Stealth Surfer

Forum: DSL Ideas and Suggestions
Topic: Stealth Surfer
started by: macadavy

Posted by macadavy on April 14 2006,22:21

Has anyone considered creating a secure password-protected, encrypted USB drive version of DSL with anonymous surfing? A FOSS (Free & Open Source) version of < StealthSurfer >?
And could the multi-protocol IM client GAIM be made available as a MyDSL extension?

Posted by humpty on April 15 2006,00:37

because DSL can be installed on a usb pendrive, you already carry your stuff on th pendrive. SSL as I remember, requires a the server to authenticate for you. StealhSurfer is charging between 3 to 6 times more for a usb pendrive for the service of no more than installing free software for you.

Posted by macadavy on April 15 2006,06:02

Thanks for your response humpty. I realize Stealth Surfer is an expensive solution for what I want. DSL already offers all SS does and much more. All it lacks to make it a free & open source alternative are password protection, encryption & anonymization (proxy). Perhaps some USB drives already have password protection built in, apart from any software or data you place on them, I don't know. Anonymization can be taken care of with Anonymizer or httProxy extensions for Firefox. That leaves encryption. I didn't see any programs like AxCrypt or TrueCrypt in the MyDSL repository. There is an encryption program especially for pen drives called < Remora > but its only for Windoze.
Perhaps once I've learned more about DSL and creating MyDSL packages I can 'roll my own'. Meanwhile, is anyone else interested in taking a crack at it?

Posted by humpty on April 15 2006,07:24

i tried proxy servers before, the free ones tend to be r e a l l y slow with frequent disconnects (if you can connect at all!).

there is a 'protect' cheat code (see f3 of iso) for a password
encrypted backup, but i have not used it before.

Posted by macadavy on April 15 2006,08:37

Thanks again humpty. Maybe with a little tweaking I've got what I'm looking for. You're right about free proxies, I mentioned the Firefox extensions in the spirit of 'free beer' as well as 'free speech'. When I need anonymity I use something like < Guardster > but their fast one ain't free. Unfortunately _ any_ proxy will slow your surfin' somewhat but I'll pay that penalty for privacy.
I'm intrigued by your mention of a password encrypted backup - can you elucidate the specificity of your reference: "see f3 of iso"? It sailed right over this newb's head! Does this encrypt, with password protection, the entire contents of the DSL USB drive, or only the /home & /opt directories normally saved in a backup? If it does encrypt everything, well that's just what I'm looking for and I've pretty much got my FOSS stealth surfer - thanks for helping!

Posted by green on April 15 2006,16:29

If you know anyone with a SmoothWall firewall, then you can ssh to it and tunnel all your surfing traffic thru it. That's pretty secure, uses 3DES encryption, it's free, and if they have broadband acces it'll be fast.SmoothWall is free also and runs on atticware.

The "F3" referred to above is available when you boot the liveCD or USB install. At the boot prompt you can hit F2 or F3 and see the various boot options. I 'think' it only encrypts the backup file, which you will need a password to use. Since you would be runnign linux, it'll be difficult (at best) for someone to hack you system while surfing the 'net. The file structure of DSL is unlike any other OS, that makes it pretty secure. Also, when looking at the boot options, you can set passwords for 'root' as well. You would want to do that too.

Have fun.

Posted by macadavy on April 15 2006,19:22

Thanks green, your reply is most helpful. I was unaware of SmoothWall - perhaps it could be added to a DSL USB install. Your points about DSL's inherent security online are appreciated, I'd wondered why the distro includes no firewall.
Let's look at a description of StealthSurfer from their website & try to see what DSL lacks to be a free & open source software alternative solution.
" StealthSurfer is a Windows PC compatible key-sized USB device that is preloaded with Firefox, Anonymizer, RoboForm , and Thunderbird software configured and integrated for optimum privacy. When using StealthSurfer, all your sensitive Internet files such as cookies, internet history, and cache are stored on the StealthSurfer USB device instead of your computer. Should your StealthSurfer fall into unwanted hands, password protection maintains your data's privacy and security. StealthSurfer conceals your web surfing habits, files, and visited web sites from anyone who has physical access to your computer to stop indentity theft. StealthSurfer keeps your surfing information over the NET encrypted, hidden and anonymous - it protects your identity. Passwords are stored on the StealthSurfer with 3DES encryption and with the unique password manager log-on to web sites as easy as 1 touch speed dialing! Advanced and secure E-mail programs[DSL has Sylpheed] are included in StealthSurfer so your portable private e-mail [remains private!]."
Firefox is there, and uses encrypted transfer on https sites by default I believe, but smoothwall would ensure _all_ transfers are encrypted. DSL leaves no tracks on the host computer unless you choose to establish persistent /home & /opt directories, which can be saved on the USB drive instead. Web site passwords likewise can be saved on the pen drive with an encrypted password manager (does Firefox have this?). As pointed out in an earlier post, anonymity can be secured with Firefox extensions and/or a paid proxy service. (What about an onboard proxy that hides you from the get-go?) Secure e-mail like Hushmail and/or disposable web e-mail addresses are easily accessed via bookmarks in Firefox. That leaves password protection & encryption of the entire contents (not just the backup/restore files) as the one thing not already there. I believe some USB drives have password protection on an EPROM chip built-in but I'll have to check on that. Encrytion software like AxCrypt or TrueCrypt available as MyDSL extensions could provide both encrytion of the entire contents (programs & data files) of the USB stick at the end of each session & password protection of same, thus preserving security should you lose your thumbdrive.
So I think its do-able, perhaps on a 512Mb USB drive to allow modest data storage capacity, what do the rest of you think? Sorry for such a long post - but the concept really intrigues me. Big brother got such big ears these years - the better to eavesdrop with! :;):

