Truly Anonymous Web Browsing: How??!!

a 100% anonymity is impossible

but you can make it very difficult for another person to find out who and where you are...

Keep in mind no matter how many proxies you may go through if the proper logs and auditing is being done on these proxies then sooner or later it will lead back to your IP and your Hostname. The end hosts will only see the IP from the last proxy you went through but this doesn't guarantee you anonymity. You can be traced.

The only true way of not being identified is to spoof your IP from the source so there is no need for any proxy. As the end host will only see the IP you tell it to see. The problem with spoofing however is that any return data from the host will never get back to you, it will get sent to the spoofed IP, hehe works great for DOS attacks as well. This technique however is not used to simply browse the Internet as I say the HTML request will never return to you.

thanks to all for your ongoing responses.

i'm sorry for these basic questions--but i also have a query regarding e-mail. do these anonymizers change your e-mail address as well? in other words, in addition to allowing you to browse without leaving your ip address at various sites, do these anonymizers also allow you to change your e-mail address? if not, how can that be accomplished?

great thanks again :)

marylyn :))

My mother always said:
"If you don't want anyone to know, don't do it."

Remember the proxy server can log you and anywhere from your ISP to the proxy can be logged, pointing right back to your IP address.
There are anonymous email remailers as well and using a web-based email system via a web proxy can provide some anonymity.

You can use this to cloack you real email

http://www.sneakemail.com/

It basically a proxy just like the web proxy. Just go there set it up and then you can generate 'fake' sneakemails and the email will be forwrded on to you real email account

Dear Chigagoan, etal.,

Just to make it clear, the idea I have needs for the browser/e-mailer to have as close to total anonymity as possible.

There is nothing illegal/untoward about the concept whatsoever.

As I'm not a particularly technical type, and don't follow the "progress" in this area, I was hoping there was a way to provide potential users the assurance their anonymity would be guaranteed.

Marylyn :))  

Marylyn:


As stated in a previous post, total anonymity is virtually impossible on the Internet.   There are websites dedicated to providing pay and free proxy servers.  You would then go to TOOLS, INTERNET OPTIONS, CONNECTIONS, LAN SETTINGS and fill in the proxy information provided.  That way all requests you make for a webpage for example are sent through the "anonymous" proxy server.

Of course is something illegal went down, your "anonymous" service could give the authorities your real IP and eventually you may be tracked.  But it's pretty darn close, and if you don't plan on doing anything illegal, then that should suffice for you.

Do a google search for anonymous proxy list.  You need to find a fast one, because the free ones can slow your Internet browsing down dramatically due to the amount of people using it.  So you may have some trial and error for a while finding the right one.

Then you can test it by trying to connect to a machine you have control over and that runs a firewall so you can verify that your IP isn't given and instead the anonymous proxies IP.

Be sure to you an ANONYMOUS proxy not a TRANSPARENT.

The only way to browse in true anonymity is to use a public computer with an internet connection that is either free or paid for in cash. And this is only anonymous if no cameras nearby capture an image of you and if no person remembers you were using the computer. I am not overexaggerating.

When you use an internet proxy like those that have been described in the previous messages, you must accept the possibility of becoming the victim of a "man-in-the-middle" attack. This MIM attack occurs when a server, the proxy server in this case, between your computer and your target,  abuses its priveleged position in some way. This abuse can consist of the server keeping detailed logs of all data that passes through it, catching any plain-text passwords or other sensitive information, or the server can feed you false information, pages constructed in the image of real webpages, in hopes of getting you to type in sensitive information. The point of all this is that if you intend on telling your visitors to use a web proxy in order for them to obscure their ip addresses from your site, you should tell them to find one that's trustworthy.

Also, while proxies can be effective at obscuring an ip-address, they won't prevent a web browser from picking up cookies. Disabling cookies is a good idea to if you want to browse anonymously, or at least make your browser ask before it accepts a cookie. This can make web browsing less convienient as sites won't "remember" you and auto-login, but it is well worth it.
 

I want to thank everyone for your continued comments on this topic. I'm keeping it open because more and more info is trickling in. Most of it is extremely helpful. Please keep it coming in.

Best holiday wishes to all, by the way...

