fronts except to tell you to be careful and smart. For a better guide to the "careful and smart" side of things, I recommend EFF's "How to Blog Safely" guide.
Onto the geekery:
Step 1: Use Tor to disguise your IP.
Every computer on the Internet has an IP address. These addresses aren't the same thing as a physical address, but they can lead a smart system administrator to your physical address. In particular, someone who works for an Internet Service Provider can often associate an IP address with the customer who used that IP at a specific time. So before we do anything anonymous on the Internet, we need to disguise our IP.
Tor is software that disguises the IP addresses of Internet users so that nobody, including the creators of Tor, can tell which users are visiting which web sites. The easiest way to start using Tor is to download the Tor Browser Bundle, which includes a customized Firefox browser that's configured to work with Tor and protect your anonymity.
The Tor Browser Bundle is designed to be placed on a USB key so that you can access Tor from shared computers that don't permit you to install software. Even if you're going to blog from your own computer, installing the Tor Browser Bundle on a USB key makes it easy to separate your anonymous browsing from your regular browsing, which is important for protecting your anonymity.
Why use Tor?
Tor is a very sophisticated network of proxy servers, which are known as Tor relays. These relays request a web page on your behalf, which means that the web server doesn't see the IP address of the computer requesting the web page. When you access Tor, you're using three different relays to retrieve each web page. The pages are encrypted in transit between relays, and even if one or two of the relays in the chain were compromised, it would be very difficult for anyone to see what web page you were accessing.
You may find that Tor slows down your web use - this is a result of the fact that Tor requests are routed through three relays before reaching the web server. Some folks - me included - use Tor only in situations where it's important to disguise their identities.
a) Download the Tor Browser Bundle.
Insert your USB key and download the Tor Browser Bundle from the Tor web site. The bundle is available in many different languages. If the browser asks whether to run the file or save it, save the file to your USB key.
If the Tor web site is inaccessible, you can try to download Tor from the Google cache by searching for cache:torproject.org/getinvolved/mirrors.html.en. Alternatively, you can request a copy of the bundle by sending an email to gettor [AT] torproject [DOT] org. Emails to this address have to come from Gmail, otherwise they won't get a response. Put the word "windows-bundle" anywhere in the body of your email.
Shortly after sending your email you will receive an email with the Tor Browser Bundle attached as a zip file. Save the zip file to your USB key. (If your computer has GnuPG installed, you should also verify the signature.)
b) Extract the Tor Browser Bundle to your USB key.
Find the file that was saved to your USB key and double-click it to extract the Tor Browser Bundle. If the software asks where to extract the bundle, extract it to the USB key.
You can use this USB key and any Windows computer with a USB port to access the Internet anonymously through Tor. First close any existing browser windows. Then insert the key, find the "Tor Browser" folder and double-click "Start Tor Browser". The Vidalia Control Panel will appear to show that you are connecting to Tor.
Once you have connected to Tor, a customized version of Firefox will open automatically and display the Tor test page. It's important to wait for the customized browser to open. If you use any other browser, your Internet access will not be anonymous.
The Tor test page checks to see what IP address your request is coming from. If it's from a known Tor relay, Tor is working correctly and your IP is disguised. If not, something's wrong and you should try to figure out why Tor isn't working correctly. Make sure the test page shows the message "Congratulations. You are using Tor." If you don't see that message then your Internet access is not anonymous and you need to solve the problem before proceeding.
d) What if Tor never connects?
If you have problems connecting to Tor you should read the Tor FAQ. If the problem persists for a long time, try downloading a new copy of the Tor Browser Bundle. If that doesn't work, you might consider using bridges to get connected.
You can get a list of bridges by sending an email from any Gmail account to bridges [AT] torproject [DOT] org. Put the words "get bridges" anywhere in the body of the email.
Shortly after sending your email you will receive a reply with a list of bridges. It's also possible to acquire bridges by visiting https://bridges.torproject.org/.
Once you've acquired some bridges, open the Vidalia Control Panel, go to Settings > Network and click "My ISP blocks connections to the Tor network". Add each bridge address one at a time by pasting it into the "Add a Bridge" window and then clicking the "+" sign.
Step 2: Create an anonymous email account.
Now that you're connected to Tor you can set up an anonymous email account. Most web services - including blog hosting services - require an email address for every user. If you want to register for these services anonymously then you need an email address that can't be linked to any personally identifiable information, including your IP address. This means you need to create a new email account using Tor, and always access that account through Tor.
We recommend Gmail, but you can also use Tor to sign up for a webmail account with Hotmail, Yahoo, Safe-mail, and many other providers.
Gmail, Hotmail and Safe-mail allow you to access your email through HTTPS, which prevents anyone from reading your email as it travels between Tor and the webmail provider. Yahoo doesn't support HTTPS, so it should be considered less secure. If you use Hotmail, be sure to choose the option "Always use HTTPS (recommended)" when signing up.
Riseup.net provides free webmail with a very high degree of security. Riseup supports PGP encryption (Pretty Good Privacy), which is useful if you correspond with people who also use PGP. To sign up for a Riseup account you must fill in a form explaining why you need an account. It can take several days for applications to be approved. You will be given a link that you can visit to check the status of your application. Remember to visit the link through Tor.
Another way to create a Riseup account is to ask an existing Riseup user for an invitation code, but you must consider whether that might harm your anonymity.