Posted by doobit on April 15 2006,20:18

You could use a combination of TOR, Privoxy, and PHP which are all available as dsl packages. Also, you are correct that some USB keys can be password encrypted using their internal software. I have a mini-computer that runs off a keydrive with no other drives. Security is provided by pulling the keydrive out when I'm done and taking it with me.

Posted by macadavy on April 15 2006,21:17

Thanks doobit, we're getting there! I was aware of TOR but I think using multiple chained proxies might slow your surfing to a crawl - and TOR's website points out its experimental software & should not be used to provide strong anonymity. Privoxy looks better (perhaps combined with an online privacy proxy) but it looks to have a steep config. learning curve for a newbie like me, and I could not find it in MyDSL. (btw - that repository is getting big enough to need a search function - whoooo-hoooo!) I'm not sure how PHP would help, perhaps you meant PGP? < TrueCrypt > seems to provide a more user-friendly interface while providing strong on-the-fly encryption - unfortunately its not in the repos. (yet!)
I really think we can do this, instead of giving our money to StealthSurfer for an inferior, over-priced (IMHO) secure solution.

Posted by macadavy on April 16 2006,06:40

Just a follow up to my earlier post. Closer inspection of the MyDSL repos. shows Privoxy bundled with TOR and something called Libevent. Also, the testing section shows aespipe.dsl 'strong encrytion in a pipe' so maybe I'm closer than I think!

Posted by bigpilot on April 16 2006,09:44

To encrypt your files you could use < TrueCrypt >, but it's no use for anonymous surfing as the authorities can always trace web traffic back to an IP number, and therefore, a PC.

There are companies which offer secure browsing through VPN and the like but if you're breaking the law they'll hand over your surfiing history without even pausing for breath, and if you don't intend to do anything illegal, it isn't really necessary.

Aside from that, DSL running off CD or USB is already very good since you won't leave a trace of your surfing activities on the PC you browsed from.

Posted by humpty on April 16 2006,09:45

are we getting a bit paranoid here ?

the only really good reason for myself as protection goes is if my pendrive was lost, in which case I'd probably go for something simple
like
this < http://www.taiwan-technology.com/edit/p/news/t_11.htm >
no need to over complicate things.

i don't think there is a perfect way for internet security, you need an
IP to go places, and some parties are good at tracking IPs, even if
it's not yours, they'll find you if they are desperate enough. Those
that can't will not usually bother.

Posted by macadavy on April 16 2006,19:47

Thanks bigpilot & humpty. Perhaps I am a _little_ paranoid. My intention is to see if there's any interest here in creating a free & open source software equivalent of StealthSurfer, which is mostly composed of freeware anyway and way overpriced IMHO.
There are legitimate reasons for protecting privacy (proprietary business info, e-mails to my sweetie that only she & me need see, etc.). The point, whether you've got something to hide or not, is can it be hidden from today's supersnoops - just on principle in the name of freedom.
The flash drive humpty refers to looks good.
I guess the ultimate failsafe would be a timer, e-mail client and encryption & secure delete programs packaged in a
< Dead Man's Switch >.
"Just because we're paranoid doesn't mean they're not out to get us!" < Big Brother on the 'Net > :;):

Posted by clacker on April 16 2006,20:16

macadavy, I know dsl comes with loopAES already included, and you can use that to encrypt whole disk drives or just create a large file that you can mount as a read/writeable drive. That would keep your cookies and files safe. It can also be used to encrypt the swap drive, if you have one. It would be possible to do a remaster and create an encrypted /home/dsl directory, but it would be a bit of tinkering and work.

I don't think the level of encryption you can get is up to par with what "today's supersnoops" have at their disposal to break it. How good are the people you're trying to hide things from though? Unless Mom just happens to be one of "today's supersnoops," your collection of encrypted love notes is probably safe with whatever you choose.

Posted by macadavy on April 16 2006,23:37

Thanks to all who've responded to this thread - I've learned a lot! Clacker & others have pointed out that what I want is probably already included. For example, if DSL can protect the /home & /opt files in a backup, it stands to reason that can be extended to encrypt other things. Still, I'm intrigued by the concept of a FOSS stealth surfer. I've got a lot to learn about Linux, DSL, .dsl & .uci packaging and putting it all together on a USB and/or flash drive. Should be interesting & will doubtless be a great learning experience... :cool: