Fiber optics background with lots of light spots
The methods and tools that governments employ to censor and control the internet, and the tools and ways to get around censorship and avoid being tracked, are a constantly shifting battleground. But there is a set of evergreen best practices and helpful software — including VPNs and privacy-focused search engines — that are useful to know. This article was written by Fabian Schmidt and originally published by Deutsche Welle, and is reprinted here with permission.
Dictatorships and online services collect all kinds of data. Many users have no access at all to the free network. Below are few tips on how to navigate the internet safely and anonymously and how to avoid censorship.
How do I become visible to others on the internet?
Basically, all internet traffic is visible to everyone who has access to the servers through which it flows — just as a postcard can be read by any mail carrier. A lot of data can reveal your identity. First, there is the IP address of your computer. But nowadays, users are also often recognized by other data from their computers: unique properties of browser plugins, screen resolution, window size, language, time. Very precise user fingerprints can be created that make someone recognizable to a web server to 98%, even without an IP address.
If a regime blocks certain websites, how can I still access them?
In the past, only static proxies were used. Often, it was just simple IP addresses that forwarded internet traffic. This worked as long as the censors didn’t notice or know the proxies. In the meantime, however, many states have begun to block all proxies they disapprove of. Proxies can also be used to conceal from the operators of websites where a visit is coming from. For this, you can take a detour via Anonymouse or a variety of similar anonymization services.
How do I build a tunnel?
Virtual private networks (VPN) are somewhat more complex. To make use of them, you set up an encrypted tunnel connection to a server, for example in another country. No one can look into the tunnel. With VPNs, companies do things like establish a secure connection between their employees and the internal company network.
The tunnel can also be used to access the free internet from a censored area. But censorship authorities can see that it is a VPN connection and who operates it. Today, censorship regimes have become much more attentive and block static proxies relatively quickly. Moreover, proxies do not offer anonymity. VPN networks are also often forbidden. So you have to come up with something new, such as the Tor network.
What is Tor?
Tor means “The Onion Router.” It’s built like an onion — in layers. Tor helps to hide your identity. You are not directly connected to the server from which you want to retrieve information by the shortest route. Instead, Tor connects you using detours: so-called Tor nodes. Each of these Tor nodes lays its own encryption layer over the browser behavior so that the other Tor nodes can’t read it, either. This makes surfing very secure.
Can I access all web pages with the Tor browser?
There are special Tor websites with so-called onion services. Deutsche Welle also provides such a service. These services are very secure. However, you can also access all other normal websites with the Tor browser. At that moment, you leave the Tor network and anonymity is somewhat limited, but the operator of the website that you are visiting cannot recognize either your IP address or any unique features of your browser, because Tor suppresses this information.
So you can’t tell who I am, but you can tell what I’m doing?
A censor can recognize what the internet traffic basically looks like, but can’t necessarily glean any information from it. That’s why Tor has evolved. To circumvent censorship, Tor has developed so-called “pluggable transports.” These make internet traffic appear completely different than it really is. For example, if someone surfs websites, it may look like a video conference, normal email traffic, or something else. It also changes back and forth all the time. This makes it more difficult for censors to follow the surfing process.
How do I get into the Tor network from a country with censorship?
People who live in countries where the internet is censored need “bridges.” These lead to the known entry nodes to the Tor network, which are usually blocked by the regimes. Every Tor user can provide a bridge, making their own machine a virtual entry point. So as many people as possible who live in countries with free internet should do this, because then people in countries with censored internet have many different possibilities for getting into the Tor network.
What do I do if I want to use Tor?
It’s very simple: On the website of the Tor project, the current Firefox-based Tor browser for each operating system is available for download. The browser can then be used like a normal browser. The only difference is that the user is anonymous.
What do I have to consider if I live in a censored country?
It is important to make the correct settings in the Tor browser if you want to avoid censorship. Unfortunately, the settings are somewhat hard to find in the Firefox browser. There is a special Tor area in the settings. During the Tor installation, the browser asks once if you are in a censored country. If you confirm this, the pluggable transport is loaded automatically.
The pluggable transports can also be downloaded in the existing Tor browser settings. The bridges are also loaded; the Tor browser searches for current bridges itself. The settings for automatically receiving new bridges are located where you also set the pluggable transports: If the first bridge doesn’t work, the browser takes the second bridge, and so on.
As a user in a free country, how can I support people in censored countries?
If you live in a non-censored country, Tor will ask you if you want to provide a bridge. It is possible that internet speed will suffer a little., but with today’s fast internet connections, that’s probably not such an issue anymore.
To provide a large number of bridges, there is the project ‘Snowflake.’ How does it work?
Snowflake is a project where all users with normal Chrome or Firefox browsers can provide bridges. You don’t need a Tor yourself. The inventors hope that as many users as possible will provide such bridges. The project is called Snowflake because the bridge exists only as long as someone is surfing. Then the snowflake melts away and is no longer recognizable.
Do I have to accept restrictions when surfing with Tor?
There are also websites or entire infrastructure operators who do not want any traffic from the Tor network because they fear that it could be dangerous or dubious. But now, even the internet giants are realizing that Tor traffic is not evil per se.
How great is the danger that I, as a Tor user, will be caught by the regime?
Traffic to the bridge may be identified. Normally, the traffic is simply stalled and blocked. But there is a danger that the authorities will continue to investigate the user.
What is the difference between the darknet and Tor?
The darknet uses the Tor protocol. But not everyone who uses Tor is part of the darknet. Facebook, The New York Times, the BBC, and Deutsche Welle also use Tor. So Tor is not a place for illegal activities, but a protocol for anonymizing those who have a legitimate interest in it.
There are other tools to circumvent censorship, such as Psiphon. What is that?
Psiphon is a commercial provider from Canada that has been working with media like Deutsche Welle for a long time and has created a product for the needs of the free media. Psiphon offers apps and computer programs in which different censorship avoidance mechanisms are tried one after the other. Different servers, proxy servers, VPN technologies, and so on are used. If you use Psiphon via Deutsche Welle, you will see the DW website and can then use any other website on the free internet, too.
How do I get to Psiphon as a user?
Psiphon helps DW to provide the download source for the program or app. They lie in the cloud, as the censorship regimes cannot afford to block the big cloud services because the collateral damage would be too great.
Are there also secure messaging services?
Many people use instant messaging services such as WhatsApp, Facebook’s messenger service. But this service, for example, has fallen into disrepute because it reads the phone books of its users and it is not clear where the data ends up. More secure is the free app Signal.
With Signal, you can not only chat securely but also make phone calls. And there is a desktop application for the computer. In contrast to other services, the source code for Signal is open, meaning that IT security experts can check that it is really secure.
Are there search engines that respect privacy?
Yes, they do exist — search engines that, unlike Google or Bing, do not collect, store, and process the IP addresses of their users. Then there is also no annoying, personal advertising. These search engines are called DuckDuckGo or Startpage.
What are add-ons for the browser?
Those include other tools to make browsing safer. These include add-ons that block cookies, trackers, or scripts such as Java. Examples are uBlock Origin or the Privacy Badger. They are installed via the browser settings.
Fabian Schmidt is an author and editor at Deutsche Welle’s science desk, with a focus on technologies and innovation. He is a social scientist and linguist by training.