Incognito, noun:

1. One unknown or in disguise, or under an assumed character or name.
2. The assumption of disguise or of a feigned character; the state of being in disguise or not recognized.

Incognito is an open source LiveDistro based on Gentoo Linux assisting you to securely and anonymously use the Internet almost anywhere you go, e.g. your home, work, university, favourite Internet café or local library. Incognito can be used from either a CD or a USB drive and has several Internet applications (Web browser, IRC client, Mail client, Instant messenger, etc.) pre-configured with security in mind, and all Internet traffic will be anonymized. To use it, you simply insert the CD or USB that you have installed Incognito on in a computer and restart it. Incognito should then start as an independent operating system instead of Microsoft Windows or whatever operating system that is installed on the computer. It is also possible to run Incognito as a guest operating system inside Microsoft Windows by simply inserting the media while Windows is running which should present you with a menu.

Incognito is Free Software released under the GNU/GPL (version 2).

In case you did not know, we currently find ourselves in a state of steady decline of our freedoms and privacy, with increasing levels of mass surveillance and repression all over the world (see this report from Privacy International). Without taking any precautions, your Internet service provider, the state, the police and global surveillance systems like ECHELON (which is not a conspiracy theory; see this report from the European Parliament) can record what you do online: what you read, what you write and who you communicate with. This is possible since all messages sent over the Internet contain the IP addresses of both the sender and receiver, much like an ordinary mail sent through the postal system contain addresses of both sender and receiver for two-way communication. IP addresses can easily be traced back to the physical location of the computers and their owners, and from that ultimately back to you. If you do not mind this fact, then more power to you, but if you do mind, then Incognito might be just what you need.

First of all, true anonymity is impossible. Given enough resources an attacker will get you. What one can do is to make the cost of doing that so high that it becomes infeasable. Incognito tries to do this by sending all your Internet traffic through the Tor™ network which makes your Internet traffic very hard to trace. So if someone tries to trace you when you are using Incognito, the trail will stop somewhere in Tor network with the IP address of some of its participants, not your. Similarly, if someone tried to see where you ultimately want to send your traffic, they will only reach as far as some computer in the Tor network. In fact, you will be the only one knowing exactly what is going on – not even the computers in the Tor network that you send your traffic through will know the whole picture!

As at least a rudimentary understanding of Tor currently is essential for using it securely (and knowing its limits) we strongly recommend reading the Tor overview and Understanding and Using Tor - An Introduction for the Layman. Also see the note about common misconceptions about the service offered by the Tor software below.

• Common Internet applications pre-configured for anonymous use.
  
• Transparent network filtering which anonymizes all Internet traffic by automatically relaying them through the Tor network (TCP only, though).
• Compatibility with most modern computer hardware based on Intel technology (otherwise please consider sending a bug report to help us further improve Incognito).
• Ability to run from USB with persistent user settings and file storage, with optional password protected encryption, including TrueCrypt hidden volumes for plausible deniability.
• Publish web sites anonymously as Tor Hidden Services when running from USB with persistent file storage.
• Virtualization through QEMU and VMware (Virtual Appliance available in the download section) - run Incognito inside another operating system. Incognito ships with QEMU for Microsoft Windows so you only have to insert the CD or USB into a computer running Windows and Incognito should start automatically.
• Anonymous email with Mixminion.
• Option to randomize your network cards' MAC addresses when connected to untrusted networks.
• Secure deletion of system memory content on shut down to prevent forensic analysis.
• Except for some drivers (which should be OK) all software used by Incognito, including Incognito itself, is open source software and thus open for inspection for bugs, backdoors and bad design features unlike most proprietary software.

As Incognito relies heavily on the services offered by the Tor network, and there are many misconceptions about what kind of security it offers, we would like to warn you about the following:

By relaying your Internet traffic through the Tor network (which Incognito does per default) your communications should only be considered to be untraceable back to the computer you use, not encrypted or in any other way hidden. While the traffic is encrypted when it leaves your computer and when you get back your responses, it will not be so when sent between the Tor network and your destination (this is unavoidable for technical reasons). This means that an eavesdropper at some later point will be able see your traffic without Tor's encryption, but will not be able to link it back to your computer.

As such, if you are sending or receiving sensitive data whose disclosure would be damaging in itself even if it is untraceable, you need to use end-to-end encryption to hide the meaning of your data to everyone except the recipient. Examples of such sensitive information that you need to protect in this way are your real identity or other personal information linkable to you, login details and passwords, bank account or financial details, anything illegal or political, and secrets in general.

There are several tools bundled with Incognito offering end-to-end encryption for various applications: GnuPG provides with encryption for email, OTR is for instant messaging (MSN, ICQ, IRC etc.) among others. Also, bear in mind that while web browsing on sites for whom the addresses begin with "http://" the connections are not encrypted. However, web sites whose addresses start with "https://" (notice the additional s) use encrypted connections and are thus secure (many web browsers, including Firefox, also display a lock or a similar symbol in the address field or status bar indicating that the connection is secure).

Furthermore, some applications have features and services that may compromise the anonymity offered by the Tor network. All modern web browsers, such as Firefox, support JavaScript, Adobe Flash, Cookies and other services which have been shown to be able to defeat the anonymity provided by the Tor network. For instance, a web page using JavaScript can make your web browser send your real IP address to the web server hosting the web page which possibly can disclose it not only to the web server's owner but also eavesdroppers that happen to fetch the message when it is sent between the Tor network and the web server. Even if most web pages using JavaScript do not do this, it is important to be very cautious when determining which sites you allow to use these extra features. When running Firefox in Incognito all such features are handled by an extension called Torbutton which does all sorts of things to prevent the above type of attacks. But that comes at a price – since this will disable some functionality, certain sites might not work as intended.

The Tor™ trademark and the Tor Onion Logo are trademarks of The Tor Project.