Tuesday

Anonymous Surfing needs More than a Proxy

It's almost become synonymous on the net, proxies = anonymity, yet I'm afraid it's simply not true anonymous surfing can be assisted by using proxies, however it can also actually be impeded.

First of all let me tell you why I started looking seriously at products that allow you to surf anonymously. Well I work in the security profession, mainly designing secure windows infrastructures, so I am obviously interested in all security related subjects. Because of my job, I am well aware of the many risks to our data and identities as we surf online. There are lots of related posts on various security risks and issues on this blog, but the main reasons that made me actually start surfing anonymously are actually quite simple ones.    

The first is the security side, when you have actually seen fake wifi portals set up in hotels, you know the threat is very real, there are people actively harvesting personal details from everywhere and anywhere. Combine this with the reality that the vast majority of data you transmit is actually in readable text (HTTP is a clear text protocol). That's right completely clear, readable text. I can sit here in my house and see quite clearly every web site my neighbours visit on their open wifi portal. Just as I can see the data from fellow residents on most hotel WiFi networks, quite easily.

So my interest in anonymous surfing was probably fuelled by this knowledge, but unfortunately there is so much more. You see you may not be aware but because we surf mainly in clear text, this means that there is a complete accessible list of all your online activities in one place, your ISP. Now you may, or may not trust your ISP with securing this data (have you ever asked? ), but did you know that most governments in the West are ensuring that they have access to this data when required ? (and probably most governments already are if the truth be told)

In Europe there is already a directive called the European Data Directive which forces ISPs to maintain all their logs for up to two years. Most countries are actively supporting this, although there is hope that Sweden won't (good on you!)and possibly Germany, but alas some countries are even going further - the UK Government is among many who are planning central databases so that 'selected' agencies can access your surfing history easily from their desk (the main barrier at the moment seems to be the credit crunch!).

 In America the same, the NSA monitor and access ISP logs routinely, commonly not needing as much as a search warrant to check what you've been surfing. They know that sitting in your ISP is the most complete profile of a person and their activities that you could possibly get without their knowledge.

So I guess my two main reasons are protecting my data from hackers and criminals, plus the idea that the state can routinely  
monitor what I do on line, suddenly keeping your privacy becomes rather more important.

Of course if I lived in a country where I had reasons to be genuinely scared of my government, it would have even more importance.  But luckily I'm not quite in that position yet, although I do travel to these places.

There are of course a myriad of other reasons why people might want to surf anonymously. Here's a little list of side benefits you can get when you are completely anonymous online.

Some Anonymous Surfing Benefits

  1. You can access any media content you like, irrespective of country restrictions,  I can access Hulu, BBC, ABC, Pandora or any media station in the world wherever I am.
  2. I can bypass country censorship, for instance facebook and Youtube are blocked in many countries across the world.
  3. Nobody can monitor or block my internet access from whichever network I am using.
  4. I can bypass IP blocks whenever I need for instance forum restrictions.
But most of all I am safe, I am invisible online, no hackers or identity thieves can intercept my data and passwords.   I can surf wherever and whenever I want irrespective of my location, and nobody can monitor or block my access, and that includes the authorities.

Look for example at this screen from the software I use, it allows you to connect and tunnel through an internal work proxy, most anonymous proxies would fail to bypass an internal firewall in this situation - neat huh !


But of course there are many ways of achieving an anonymous surfing goal, most components can be put together yourself or by using a commercial product.  There are two main elements that must exist to maintain your privacy - firstly shielding your IP address with a proxy and then using encryption to actually protect the data you send and receive.   Without both these components you will not be secure, not even close and in some cases you'll be worse off than doing nothing.

So why the opening title of my post, do I warn against proxies? Well simply because when you use any proxy you are trusting the owner of that proxy with all your data, much like you do with your ISP. So think carefully, you're not going to stay anonymous online if the owner of that $2 .info domain with a home made proxy is scanning all your details for account, card numbers and passwords.

Proxies are essential to obscure your IP address but they must be extremely secure and in my opinion the logs should be deleted immediately, otherwise your just creating another log of your activities.  That is what I do to check any security program, it is my data, the owner of the proxy has no rights to hold, store or view this information at all.   Make sure you do this check.

There is much, much more to this subject and if you explore my blog, you'll find much more information on this subject which will hopefully be useful.  On this website you'll find I only recommend a program called Identity Cloaker, simply because out of all the commercial products I found it was the only one that provided complete security, was able to be used on a USB key (which is important to me as I often switch computers), had a network of fast proxies in countries across the world, deleted all my logs - but perhaps most importantly convinced me they were technically capable of running a network of highly secure proxies.

There are other products out there and indeed some good ones, but watch out for those that use free anonymous proxies, many are run by the identity thieves themselves!  Make sure any product you use protects your IP address using private, secure proxies and encrypts your connection (VPN, SSH or SSL tunnel), at the moment I haven't researched one as closely as Identity Cloaker but I know there are some good alternatives which I will review on this site shortly.

If you don't have the budget for something commercial, I can recommend TOR, it has it's problems and can make surfing a bit slow but it's a great concept, which we should all support, if you use it please donate what you can.  However you manage to secure your browsing and obtain anonymous surfing, remember to be especially careful with how the proxies are run and by whom.

Updated

0 comments: