internet safety protocols for escorts and clients

[+ Tom Isern]

I would like to suggest/request that the good folks here at daddysreviews use something they have in abundance to help sex workers and clients (even more than they already so generously do!) alike—their knowledge of computer systems and the internet, that daddy's create and publish here a short document that contains practical guidlines for maintaining internet security and anonymity.

 

I recently attended a workshop sponsored by the urban justice center's sex workers' project, and one of the thngs they addressed was internet security. they suggest that everyone use the tor browser, for instance, for any surfing or communicating where one is concerned with surveillance. if tor is as effective as they say, why not have a splash page when one signs onto this site suggesting that all users us it? or is that too much? is not effective enough to justify that kind of attention? I simply don't know...

 

there were multiple things they suggested, including using textsecure, good password security, keepassx, and disk encryption. that's a lot of things to keep track of and a heavy agenda for most of us, I'm sure! it would be helpful, however, if someone with some real expertise in computer networks could tell us the easiest and best ways to keep our internet communications as secure and private as possible. this might help us all feel safer and sleep more soundly at night! what do folks think? do I hear a second?

[+ Tom Isern]

I just signed into my gmail account using tor for the first time and got a rather urgent-looking message from google. someone, they were worried, had just signed into my account from a windows device (I don't use windows), using the firefox browser (ha!), and the person signing in was located in germany. google was not pleased; I am.

[+ honcho]

I only know a little bit about Tor. It could be that if you were using it, your tunnel endpoint could have easily been in germany

easily, and likely a windows system, but that doesn't account for the use of Firefox, which I thought was determined in other

ways.

[+ FreshFluff]

I just signed into my gmail account using tor for the first time and got a rather urgent-looking message from google. someone, they were worried, had just signed into my account from a windows device (I don't use windows), using the firefox browser (ha!), and the person signing in was located in germany. google was not pleased; I am.

 

The problem is AFAIK, Gmail, AFAIK, won't let you sign up using Tor. So in theory, Google could still release the IP address from which you signed up.

[+ Tom Isern]

The problem is AFAIK, Gmail, AFAIK, won't let you sign up using Tor. So in theory, Google could still release the IP address from which you signed up.

 

good to know. so you're saying that one should create an account at an apple store? and then use tor to access that account? that would be a good way around it...?

[+ honcho]

The problem is AFAIK, Gmail, AFAIK, won't let you sign up using Tor. So in theory, Google could still release the IP address from which you signed up.

 

I could believe that Google wouldn't let you request a new account using Tor; however it would seem to me

that it would be strange for them to refuse to let you log into an existing account using Tor.

[+ FreshFluff]

I could believe that Google wouldn't let you request a new account using Tor; however it would seem to me

that it would be strange for them to refuse to let you log into an existing account using Tor.

 

Oh, they certainly would. But in that case, LE could track you down using the IP from which you signed up.

[+ SundayZip]

Tor is one way to go to protect your privacy on the internet, but it has lots of downsides (slow, some ISPs block traffic, other things). A better option is a Virtual Private Network (VPN). You can use a free VPN or pay a subscription fee for a more of a full service VPN.

 

http://lifehacker.com/5940565/why-you-should-start-using-a-vpn-and-how-to-choose-the-best-one-for-your-needs

[Steve9332]

So I am looking into the whole VPN thing. One question that pops up for me, ( this vpn thing is all new to me )

is, would it make sense to sign up with one VPN and then use that one to sign up with a 2nd and go through 2 of them, is that even possible?

[Guy Fawkes]

Forgive me but the advise you was given was not very well thought out.

 

The problem with using Tor (or any VPN) is that is shines a very large spotlight on you as pointed out earlier. This is the method that Spam robots, Hackers, and Kiddy scripts use to attempt to get access to the servers. My security system routinely denies access to people attempting to register via VPN. I monitor such things, and my trust level in you goes way down when you use such methods.

 

A much better method is to encourage all your favorite sites including your own to adopt SSL (i.e. https:) that routinely encrypts web site exchanges and provides end-to-end security. There will be a lot more of this as the "Let's Encrypt" campaign comes online over the next few months because they're handing out free SSL certificates for the asking. This is a big item on my Holiday shutdown schedule this year.

 

Likewise you can protect your email by using PGP (Pretty Good Privacy) encryption. I can't make any recommendations currently because it appears that it was bought out by Symantec and I refuse to pay $175 for something that I have the source for. The price is probably a misprint but I can wait, I expect the price to be about $20. I'll consider creating a directory of public keys for PGP if the demand shows up.

 

I may feel the need to create a alternate version to the OpenPGP package but the next version of the website has much higher priority.

 

However, encrypting a partition on your disk is a good idea but can be a pain if disaster strikes and you need to recover to another machine. If they don't have encrypted storage vaults on the iphone, ipad and the like, I could be encouraged to write one.

 

However, Thank-you! I'll add a chapter to my book that'll give practical advise on Internet Security and how to do it.

[+ deej]

For the average computer user, the rule is simple: if you don't want a history on the internet, don't go on the internet.

 

Once you're on the internet, the internet will never forget you. Changing to misdirection techniques only makes you look suspect, as Daddy says, and your previous history is still out there. Since you're now suspect, authorities will now be more likely to link you to previous content.

 

Once you go online you have accepted all of the risks of being online.

 

Accepting that, breathe. Breathe deeply.

 

Don't panic.

[Prime Muscle]

I have started using hushmail.com out of Canada for email. I use the free email account but am seriously considering upgrading to the premium service ($50 but goes on sale at times).

 

It's fairly easy to use and they will protect your privacy to the extent they can. And because it is based in Canada, most US authorities will likely not pursue unless it's something serious.

[Rudynate]

I have started using hushmail.com out of Canada for email. I use the free email account but am seriously considering upgrading to the premium service ($50 but goes on sale at times).

 

It's fairly easy to use and they will protect your privacy to the extent they can. And because it is based in Canada, most US authorities will likely not pursue unless it's something serious.

 

I use hushmail for my office account.

[+ FreshFluff]

Hushmail did share info with the feds a while ago after having received a court order.

http://www.wired.com/2007/11/encrypted-e-mai/

[+ honcho]

Thank you for sharing that with us, FF, truly.