Discussion of anonymity should not begin with the words proxy, Tor, or VPN, but with the task definition itself. Anonymously connecting to someone else’s server is one thing, anonymously raising your website is another, working anonymously on the internet is another and so on. And all these tasks are solved in different ways. This article is about the job of “working anonymously on the Internet as a user.”To make it easier, we divide the anonymity on the internet into two directions: “Social anonymity” deals with what a person consciously or unconsciously reveals about him/herself on the web. “Technical anonymity” is when the leak of deanonymizing data is associated with the used hardware and applications.
In this article, we’ll concentrate mostly on the technical part of the problem. Start FREE Intro to IT and Cybersecurity couse >>
A Little Bit about Proxy
Globally, when we talk about proxy
, it means something that acts as an intermediary between the client and the addressee.In terms of ensuring anonymity, proxy servers can be: HTTP (web) proxy servers. Such servers pass only HTTP traffic through themselves, by default adding proxy usage data to the transmitted traffic. SOCKS proxy servers. Unlike HTTP proxy servers, SOCKS transmits all information without adding anything from itself. The SOCKS protocol is at the session-level of the OSI model; this achieves independence from high-level protocols: HTTP, FTP, PORZ, etc., which allows SOCKS to pass all traffic through itself, not just HTTP. Separately, it is worth mentioning CGI-proxy. Also known as “anonymizers,” which are essentially a web-server with a form where the client enters the address of the desired site. After that, the requested page opens, but the address of the CGI proxy is visible in the browser’s address bar. A CGI proxy, like any web server, can use https to protect the communication channel between itself and the client. Advantages of Proxy: They are cheap or even free. You can easily find tons of them.
Disadvantages of Proxy: You have to trust them. Need to filter HTTP headers for Http proxy. Encryption supported not on all layers. Proxy chains are ineffective. It requires you to configure a proxy for each application.
As we can see – proxy is cheap/free and easy to find and use; however, they have far more disadvantages in comparison to VPN or SSH tunnels. We will describe VPNs and SSHs below.
Anonymity with VPN
VPN or Virtual Private Network2
is a vital privacy, security, and anti-censorship tool which acts as a secure tunnel between your device and the internet. A VPN can help you protect your online traffic from snooping, interference, and censorship.Currently, commercial providers offer the following VPN protocols: PPTP – used most widely, fast, easy to configure, but is considered the “least protected” compared to the others. L2TP + IPSec – L2TP provides transport, and IPSec which are responsible for encryption. This bundle has stronger encryption than PPTP, and it is resistant to PPTP vulnerabilities. Also, it ensures message integrity and proper party authentication. OpenVPN – safe, open, and therefore, common. It allows you to bypass many locks or limitations but requires a separate software client. SSTP – is as secure as OpenVPN and does not require a separate client.
Most commercial VPN providers offer a choice of two protocols: OpenVPN and PPTP. Less commonly, the proposed protocol L2TP + IPSec. And quite a few offer the protocol SSTP.We have to mention the services that provide “DoubleVPN,” when, before you access the internet, traffic passes two different VPN servers in different countries, or even “QuadVPN,” when four servers are used, which the user can select himself and place in any order.VPNs from providers like Avast or PrivateVPN, work by acting as a middleman between your computer or home network and the wider internet, offering an encrypted connection to and from a virtual server and private network. This essentially masks your machine or physical network’s actual IP address and can make it appear you’re browsing the internet from a completely different location.Before choosing any VPN provider, it can be useful to check their capabilities, functionality, prices, and maybe find some feedbacks or reviews, like in the case with Avast SecureLine VPN Review3.VPN providers were asked some questions: Do you keep logs that allow you or third parties to match the ip-address or timestamp with your client? If so, what data do you store? Under what jurisdiction does your company operate, and under what circumstances will you disclose the data to a third party? In case you receive a DMCA notification or its European equivalent, what will you do with it? What payment systems do you work with, and how are they related to user accounts? Summing up, it is worth noting that most VPN providers are unanimous in their answers: “Logs are not stored, and if they are stored their life time is very short; any way you cannot calculate the subscriber from them.” Of course, there are no other answers from services whose primary purpose is to ensure the anonymity of users. All other conclusions can be done on your own.VPN / SSH Pros: Quick and convenient; no need to separately configure applications.VPN / SSH Cons: You have to trust the VPN or SSH server/provider.
Few Words about TORA lot has been written and discussed about the TOR, but here let’s try to understand it more simply.The Tor project is a non-profit organization that conducts research and development into online privacy and anonymity. It is designed to stop people – including government agencies and corporations – learning your location or tracking your browsing habits.Technically – Tor is a router system in which a client connects to the internet through a chain of nodes. As a rule, the chain consists of at least three nodes; each node knows the addresses of the client and the resource. Also, Tor encrypts messages separately for each node, and open traffic is visible only to the exit node.Back traffic goes in clear text, at the exit node it is encrypted with a temporary symmetric key and transmitted via a chain. Yes, the traffic itself is encrypted with symmetric keys, and these keys are encrypted with asymmetric keys.People expect too much from the Tor, and because of this, it usually doesn’t match a user’s expectations. However, the main Tor objective is to solve the problem with its threat model: a rather high level of client anonymity when sending only http-traffic subject to all mandatory rules. You can read more on their official project page4.
ConclusionAs a conclusion, I would like to note that the anonymity of any user is the headache of the user himself. How you would like to solve this problem – whether that is resorting to the help of a paid service or trying to customize everything yourself, is the decision of the end user.As practice shows, there is anonymity in the network, but the edge is very thin. You can be deanonymized for your traffic, events, mistakes, or accounts from other resources. Be safe and anonymous!
References:1. https://en.wikipedia.org/wiki/Proxy_server2. https://en.wikipedia.org/wiki/Virtual_private_network3. https://cooltechzone.com/avast-free-vpn4. https://2019.www.torproject.org/docs/documentation.html.en
Start Learning Cyber Security with these FREE Courses: