The hacker characters in my upcoming cyber crime thriller Invasion of Privacy are incredibly secretive of their real world identities. This is because they are engaging in illegal activities online or actions that would put their life at risk. One has set up an illegal money spinning website that hacks IP webcams in private homes and broadcasts the live feeds. Another exposes zero-day attacks used by Eastern European malware gangs and cannot afford for them to track him down in the real world.
Here are the five “don’ts” my hacker characters abide by in order to remain anonymous online:
1) Don’t use Windows:
Windows is full of holes that can be exploited. Every month Microsoft issues a security patch with the latest fixes. These holes may allow spyware to infest, completely overcoming all your anonymity efforts. Any hacker worth his salt avoids Windows like the plague. Instead, they use security hardened open-source operating systems, such as Tails and Whonix ,Linux
2) Don’t connect directly to the Internet:
Avoid anyone tracking down you’re real IP address through using VPN services
VPN enables users to create a encrypted private tunnel. Anyone attempting to trace from the internet side can only see the address of the VPN server, which could be a server located in any country around the world you choose.
3) Don’t use a real email address:
Instead, use anonymous email services or re mailers. Anonymous email services allow you to email someone without any trace back to you, especially if coupled with VPN access. Remailers are a service whereby you can send from a real email account and the remailer will forward it on anonymously. Some remailers enable return mail, but the risk is if the remailer itself is ever compromised, it would have a record of your real email address. However, remailers can be chained together for additional layers of anonymity.
I will update more about remailers later posts
4) Don’t use Google:
Google makes it their business to track everything you do in order to serve up adverts that you might click on. And as useful as the search engine is, there are ways to get the best out of it without compromising your identity. Services such as Start Page serve up google results but doesn't store IP addresses, cookies or records of your searches. DuckDuckGo provides a similar service.
5) Don’t use public wifi:
Two issues here. The first is having your computer’s unique MAC address recorded by the router of the public location, although this is avoidable by MAC spoofing. If you’re ever traced back to your real MAC address then you can be linked to your original computer. Add to this any in-store CCTV and you’re busted! Secondly, wifi hacking attacks are commonplace. A man-in-the-middle attack over wifi will bypass all your hard earned anonymity. Admittedly, the other hacker would need to be on the same physical wifi network already, so he probably knows who you are anyway!
Real-world hackers add on may more layers of security to anonymise their activities. However, the above are five of the most useful.
Post a Comment
I Love Hearing What My Readers Have To Say!
People Like You Have Helped To Make The Blog What Is Today!
So I Wanted To Thank You Personally For Sharing Your Thoughts.
I Read Comments First Thing In The Morning So Helpfully Yours Will Help Brighten Up My Day!