From HackersWithoutBorders

About this document

Background

About Facebook

http://www.facebook.com is a social networking site. It allows people to communicate, to socialize and to build communities. Here are a few basic facts about Facebook:

Facebook normally requires you to provide a your real name and address – but they don't verify.
Facebook does not require any personally verifieable information such as a credit card number.
Communication over Facebook is unencrypted, although login information (password) is encrypted.
Facebook never publishes access logs of a user, nor provides them to anyone except the police.
Facebook requires individuals who want to communicate to register a “friendship” with each other on the site. Friends of an individual can see each other in a friend list.

About FireGPG

FireGPG is a cryptographic plug-in for the FireFox webbrowser. It allows the user to digitally sign and/or encrypt data in web forms, and check signatures and decrypt data encrypted for the user posted on webpages. A few basic facts about how signing and encryption works using FireGPG:

Each user creates a so called key pair. A key pair is made up of a private key and a public key.
The public key should be widely distributed, the more people who have a copy, and know for sure it comes from the right user the better. It does not matter if an adversary has a copy of this file.
The private key should be kept private. Only the user should ever have access to this file.
The private key is encrypted using a password, which must be entered before it can be used. This is just one level of security – do not count on this alone to secure your private key from others!
Using a public key, anyone can encrypt data/text, so that it can only be decrypted and read by someone with access to the corresponding private key.
Using a private key, a user can sign data/text, so that anyone with the corresponding public key can verify that it was written by that particular user.

FireGPG is available at: http://getfiregpg.org

About TOR

TOR (The Onion Router) is a network of volunteers and their machines that allows (relatively) untraceable web browsing. It works by redirecting the communication between your machine and the web server through a random set of machines within the network, each machine only knowing the previous machine in the chain, and no machine logging the connections.

When using TOR, the websites accessed can not trace the communication further than the last TOR router machine, the so called exit node. To compromise communication, every node along the path must be compromised, before the communication ends. As each request for a new page travels another path through the network, this means that a sizeable share of the TOR network would have to be compromised for the communication to be traced back to its source.

TOR is available at https://addons.mozilla.org/en-US/firefox/addon/2275

There is also the possibility of using a service like http://www.anonymizer.com/ although this would require you to trust another company.

Facebook as an anonymous bulletin board system

Facebook can be used as a relatively anonymous and secure many-to-many and one-to-one communication medium. To set it up, follow this list:

Each person registers as a Facebook user under a fake name. Note: This is against Facebook's Terms Of Service. Who cares?
One or a few persons are selected “organizers”. Their fake names are spread to all participants (but their real names should not be known).
Everyone registers friendship with the organizers, and then with everyone on the organizers' friendlist. This way, everyone is a friend of everyone else and can communicate, and no one knows who anyone is in reality.
To send someone a message, write it on their “Wall”. This will be seen by all participants and everyone can comment.
To communicate with just one or a few participants, send them a “Message” (works like email, and can be sent to multiple users).
If an account is compromised, the compromiser cannot automatically trace the other accounts to their owners, but would have to lure them to give up their names.

Securing messages against plants at Facebook or in the police

FireGPG can be used to encrypt and sign communications between two participants if both have each other's public keys. This way, no one but the two can read the messages, not even Facebook employees or the police. Note: The public keys will have to be exchanged outside of Facebook, preferably in a real-life meeting, to make sure that they correspond to the right person.

Alternatively, a public key known by one participant can be sent to others over Facebook signed by that participant. In this scenario, the others subsequently using that public key would have to trust the person who signed it on their word that it belongs to the right person.

Note: Cryptography and signing can be used to ensure that you are communicating with the same person throughout a conversation, even if you do not know who that person is in reality. To do this, simply download the other person's public key off of the Internet (e.g. from their Facebook profile).

Securing users against discovery by plants at Facebook or in the police force

Anyone accessing Facebook, or any other webpage, leaves a trace in the site's logfile. This is usually used for producing site usage statistics, but can also be used to trace down a user by anyone with access to the log file, such as an employee or the police.

The log file record contains the IP number of the machine that accessed the webpage. When using TOR, that record will contain the IP of the TOR exit node, not your machine. Since TOR connections are untraceable within the TOR network, there is no way that the log record could lead back to you.

Dos and DON'Ts

Do not ever leave a copy of your private key somewhere where others have access to it. Preferably keep it on a USB memory stick.

Do not trust what people write unless its signed by their private key and you have carefully checked that you have the right public key. Do not still trust it fully – keys can be stolen.