Marylyn :))

In short, no. By being completely anonymous, you defeat the initial purpose you set out on, which was browsing or using the web in some way. This is because of the fact that when you send a request to a server, it has to know where to send that request back. Thusly, there has to be some chain getting back to you. Thusly you are no longer anonymous. However there is a way to achieve a signifigant amount of animosity (Did I make that word up? lol), anyway, I'd suggest using a series of proxies that are "chained" together. For example, you have proxy one, which itself uses a second proxy which uses a third proxy and THAT proxy access the page. This way you acquire a signifigant amount of discrepency and increased backtrack, but you also greatly increase the number of hops a packet has to take. For maximum effect, try proxies that are located in different countries, preferably far apart, so that your proxies are using all different backbones of the internet. Hope this clears everything up!

no, you didn't make that word up, but I think "anonymity" was what you were shooting for
http://dictionary.reference.com/search?q=animosity


before you get too comfortable:
http://computer.howstuffworks.com/carnivore.htm
http://abcnews.go.com/sections/scitech/CuttingEdge/cuttingedge011221.html

Most folks here are describing the use of anonymous remote proxies, which result in the IP address which appears in the IP packet header, being changed from *your* IP address, to that of the proxy.  While that is a necessary thing to do, if you want anonymity, it is also wise to change the IP address that your computer *thinks* that it has, so that your IP address does not appear, embedded in one of the higher-layer protocols.  For example, it is possible to embed a Javascript into a web page, and therefore cause it to run on the computer that is being used to browse the web.  There, it can obtain the IP address from the computer that it is running on (before that IP address is changed by a remote proxy), embed that address in a call to a remote web server, and permit that web server to get the correct IP address.

Using a router on your local network, to do Network Address Translation, will allow you to tell the computer that you are browsing from, to use a non-Internet-routable IP address, which the router then translates into an Internet-routable one.  This means that your computer thinks that it has a non-routable IP address, and tactics which embed the IP address in higher-layer protocols will typically be defeated.  You will still need to use a remote proxy, so as to ensure that the translated IP address does not appear in the IP headers, but this method also covers the upper network layers, above IP.

This may seem like a lot of work - and perhaps it is.  The question to ask yourself, is 'just how anonymous do I really need to be?'  And perhaps 'what am I doing wrong, that I need this level of anonymity?'



Feline On The Prowl

First of all--best holiday wishes to everyone. And thank you for your thoughtful, intelligent, thorough comments. I want you to know they're deeply appreciated.

Let me give you all a slightly more explicit description of what I'm trying to do here. This may be of help to you.

My intention is to create a site that people would be willing to visit in order to offer/record their innermost secrets (pardon me if I don't share the entire concept with you). So the issue is--is there a way to adequately assure visitors to a website that these innermost secrets cannot be traced back to them? If not, then the site's viability is in serious doubt, at the very least.

I realize that this "more explicit description" doesn't alter the technical responses already rendered here. Nonetheless, I thought I'd at least provide a bit more information as to what it is I'm trying to accomplish--in the hope it somehow may stir even more innovative ideas than what have already been contributed.

Again, thank you all for your ongoing support. Again, too--happy holidays.

Marylyn27 :))

 

Ah...  So the question relates to showing *other people* that their postings are anonymous...

Well, first off, any postings that people put on your website are as anonymous as you treat them.  If you make it a policy not to reveal information that is available to you, and if your website visitors trust you to do so, then there should not be a need for them to take measures to conceal themselves from your web server.  Remember; the tactics discussed so far, all related to hiding the web site user's IP address information from the web server.

Assuming that your web site visitors do not trust you to keep their information confidential, they will probably not accept your advice on how to keep you from collecting information about them.  They will (sensibly) assume that the information you provide is flawed or inadequate, and resist posting to your site.

That said, you can put up a simple portal page, designed to show website visitors what information their browser reveals about them, so that they can assess their risks.  This approach still assumes that they trust you to provide them with an accurate and complete accounting, but it may reassure them to know what information they are letting loose with.  They will then at least have the option of confirming that the information is complete, using similar tools on other web sites.  You might even provide links to such tools - and perhaps public anonymous proxy lists - on other websites, just for the sake of completeness.

In the end, this will come down to trust.  Most of your users will probably not take the time or trouble to learn how to use remote proxies or Network Address Translation, just so that they can post material to your website.  It is truly amazing, sometimes, just how little effort people are willing to go to, to protect their privacy, even when they believe it to be at considerable risk, and when they value it highly.   Most people somehow seem to manage to convince themselves that the simple fact that they are entitled to privacy, guarantees that they will get it.  If they don't trust you, they won't post.  If they do trust you - or they don't care about the risk of exposure - they will.  Not to worry; most people will trust a nameless, faceless stranger with their deepest, innermost personal secrets, while they would not trust their next door neighbor to return a borrowed set of hedge-clippers.  That is, of course, foolish of them, but then, that is the realm of the black-hat 'hacker'.  There would not be any, if people took better care of their secrets.



