Anonymizer

From Wikipedia, the free encyclopedia

Please help improve this article or section by expanding it. Further information might be found on the talk page or at requests for expansion. (August 2007)

An anonymizer or an anonymous proxy is a tool that attempts to make activity on the Internet untraceable.^[1] It accesses the Internet on the user's behalf, protecting personal information by hiding the source computer's identifying information.^[2]

Contents 1 Purposes 2 Risks and security 3 Use of anonymizers 3.1 Protocol specific anonymizers 3.2 Protocol independent anonymizers 4 Use of multiple relays 5 See also 6 References

[edit] Purposes

There are many purposes for using anonymizers. Anonymizers help minimize risk. They can be used to expose human rights abuses without retribution, to speak about a taboo without loss of reputation, or to receive information within a repressive regime.

However, there are many ways in which this service can be abused. Criminals can use anonymizers along with encryption software to securely hide their identity and keep their message hidden from any police or intelligence agencies.

[edit] Risks and security

Anonymizers are not entirely secure. If an anonymizer keeps logs of incoming and outgoing connections and the anonymizer is physically located in a country where it is subjected to warrant searches then there is a potential risk that government officials can reverse engineer and identify all users who used the anonymizer and how they used it. Most anonymizers state they do not keep logs but there is currently no way to confirm that. However, if the user used another anonymizer to connect to the exposed anonymizer, that user is still anonymous. This is sometimes called daisy-chaining.

Further, an untrustworthy web based anonymizer is capable of man in the middle attacks. The anonymizer can read, inject, and modify content into the message that the user is sending as well as receiving. The anonymizer can intercept and record private unencrypted information such as username and password credentials, credit card numbers, e-mails, etc. that have been transported using the anonymizer. To avoid this, content should be encrypted and credentials should be exchanged outside of the anonymizer.

For even trustworthy anonymizers, anonymizers cannot filter out any malicious code that may reveal the identity of the user who wishes to remain anonymous. See malware. Care should be taken to prevent information leaks. For example, anonymizing an HTTP connection but not a DNS lookup can reveal the location of the viewer.

Anonymizers also present a high value target. Groups opposite the people who want to remain anonymous target public anonymizers, especially as they are often misused.^[3]

[edit] Use of anonymizers

[edit] Protocol specific anonymizers

Sometimes anonymizers are implemented to only work with one particular protocol. The advantage to this is that no extra software is needed. The operation occurs in this manner: A connection is made by the user to the anonymizer. Commands to the anonymizer are included inside a typical message. The anonymizer then makes a connection to the resource specified by the in-band command and relays the message with the command stripped out.

An example of a protocol specific anonymizer is an anonymous remailer for e-mail. Also of note are web proxies and bouncers for FTP and IRC.

[edit] Protocol independent anonymizers

Protocol independence can be achieved by creating a tunnel to an anonymizer. The technology to do so varies. Protocols used by anonymizer services may include SOCKS, PPTP, or OpenVPN.

In this case either the desired application must support the tunneling protocol, or a piece of software must be installed to force all connections through the tunnel. Web browsers, FTP and IRC clients often support SOCKS for example, unlike telnet.

[edit] Use of multiple relays

A system of connected anonymizers has been established to utilize concept of daisy chaining anonymizers to heighten the security for anonymity. This system is called the “Tor network”. See Tor. Nevertheless Tor is still vulnerable to privacy breaches but it is considered to be the best anonymizer platform. See risks of using anonymous proxy servers.

Another example would be sending an e-mail to an anonymizing remailer, which relays it to another remailer, which eventually relays it to its destination.

[edit] See also

• Anonymity — the generic concept
• Anonymization — a more specific concept
• Anonymous remailer — a similar service for e-mail
• Anonymizer (company) — a company that specializes in anonymizer services
• Proxy server — a basic tool of anonymizers
• Tor (anonymity network) — An onion routing proxy system

[edit] References