I will tell you how you can be found and how to counteract this, along with describing the algorithms of proxy, VPN and other means of anonymization in the simplest possible language.
Greetings to all, dear carder friends!
In this article, I will tell you how you can be found and how to counteract this, while simultaneously describing the algorithms of proxy, VPN, and other anonymization tools in the simplest possible language. This is necessary for understanding, so as not to load anyone with professional slang and complex terms that can easily be omitted or replaced with simple analogues.
This article is intended for beginners.
Let's get started...
It all works like this: when connecting to a VPN, an encrypted communication channel is created, and all data on the VPN is transmitted encrypted with the SSL 1/2/3 version protocol. Maybe you can even find a VPN with TLS encryption on the Internet. And every time you press Enter in the address bar of your browser, the request is sent not to the site that you entered in the address bar, but in encrypted form to the VPN. There it is decrypted and executed, and the result (the page in the browser, VPN works for all requests to the network from all applications on the computer) is sent to you. Similar to the proxy principle. That's what he is. A VPN acts as an encrypted proxy server between you and all Internet connections on your PC.
Are you sure that the person who provides VPN services, his company and he is located in another country? Are you sure that the security forces of your country do not have power over the VPN boss? And now the same thing, but about the moderator, or the technical employee of this VPN? But what about the option when the special services and police themselves open such a site for providing VPN services during operational search or preventive measures? I do not mention the possibility that there is a vulnerability on the server with a VPN, or the administrator of this service is generally so stupid that he sends logs not just by official decree, but even by email or phone call. Yes, this can happen. Actually, the same applies to dediks, so I mentioned them in the subtitle.
With dediks, in fact, the same persimmon. Only there is also added the factor that you will never know the exact number of places where logs are written on your specific server, whether there is some hidden pool there, and whether logs are written over the dedic itself. And no software that "cleans logs after you log out" will help you.
The second is that TOR output nodes are often logged by the holders of these same nodes. I just want to say that using TOR, I can easily steal all your authorization data (from a bitcoin wallet, for example). Or blackmail you with the content of your requests that you sent from the TOR. You didn't go through the bulbous browser to see funny pictures, did you?
The principle of operation of THOR is similar to an onion, which is why the logo is not a hammer, but a bow. Requests through the TOR browser are transmitted from 1 repeater (the principle of retransmission in the TOR is similar to the principle of cellular towers in GSM operators, these are ordinary computers of activists who allowed the TOR to use their computer as an intermediate or even final point in multi-layer TOR requests. Such computers are called nodes, or repeaters). From your computer, it flew to node # 21323, from it to 284, then to 3289, then to 9819, then to 13981, and so on, a lot of layers, from different countries of the world. In the end, your request for a fellow major is lost somewhere among these nodes and countries, and he no longer has the authority and desire to unravel it further. The onion principle. Caught up? And of course, in this network of onion layers, there is a layer that is the last. That is, a layer that sends a request to the Internet and returns it to you. This "layer" is called the output relay. And it receives already decrypted data, i.e. your usernames and passwords in clear text. Well, or at least your cookies. All this is very often collected and people make money from it.
Be prepared that removing yourself from the search engine results may require more thorough work, including paperwork in the real world (for example, fax messages, etc. to confirm your identity). Top Search Engines and People Search Engines that You should Check out:
Avoid high-pitched conversations, legal threats (unless they refuse to cooperate and you are actually willing to do so), or other unflattering ways of handling a case.
You should know that in the following cases, deleting references to yourself will be extremely difficult:
Greetings to all, dear carder friends!
In this article, I will tell you how you can be found and how to counteract this, while simultaneously describing the algorithms of proxy, VPN, and other anonymization tools in the simplest possible language. This is necessary for understanding, so as not to load anyone with professional slang and complex terms that can easily be omitted or replaced with simple analogues.
This article is intended for beginners.
Let's get started...
