Keeping the Web Private in a Post-NSA World
How you can help while doing basically nothing.
By now you certainly have heard all you need to about the NSA, Edward Snowden, and the US Government to know that privacy on the web doesn't exist. For someone like me who is boring enough to not be a target of any investigation I am not personally worried about my activities online but I do feel that people should have a right to privacy. Especially people that that disagree with the US, or any other government’s political system.
This got me thinking… What could I do to help individuals seeking privacy that doesn’t involve me holding a sign up and marching in the streets?
Then I read this article on The Guardian and this one on The Verge. In short, they outlined the NSA’s difficulty in understanding or tracing the data that goes through TOR’s network.
The TOR network, or The Onion Network is :
[a] free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.
Basically it’s a system of interconnected computers that bounce around data to different servers to make it difficult to trace back to a single user.
I have heard about Tor for years, thought it was cool, but didn't really have a use for it. While I disagree with some of our government’s decisions I am not really standing up against them any more than the occasional Tweet or Facebook post complaining about it, voting, and the few calls to my Congresspeople.
Then I had an idea: What if I could use this now ubiquitous Raspberry Pi just sitting here on my desk at work doing nothing and put it to use to help support privacy? It’s doing nothing, certainly powerful enough to help relay traffic around the web and we have plenty of bandwidth here at my office. I found a great little write up of how to configure my Pi to do this here.
20 minutes later, voila! I am helping to keep the web private and people with more motivation to communicate securely with each other.
I encourage YOU, small start up businesses with plenty of bandwidth and spare micro-computers like the Raspberry Pi laying around to do the same. It takes 20 minutes of your time, is a cool project to do, and helps the world communicate securely. Here is how I did it:
Step 1: Make sure you have the ability to have ports 9001,9030 forward to the Pi. You will likely have to have help from your SysAdmin to do this. So tell them about this project, and get their signoff first.
Step 2: Make sure you have a Raspberry Pi, Power Cord, Ethernet cord and SD card flashed with the latest Raspbian distro here.
Step 3: Plug in the flashed SD card, Ethernet and Power Card (In that order) and wait a minute for the Pi to power up.
Step 4: Assuming you are on a Mac, open up Terminal (You can find it by typing “Terminal” in the little magnifying glass at the top right of your screen)
Step 5: Connect to your Pi via SSH using the following command. If you don’t know your Pi’s IP you can find it here
ssh pi@192.168.0.80
- It’s going to ask you about adding a key, say Yes.
- Then enter your password. At this stage it is: raspberry
Step 6: Type the following commands into the Terminal
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install tor
Step 7: Once that is all installed you need to configure it to work by typing in
sudo nano /etc/tor/torrc
This is going to open up a text editor with a file full of stuff to edit. What I recommend editing is the following. (Use down arrow to scroll through). In some cases you need to delete the # in front.
Log notice file /var/log/tor/notices.log
Log debug file /var/log/tor/debug.log
RunAsDaemon 1
ORPort 9001 #Provided your IT opened this up for you.
Nickname AddYourOwnNicknameHere
RelayBandwidthRate 1024 KB # Throttle traffic set to what you want
RelayBandwidthBurst 2048 KB # What bursts can be set to.
DirPort 9030 # what port to advertise for directory connections, and IT opened for you
Once that is done hit control + X and then yes to save.
sudo /etc/init.d/tor restart
Step 9: Verify it is working by looking at the following log file
sudo nano /var/log/tor/logo
And after a few hours you should be able to see it listed publically by the Nickname you set here
Email me when Steven publishes or recommends stories