Educational CyberPlayGround ®

Country Specific Search Engines





SecureDrop Server

Everything you do on the Internet leaves trails. Before following these instructions, go to a public wifi network, such as at a coffee shop that you don't normally frequent, and follow them from there. Or connect to a VPN.

Don't access our SecureDrop server from your home or office. If you wish to ensure maximum privacy, use the Tails operating system instead of the Tor Browser.

SecureDrop is an open source whistleblower submission systems, originally programmed by the late Aaron Swartz, that is maintained by the Freedom of the Press Foundation.


TOR Tor Says Feds Paid Carnegie Mellon $1M to Help Unmask Users
EVER SINCE A Carnegie Mellon talk on cracking the anonymity software Tor was abruptly pulled from the schedule of the Black Hat hacker conference last year, the security community has been left to wonder whether the research was silently handed over to law enforcement agencies seeking to uncloak the internet's anonymous users. Now the non-profit Tor Project itself says that it believes the FBI did use Carnegie Mellon's attack technique—and paid them handsomely for the privilege. The Tor Project on Wednesday afternoon sent WIRED a statement from its director Roger Dingledine directly accusing Carnegie Mellon of providing its Tor-breaking research in secret to the FBI in exchange for a payment of “at least $1 million.” There is no indication yet that they had a warrant or any institutional oversight by Carnegie Mellon's Institutional Review Board. We think it's unlikely they could have gotten a valid warrant for CMU's attack as conducted, since it was not narrowly tailored to target criminals or criminal activity, but instead appears to have indiscriminately targeted many users at once. Such action is a violation of our trust and basic guidelines for ethical research.

VPN Virtual Private Network or virtual private network, creates your own private, encrypted channel that runs alongside the normal Internet. How to set up your own Raspberry Pi powered VPN

2015 A team of five researchers from universities in London and Rome have identified that 14 of the top commercial virtual private servers in the world leak IP data. IPv6 traffic leakage, is pervasive across nearly all VPN services. A further security screening revealed two DNS hijacking attacks that allow us to gain access to all of a victim's traffic." They found the most common VPN tunnelling technologies relied on outdated technologies like PPTP with MS-CHAPv2 which could be trivially broken with brute-force attacks. The "vast majority" of commercial VPNs suffer from data leakage in dual stack IPv4 and IPv6 networks in a way the exposes "significant amounts" of traffic to public detection in contradiction to vendor claims.

VPN service providers can still see everything you do, if they want to. So how do you know if you Can trust your VPN provider? The honest answer is that you don't.

Earlier this year we published an overview of several VPN providers who keep no logs at all. These sound like a great and safe option, but then again, you have to trust the answers they provided. Despite all the state of the art encryptions these VPN companies offer, complete security remains a matter of trust. In reality this means that you have to carefully vet the VPN service you sign up with, asking yourself whether you really trust company X with all your data.

1) Always go through the VPN service providers' data logging policy before signing up.
2) Ensure No IP Matching To Enhance Online Anonymity
3) Anonymous Payment Options - For the best results, it is preferable to sign up for a VPN subscription by using BitCoin as a payment option and running I2P in the background.

When you are using a public wireless network, there are two approaches to insuring that data coming and going from your computer is encrypted. One approach involves securing each individual application. For web browsing, this means only using secure HTTPS pages. For reading email, it means using secure protocols such as POPS or APOP rather than normal POP.

From within any country, a VPN connects you with an Internet server somewhere else. You pass your browsing and downloading requests to that American or Finnish or Japanese server, and it finds and sends back what you're looking for. Nothing can stop you, because it can't read the encrypted messages you're sending. Every foreign business operating in any country uses such a network. VPNs are freely advertised in China, so individuals can sign up, too. Every bank, every foreign manufacturing company, every retailer, every software vendor needs a VPN to exist. This also will Encrypt your e-mail. This will stop any country from spying on you. They will not be able to see your key stokes, what you type, or where you surf, what you send in email.

Anyone who is dealing with censorship to avail themselves of the VPNGate project, running at U Tsukuba in Japan with free and ever-changing volunteer gateways scattered around the world.
See this paper for details. Excellent work and well worth reading through both in terms of network design as well as of the cat-and-mouse tactics of evading active censorship.

VPN Gate: A Volunteer-Organized Public VPN Relay System with Blocking Resistance for
Bypassing Go vernment Censorship Firewalls
Daiyuu Nobori and Yasushi Shinjo, University of Tsukuba

2012 Firefox extension to encrypt your searches
HTTPS only protects against eavesdropping. It doesn't prevent Google from logging your searches, or prevent a government or civil litigant from obtaining your records from Google. Defending yourself against logging may be possible, but is definitely harder.

