Anonymize your connections and communications

به روز شده17 September 2024

“Strong encryption and anonymity are fundamental for the protection of human rights in the digital age and are critical to individuals who face persecution because of their sexual orientation or gender identity. Anonymity has been a crucial tool for women and sexual minorities for self-expression, connecting and mobilizing and the use of anonymity online supports the most vulnerable groups.” (Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, David Kaye, to the U.N. General Assembly, 22 May 2015)

This guide explains how to anonymize connections and communications to achieve a specific goal without leaving any traces. This strategy is particularly helpful in high-risk situations where your activities cannot be connected to your identity as this would compromise your freedom and wellbeing.

If you need an alternative identity for a longer-lasting project (for example to keep your official name separated from your activities as a human rights defender), also read our recommendations on how to manage and secure multiple online identities.

If you are thinking of using anonymity tools, consider that in some countries some of these are illegal or can be interpreted as a sign that you are doing something wrong. In such cases ask yourself if you could find other ways of reaching your goals, for example by using methods that don't require accessing the internet.

Consider whether you really need anonymity tools

We strongly recommend to use anonymizing tools based on Tor and to follow the instructions in the sections below, in these situations:

• if you need to make sure that nobody can trace back some specific activities you are going to undertake to your official identity;
• if censorship circumvention tools like VPNs are blocked in your country.

In other cases, you may have needs that could be addressed through different, and probably simpler, solutions, for example:

• If you need to stop someone on your local network or ISP from seeing sensitive data you enter in a website, you can make sure that your connection is encrypted by enabling HTTPS-only mode in your browser.
• If you want to protect yourself from commercial tracking, stopping third-party cookies in your browser settings and installing free and open-source privacy extensions in your browser might be enough for you.
• You can try using a VPN if you need to:
  • access websites or services that are blocked or censored in your country or in the local network you are connecting from (like your library, workplace, hotel, etc.),
  • avoid that the owners or managers of the websites and services you access know where you are, or
  • avoid monitoring by your local internet provider or somebody in your local network.
  • In all these cases we recommend you to read our guide on how to circumvent internet blockages first.

Get ready

• Create an alternative identity and make sure nobody can connect it to you. In particular, follow the instructions for some crucial steps:
  • Get a different phone number - if you are planning to register a new phone number through an online calling service, use the Tor Browser to register it.
  • Create a new email address using the Tor Browser and the separate phone number you have obtained for your anonymous identity.
  • Separate your anonymous identity using a different device or virtual environment.
  • Reflect on what kind of online services and messaging apps you will need to achieve your goal and register new accounts using Tor and the separate phone number you have obtained for your anonymous identity.
  • Learn how to keep your new identity really separate from your usual online presence.
• Make sure the devices you want to use for your anonymous activities are secure, updated and protected against malware.
• Learn how to protect sensitive information and familiarize yourself with file and device encryption.

Browse the web anonymously

• Install the Tor Browser (for Windows, macOS, Linux and Android).
• Install the Onion Browser (for iOS).
• Watch the YouTube video by the Tor Project on how Tor Browser protects your privacy and identity online.
• Watch the YouTube video by the Tor Project on how to use the Tor Browser securely.
• Read the Tor Project overview on how Tor works.

Use Tor securely by avoiding common mistakes

• Control what information you provide online, such as logging into personal accounts or providing personal information.
• Make sure any files you're sharing don't include metadata, such as dates, location or device information. Learn how to remove this data in our guide on how to destroy identifying information.
• Don't use the same Tor circuit for more than one identity at a time. Learn more on managing identities in the Tor documentation.
• Don't connect through untrusted devices that could be infected with malware and make sure your device is secure and protected. Learn how to avoid possible infections in our guide on malware.
• Don't torrent over Tor as your torrent client might reveal your IP. Read more on this risk in the Tor Project blog post on why Bittorrent over Tor isn't a good idea.
• Don't enable or install browser plugins: Tor Browser already comes installed with one add-on — NoScript — and adding anything else could deanonymize you.
• Make sure you use the HTTPS versions of websites and be cautious when visiting websites you don't know as they might be malicious.
• Be mindful when opening documents downloaded or received through the Tor Browser as these documents may contain malicious scripts that could deanonymize you. You can convert such documents to safe form using DangerZone.
• Be aware of physical security risks like shoulder surfing or cameras recording your screen, try to share about your anonymous activities only with very trusted people and reflect on how to separate your everyday life from the physical activities of your anonymous identity, for example when attending an event.

Anonymize all your connections

• Install Tails (requires a computer).
  • Learn how Tails works.
  • Read the Tails documentation to get started.
• If you prefer to anonymize just some of your connections, you can install Whonix.
  • Watch What is Whonix? — Your Internet Privacy Super Tool (on YouTube).
  • Learn how to use Whonix in the official documentation.
• On mobile devices, you can anonymize all your connections with Orbot.
  • Read Hudsonwillis' guide on how to set up Orbot.

Chat anonymously

• Read our guide on how to chat securely to choose a chat service that works for you. Ideally, choose a tool that offers end-to-end encryption and that allows to use a username rather than a phone number to connect with other people.
• If a phone number is required to create an account on the chat app you have chosen, get a new phone number for your anonymous identity. If you need to get the phone number from an online service, use Tor to connect to that service.
• If the chat service requires an email address to register, get a new email address over Tor. Read our guide on safe email to choose a secure email provider.
• Only connect to the chat service through Tor, either by using a web-based chat through the Tor Browser or by using a chat app on a device that makes it possible to anonymize all your connections.

Exchange anonymous emails

• Read our guide on secure email to choose an email provider that works for you. Request a new email account on the server you have chosen using the Tor Browser or another tool that anonymizes all your connections.
  • If you only want to send one or few emails and don't need to keep the same email address for a longer period of time, consider using a disposable email address like anonbox or Guerrilla Mail.
• Only connect to the email service through Tor, either by using a webmail interface through the Tor Browser or by using a mail client like Thunderbird on a device that makes it possible to anonymize all your connections.

Send and receive files anonymously

• If you need to send files securely and anonymously, or to allow someone to send you files without revealing their identity to anyone, you can use OnionShare, an open-source tool that lets you securely and anonymously share files, host websites and chat with friends using the Tor network.
  • Install OnionShare (for Linux, Windows, macOS, Android and iOS).
  • Send files anonymously with OnionShare.
  • Use OnionShare to let people anonymously submit files and messages directly to your computer.
  • You can also use OnionShare to set up an anonymous chat room and even to host a website.
  • When sharing files through OnionShare, you will need to send an address and a private key — make sure to use a secure chat over Tor to preserve your anonymity when sharing this information.
• If you need to quickly share a file, you can use a temporary file sharing service, opening it with the Tor Browser.
  • If the file you want to share is not heavier then 2GB you can use the Disroot file uploader based on free and open source software called Lufi.
  • If the file you want to share is not heavier than 50MB, you can use share.riseup.net: click the upload button, wait for the file to upload and share the link you get with your recipient. Remember that the file will be deleted after 12 hours.
• You can also send and receive files anonymously by through an anonymous end-to-end encrypted chat app or by sending an email encrypted with OpenPGP. Make sure to use a secure email or chat account that you have set up anonymously to begin with.

Use Tor Bridges if you can't connect to Tor automatically

• Tor may be blocked or illegal to use in some countries. If Tor is blocked or unsafe to use in your country, you can use a Tor "Bridge".
  • Learn how to connect to Tor from China.
  • Learn how to connect to Tor from Russia.

[Advanced] Set up a whistleblowing platform to receive files anonymously

• Consider using SecureDrop.
• Consider using GlobaLeaks.