Tag Archives: proxy

Resources for being Anonymous on Internet

Resources for being Anonymous on Internet

In this text i will present some of the many different solutions available to those who wish to become anonymous on the internet as well as their strengths and drawbacks.

Proxy

In short proxy is a service that does the work for you.

Example: Let’s say that you want to access a webpage. You then configure your browser to use this proxy. The browser connects to it and tells it what page you want to access. The proxy then goes out and fetches that page and sends it back to your browser.

Proxy Concept

Pro

  • If the proxy is configured correctly it can provide you with anonymity.
  • It can filter out bad code, cookies, words and even check for malware.
  • It is possible to bypass local censorship of the internet.
  • It is possible to bypass Geo-blocking of internet.
  • Bypass any blocking of Skype etc.

Con

  • If the proxy does not remove code such as JavaScript your true IP can be revealed.
  • Free proxies are few and often change. Most of them are wrongly configured company proxies being abused.
  • DNS leaks is almost always the case.
  • Information could be logged to and on the proxy.
  • Many of the free web based proxy services are logged which means that you might as well do without unless trying to avoid Geo-blocking.
  • The browser, and all other applications using internet, needs to be configured correctly in order to remain anonymous.

Best used for: Hiding IP, Geo-blocking

VPN

A VPN works by encrypting the traffic between you and the VPN server. All traffic between you and the server is hidden from outside prying eyes. The connection between the VPN server and, for example, web server is normal traffic. The web server only see the VPN server connecting to it and not you. Green line on the picture below marks encrypted traffic. Make sure you use OpenVPN rather than PPTP.

VPN dns

Pro

  • The whole internet connection and all the applications using internet are protected. In other words, there is no need to configure the applications separately.
  • Pretty simple setup.
  • It is possible to bypass local censorship of the internet.
  • It is possible to bypass Geo-blocking of internet.

Con

  • DNS leaks may occur if the client is not programmed correctly.
  • Most, if not all, American providers of VPN are forced to log, parts or, all traffic. Some providers say they do not log but in fact have to by law. Sweden is one of few countries in where the VPN providers are not required by law to log.
  • You have to be VERY CAREFUL in selecting your provider.
  • The browser, its add-on, or other applications using internet, might still reveal information about you.

Best for: Hiding IP, Geo-blocking

Our recommended VPN providers: Check back soon
Read more about VPN here: How VPN works in many words

Darknet

In general terms a darknet is a VPN where you have to know, and trust, at least one other person be granted access. Darknet is sometimes referred to as Friend-to-Friend (F2F) or, and perhaps more often as, Peer to Peer (P2P).

Tor

Tor was previously an acronym for The Onion Router. Just like Shrek, and other ogres, it has layers. In the case of Tor it has layers of encryptions to anonymize communication. The whole network is built up on thousands of computers and relays on the internet. Most of them are from volunteers. As you might remember from the article “Being anonymous on internet” (http://paranoidmind.com/anonymous-internet/) the TCP/IP traffic takes a direct, and fastest, route on Internet from its source to its target. Tor network tries to take a very crooked route. For example it might connect you from Sweden to USA to Thailand to Australia before connecting to the target server in the Netherlands. Through Tor you can access both normal internet sites and hidden services only accessible though Tor (or specific proxies). The nodes only know of the previous and next node. They do not know where the package came from or where it is going. Only the first and last node knows this. In order to hide your own traffic even more you can elect to be a node, as well as a client, and thereby make it harder for the next node to know if it is your traffic or if it is traffic that you are relaying.

The domain names of hidden services often end with .onion. For example: http://idnxcnkne4qt76tg.onion/

Example: You want to access a webpage. You connect to the tor network. Tor client tries to create a circuit by contacting a chain of nodes and shares separate encryption keys with each node. When this is done the request is encrypted and sent to the first node. That node encrypts it again and sends the double encrypted to the next node. That, in turn, encrypts it again and sends it to a third node. The third node decrypts everything and the request and sends it to the server. The server responds to the third node that encrypts the reply and it goes back the same way it came. When it reaches your computer it is decrypted and presented to you.

Tor Path

Pro

  • The final destination does only know the last nodes IP not the source.
  • The nodes only know the previous and next nodes IP not the source or destination.
  • The anonymity is pretty good.
  • Easy to use and set up.
  • It is possible to bypass local censorship of the internet.
  • It is possible to bypass Geo-blocking of internet.
  • If you set your client as a relay your traffic will be hidden amongst others.

Con

  • If there are faults it is at the client and server end.*
  • The browser needs to be configured correctly in order to remain anonymous.
  • Slow!

Best used for: Hiding IP, Geo-blocking, Information sharing

If you decide to use Tor I suggest the Tor Browser Bundle. It works on Windows, Apple OS X, GNU/Linux and Android. It contains a modified version of Firefox ESR (browser), Tor (Vidalia) and Torbutton. Read more about, and download it here.

Don’t forget to disable JavaScript in the modified Firefox that comes with the bundle or press the Torbutton.

* FBI, with the help of their arch enemies Anonymous, managed to track down many pedophiles on Tor network because of a security flaw in one of the hidden services. This flaw was exploited and a script was implanted which reviled the true IP of the source clients. This flaw brought down an entire network of pedophiles; both providers and users of child pornography. It should be noted that it was not a flaw with Tor and its setup but rather with the server providing the child pornography. Also, the clients used to connect to the server were not sufficiently configured.

Freenet

The thought behind this darknet is not as much as hiding the IP-address as Tor is but more share information and sharing it anonymously. The information is not stored at a central location but rather being spread out amongst several clients (nodes). If one client goes down there is always another place where the information is stored and can be accessed. Not only can the same information be in many nodes at once, the information can also be divided up and distributed to many different nodes.

Freenet only allows you to communicate within Freenet. In other words you cannot use Freenet to access paranoidmind.com unless I, or anyone else, put it up there. In order to find things on Freenet you either have to know the address (key) or you have to use any of the special “search engines” available. You can access forums, web pages, information, even send emails, chat, and more within the Freenet. Freenet could be seen as a separate internet within internet.

Example: A requests to information is sent from A to B (1). B sends the request to C (2). C does not have it and don’t know anyone else so it sends a fail to B (3). B Asks E (4) who in turn asks F (5). F doesn’t know so many others so it asks B (6) who sends back a fail (7). F then considers the request failed and sends the fail back to E (8). E then asks D (9). D has it and sends the data to E (10) who sends it to B (11) who, at last, sends it to A (12).

Freenet Request Sequence

You can set up your client to save information (data) on your computer. That way you might have much faster access to data you want and need. The data will be downloaded and saved in encrypted containers on your hard drive. The information you surf to will be mixed with random downloaded data. That way the specific data you requested cannot be singled out. It is, however, still recommended that the entire drive or partition holding Freenet is encrypted. For disk encryption, like all other security focused products, we recommend open source such as Truecrypt. We will talk more about security and open source software in another post.

Freenet comes in two modes: Darknet and opennet. In darknet mode you have to know and trust the person you connect to in order to get initial information. Your information will not be passed on through the chains of nodes. You will only have access to the nodes that you know and trust. The opennet mode lets you connect to the network through any of its users, and they through you. Needless to say: Darknet mode is much more anonymous than opennet.

Pro

  • Anonymity not dependent on browser vulnerability.
  • The data stored and accessed are not centralized but distributed.
  • You are very protected if you connected to Freenet in the darknet mode.
  • Fast access to the information that you frequently access.
  • Only a few, theoretical, flaws in the design.
  • No DNS leaks.

Con

  • Difficult for the average user to set up in an optimal way.
  • Slow! At times access to data is extremely slow (if the information is not cached).
  • If information has not been accessed in a long time it can actually disappear from Freenet.
  • Freenet takes a, relatively, long time to start up which means that it is best if Freenet is turned on 24/7.
  • No access to “normal” internet.

Best used for: Information sharing

Instructions and software can be found on the Freenet Project homepage.

Conclusion

Even though there are many ways to become, and remain, anonymous on internet it is much about WHY you want to be anonymous. If it is about sharing information then some methods are better than others. If it is to prevent that your government snoops in on your habits then there are other ways. If it is to avoid being blocked to webpages because you are in a country and your government does not want you to go there, or companies don’t want people in your country to see a video clip or information, then another method is more valid. Regardless of what method you choose, and you might choose several, the weakness is often in the browser or at the server. Make sure that your browser, or other application, is protected by using the method you choose. In other words, even though you use a method that, in theory, is secure it is not a replacement for knowledge.

Copyrights
All rights to the image describing how Tor works belongs to The Tor Project, Inc.. I have made minor modifications.
All rights to the image describing how Freenet works belongs to Freenet Project.

 

Being anonymous on the Internet

How to be anonymous on the Internet

When I am out talking to people or companies’, one question is more frequently asked than others. This question is, or related to, being anonymous/incognito online. Usually I only have the time to give a short and sweet answer. But there is so much more than just using a simple solution. You should also know WHY you need to use it and in general HOW it works and WHAT it protects. If you don’t understand how internet and your system work you might make mistakes on the way, the whole effort to remain anonymous will have been in vain.

This article series is not meant to give detailed knowledge about everything internet related. I will not go into the lower layers of the TCP/IP packet or explain the inner workings of encryption. My goal is to give an overall view of how the internet works and how we can change the way we are being tracked and listened in on. Another, and perhaps more, challenging goal is to keep it simple.

Background

What is internet?

It feels strange for me to explain what internet is and how it is built up. I have been using it since the early 90s and for me it is obvious how it is built up and how it works. But it seems that many people today are, more or less, clueless to this fact. The lack of knowledge is of no fault of their own. It is a part of human nature. If it works then why question it? It is like the rocket engine for me. I know what it is for and how it, in general, works. But I have no clue to the details and the inner workings of a rocket engine. To me there are too many pipes for its own good. Let’s face it: rocket scientists are just glorified plumbers.

In this part I want us all to get the same understanding of how internet works and we get the same reference point when the more technical language makes its appearance later on in the text. I will take up what I consider being the most important points. The rocket fuel and jet nozzle if you will.

In the most basic and simplest terms internet is a bunch of computers connected to each other in a network. These computers can be personal computers (PC), servers and/or phones. I want to make sure that you are aware that when I speak of PC in this text it includes ALL kinds of computers; everything from smartphone, Windows, Linux systems, UNIX systems and Apple etcetera. In other words everything that connects to internet and connects to other computers/servers. The difference between a PC and a server is that the server has something to offer and is meant to provide the PC with information or a service. Examples of this could be a web page, text document, movie, and music or telephone services. In the image below we can see a PC, internet and a server. Internet is often shown as a cloud. It is because internet is considered to be something hard to define, diffuse, abstract and many different parts in between the personal computer and server; as you will see in later parts of this article. We will use this traditional way of drawing internet but we will continue to add and subtract things from it but this is the template of which we start.

Basic Internet SetupTCP/IP

Transmission Control Protocol/Internet Protocol or TCP/IP for short is an agreed way for computers to talk to each other. One could say that this is the foundation language the computers share. They wrap information in neat little digital packages and send them back and forward. The packages are a collection of different data. For example a web page would be many small packages that are packaged by the server and then sent to the PC who opens them and present the information to the screen. A text document saying “Hello! How are you doing?” might be divided up into several of such packages. In the first it says “Hello! How ” and the next would be “are you doi” and the last “ng?”. The PC then puts it all back together for you and shows it on your screen or saves it in a file for future reading.

IP-address – This is needed for the computers to be able to find each other. You could see it as a telephone number. It is divided up into 4 clusters of numbers separated by a dot. For example: 192.168.1.10. Theoretically the IP-address can range between 1.0.0.0 up to 255.255.255.255. Without complicating it further with sub nets and other technical definitions. Every PC or servers connected to the Internet have a, in some way a, unique IP-address.

There are basically two ways the computer and server can send information.

Transmission Control Protocol (TCP) – The PC and server connects to each other and keeps the connection alive for future connections. They keep track of the packages sent back and forward making sure they arrive safely.

User Diagram Protocol (UDP) – The PC or the server sends a package (or many packages) not caring whether or not the package arrived. This makes the transmission faster but less stable.

Technical devices

I want to apologize in advance for even bringing this topic up but it is needed in order to explain the whole concept of anonymity.

Switch – This device is used to connect many different computers or networks together. This is needed for the packages to be re-routed to its destination.

Router – It has almost the same function as a switch but it forwards the packages rather than re-route them. They often also contain different functions or features such as for example firewall or Wi-Fi functionality.

Backbone network (Backbone) – These are the cables (highway) that binds WAN or LAN networks together.

LAN – Local Area Network. This is a local network. The network inside your home or company could be called LAN.

WAN – Wide Area Network. This is a network that covers a broad area for example an metropolis or internet itself.

Firewall – This device or function is used to prevent unauthorized access to the LAN (see below) from the WAN (see above).

Port – When a connection between the server and PC is established it uses a port. These ports can be seen as the extension number of the telephone number. For example if you call a larger company you, sometimes, have to ask for an extension before you reach the correct person. A port can be between 1 up to 65535. There are some standards to this. Worth mentioning here is http which is port 80. When you then surf to http://paranoidmind.com then you get connected to port 80 by default.

DNS – Translates domain names to IP-addresses. Since us humans rather use names and letters than numbers, besides being easier to remember, the DNS lets us write letters instead of numbers when we want to reach a website. The name paranoidmind.com is automatically sent to a DNS and translated into numbers. These numbers are then sent to your computer who contacts the IP-address. This process is called a DNS lookup.

DNS lookup – see above.

Encryption – A mathematical formula is used to hide the real data. For example, let’s use the above text of “Hello! How are you?” The encrypted packages might then look as follows. First package says “Sfj3f#jf3%” and the next would be “ERRFjfe93jdfj3f” and the last “f35ofjsldFeo34u”.

Decryption – It is reversing the above encryption back to its original state.

The typical setup at home, or at a company, is that the PC is connected to a switch or a router. The firewall could be built into the router or as a separate device. This in turn is connected to internet.

typ1

The typical setup for the server is that the internet is connected to a firewall which in turn is connected to a server.

typ2

If we then put them together we get the typical communication on the internet.

Basic Internet with firewalls

If you use a command to follow the packages on their way from your computer to the server you can see all the different routers and switches that it passes on its way to its goal and how fast it goes.

tracert1

On the image shown above you can see that I opened a command prompt and ran the commando tracert -d paranoidmind.com

In the table we can then find out (reading left to right) what hop it is (the number) and the time it takes for a package to reach that hop and back to my computer. The reason why there are three times on each row is because a package is sent and timed three times. The last is the IP-address of the hop. The stars at the end show that the packages disappeared. Most likely because the firewall on the other end was instructed to drop the packages without giving a reply. The first (1) IP-address is the internal IP-address of my router/firewall. The next number (2) is the first switch of my internet provider. 3 is the second switch and so on until we reach the last switch (8) before the firewall of the webserver (see image below). This means that 7 switches now have logged that we were trying to reach the webserver. They often log everything that goes on in case the police, or others, want that information. It should also be said that the package does not travel the shortest distance. They travel the fastest route. If, for example, you sit in Germany and trying to access a webpage in Spain, then the packet might be re-routed through Sweden and Denmark or even USA if that route is considered the fastest. Instead of the shortest this, in this case, would be through France.

One more step

Unfortunately things are rarely this simple. If you visit a page on the internet you will contact, not only that page, but also other pages. Let’s say that you visit news site A called NewsA. Imbedded in the webpage there are often codes that are being loaded from, for example, Google. There are also ads on this site. These are collected from ad agency 1, 2 and 3. Then they probably also have tracking from external sources. This so that they can present articles many read and aimed advertisement connected to the articles. These come from Tracker a1 and a2. Of course there could be many more sources connected to one page. But in our example we keep it simple. If we calculate all the ad agencies, script providers, pages and trackers we quickly see that instead of connecting to 1 IP-address (NewsA), we have connected to 7 IP-addresses. If we add the number of switches, as we used above with the hops, and we make the presumption that we always have 7 hops to the target server, we now know that at least 49 machines know exactly what we are doing at that particular web site and that one page. Every page we then click we get tracked by 49 different machines and with every ad or image from an external source give another connection to another IP-address which in turn will log your visit. If you would do the same calculation on a web site that provides erotic entertainment you could double or even triple that number. Not counting the governmental surveillance.Real Internet Connection

What information is collected and saved?

It depends on the laws on the specific country, the tracker, ad agency and the page you visit. Many times it is IP-address, date, time, what page you were on just before coming there, what link you clicked, how long you stayed, what browser you used, what operating system you use, what resolution you have on your screen and so on. Out of all this information the most important is the IP-address. As you remember from above, that is what is unique in all of the information. All other information that is collected is then associated with this IP-address.

