[This page is a mirror of this original]
To many readers, I am certain that the need for privacy-enhancing Internet tools is already clear, but some may still be unsure of the necessity. The Internet is a highly redundant spider web- a network- of computers and interconnecting circuits allowing those computers to speak to each other; all computers can share the use of all circuits and pathways (admins should excuse the simplifications, please). In effect, everyone on the Internet is 'timesharing' the network, rather like a condo. With each user's data, and requests for data, racing higgledy-piggledy through the virtual pipelines, there must be some way to sort out the data, to determine where each bit should be going.
This is done through the wonders of packet switching. All data routing through the Internet is neatly bundled into 'packets', with each packet carefully labeled with a header that tells each router (a specialized computer on a network that sends data where it belongs) where each and every packet came from and where it is going. This is not terribly efficient in terms of bandwidth usage at any given moment; but it does give the Internet a degree of protective redundancy that allows it to withstand telecommunications disasters.
Unfortunately, from a privacy viewpoint, those packet headers can be disasters in themselves. If the routers can see where everything is going, as is proper, then so may some less innocuous snoop. Like Carnivore, or the not-so-fabled-any-longer Echelon. Or even... The website you are visiting.
When you 'visit' a website, in actuality, you send a request for data to the distant machine, the web server. That request must perforce include your Internet protocol (IP) return address; if the server does not know your IP address, it can hardly send you the data. Regrettably, what was once a technical necessity has turned into a marketing tool. Now servers commonly record visitors' IP addresses, along with lists of what they have downloaded. The server may plant cookies (a data record generated by a server and stored locally on your computer, usually consisting of a list of your site-specific preferences and visit history) on your machine or even read cookies left by other web servers, and build up a personal profile of your likes and dislikes. Consider that when you view a commercial bookseller site, you may be telling them that you also enjoy looking at pornography. Or, heavens forbid, freedom-related information. Servers may also be tracking 'referrals', or what sites you viewed before this one.
In a perfect world, addresses, cookies, and referrals all serve useful purposes. We do not live in a perfect world. Consider an example...
You are a person who is slowly awakening to political realities. You are probably a rational person, and intensely curious. Perhaps you have visited Doing Freedom! and read Mr. Spooner's article advocating the abandonment of the court system. Possibly you have also read material at Mr. Henson's site concerning tax avoidance. And being a fair-minded person, you may next go to a government site or two, to obtain the government's side of the stories.
How unfortunate. The U.S. Federal Trade Commission has issued supposed privacy protecting guidelines regarding the collection and usage of privacy data such as we are discussing. The U.S. federal government, led by the FTC itself, is one of the United States' worst violators of those very guidelines. If you visited The Wepin Store, Doing Freedom!, and then had the poor judgment to go to whitehouse.gov (whitehouse.com is more entertaining and no more morally objectionable)... Congratulations. The White House does track IPs, cookies, and referrals. Would anyone who does not believe that the Clinton White House (or Gore, or Bush... What does Florida say today?) would further their socialist agenda by tracking visitors with a history of interest in sovereign individuality please raise his hand?
And do you suppose Carnivore might be installed at your ISP this week?
What to do... ?
All is not lost. There are services that will help you protect your privacy on the Internet. Generally, these are called 'anonymizing services'. What they do is mask your IP address (and intercept cookies, et cetera) as you browse the web. How they accomplish this is somewhat more involved. Stripped to basics, these anonymizing services act as 'proxies' for your computer. When you request data (download a web page, for example), your request goes to the anon machine which records your request, then makes its own request for that data from the actual web server. The web server sees only the IP address of the proxy service, not yours. When the anon machine receives the data, it then passes it along to you. Anonymously.
Let us look more closely at three such services.
Possibly Anonymizer is the best known of these services; it was my own introduction to the world of automated web privacy. This company offers a graduated scale of services, from the most basic web site viewing (free) to anonymous modem dial ups ($229.99/year).
The free entry level service is a simple form on Anonymizer's site which allows you to enter a URL (Uniform resource Locator, a 'web address') directly and view that site through Anonymizer's network. True anonymous surfing is not available this way- if you click a link in your browser, your browser obtains the data directly from the host site, bypassing Anonymizer.
Basic surfing is available for $14.99/quarter or $49.99/year.
For $29.99/quarter-$109.99/year you may obtain the next level in privacy: Encryption. You will interface to the Anonymizer network utilizing SSL3 encryption, the same system used by most sensible commercial sites for online financial transactions; this is 128-bit encryption. Anonymizer will also provide you with 2 megabytes of web server space for your own web pages.
As mentioned before, dial-up service is available for $59.99/QTR-$229.99/YR. This combines the best of all worlds with IP masking, encryption, and the data transfer speed improvement offered by accessing Anonymizer's network directly, rather than relying upon a potentially congested Internet for access to the proxy service. This also eliminates a stage wherein your usage could be monitored by a third party.
Aside from the cost, which strikes me as higher than necessary (and likely to price Anonymizer out of the reach of many potential customers- Hey, Anonymizer: think volume pricing) a disadvantage of Anonymizer is the lack of Java support. Some days, it seems impossible to locate a commercial site which does not use Java; these sites will be crippled or even inaccessible via Anonymizer. While this does limit some of Anonymizer's usefulness, it can also protect you from hostile Java trojans.
Anonymizer will accept payment by Visa or Master Card (an option I advise against), or cash, check, or money order. They also accept one of my new favorites, E-Gold.
I rather imagine that Freedom will supplant Anonymizer in this area, if not already. It is much more affordable at a mere $49.95 per year.
