- Automatically create end-to-end encrypted connections to random https sites
- Run it in the background 24/7 to generate cover traffic. This might make it more difficult to establish patterns with (active) surveillance about whether you are working on your system or not.
- Thwart (active) surveillance by making it more difficult to correlate network traffic usage with actual system usage
- Make it easy to generate cover traffic
- Make it fairly difficult to distinguish cover traffic from normal traffic
- Make it decently secure out of the box (caveat emptor)
- A script which connects to a random https website at a random 0-60 minute interval
- Only support SSL/TLS connections with strong crypto and forward secrecy
- All web data is deleted immediately
- Currently supports more then 2.500 https sites (import of Google Chrome HSTS list)
- The Tor Browser user agent is used when downloading website data
- Works with Tor and other proxies
- Simple tools are used to minimize the attack surface
- Curl or wget is used to fetch website data
- Optional: Tor is used to create anonymous connections
- Unix and Linux
- Consider the code to be public domain. If you or your jurisdiction do not accept that then consider the code to be released under Creative Commons 0 (CC0). If you or your jurisdiction do not accept that... well then settle for the MIT license. What we mean to say is that you are free to copy, modify and relicense the code by all means. But don't hold us liable for any damages incurred by using or abusing the software.
- Code which is copied from other projects remains under the original license.
- For increased security it is recommended to run it with a separate locked down user account.
- For maximum security it is recommended to run it on a dedicated device.
- For increased privacy it is recommended to use a VPN or a proxy like Tor.
- Some scripts support Tor out of the box. These scripts will use socksport 9050. If you already use Tor port 9050 for your normal web traffic and you want to separate that from Cover Traffic traffic then you should set the Cover Traffic scripts to use a different Tor socksport.
- Use the 'IsolateDestAddr' option with the Tor socksport for increased traffic isolation.
- Install git, curl and tor (or wget if your prefer wget over curl)
sudo apt-get update sudo apt-get install git curl tor
- Clone the git repository
git clone https://github.com/garlicgambit/cover-traffic.git
-
Run the script
cd cover-traffic ./traffic.sh
-
That's it
-
Run the script
cd cover-traffic ./traffic-non-tor.sh
-
That's it
How to automatically run Cover Traffic over Tor with cron every 30 minutes on a Debian/Ubuntu based linux distribution
-
Login as the user you want to run Cover Traffic with
-
Edit the crontab of this user (If you are asked to select an editor use nano)
crontab -e
-
Add the following line at the bottom of the crontab file (change username and location to the correct values)
0,30 * * * * /home/<username>/cover-traffic/traffic.sh &> /dev/null
-
Save the file and exit
-
That's it
How to automatically run Cover Traffic over Tor with cron every 30 minutes on a separate locked down user account on a Debian/Ubuntu based linux distribution
-
Create a locked down user account with the following command
sudo useradd --create-home --shell /usr/sbin/nologin <username>
Example with username exampleuser:
sudo useradd --create-home --shell /usr/sbin/nologin exampleuser
-
Copy the Cover Traffic files to the new user
sudo cp -r cover-traffic/ /home/<username>/
Example with username exampleuser:
sudo cp -r cover-traffic/ /home/exampleuser/
-
Set correct owner and file permissions on the folder and files
sudo chown -R <username>:<username> /home/<username>/cover-traffic sudo chmod 700 <username>:<username> /home/<username>/
Example with username exampleuser:
sudo chown -R exampleuser:exampleuser /home/exampleuser/cover-traffic sudo chmod 700 exampleuser:exampleuser /home/<username>/
-
Open the crontab of this user
sudo -u <username> crontab -e
Example with username exampleuser:
sudo -u exampleuser crontab -e
-
Add the following line at the bottom of the crontab file (change username and location to the correct values)
0,30 * * * * /home/<username>/cover-traffic/traffic.sh &> /dev/null
Example with username exampleuser:
0,30 * * * * /home/exampleuser/cover-traffic/traffic.sh &> /dev/null
-
Optional: Add strict firewall rules to this user account. A detailed explanation how to do this is currently beyond the scope of this document.
-
That's it
- This project is still in alpha phase.
- Use this project with caution, no guarantees that this will work in your situation.
- Every time your device connects to another device there is a chance of infection or compromise.
- Generating traffic at (random) intervals can also be a pattern.
Bitcoin: 14b5ztH1aCkCBxGD7ug5mmos83kuBoLwSp
Monero: 463DQj1ebHSWrsyuFTfHSTDaACx3WZtmMFMwb6QEX7asGyUBaRe2fHbhMchpZnaQ6XKXcHZLq8Vt1BRSLpbqdr283QinCRK