These are the “safe” and “good” guys. Just imagine what information you would give away if you visited a page with less than honorable intentions. And imagine how many servers collect your everyday habits and your none-habits.

Alternatives (the good stuff)

Proxy – A proxy is as it sounds. It is a server that stands between you and the web page you want to reach. This means that the web server you are trying to reach logs the proxy servers IP-address instead of yours. There are many different kinds of proxies such as transparent, SOCKS, HTTP and so on. The security for you is all dependent on what kind of proxy you choose. To know what kind of security the proxy has you really need to do your homework on the specific server. You also need to be aware that you will have to configure every applications individually in order to use the proxy. For every application to remain anonymous it needs to use the proxy in the same way as the browser. Some proxies encrypt the packages from you to itself. Some do not. If they don’t then the switches on the way to the proxy still record everything you see and do. If you are lucky then the web server still believes it is the proxy visiting. But that is really not that secure.

Unfortunately many proxies log your IP-address and what page you were trying to reach through it’s system which just means that using that proxy has nothing to do with security. Then a proxy would only be used to access web services that are blocked to your location.Proxy function

There is also the DNS lookups to be taken into account. Different proxy services treat DNS lookups differently. Some do it for you and others let you do it. If the proxy lets you do it it is called a DNS leak. Then information on where you want to go are leaked and connected directly to your IP-address instead of the proxy. If this happens then it really doesn’t matter if you use a proxy or not since it is known where you are, what you visit and then matching the timestamps of your DNS lookup with a specific visit on the log on the web server will be a small matter.

Often the Proxy cannot handle TCP connections but instead uses UDP. However, there are different ways around that but that is another story.

DNS Leak

VPN

I am not even going to try and hide that I think that VPN is a superior solution when it comes to anonymity online. But I want to be perfectly clear that it all depends on what VPN provider you choose.

VPN stands for Virtual Private Network and is a way to connect securely between, at least, two points. If you choose a good VPN provider it is fully encrypted, fast and very secure. On the image I will introduce a VPN and also a line showing encryption. The green line is illustrating encryption in this image.

VPN Illustration

We can see that the packages are encrypted on the user’s PC and are kept encrypted all the way to the VPN server. There it is decrypted and sent to the web server. The switches between you and the VPN server can only see that you are communicating with the VPN. They cannot see your final destination or what you are doing. Only THAT you are communicating. Let’s say that you start an application that connects to internet, for whatever reason, you don’t have to configure it to use the VPN. The route out on internet is all handled automatically. The application will, in other words, take the same route to internet as your web browser. So it really doesn’t matter what you do on internet or what application you use, what web service you use. All your traffic will stay anonymous from prying eyes. If your computer does a DNS request it will also be encrypted and sent through the VPN.VPN dns

Every time you start the VPN client on your computer you will get a new IP-address. This means that even if the web servers and trackers are saving information it will not be valid the next time you visit.

Applications that use internet

Browsers

Now that our connection to internet is secure the only weakness is our browser (and other applications on the PC).

Cookies – On the web browser there is saved small text documents called cookies. These save information about what we do on the webpage. Sometimes these cookies are used for legitimate reasons. For example keeping track on what you put in your shopping cart so that you have the right items and right number of items when you check out. Another example could be a web page where you log in to be social or pay bills. They need a cookie in your browser in order to keep you logged in or else you would have to log in on every new page you visit.

Cookies are also used for advertisement reasons. Keeping track on what links you click and then they can present you with targeted advertisement.

Scripts – Scripts are small pieces of code that is mostly used on webpages in order to make them more usable and interactive.

Some dishonest web pages use this feature of code in order to harm your computer, steal information or plant virus or malware on your computer.

The VPN (or PROXY) does not protect you from going in on the wrong pages. It does not protect you from cookies, scripts or any faults in your operating system. It does, if used in a correct way, protect you from surveillance and prying eyes. It keeps your habits private and is not a substitution for knowledge and/or bad habits.

I will be reviewing different VPN providers and i will also go in deeper into the world on the VPN in another article. Check back at a later date. I am in the process of trying them out as i write this document.

Read more about Proxy, VPN and Darknet such as Tor and Freenet here.

In all fairness, if rocket scientists are glorified plumbers. Then I am a glorified typewriter user.

If there are any questions or comments you are welcome to e-mail us. Perhaps a topic you would like explained or if you find faults in my explanations.