Anonymous Access

After all those privacy measures a server will still see which computer you're coming from. Perhaps you don't want anyone to know you're interested in certain 'questionable' or politically unaccepted topics.

Anonymous Proxy

Perhaps the most comonly used way to ftp or browse the web anonymously it the use of an anonymizing proxy such as http://www.anonymizer.com or http://lpwa.com. This works in a similar fashion as the simple remailer service who just matches your email to a pseudonym.

To make use of such a service just enter its IP and portnumber as a proxy in your browser. Look on the webpage of the provider of such a proxy what exactly you have to enter there. Once you're accessing a webpage now, your request will first be send to this proxy instead of directly to the webserver. The anon proxy will usually clear the referer field as well and pass your request on to the webserver, as if it was trying to make this request itself. This way the webserver cannot tell where this request actually came from.

The drawback of this method is that all security lies in the anon proxy. If it gets compromised or the admins are forced to give out information to authorities, you anonymity is void.]

Crowds

Crowds is a more complex system developed by AT&T. You can see it as some sort of anon proxy but then multiple which are chained together. Just like with the chained remailers this tries to prevent another party from knowing both ends of a connection. The first crowds proxy will run on your own machine. This will join the 'crowd'. Once you make a webrequest it will first pass it on to the proxy (jondo) running on your own machine. It will then randomly decide if it should be passed on to another crowds proxy or if it should fetch the page itself. If it decides to pass it on, it will select another proxy, encrypt it for this one and pass it on. The second proxy will the also randomly decide if it should be passed on or if it should fetch the page, and so on. Once a proxy decides to get the page it will parse the html and retrieve it all, including the pictures and everything included in the html and then pass it on all the way back to you.

There's currently a perl version from AT&T itself. You can get it from their Crowds Page You can also find more detailed information about crowds there.
There's also a c version available at http://www1.informatik.uni-erlangen.de/crowds/

Crowds also has its drawbacks. Since the proxies run on peoples homemachines, who'll probably have isdn or even a modem, things will get very slow. Your request will probably travel accross various lines like this. Also your own modem line will get used by other people using your crowds proxy.
Another thing is that it does not prevent traffic analysis. This means that if you'd follow the bulk of data from the webserver through the crowds network, you could find out who originated it.

Onion Routing

Onion Routing is a yet more complex approach to gain anonymity. It also works with a chain of proxies. However it also employs 'mixing' as described in the remailer section and encrypts the data in a similar fashion.

If you make a request it will first go to a proxy, probably running on your own machine. Comparable to the chained remailer network, the request will get encrypted multiple times.

After choosing a route through the proxy network it will first encrypt it with the key negotiated with server3, then for server2, and after that for server1.

On its way back it will also be encrypted multiple times. The answer from the webserver will first be encrypted with the key established between the first proxy (the one you first contacted) and, say, server3. Server3 will then pass it on to server2. Server2 will look up where to send it next and encrypt it with the key it negotiated with the first proxy. It passes it on to server1who will do the same thing. At the end all the layers will be removed again and the reply will reach you in cleartext.

This is only a very brief summary of what it does. For more information refer to http://www.onion-router.com. You can also find software and various articles about it there.

PipeNet

PipeNet works in a similar fashion except that there is constant traffic between the servers. This is to prevent traffic analysis. It has never actually been implemented.

For more information refer to http://www.jya.com/pipenet.html or also http://www.eskimo.com/~weidai/pipenet.html.

Freedom

Freedom is a commercial product developes by ZKS in Montreal. It works similar to Onion-Routing, but it also includes elements of PipeNet, since it puts cover traffic on the line.

It's currently in the beta stage. You can sign up for the client beta at their webpage.

12/04/1999 Stephanie Wehner