I want to record my screen while I talk, but I would like to distort my voice like they do in the anonymous videos, to retain my anonymity. How can I do that? I’d rather not use a TTS engine as it would be difficult to synchronize the sound with the video of the screen. I just want to distort my voice enough so that people close to me couldn’t tell it’s me, assuming they aren’t experts and manage to reverse the voice distortion. And how do I share the video online without leaking my IP?

And, in a not so private way, what about real time streaming? I’ve seen a person who changed his voice and image so that it seemed as if Rocket from Guardians of the Galaxy was talking to you.

  • Arthur BesseA
    link
    fedilink
    arrow-up
    5
    ·
    3 years ago

    It depends who you’re trying to hide from, and what their capabilities are.

    Here is a way that Tor or VPNs can fail you, even if you’re only trying to hide from an adversary much weaker than the NSA/GCHQ/etc.

    Suppose you simply want to hide your identity from your university (or perhaps a fellow student who works in the IT department there) when you upload a video from your dorm room - eg, using the university’s network. So, you use Tor or a VPN to upload to a peertube instance. For the sake of this scenario, lets say that the university is unable to convince the peertube instance operator to tell them the IP address where the video was uploaded from, so they don’t even know that Tor or a VPN was used. How could the university deanonymize you?

    By linking two pieces of information that they do have access to:

    1. They’ve seen the video, so they know its approximate filesize and they know the approximate time it was uploaded.

    2. They also most likely are retaining netflow data for all connections on their network.

    Netflow data is the number of bytes sent and received for each TCP or UDP 4-tuple (source and destination IP address and port number) in every time interval. The time resolution might be as high as sub-second or could be as low as 1 minute. But, even if it is very low resolution (like 1 minute), you’re probably the only person on the network who sent the approximate amount of data at the approximate time.

    Thinking about the above scenario might help you mentally model what you would need to do to resist stronger adversaries. An easy way to defeat the university adversary would be to not upload the video using their network. If you’re considering a state level adversary, you can’t really do that - they could be keeping netflow data (or even “full-take” - the content of all packets) at any ISP, and we know that they are at many (see XKeyscore, Tempora, etc).

    You could use some public wifi, but, where? Is there a CCTV camera at that cafe? Did you bring your phone, which is sharing your location with various advertising companies? Did you leave your phone at home, but suspiciously turned it off for the first time in a long time during the very hour the video was uploaded?

    Even for a single anonymous video publication, this is an extremely hard problem if you want to consider state-level adversaries. To maintain anonymity over time while continuing to publish under a persistent pseudonym is even harder. There are no easy answers. Hopefully the scenario above will help you in your threat modeling :)