A warning about all webmail accounts - you're trusting the organization that runs the service with all your email. If that organization gets hacked, or is pressured by a government to reveal information, it has access to the text of all the emails you've received and sent. Yahoo, in particular, has a nasty habit of turning over information to the Chinese government - Chinese dissidents are now suing the company for illegal release of their data. Just something to think about when you decide who to trust...
b) Sign up for an email account.
Start the Tor Browser from your USB key. When the Tor test page appears, visit the webmail site of your choice and sign up for a new account. Don't use any personal information - name, city, date of birth, etc. - that can be linked to your identity. Consider becoming a boringly named individual in a country with a lot of web users, like the US or the UK.
It's important to create a new email account rather than using an existing one - it's very likely that you signed up for that account from an undisguised IP. If the webmail provider asks you for an existing email address when creating your new account, use a fake address or choose a different provider.
Set a good, strong password for the account (at least eight characters long, with at least one number or special character) and choose a username similar to what you're going to name your blog.
c) Log into your new email account.
Make sure you can log into your webmail account through Tor and send email. Don't ever send email to your existing email address, or to people who know your identity - it's important to keep your anonymous email account separate from your real identity.
Tor changes relays every 10 minutes and this could disrupt your webmail operations, so you should consider saving drafts every few minutes.
Step 3: Create an anonymous blog.
a) Sign up for a WordPress account.
Still using the Tor Browser, visit WordPress.com and sign up for a new account. Use the anonymous email address you just created, and choose a username that will be part of your blog address: thenameyouchoose.wordpress.com.
Again, choose a strong password - at least eight characters long, with at least one number or special character.
b) Activate your WordPress account.
WordPress will send an activation link to your webmail account. Use Tor to check your webmail and follow the activation link. This lets WordPress know you've used a live email account and that they can reach you with updates to their service - as a result, they'll make your blog visible to everyone. If you don't follow the activation link within two days, your WordPress account will be deleted.
Make sure you can log into your blog through Tor. Feel free to add information to your profile... just make sure none of that information is linked to you!
Now you can close the Tor Browser and shut down the Vidalia Control Panel until you're ready to upload your first post.
a) Write your blog post offline.
Writing posts offline is a good way to keep from losing a post if your browser crashes or your net connection goes down, and it means you can compose your posts somewhere more private than a cybercafe. A simple editor, like Wordpad for Windows, is usually the best to use. Save your posts as text files on your USB key and securely delete them after posting.
Start the Tor Browser from your USB key. When the Tor test page appears, visit wordpress.com and log into your blog. Click the "Write" button to write a new post. Cut and paste the post from your text file to the Tor Browser window. Give the post a title and put it into whatever categories you want to use.
Before you hit "Publish", there's one key step. Click on the blue bar on the right of the screen that says "Post Timestamp." Click the checkbox that says "Edit Timestamp". Choose a time a few minutes in the future - ideally, pick a random number and use a different number each time. WordPress won't display the post until it reaches the time you've specified.
By editing the timestamp, you're protecting against a technique someone might use to try to determine your identity. Your Internet Service Provider might examine their logs and discover that a few seconds before each post appeared on your blog, one of their customers was connected to a Tor relay. They might conclude that the customer was using Tor to post to the blog and turn this information over to the police.
By changing the timestamp of the posts, we make this attack more difficult for the Internet Service Provider. Now they need access to the logs of the WordPress server as well, which are much harder to get than their own logs. It's a very easy step to take that increases your security.
After blogging, always remember to delete your posts from your USB key and from the computer you used to write them. It's not sufficient to move the files to the trash and empty the trash - you need to use a secure erasing tool like Eraser or Ccleaner which overwrites the old file with data that makes it impossible to retrieve. On a Macintosh, this functionality is built in - drag the files to the trash and choose "Secure Empty Trash" from the Finder Menu.
Close the Tor browser and shut down the Vidalia Control Panel before removing your USB key, so the next person using the computer doesn't find Tor running.
- It's not enough just to protect yourself when posting to your own blog. If you're going to post comments on other blogs using your "nom de blog", you need to use Tor when posting those comments as well. Most blog software records the IP each comment came from - if you don't use Tor, that comment could be tracked back to your computer and used to link your blog to your identity. Tor's like a condom - don't practice unsafe blogging.
- Just because you're anonymous doesn't mean you shouldn't make your blog pretty. The "Presentation" tab in WordPress has lots of options to play with - you can pick different templates and even upload photos to customize some of them. But be very, very careful when using your own photos - you give a lot of information about yourself in posting a photo (if the photo was taken in Zambia, for instance, it's evidence that you are or were in Zambia).
- If you're the only person in your country using Tor, it becomes pretty obvious: the same user is the only one who accesses the IP addresses associated with Tor relays. If you're going to use Tor and you're worried that your Internet Service Provider might be monitoring Tor use, you might want to encourage other friends to use Tor - this creates what cryptographers call "cover traffic". You also might want to use Tor to read various web sites, not just to post to your blog. In both cases, this means that Tor is being used for reasons other than just posting to your anonymous blog, which means that a user accessing Tor in an ISP's logs doesn't automatically make the ISP think something bad is taking place.
- A final thought on anonymity: If you don't really need to be anonymous, don't be. If your name is associated with your words, people are likely to take your words seriously. But some people need to be anonymous, and that's why this guide exists.