Usenet Applications
Usenet NNTP, News Reader, alt.anonymous.messages
Introduction[edit]
Interesting parts of Usenet other than discussion, include alt.anonymous.messages, Nym servers and Nym server URL Retrieval.
alt.anonymous.messages[edit]
alt.anonymous.messages is a public newsgroups supposed to be used to post encrypted and anonymous messages. Getting anonymity and encrypting the messages is up to the user.
It may sound like a disadvantage, but it is an advantage. In comparison, you can never know how many people are using an e-mail provider. Posting in alt.anonymous.messages everyone knows which messages got posted when, but when done right, no one knows who posted a message and what the content of the message is.
Do not use a web service to read individual messages in alt.anonymous.messages. Use an NNTP client (such as Thunderbird). Subscribe to the whole newsgroup and download all messages including headers.
Using alt.anonymous.messages could be suspicious by itself, but if you do it right, your adversary may not even know, that you are using it. Since the use of remailer is tunneled through Tor, no one should know, that you are aware of the existence of the remailer network at all. There are currently no known functional retailers.
Further information:
If you are serious about using it, you should study the work of De-Anonymizing Alt.Anonymous.Messages so you can prevent doing that same mistakes.
- https://ritter.vg/blog-deanonymizing_amm.html
- https://ritter.vg/p/AAM-defcon13.pdf
- https://www.youtube.com/watch?v=_Tj6c2Ikq_E (w)
News Reader[edit]
You can read news groups either using an NNTP client, such as Thunderbird or an online reader such as Google Groups. Posting to Usenet using Google Groups is not recommended, it is (almost) impossible or at least very difficult to create an anonymous google account, which is required for posting, because Google requires Tor users to use mobile phone verification, which is not available for anonymous users. Google bans sms to web services as well. I don't know if there are other online hosted NNTP readers, which allow posting for Tor users.
Discussion[edit]
Quoted from Usenet Wikipedia [1]: "Usenet is a worldwide distributed Internet discussion system." The Wikipedia article is worth reading as an introduction.
There are binary groups and non-binary groups. Whonix itself doesn't restrict access to any of those groups. However, the Tor network is banned by some NNTP servers. Binary groups are not covered here, it will be very unlikely to find a free open NNTP server, allowing access to binary groups.
News Reader[edit]
You can read news groups either using an NNTP client, such as Thunderbird or an online reader such as Google Groups. Posting to Usenet using Google Groups is not recommended, it is (almost) impossible or at least very difficult to create an anonymous google account, which is required for posting, because Google requires Tor users to use mobile phone verification, which is not available for anonymous users. Google bans sms to web services as well. I don't know if there are other online hosted NNTP readers, which allow posting for Tor users.
NNTP Server[edit]
An open news server is defined as allowing access to all news discussion groups.
It is difficult to find a free NNTP server even for discussion groups. And no, we are not looking for a trial. Use search terms like "free NNTP server". The nyx.net list may be worth checking, I didn't try any of the servers which require registration. Ideally, the news server supports SSL and does not require registration, such as aioe or is available as an onion service. I haven't found any news servers hosted as onion service, they were all down. While aioe allows reading news groups, it does not allow Tor users to post. I haven't found any open news server allowing Tor users to post. (Use Mixmaster over Tor, see above.)
I haven't got NNTPS (SSL encrypted connection to the NNTP server) to work. Maybe it is an upstream bug.
[2] This shouldn't be of too much concern. Everything posted to newsgroups is open to the public anyway. An encrypted connection to the NNTP server would only prevent Tor exit relays and their ISPs to tamper with the traffic, well, and login data (username and password) for password protected NNTP servers could get stolen. The NNTP server is untrusted in this threat model anyway.
Footnotes[edit]
We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!