The technique behind JonDo and Tor is the use of a proxy or set of proxy computers that sit between your computer and the internet website you wish to connect to. A proxy sounds just like what it is -- these computer stand in your stead and block a web server from seeing your IP. Each of these intermediate servers (there are generally three in a JOnDo cascade) is responsible for taking your request and data and routing thenm through to the next server in the cascade. The last server in the cascade forwards the request on to the recipient (e.g., www.assahola.com). So if I am running JonDo and I've picked a cascade that has servers in Britain, Germany and Spain my request is routed first to Britain, then Germany, then Spain before actually being sent on to google.com. Along the way my request is hidden by these three servers and my location and true IP are hidden from google (though to be truly anonymous I would be sure I am not currently logged into any google services like gmail -- in fact google, yahoo etc. are special cases that we should discuss more thoroughly at some point).

Each hop in the cascade replaces the IP address of the last link of the request, so my IP is replaced three times before it gets to google. If google wants to find out who I am, it would have to obtain info from the last proxy server in the cascade (Spain, the only one it knows about) about who forwarded the request to it, which is the second proxy server in Germany. Then it would need the info on the British proxy server from the Germans, and from them they might obtain my IP address (as the British server is the only one who knows my true IP). Its like one of those terror cells big brother loves to obsess on -- each only knows two others and hence can only give up those two. Now, I don't know the privacy laws in Britain and Spain, but I can find out if I want, and I can also find out what type of information the proxy servers in the cascade store. For example, German law requires that all communications between two IP addresses must be logged by the host, but not the contents of the request. If all three servers were in Germany, and google went to court there to get my identity, they could potentially get the information that I did in fact make the request to google, but not any search terms I used, etc. This is why its so important to have several different countries in a cascade. LE would have to go to each country in the cascade and navigate its privacy laws and courts to find my identity... all for little old me. Doesn't sound likely, and more importantly, it really means you won't be troubled by LE like in the overgrow incident. Foreign countries prefer not to be the subject of dragnet policing methods commenced by other countries (hell, even Canada can't give you up if your proxied through Britain, Germany and Spain). The best thing is to have at least one erver in the cascade that keeps no logs or records at all. This would mean I am even more unidentifiable as one broken link in the chain makes it much more difficult to chase the request back to its source. In fact it still may be done by linking up the requests by time of request, but not with the certainty of a chain of logged communications. In fact, this is why JonDo tells you how many users are currently online using the cascade you have chosen -- the more users on the cascade the harder it will be for LE to link your request back to you over a broken chain using the time of the request (time-overlapping requests from different users are more likely with more users).

So that is Jondo in a nutshell. How best to use JonDo to maintainyour privacy is the subject of the belowdiscussion. In order toexplain this as simply as possible I will describe an internetcommunication performedunsecurely, and then the same one donesecurely using JonDo.

Example (unsecure)
1. I go to google in chrome and type a search for 'hid grow bulbs'. Now google knows that my gateway IP performed this search, which it may log along with my gateway IP that identifies me via my ISP. (Also, if I am logged into any google service at the time of my search google will also have that information to pair with my IP.)

2. I click a link for one of the results, for example http://www.getmesomebudsquickorilldi...ghtingmain.htm, which sends getmesomebudsquickorilldie.com a request for its main lighting html page 'lightingmain.htm'. getmesomebudsquickorilldie now knows my gateway IP and if they are ever raided by law enforcement I can be identified via any logs they keep, along with the easy cooperation of my ISP. Then I go further and actually log into my getmesomebudsquickorilldie account using my account info with them. Now they don't even need my ISP to find out who I am. They have my account info (including my address) and its now linked to my IP, making LE's job that much easier.

Example (secure)
1. I run jondo and run firefox using the jondofox profile (or just configure my browser to use the jondo app as my proxy).

2. I go to google and type a search for 'hid grow bulbs'. The IP address that google logs for my search is the IP of the final server in the cascade, and as long as I am not logged into any google services I am currently anonymous.

3. I click a link for one of the results, for example http://www.getmesomebudsquickorilldi...ghtingmain.htm, which sends getmesomebudsquickorilldie.com a request for its main lighting html page 'lightingmain.htm'. getmesomebudsquickorilldie now also knows the IP of the last server in the cascade. If they are ever raided by law enforcement I am difficult to identify -- first because the http request appears to have come from, for example, Denmark, and two because if they even tried to find out who forwarded the request to the cascade's final server, it will just be another server in, for example, Germany. Then I go further and actually log into my getmesomebudsquickorilldie account using my account info with them. Obviously, if my getmesomebudsquickorilldie account lists my home address then I am not anonymous. That is why you never use your name/home address or any other identifying data in accounts for which you want to keep your identity free. If you have a grow in your house never ever order grow items using your address or credit card -- borrow one from a very good friend and use their address for the delivery.

So as you see, just using Jondo is not enough to keep yourself secure. If you are simply browsing and communicating on marijuana forums, its generally quite easy to use jondo and it keeps you very secure. Just make sure your account name does not idenfity you and you don't enter any personal info (like your main email address***) on your profile screen.

*** This point is key to email privacy -- if you want to use an email account that cannot be linked to you use an internet email provider such as , then CREATE and ACCESS the account only using jondo, never a regular internet connection. If you use an insecure connection just once to access the anonymous email account it can be linked to you. Email programs like outlook are inherently linkable to your IP so they should not be used for anonymous communication.


You may wonder how JonDo allows us to evade Echelon/TIA government snooping. The way it works is that, when we send a web request via jondo, the data that is sent from our computers to the first server in the cascade is encrypted, as is the communication from the first to the second and second to third servers. TIA may be powerful, but it cannot read 128-bit encrypted communications. However, the third server must unencrypt the request before forwarding it on to its destination as the website you are actually communication with would have no way to unencrypt the data. Since the third jondo server is outside the US, its a good bet the request will not flow through the filters of TIA UNLESS the destination website is hosted inside the US! However, even if the final unencrypted leg does flow through TIA, the data it scans appears to be coming from someone else, not you :-). Mwaha. Mwahaha. Mwahahahahahaaaaaaaaaaaaaaaaaaaa.


Okay, so I've laid out the basics, including a few solid links to help iron out some details. Please let me know if anyone has any questions, corrections, ideas, insights or anything even tangentially related to this subject that will enlighten and perhaps even mistify us. Here's to anonymity (and taking a huge hit)!

-LH