On Thu, 30 Oct 2014 09:49:02 -0400 (EDT), John Kennerson <nobody@isis.cpunk.us>
wrote:
>Has anybody got a book on how to post binaries to USENET
>anonymously?
>
>I see loads of binaries getting posted and I think the posters
>can't be tracked. Can anyone point me to a book or something that
>will show how to do that?
I do not know of a book with such information. You can dig up some decent tips
through a google search.
Your biggest challenge is to find a Usenet service provider that will allow you
to subscribe anonymously. Specifically, your payment method must be anonymous,
e.g. money order, western union,etc.
Next, you must find a trustworthy VPN service which will obscure your real IP
address while at the same time allowing you to connect via nntp.
You can never connect to your NSP with your real IP address. Most NSPs will
keep logs of the IP address you connect from and they will just roll over when
they get a subpoena. The NSP's have no desire to spend money or put themselves
in jeopardy to protect a user.
Next, you must be sure you always use TLS cipher for your connections and
transfers so as to obscure the content of your traffic from your ISP.
The process is very complex and if you make one mistake, one time, you will be
in jeopardy. If you are occasionally posting copyrighted material, you will be
less of a target than if you are posting high profile illegal material such as
child pornography. In the case of kiddie porn, not only will the authorities of
many countries work at hunting you down, but other Usenet users will do what
they can to locate and identify you, as they should.
Remember, you have to trust too many people for this to be foolproof. You need
to trust your security cipher (sslv3 was just proved to be defective), you need
to trust your ISP, good luck with that. You need to REALLY trust your VPN to not
keep logs, good luck with that too. You need to trust your NSP, for the most
part they are the scum of the Earth. You need to trust your own technical
competency to ensure there is no identifying information embedded in anything
you post, this goes way beyond exif metadata and lastly you need to be perfect
and never make a mistake in the process.
Ask yourself, "Can I afford to get caught? Can I afford at least $100,000 in
legal fees? Can I afford to do time in a Federal Penitentiary or the non-US
equivalent?"
|
|