Please explain in layman's terms as far as VPN account and TOR browser package with possible links to procure these, much appreciated.
Synopsis
Sometimes you just don't want your "recreational" browsing activity to be associated with other browsing activity. However, web browsing by its nature requires that we share our "address" with the website and with our ISP so that information can be routed back and forth between our browser and the website. The address can be used by the website and by the ISP to identify us and associate browsing activity even if it comes from different browsers, different browser sessions, or different users.
There are two simple approaches to defeating this association that can be used individually or together.
There are two simple approaches to defeating this association that can be used individually or together.
1. Use a VPN
Using a VPN will make it appear to a website as though you are physically located somewhere "far away from home" and it defeats ISP logging and packet inspection. Those are both good things.
The easiest approach is to purchase access to a VPN and luckily there are oodles of VPN providers to choose from. Simply google VPN and you'll get adverts for dozens and there are reviews published regularly by various sources. I like the bit-torrent community's VPN reviews and suggest starting with one of those providers. Most providers make it very easy for non-technical users to get up an going quickly and easily.
2. Use Tor
Tor is something like a matryoshka doll version of a VPN ... and it's free! Simply download the Tor Browser Bundle, install it and go. There is a special version of the Firefox browser bundled with Tor, all set up and ready to go. In addition to solving the "anonymous network routing" problem, the Tor browser also applies a slew of best practices for safe, anonymous surfing.Be warned that quite a few things on the web just don't work securely and Tor simply turns them off. (Seeing all the stuff that doesn't work is itself educational and sobering.) So, as a practical matter, I use a VPN and either Tor or my regular browser depending upon my needs.
Background
The late U.S. Senator Stevens famously described the Internet as a "series of tubes." While that level of understanding is apparently good enough for making U.S. government policy, we need to do a little better to understand the problem being solved.
So what is the problem? Well, let's pretend for a moment that your browser (or email client, or whatever) communicated with a website (or email service provider, or whatever) not using "tubes" but using the postal service, instead.
Your browser would start out by sending a postcard to the website that might look something like this:
The website sends me back a postcard, I send them another postcard, and so forth and so on.
In this interaction with the website, I learned about their great Pimperkuchen and they learned where I live. And the postoffice and my landlady that always goes through my mail learned that 'coolstuff' and I have a relationship and that I have an interest in Pimperkuchen.
Later, I cleverly use a different browser and alias to interact with 'coolstuff' and this postcard gets sent:
You probably wouldn't be amazed if 'coolstuff' figured out that "Phil O'Sander" and "Will E. Koyote" are probably aliases for the same person, and I'm certain that my landlady wasn't fooled. Why? Because the return address is the same and there probably aren't thousands of people living in Apartment 14B. Furthermore, you aren't surprised that the landlady knows all about my interests in German novelties, since all the messages where sent on postcards in "plain text".
"That's just goofy!" you say. "Surely the Internet is more clever than that!"
Well, it's not!
The only real differences are (a) the addresses are long numbers that mostly only mean something to computers (but they are just as tied to some physical location), (b) the messages aren't written on paper, and (c) the messages go back and forth a lot faster than postcards. The role of the postman reading my mail is played by your ISP (Internet Service Provider), and in most countries the landlady is played by various government agencies. The technology for "associating" different browsing sessions (as well as other activities) is fairly widespread (at least among large web properties, especially those that make money from ads), and with a little bit of experimentation you'll soon discover that many well known websites that many people use day in and day out are running such technology.
Yikes!
So how can we do better?
Well, one obvious help would be to use envelopes so that the postman and landlady can't read my messages. Better yet, would be to encrypt the message in such a way that only the website and I can decrypt the message. That works even if the envelope gets opened.
This is the approach that is taken on the Internet.
How can I keep from divulging my location to 'coolstuff', the post office, and so forth? Well, one strategy would be to rent a forwarding mailbox somewhere and have the postcard sent via this intermediary. 'coolstuff' only knows the address of the forwarding agent and my landlady doesn't see me sending mail to or receiving mail from 'coolstuff'.
This is roughly what a Virtual Private Network (VPN) does.
Of course, some one with sufficient wherewithal could force the UPS Store to divulge where it is forwarding mail. So, if we are really paranoid, we could set up a series of forwarding mailboxes. The first one knows how to forward to and from me, each intermediate forwarder only knows how to forward to its "neighbors" in the chain, and the last forwarder knows how to forward mail to 'coolstuff'. The only address that 'coolstuff' knows about is the last forwarder; only one forwarder knows my true location; and it takes a lot more wherewithal to break all the links in the chain. Now our postcard might look like:
This is roughly what Tor does.
So what is the problem? Well, let's pretend for a moment that your browser (or email client, or whatever) communicated with a website (or email service provider, or whatever) not using "tubes" but using the postal service, instead.
Your browser would start out by sending a postcard to the website that might look something like this:
The website sends me back a postcard, I send them another postcard, and so forth and so on.
In this interaction with the website, I learned about their great Pimperkuchen and they learned where I live. And the postoffice and my landlady that always goes through my mail learned that 'coolstuff' and I have a relationship and that I have an interest in Pimperkuchen.
Later, I cleverly use a different browser and alias to interact with 'coolstuff' and this postcard gets sent:
You probably wouldn't be amazed if 'coolstuff' figured out that "Phil O'Sander" and "Will E. Koyote" are probably aliases for the same person, and I'm certain that my landlady wasn't fooled. Why? Because the return address is the same and there probably aren't thousands of people living in Apartment 14B. Furthermore, you aren't surprised that the landlady knows all about my interests in German novelties, since all the messages where sent on postcards in "plain text".
"That's just goofy!" you say. "Surely the Internet is more clever than that!"
Well, it's not!
The only real differences are (a) the addresses are long numbers that mostly only mean something to computers (but they are just as tied to some physical location), (b) the messages aren't written on paper, and (c) the messages go back and forth a lot faster than postcards. The role of the postman reading my mail is played by your ISP (Internet Service Provider), and in most countries the landlady is played by various government agencies. The technology for "associating" different browsing sessions (as well as other activities) is fairly widespread (at least among large web properties, especially those that make money from ads), and with a little bit of experimentation you'll soon discover that many well known websites that many people use day in and day out are running such technology.
Yikes!
So how can we do better?
Well, one obvious help would be to use envelopes so that the postman and landlady can't read my messages. Better yet, would be to encrypt the message in such a way that only the website and I can decrypt the message. That works even if the envelope gets opened.
This is the approach that is taken on the Internet.
How can I keep from divulging my location to 'coolstuff', the post office, and so forth? Well, one strategy would be to rent a forwarding mailbox somewhere and have the postcard sent via this intermediary. 'coolstuff' only knows the address of the forwarding agent and my landlady doesn't see me sending mail to or receiving mail from 'coolstuff'.
This is roughly what a Virtual Private Network (VPN) does.
Of course, some one with sufficient wherewithal could force the UPS Store to divulge where it is forwarding mail. So, if we are really paranoid, we could set up a series of forwarding mailboxes. The first one knows how to forward to and from me, each intermediate forwarder only knows how to forward to its "neighbors" in the chain, and the last forwarder knows how to forward mail to 'coolstuff'. The only address that 'coolstuff' knows about is the last forwarder; only one forwarder knows my true location; and it takes a lot more wherewithal to break all the links in the chain. Now our postcard might look like:
VPN: Virtual Private Networking
Virtual Private Networks are often used by corporations to allow remote offices and employees to securely connect to the internal corporate network, and from there on to the network at large -- subject to whatever security policies the corporation would apply if you were in an office at headquarters. If you've ever worked for a big company and had a laptop issued to you, it was probably configured to "VPN" into the corporate network. A corporate "VPN server" acts as the "forwarding agent", shuttling messages back and forth between your laptop "connected" from home or hotel and whatever website you are using. So, when you're in a hotel using the WiFi and the laptop sends messages they appear to be sent to the corporate "VPN server" and the channel is encrypted so no one nearby can "listen in" and read the message contents.Cool. But I don't have an IT department to set all that up for me!
For the home user the easiest approach is to purchase access to a VPN and luckily there are oodles of VPN providers to choose from. Simply google VPN and you'll get adverts for dozens and there are reviews published regularly by various sources. I like the bit-torrent community's VPN reviews and suggest starting with one of those providers. Most providers make it very easy for non-technical users to get up an going quickly and pretty painlessly.
The VPN provider will supply you with the ability to connect to some number of their VPN servers, often spread around the world. You talk to the VPN server, it talks to the website. You're in Milwaukee and the website thinks your in Dubai. Furthermore, the connection between your computer and the VPN server is encrypted, so that your ISP or whoever else is listening in can't look at the messages and figure out what you are talking about or with whom you are talking.
Tor: The Onion Router
In Tor your computer sends messages to and from a destination (a website, for example) through a set of intermediary forwarding "message routers" using encryption so that none of the forwarding nodes can read the message or know the complete forwarding chain. The Tor website has an excellent description of the process, so I won't go into the "how".
Properly used, Tor is very secure and even when improperly used it's does an excellent job at "anonomizing" the Internet address seen by websites that you are connecting to.
Properly used, Tor is very secure and even when improperly used it's does an excellent job at "anonomizing" the Internet address seen by websites that you are connecting to.
Simply download the Tor Browser Bundle, install it and go. There is a special version of the Firefox browser bundled with Tor, all set up and ready to go. In addition to solving the "anonymous network routing" problem, the Tor browser also applies a slew of best practices for safe, anonymous surfing. I strongly recommend that you read Tor's warnings on unsafe browsing behavior.
Be warned that quite a few things on the web just don't work securely and Tor simply turns them off. (Seeing all the stuff that doesn't work is itself educational and sobering.) So, as a practical matter, I use a VPN and either Tor or my regular browser depending upon my needs.
Browse Safely!
The Happy Hobbier
Be warned that quite a few things on the web just don't work securely and Tor simply turns them off. (Seeing all the stuff that doesn't work is itself educational and sobering.) So, as a practical matter, I use a VPN and either Tor or my regular browser depending upon my needs.
Browse Safely!
The Happy Hobbier
No comments:
Post a Comment