For that price, Freedom provides you with much the same service as Anonymizer's pricey mid-level offering. You download special software which acts as a machine resident proxy, interfacing to the Freedom network, and browse mostly as normal.
Where Freedom differs from Anonymizer, is in the use of multiple 'nyms', or alternate personas. Your subscription entitles you to 5 nyms, which you can configure to specific needs. A nym used primarily for business might have a tailored profile giving some specifics of your professional specialty. A nym used for recreational purposes might give your sexual preference(s). And never would the two be cross-referenced. Nor will mail for one appear in the other's mailbox; thus avoiding embarrassing bouts with one's employer. Or spouse.
Since Freedom presents you with a display reminiscent of the adware-supported free ISPs (such as NetZero or BootBox), one might wonder if there could be any software conflicts between the two. Sadly, yes. Freedom is not compatible with such free ISPs that paste advertising bars over your screen. Nor is it useable with AOL (but then what is), Compuserve 2000 (a specific recent service offering from Compuserve, using AOL-style software). Freedom runs only under Windows 95/98 (and presumably ME) at this time; not Windows NT/2000.
Freedom accepts payment by credit card (tsk, tsk), cash, money order, or certified check. Perhaps they can be convinced to look into E-Gold.
IDzap may be the best compromise service for most readers. It does not require special software which might conflict with your present configuration or access type. If you have a browser, you can use it. And the basic price is right.
Alternatively, one may pay $15/QTR or $50/YR for some possibly desirable extras. In addition to SSL encryption (as with Freedom), you can have URL encryption.
While SSL protects data at an address from being viewed by an unauthorized third party, it does nothing to hide the fact that you have gone to that address. Carnivore, Echelon, or wives and bosses could be interested in what sites you like to visit. URL encryption hides even that. When you enter a URL, the address itself is encrypted, hiding it from view. The encrypted address is passed to IDzap's network and decrypted, then your data request is relayed to that address. CALEA (Communication Assistance for Law Enforcement Act of 1994; the Big Brother law behind Carnivore and wiretaps without court orders) taps will not be able to see where you are going.
IDzap accepts payment by credit card or check.
I had hoped to include this service in the review process, but ProxyMate is no longer available. Their web page does state that future development is possible, and provides an email subscription form so that interested persons can stay apprised of progress. In the interest of keeping one's options open, it might be wise to keep track of this service.
Another anonymizing service, Privada sells both network and individual privacy packages. The individual package of most interest to Doing Freedom! readers includes anonymous/encrypted browsing through Privada's network and email. Privada email offers a nice twist on security. Besides encryption, email sent through Privada is randomly delayed from 30 minutes to 4 hours. This may not be terribly convenient for time-sensitive material, but does help defeat traces based upon time analysis.
Privada no longer offers its products for individual retail sale. They now target the ISP market, and allow subscribing ISPs to resell the individual package.
Somebody Proxy Server http://www.somebody.net/
Somebody is a proxy service, pure and simple. After subscribing, you configure your browser's proxy settings (in Preferences/Advanced in Netscape Navigator) to use somebody.net as a relay. This is intended primarily to allow users to bypass IP blocks set by their employers' Internet connections, but also serves to provide IP privacy.
Somebody offers several pricing packages, based upon the Internet services one would wish to access. I found them to be rather pricey, with basic Internet Relay Chat (IRC) and ICQ access running $19/month, web browsing at $49/MO-$229/6MO, and Internet Telephony (DialPad, for instance) at a whopping $99/MO. A package of all accesses is available at $129/MO. I do not expect Somebody to fare well in this market unless they bring their prices down to a more rational level.
I was unable to test Somebody. While a 'test drive' purports to be available, they neglect to provide the necessary temporary ID and password to log in to their proxies- another marketing error.
While Anonymizer may be thought of as a pioneer in Internet privacy, cost per service shows it not to be the best buy. Anonymizer's web server space is nice, but there are many other companies offering the same, and just as anonymously. Freedom's pseudo-persona nyms may be a useful way for some users to keep their online identities straight, but free and anonymous email accounts abound on the Internet and may be used in the same fashion. In all, IDzap appears to be the best all around buy: Free for the casual user, and quite competitively priced for more serious anon browsing, without unnecessary frills.
All of these services need to continue working on their products. Anonymizer, in the past, has experienced glitches that could have allowed a server to track down a user's originating IP; that is long since straightened out, but hackers and crackers abound and love a challenge. Java, a potential security risk though it may be, is a fact of Internet life. These services need to pass the code to the user browser. I found in testing that I was unable to access some web sites on free-hosting services which Java for redirects to user pages. Java compatibility may be of particular importance to Doing Freedom! readers, as many may be using Hushmail for private communications. Hushmail operates via a Java application, and will not work through these anonymizing services.
Also, free, ad-supported ISPs are the future, just as ad-supported television is an entertainment mainstream; Freedom needs to replace their proxy front-end with a browser plugin (a la Realplayer) which is adware-ISP compatible.
These services are useful now, for anyone valuing privacy, and should become more so in the future.
Another privacy enhancing service one may wish to consider is OptOut (http://grc.com/optout.htm), Internet Spyware Detection and Removal. OptOut prevents surreptitious monitoring of your Internet usage by organizations such as Microsoft or Real Networks. This is not an anonymizing service, but instead monitors your own computer's Internet connection for covert data uploads to other companies' computers by 'trojan horse' software hidden on your computer.
Table of Contents
Comment on this article
View all comments on this article