Java Anon Proxy

From Wikipedia, the free encyclopedia

Java Anon Proxy, also known as Java Anonymous Proxy, JAP Anon Proxy or JAP, is a proxy system designed to allow browsing the Web anonymously. It is based in Germany and was originally developed as part of an ongoing project of the Technische Universität Dresden, the Universität Regensburg and Privacy Commissioner of Schleswig-Holstein. Written in the Java programming language, its slogan is Anonymity and Privacy - Anonymity is not a crime.

Cross-platform, free, and designed to be easy to use, it sends requests through a cascade of encrypting mixes, thereby hiding the origin of any connection. JAP is available for all platforms that support Java (Windows, Linux, MacOS, OS/2,...).

The JAP client program allows the user to choose among several Mix Cascades (i.e. a group of anonymization proxies) offered by independent organisations. Users may choose by themselves whom of these operators they will trust, and whom they won't. This is an important difference to peer-to-peer based anonymity networks like Tor (anonymity network) and I2P, whose anonymisation proxies are anonymous themselves, that means the users have to rely on unknown proxy operators.

The speed and availability of the service depends on the operators of the Mixes in the cascades, and therefore varies. More users on a cascade improve anonymity, but a large number of users might diminish the speed and bandwidth available for a single user.

Use of JAP is currently free. However, financial backing for the research project has run out, so it will switch to a for-pay model in order to cover the costs of running the servers and for developing the software. The payment system is currently being tested. However, it has been announced that a basic level of service will always be free to use, in order to provide anonymity and privacy to people who cannot afford to pay. The AN.ON developers also work on an improved blocking resistance function that makes it easier for users from restrictive countries to get a connection to the system.

The online activities of the user can only be revealed if all Mixes of a cascade work together by keeping log files and correlating their logs. However, all Mix operators have to sign a voluntary commitment not to keep such logs, and for any observer it is difficult to infiltrate all operators in a long cascade.

In 2003, the German BKA[1] [2] obtained a warrant to force the Mix operators to log the activities of a specific criminal. In case of serious crimes committed via JAP, the German Mix operators can be forced to log the user IP addresses for specific web requests for a limited time. This has led some people to distrust the software, especially when rumors came up about a 'backdoor' [3] in the JAP software. Unlike some internet articles state, JAP itself never had any kind of 'backdoor', instead an additional 'feature' was added to the Mix server code that enables operators to revoke anonymity if they all work together and recompile their software. As stated above, this is completely covered by the AN.ON threat model and no security leak. Currently, further research is done by AN.ON to make this functionality even more privacy-friendly [4].

As a reaction to the threat from local authorities, the system has spread internationally. If the Mixes of a cascade are spread over several countries, the law enforcement agencies of all these countries would have to work together to reveal someone's identity.

Since May 2005, JAP can also be used as a client for the Tor and since 2006 also for the Mixminion network. These features are still in alpha stage.

Note: The GNU/Linux package of JAP is named anon-proxy.

[edit] See also

• Anonymous P2P
• Anonymous remailer
• Internet privacy
• Mixmaster

[edit] External links

• Java Anon Proxy
• Project homepage
• Tutorial for using JAP with Proxomitron
• JAP tutorial for using it with Proxomitron (from project homepage)