How VPN and SSH tunnels work
VPN and SSH tunnel are very similar things in the algorithm of operation. Tunnels are even called a poor man's VPN.It all works like this: when connecting to a VPN, an encrypted communication channel is created, and all data on the VPN is transmitted encrypted with the SSL 1/2/3 version protocol. Maybe you can even find a VPN with TLS encryption on the Internet. And every time you press Enter in the address bar of your browser, the request is sent not to the site that you entered in the address bar, but in encrypted form to the VPN. There it is decrypted and executed, and the result (the page in the browser, VPN works for all requests to the network from all applications on the computer) is sent to you. Similar to the proxy principle. That's what he is. A VPN acts as an encrypted proxy server between you and all Internet connections on your PC.
Dedik, VPNs are not means of anonymity
Many people think that by connecting to a VPN, they become wild anonymous users. Well, it's not easy to ruin their wet fantasies, but it's unlikely to save them from the zone. The fact is that almost all VPNs on the Internet keep logs, which they will gladly give to a comrade major. Simply because providing VPN services is a business. And when citizens come to you in uniform, you have to fulfill their requirements in order to keep the opportunity to continue doing business.Are you sure that the person who provides VPN services, his company and he is located in another country? Are you sure that the security forces of your country do not have power over the VPN boss? And now the same thing, but about the moderator, or the technical employee of this VPN? But what about the option when the special services and police themselves open such a site for providing VPN services during operational search or preventive measures? I do not mention the possibility that there is a vulnerability on the server with a VPN, or the administrator of this service is generally so stupid that he sends logs not just by official decree, but even by email or phone call. Yes, this can happen. Actually, the same applies to dediks, so I mentioned them in the subtitle.
VPN without logs and cleaning logs on dedik
It's no secret that various illegal forums promote different VPN services that promise no logs. First, you can check this only if you have the server's IP address and the root user's password. But even here there is a problem that the logs are kept by the VPN provider, and your Internet provider too. According to the law, it is necessary.With dediks, in fact, the same persimmon. Only there is also added the factor that you will never know the exact number of places where logs are written on your specific server, whether there is some hidden pool there, and whether logs are written over the dedic itself. And no software that "cleans logs after you log out" will help you.
How will the police find you hiding behind a VPN or VDS?
For starters, when they set up the IP from which the alleged crime was committed, they look at which country that IP is from. If not from your network, then they will find out the IP address during COPM, which in a given period of time sent packets (the same encrypted ones that I described in the subtitle about VPN) to the IP address from which the violation occurred. So, if an inexperienced user committed an offense, then almost direct evidence appears against them already at this point. Then it's a small matter - ask the logs from the provider regarding the suspect, study them, and make an arrest.SSL Hacking
SSL encryption, which is used by almost all VPNs and tunnels, was hacked. This means that the traffic that you drive through the VPN can no longer be considered encrypted at all, and anonymity is lost.TOR
Many people try to solve all the problems of TOP. And there are a number of problems here. I would say diagnoses. And the name of this diagnosis is illiteracy. First, you will never hide from the site that you are sitting through the TOR, the onion network is open, and the browser settings are also burning you.The second is that TOR output nodes are often logged by the holders of these same nodes. I just want to say that using TOR, I can easily steal all your authorization data (from a bitcoin wallet, for example). Or blackmail you with the content of your requests that you sent from the TOR. You didn't go through the bulbous browser to see funny pictures, did you?
The principle of operation of THOR is similar to an onion, which is why the logo is not a hammer, but a bow. Requests through the TOR browser are transmitted from 1 repeater (the principle of retransmission in the TOR is similar to the principle of cellular towers in GSM operators, these are ordinary computers of activists who allowed the TOR to use their computer as an intermediate or even final point in multi-layer TOR requests. Such computers are called nodes, or repeaters). From your computer, it flew to node # 21323, from it to 284, then to 3289, then to 9819, then to 13981, and so on, a lot of layers, from different countries of the world. In the end, your request for a fellow major is lost somewhere among these nodes and countries, and he no longer has the authority and desire to unravel it further. The onion principle. Caught up? And of course, in this network of onion layers, there is a layer that is the last. That is, a layer that sends a request to the Internet and returns it to you. This "layer" is called the output relay. And it receives already decrypted data, i.e. your usernames and passwords in clear text. Well, or at least your cookies. All this is very often collected and people make money from it.