The Witches Familiar

Just thought I would add another anonymous proxy site of interest: www.proxyify.com
Not only does Proxify do the web browsing proxy thing, it also runs under SSL, so the whole communication from your web browser to the Proxify server is encrypted. That way, if your local network were running a sniffer (which can read all traffic running on a local network), all the sniffer would get is encrypted text. The sniffer would not be able to pinpoint what website you are actually viewing through the proxy.

www.proxyify is not a site

Thanks to all who continue to post. I greatly appreciate it. Since I'm receiving valuable information in bits and bytes, I'd like to keep the question posted for at least a little while longer.

Yes, I need to instill confidence in site participants that their comments will remain anonymous--either by referring them to an independent "anonymizer" site, or by somehow creating an environment at the site itself that will instill confidence.

You're all wonderfully knowledgeable, and greatly helpful. Thank you so very much. :)

Marylyn :)

Possibly if you hosted this yourself you could immediately flush all ip addresses that they had posted, and as all you really have control over is your domain, and not the whole route that packet took to get there, this is just about the best you can do. If you flush all the ip information from the site however, you will have no form of recourse if people start to abuse that privelige. In addition, this is one of the unfortunately very rampantent things on the internet, but many sites will SAY they go through a lot to protect your privacy but really don't (evidence is the millions and millions of credit card numbers that have been stolen by crackers over the years). Basically, I'd just suggest that as soon as you recieve a post or info from a person, and you have sent back the 'ACK' etc.... packets, then immediately delete the ip address from any logs whatsoever, and periodically do flushes of all the server's free space with a government-standard wipe. Basically the idea I have been going for is that if you delete all the information relating to where everything came from, you can offer a small degree of anonymity, which sadly is being harder and harder to come by. While in the whole sceme of things this is insignicant, it might do something to help people feel better about the whole process.

Another interesting concept is that every device on the internet has a MAC Address, which is assigned to manufactures and traced to varying extents during the sales process, its almost always possible to determine the MAC address of a device, and sometimes it is possible to trace it back to the purchaser.

Also remember that whilst you may delete logs and clear any history of someone visiting your site, other  bits of the internet network will be merrily logging away and have all the details..

The intermediate proxy solution is probably best, as it will provide a break between the network connection.

First, I want to apologize to you all. I had forgotten that this question was open. I just now checked my "open questions" and discovered this one is my only oversight. Again, I do apologize to all. Your responses were/are thorough and extremely helpful. As I would now like to add a follow-up I'm doubling the point total. I'll try to distribute the points fairly--and this time I won't forget my question was left open!

Now...when I asked this question some months ago I had no specific "purpose" in mind for browsing anonymously. Let me apprise you of what's developed. I understand what everyone is saying (above), but I need your expert advice regarding this specific situation.

I have a large family. We have 4 PC's networked and use Comcast as our main ISP and also have AOL as an "auxiliary" (connected to broadband via Comcast). Our various family members have different AOL and Comcast email addresses. To make a long story a bit shorter--a number of began to take online surveys. They're enjoyable and sometimes return a cash reward. One of the survey services we use now hits us with the screen message "You Have Already Taken This Survey" after one family member has taken it. In other words, it appears the survey service has upgraded its software to detect the static comcast IP address through which the original survey-taker has passed--and then disallowing everyone else from taking the survey. (Or might there be some other reason?)

Surveys are requested by email to our various family members. But once one person in the family has linked to the survey the rest of the family members are excluded from taking it. You fellas are smart. Is there any way around this apparent roadblock (where there's a will, there's a way??!! :))

Thank you all very much. And, again, apologies for my not realizing this question remained open.

Marylyn :))

Ooooops, when I posted my follow-up question I mentioned that I doubled the point value--from 300 to 600. But Experts-Exchange hit me with a red "error" message saying that the maximum points that can be offered per question is 500. Let mne try to enter 500 now instead of 600.

M. :)

There, I think(???) that did it. :)

Check out a proxy server and you may be able to use that to respond to the survey from, then the ip that they see should be that of the proxy server, although I don't know the TOS for the sites so I can't say whether they forbid this or not.

Hi big winnah--what is TOS? Thank you for replying.

Are there many such "proxy servers" around? Are they easy to configure do you know?

Thank you very much, again :)

TOS == Terms of Service, like an agreement on how you will use their site, they probably have some long legal agreement for the offers as well.
As for proxies, yes there are quite a few around. Try googling for "proxy".

Will do. Thank you for your suggestion. I hope they're not too difficult to set up. :)

I would like some part of the split for my effort in the question. I think that would be reasonable :)