Why? Cause I love…

freedom_of_speech-229px

  • …the freedom to speak freely. To anybody and about everything.
  • …the freedom to acquire and share knowledge. Of any kind.
  • …the freedom to interact with people. Regardless of their origin, religion or political affiliation.
  • …the freedom to exchange digital information.
  • …to fu** the idiots making money with the technical and economical weakness of other people.

And at least: It was my personal background that pushed me finally to setup and run that kind of service. From the technical point of view all that it is not complicated. From my personal point of view… sad world. I feel obliged morally. It is an act of civil disobedience – and – a technical solution for a political problem.

…so, what?

This service offers open, free and anonymous access to the Internet.

  1. It is open, cause it is not protected or regulated in any way. There are no restriction on how to use that connection. No accounts, logins, policies or anything else.
  2. It is free cause it is free of charge. No payments. Even if you use it all the time. Under heavy use maybe the bandwidth sucks. But you are free to setup your own system – and share it.
  3. It is anonymous. That is a result of 1 and 2. There is also no logging. The hardware addresses of the clients can be easily forged – and you should do that! So any kind of logging makes no sense at all. Be aware: the anonymous connection should not replace your brain. There is a ton of ways to figure out who you are. Act responsibly – protect your privacy.

How?

normal connection to the net

normal_flowNormally your connection to the Internet runs over the phone line / whatever-mobile-connection to your Internet service provider (ISP). This is a 1:1 connection and brings two big disadvantages:

  1. Your ISP knows the time, duration and address you use to communicate with services inside the web. Due to some funny laws (here in Germany – and in some other very free and democratic countries around the world) the ISP is forced to keep the log files about that connection informations.So if you do something someone dislikes – or someone would like to make some money with – a court could give the ISP the advice to handout the connection log to the… lets call them a*sh*l*s.
    Result: you are fu**ed.
  2. If someone would like to capture all of your traffic (cause maybe you choose the wrong religion, friends, color of your hair or the meal you had for lunch) he can use the endpoint of your connection at the ISP.Thats mostly done by the intelligences of (not only) repressive governments – cause its easy (there are ready to use interfaces for that kind of fu…n).

using a tunnel

To overcome the problem of the 1:1 connection, the service uses a connection to a country (eg. Sweden, Switzerland) that does not force the ISP to keep any log files. This connection – a so called tunnel – is used to run all the local traffic over. So virtually the traffic leaves the country behind the hot-spot and hits the Internet in some foreign country. By doing this, also the IP address is replaced by the address of the other end of the tunnel. The data running over the tunnel is encrypted – from one end to the other. So no-one who listens on the wire can get any useful information out of it – only scrambled garbage. That results in some benefits:

  1. The local ISP can keep his log files. He will only see encrypted traffic. Thats it.
  2. The local law is out of the game. No useful data – no traffic – nothing.
  3. Your local intelligence has to call the intelligences of some foreign country if they try to investigate on you.
  4. The called web-service only sees the IP address of the end of the tunnel. If there is no logging for that address, nobody can figure out who used that address in the past. And since the address belongs to an address pool of a foreign country your local business is out of work…

The drawback in times of prism and xkeyscore: if an attacker (on your privacy) has enough power to place taps/sniffing devices all over the world, it is still possible to track back the traffic by correlate the packets. To overcome this, you should use further anonymising techniques.
tunnel_flow_small

Free your packets!