Grass Mud Horse Song. Sing along and Go over, go under, go around. The New York Times reported Thursday that the alpacalike creature's Mandarin name just happens to be a very, very dirty pun. Times style rules prevent the paper from clarifying the joke, but other, less-dignified outlets explain that the phrase Cao ni ma is a homonym for "fuck your mother" in Chinese.


just download Encrypted VPN

To search anonymously you must first understand what information you are giving away. Use a free Anonymous Surfing test to find out.

How to set up your own Raspberry Pi powered VPN

"The Internet views censorship as a network failure, and routes around it." - John Gilmore

Governments who determine that they must control what people can see, in order to attempt to control what they think, censor what people can find on the internet.

Thomas Jefferson: Whenever the people are well-informed, they can be trusted with their own government.

Free cellphone encryption is coming to Android users in Egypt courtesy of San Francisco software maker Whisper Systems. Until now, Redphone and TextSecure, voice- and text-encryption apps respectively, have generally been available in the US only. Whisper Systems has been working on making the packages available internationally.

Who Controls Access to Knowledge

The issue is who controls access to knowledge, the informational content on the Internet. Is it the person seeking information or the governmental authorities seeking to limit access? Defeat all Internet censorship programs, from Net Nanny to CyberSitter to the firewalll used by government of China.

When people can only find content chosen for them by those in government and instead have to useful web content censored, they suffer and, inevitably, some die as a result.

In the case of tyrants, the goal is always to dupe people into becoming willing slaves. Naturally, when people are most free to choose what information they see, they are best able to determine for themselves what to accept, what to doubt, what to act upon, what to disbelieve, and what to ignore.

JFK On Secrecy
And Censorship

Glyn Moody points us to a blog post that has a video/audio clip of a John F. Kennedy speech to the press about secrecy and censorship, which is getting some attention for the contrast to the way our government is responding to the Wikileaks controversy.


FIRST HIDE: Download Encrypted VPN Virtual Private Network


China's Great Firewall Tests Mysterious Scans On Encrypted Connections
In the cat-and-mouse game between Chinese censors and Internet users, the government seems to be testing a new mousetrap-one that may be designed to detect and block tunnels through its Great Firewall even when the data in those tunnels is aimed at a little-known computer and obscured by encryption.
In recent months, administrators of services with encrypted connections designed to allow users secure remote access say they've seen strange activity coming from China: When a user from within the country attempts to reach a server abroad, a string of seemingly random data hits the destination computer before he or she can connect, sometimes followed by that user's communication being mysteriously dropped.
The anti-censorship and anonymity service Tor, for instance, has found that many of its “bridge nodes”-privately-placed servers around the world designed to connect users to the rest of Tor's public network of traffic re-routing computers-have become inaccessible to Chinese users within hours or even minutes of being set up, according to Andrew Lewman, the project's executive director. Users have told him that other censorship circumvention services like Ultrasurf and Freegate have seen similar problems, he says. “Someone will try to connect, then there's a weird scan, and the bridge stops working,” says Lewman. “We see weird things all the time, but this is a semi-consistent weird thing, and it's only coming from China.”
Lewman believes that China's internet service providers may be testing a new system that, rather than merely block IP addresses or certain Web pages, attempts to identify censorship circumvention tools by preceding a user's connection to an encrypted service with a probe designed to reveal something about what sort of service the user is accessing. “It's like if I tell my wife I'm going bowling with my friends, and she calls the bowling alley ahead of time to see if that's what I'm really doing,” says Lewman. “It's verifying that you're asking for what you seem to be asking for.”
But so far, Lewman says Tor's developers haven't determined how that probe is able to see what's an encrypted connection to a Tor server and what's merely a connection to an encrypted banking or ecommerce site, which in theory should both look to a snooping government like indecipherably scrambled web traffic. The Chinese government after all, wouldn't be likely to block all encrypted connections, such as corporate VPNs, Lewman points out. “If Foxconn were disconnected from Apple, that would be big problem,” he says.
In the mean time, only a small fraction of Tor's Chinese users are experiencing the issue, implying that it may be just a subset of Chinese broadband providers experimenting with the new tool, says Lewman.
China's sniffing around encrypted traffic isn't limited to the United States. Leif Nixon, an IT security administrator at the National Supercomputer Centre of Sweden at Linkoping University, says he independently spotted the phenomenon hitting his servers a full year ago, when Chinese students or researchers tried to log on to the Centre's systems through SSH connections, and wrote a blog post about his findings earlier this month. “I don't know what the probes are supposed to accomplish,” he wrote at the time. “My only guess is that the government is looking for certain services it doesn't approve of, like open proxies or Tor relays, and that precise fingerprinting may be too expensive. Instead, they resort to an inspection method similar to fuzzing, where pseudo-random data is thrown at the server, just to see what happens.”