I’ll start with a disclaimer: I’m not sure what I’m doing. This writing describes my efforts to get online anonymously and write about information security as I learn about it.
Here’s the process I went through to write this post.
The goal: Create a set of accounts online that aren’t associated with any of my other online activity, then use those accounts to write under a pseudonym about security.
Start with Tor
Before I began setting anything up, I got online with Tor. If you skip this step, nothing below will help you — all of your traffic will be going to the sites I’m writing about directly from your IP address. The Tor browser prevents this by bouncing your traffic across a network of other computers before it goes to its destination.
Finding anonymous email is hard
There are tons of options, and tons of blog posts that lay the options out. I won’t run through them all here, but the one I went with — prioritizing security, Tor compatibility, cost (free), and location — is RuggedInbox.
Location was key. I wanted the service to be outside of the U.S. to evade American court orders. I’m sure that’s not a foolproof method, but it’s better than Gmail, Yahoo! or hotmail if you’re worried about authorities getting into your business.
I like Medium. It’s possible to make an account with just an email account, and it’s easy to log in — you just enter your email address (RuggedInbox) and Medium sends a link that you click to log on.
Medium is in the U.S., but everything I’m publishing here I’m publishing, so I’m not to worried about snooping and Tor is covering my location. Most publishing platforms have a lot of bells & whistles that set off Tor’s NoScript function. Medium is no exception, but it seems to work okay without allowing too many scripts to reach in and potentially ID the computer. If anyone knows of a better platform, let me know and I’ll move there.