Numerous reviews of anonymity schemes that have recently appeared on the Internet pushed me to write this article. Below I am talking about various methods and ways to ensure anonymity on the web, simplifying many technical points. I divide anonymity into two parts:
Social anonymity - is what a person himself consciously or unconsciously shares and talks about on the Web.
Technical anonymity - when the de-anonymizing data leak is associated with hardware and\or software.
Today I want to focus on technical anonymity.
1) Proxy servers
Usually, when people talk about a proxy server, they mean something that acts as an intermediary between the client and the addressee. In terms of ensuring anonymity, proxy servers can be divided into the following groups:
HTTP (web) proxy servers. Such servers pass only HTTP traffic through themselves, adding data on the use of proxies to the transmitted traffic by default.
SOCKS proxy servers. Unlike HTTP proxy servers, SOCKS proxy transmits all the information without adding anything from itself. The SOCKS protocol lies within the session layer of the OSI model. It differs from high-level protocols like FTP, HTTP, etc. SOCKS can pass all traffic through itself, not just HTTP.
CGI proxies or “anonymizers”, which are essentially web servers with an input form where users can enter the URL address of the desired website. A CGI proxy, like any web server, can use HTTPS to protect the communication channel between itself and the client.
Pros of proxy servers:
Proxies are cheap, you can find many free proxies online.
Cons of proxy servers:
You have to trust the proxy server owner.
For HTTP proxy, you need to filter the HTTP headers: “HTTP_X_FORWARDED_FOR: client, ip1 ...” etc.
Proxy protocols (HTTP, SOCKS) do not support encryption. SSL proxy means only that the user can work with HTTPS websites.
You have to set up a proxy server for each application or use separate solutions like Proxifier.
2) VPN / SSH
Talking about VPNs, I also mean SSH tunnels. Despite some differences, their basic principle is the same.
There are several VPN protocols:
PPTP is the most popular one. It is fast, easily configured, but is considered the least secure compared to the others.
L2TP plus IPSec. L2TP provides transport, and IPSec is responsible for encryption. This bundle has stronger encryption than PPTP and is resistant to PPTP vulnerabilities. It also provides message integrity and allows authentication of involved participants.
OpenVPN is secure, open, and therefore widespread. It allows you to bypass many blocks but requires a separate software client.
SSTP is as secure as OpenVPN. It does not require a separate client. It supports user only authentication. SSTP does not support device authentication. SSTP is not intended to be used for site-to-site VPN tunnels but mostly for remote client access.
Practically all commercial VPN providers offer a choice of two protocols: OpenVPN and PPTP. Sometimes the proposed protocols include L2TP IPSec. Some also offer the SSTP protocol. More about VPN protocols you can read here.
We should also mention the services that provide Double VPN. Before you access the Internet, traffic passes 2 different VPN servers, in different countries. There are also Triple VPNs and more.
It is worth noting that the majority of VPN providers say they do not keep logs or if they keep logs, it is impossible to identify the subscriber. Of course, services whose main purpose is to ensure the anonymity of users cannot say other things but we know that a lot of VPNs were caught keeping logs and leaking users’ data.
Pros of VPN / SSH:
Fast and convenient, no need to configure applications separately.
Cons of VPN / SSH:
You have to trust the VPN / SSH server owners.
Tor is an “onion” system in which users connect to the Internet through a chain of nodes. As a rule, the chain consists of three nodes. Nodes do not know both the IP address of the user and the website he connects to. In addition, Tor encrypts data separately for each node, and open traffic is visible only to the exit node.
The traffic goes back in clear form, it gets encrypted with a temporary symmetric key and transmitted over the chain. Yes, the traffic itself is encrypted with symmetric keys, and these keys are already encrypted with asymmetric keys.
People criticize Tor because they demand too much: it should be safe to transfer traffic from any application to the network, protect from Big Brother, provide confidentiality of transmitted data, etc. In fact, Tor solves the main problem, it offers a rather high level of client anonymity when sending only HTTP traffic (if following all rules)
Pros of Tor:
High degree of anonymity.
Ease of use.
Cons of Tor:
Traffic on exit nodes can be monitored.
Availability of management servers.
I2P is an anonymous network running on top of the Internet. It has its own websites, forums, and other services. By its architecture, it is completely decentralized. IP addresses are not used.
I2P has two main concepts:
The tunnel which is a temporary unidirectional path through a list of nodes. Tunnels can be incoming and outgoing.
netDb which is a distributed database that consists of information about all I2P clients. Its purpose is to store information about how a client can connect to a specific website or another client.
NetDb database stores such info as:
RouterInfos - contact details of routers (nodes), used to build tunnels. They are actually cryptographic identifiers of each node.
LeaseSets - contact details of the addressees which are used to connect the outgoing and incoming tunnels.
I2P provides an option to access the Internet through special Outproxy. But these Outproxies are unofficial and, by a combination of factors, even worse than Tor exit nodes. I2P developers say: "If you want the Internet, use Tor."
Pros of I2P:
High degree of anonymity.
Decentralization that provides network stability.
Data security: end-to-end encryption between the client and the addressee.
Cons of I2P:
Its own Internet.
In fact, there are dozens of projects dedicated to anonymity (not counting browser add-ons and anonymity programs). Frankly speaking these less popular solutions not yet so popular, and, therefore, have not been studied by the expert community and their reliability is not known. For the time being, the most promising projects are:
A separate interesting example of anonymous networks are networks based on Wi-Fi. While with the traditional approach, the transport functions of any anonymous network are performed by the Internet, the use of wireless solutions allows achieving independence from Internet Service Providers. Here are some interesting projects:
Anonymity has no unambiguous threshold, after which you can relax. It is not possible to find a solution that provides 100% anonymity. Present day anonymous networks are working hard to make attacks more and more expensive for intruders. It is important to understand that the reliability of each anonymous network rests on such things as money and time that can be spent on its compromise. The technical part is only a small component of anonymity on the Internet.