Fingerprints
Various good and not so good sites have a lot of ways to identify your computer even when you have cleaned all cookies, reinstalled the browser 20 times, and generally log in through a virtual machine. All these things are called fingerprints. For example, the unique number of your processor. This is the simplest one. And there are also fingerprints based on a set of fonts, and I even saw somewhere a fingerprint that identifies users by a computer mouse. They all have different reaction speeds and other parameters. If you're interested, Google it. And then there are Ever cookies, those "eternal" cookies that are hidden in more places on your computer and are quite difficult to delete.Double VPN
A VPN chain can consist not of a single VPN server that you join, but of two, three, or four (these are Double, Triple, or Quadro connections, respectively) connections. They are more stable, and they are no longer affected by the trick described in paragraph 4, when the police simply looked at which IP was accessed from the VPN IP and calculated who was hiding behind it.Do you want to escape from the Internet?
Then there are more stringent methods that need to be applied in particularly critical situations. While some people are attracted to online fame, for others it can become a heavy burden. Completely removing yourself from the Internet is not always possible, but by following these instructions, you can definitely be close to it.Think carefully about your decision before continuing.
Much of what is suggested below cannot be undone. This means that you will lose all information and traces of your online presence, and in some cases you will not be able to restore your account using the same name and email address. These are drastic measures, and they should be applied on their merits.Delete your accounts
You may not remember all the sites where you are registered. The more popular a site is, the more effective it is to remove your personal information from it if you are trying to disappear from the Internet. This won't necessarily clear the deep web's memory of you, but it's a good start. The following list should help you identify your priorities:- Delete yourself from VK, Instagram, Facebook, Twitter;
- Delete your Google Account;
- Delete your account on eBay or any other online auction site;
- Remove yourself from Avito, Yula and any other "flea market";
- Delete your account on the school, college, or university website, but only if you don't already study there;
- Delete your personal information from all game sites. Yes, this includes all the virtual valuables that you have won and accumulated over the years. Distribute all your items to people who need them, if this is provided for by the site's rules.
Look for workarounds if the account cannot be deleted
The rules of some sites do not allow you to completely delete your account, suggesting instead that you simply “deactivate” it (while all your data remains in the system) or abandon it. If there is a real reason for deletion, please contact the site creator or its administrators. As a last resort, you should be able to change your first and last name information to hide your identity. If the site doesn't respond, there is another way:- Delete any truthful information about yourself from your account. If it is impossible to leave the fields blank (or you suspect that your data is still stored somewhere), replace them with frankly fake (Vasily Oppenheimer, Jr.) or hopelessly hackneyed (Vasya Pupkin) options. You should not associate your abandoned page with some poor guy whose name matches the one you specified. Please note that if you enter a non-existent email address, the system will send a confirmation request there, so this option will not work. This pushes us to the next step.;
- Create a new email account on the free site. The less your username looks like your real name, the better (for example: jr7_9![email protected]). Also, do not provide truthful information. Don't close this page; if the email address is really that clumsy, you may not remember it later;
- Link the account that is not being deleted to the new mailbox. Confirm the request to change your email address. When the data is changed, make sure that your primary email address is no longer displayed anywhere in this account;
- Delete your new mailbox. Your account that is not being deleted is now linked to a non-existent email address. There is always a chance that someone will choose this particular username jr7_9![email protected] for email and wants to create an account on the same site. Then there will be confusion, but it probably won't bother you too much.
Close your personal pages
If you created sites online, you will have to delete them completely. These include:- Blogs. If you had a popular blog, remember that fragments from it may have already spread on the Internet. There's nothing you can do about it;
- Blogs in social networks. Many sites offer blogging as an additional option when registering; do not forget about this if you have created such a blog before;
- Groups like Ning, Gro. ups, Yahoo Groups, etc. How well you will be able to leave such groups depends on the other participants.;
- Posts on forums. This may be almost impossible on some sites, but try to do your best;
- Articles that you added to specialized sites. Success will depend on the terms and conditions of these sites.
Make sure that you are not listed in the phone company's customer list
If this is the case, ask them to delete your data completely. Do the same for other client databases on the network that may contain your name and other information.Cancel all mailing lists to your email address
This should be quite simple and can be done by clicking on the direct link specified in the message text. Follow individual instructions. If you can't find such instructions, please contact the site administrators directly.Delete the Internet search results that relate to you
Enter different variations of your name or nickname in the search engine to find anything you might have forgotten, and delete it manually. Keep in mind that search engines display cached data (including mentions of you) from old pages that have already been changed or deleted.It is not in the search engine's interest to display expired information in the results, so they will disappear over time. In some cases, however, you will need to contact the search engine administrators directly for expedited removal.Be prepared that removing yourself from the search engine results may require more thorough work, including paperwork in the real world (for example, fax messages, etc. to confirm your identity). Top Search Engines and People Search Engines that You should Check out:
- Google;
- Yandex;
- Search results Mail.ru;
- Yahoo;
- Bing;
- White Pages;
- Intelius;
- Yahoo People Search;
- Acxiom;
- People Finder;
- Zaba Search.
Be polite
Even if you are driven by anger, fear, or annoyance, don't let it affect the tone of your communication with website managers. They are the same people and will respond to a reasonable request for good reasons. If you want to remove the mention of your name because you are looking for a job, say so; this way, at least, they will know that you have a real reason.Avoid high-pitched conversations, legal threats (unless they refuse to cooperate and you are actually willing to do so), or other unflattering ways of handling a case.
Delete your email account
The method of deletion depends on whether you are using a paid or free service. If you decide to take such extreme measures, please wait until all the other steps described in this article are completed, as you may still need your email address to complete them.- If the service is free (for example, Gmail, Hotmail, etc.), delete your email by following the site's instructions.
- If the service is paid, contact the relevant company for instructions. Even fully electronic organizations need to be managed by live people who can be contacted.
- Some free email mailboxes are deleted automatically after a certain period of non-use.
- Before deleting your email, always make sure that it contains important information that is worth saving. Transfer all the necessary materials to a flash drive or using another storage method.
Accept the fact that you will not be able to delete absolutely everything.
There may still be some things that can't be helped. In such cases, it is best to accept everything as it is. If the echoes of your virtual life haunt you, you can always pretend that it's not you (especially if you have a very common name).You should know that in the following cases, deleting references to yourself will be extremely difficult:
- Mentions of you in news, blogs, audio files, and so on;
- Comments left by you anywhere else;
- Your photos uploaded by other users to their albums;
- Photos taken by you and found on other people's websites or blogs;
- Information from government sources that provide for the legitimate provision of public data (except in cases where there is a court decision to delete such information).
Recommendations
- There are special programs that will help you remove information about yourself from various sites. Find them online;
- Using the whois service or a domain search engine, you can determine who owns a particular website so that you can know who to contact if necessary. This is especially useful when the site doesn't include the owner's email address. Look for "admin email" and "database server" in the specified information;
- Please contact Google webmasters to remove certain pages and sites from the search results. Be prepared to explain the reason;
- Change your name. The advantage is that someone who recognizes you under the new name will not search for information about you using the old one. But everyone you knew before knows you by your old name. Moreover, changing your first or last name will lead to difficulties with the registration of business, legal and other official documents. This is not an ideal solution.
Warnings
- Be prepared for the fact that some developers will start to grumble and insist on their "right" to leave public information free for public access. Some of them simply don't want to look at the issue from a different angle and take it as a personal insult. Be persistent and contact your lawyers if necessary;
- Some sites use mailing lists that try to push you emotionally and make you stay. Phrases like "all your friends will lose sight of you" are designed to make you think twice; after all, the site doesn't want to lose the customer in you.
- Remember the rule "what gets into the network once stays there forever". Be careful when choosing the information you are going to share on the Internet. The best treatment is prevention.