note: This post is fairly advanced and full of theory. If you are a casual internet user, it may be a bit much, but you’ll need to understand this for my next article that will be less “techy” and more “mortal based”. Further note, when I wrote this, all the internet addresses were stuff I “made up”. If they actually exist and you click on them, well, don’t be surprised at what you see.
In my previous post, I presented reasons why you should care about internet privacy. I promised that I would show what can be done if you care about your privacy. So, here goes.
The first thing a person needs to understand about the internet is that the word “privacy” can mean many different things. For the time being, forget that the internet exists. Instead, think of taking a road trip, and having an address that is your destination.
If you want to go somewhere, one of the first things you are going to need to know is where you are going. Generally, you look at a map and find a geographic location that corresponds to a name. You do this because people understand names. It is inconvenient to refer to a location by latitude and longitude in common speech. Hence, you will look at a map, that, by mutual agreement, contains names and locations that you can visit. You probably won’t look at a map a fourth grader draws. You will instead look at some official map that looks authoritative and trustworthy.
In the internet world, this map looking up is equivalent to the Domain Name System, or DNS for short. Dns maps IP address to names. Why? Because it is easier to remember www.nakedwomen.com than it is to remember 185.234.569.123. In order to accomplish this, though, a huge database must exist the size of the internet to make sure that when someone types in a name that it resolves to the appropriate number.
Unfortunately, for the purposes of internet privacy, these addresses are registered at a central authority, which basically amounts to the U.S. government predominately. If you want to know where www.nakedwomen.com is, your computer asks a chain of Domain Servers which eventually say “Hey, it’s over there!” The top-level authoritative domains end at the US government. So, if you look for something, automatically a trail is left behind through all these DNS servers basically saying that yeah, you were looking for www.youngchicks.com. Of course, you might have also been looking for www.thepoperocks.com, or www.jlo.com. It doesn’t matter what you were looking for, the fact that DNS is centralized with an authority means that what you sought can be hypothetically traced. Likewise, it means your website can be censored in a moment’s notice. This is far too much power for any institution to have, and creates in the internet something it was not designed to have originally—a single point of failure—the DNS servers. (specifically in the event of a nuclear attack) Hence, problem number one of internet privacy.
Problem number two is somewhat related to problem number one. If you decide to travel to Philadelphia, then you know you are going to be taking a certain route. If I see you along that route, then I might know where you are going. If I can re-trace your whole route, then I know where you went and I don’t need your destination for that. Your destination will become apparent when I get there. Maybe you might try to fool me and you take a circuitous route. Through many twists and turns and turn backs you think you’ll be able to maybe lose me somewhere in the chaos. Perhaps you will try to fake me out by taking high traffic areas in the hope that all those cars make it harder for me to see where you are.
In our first situation, the fact that the destination was ruled by a central authority was the issue. In our second situation, the fact that we have a destination AT ALL and are traveling is the issue. Our second situation is equivalent to internet traffic traveling over the wire in “broad daylight” which essentially means “not encrypted”. Everywhere we go along the way leaves footprints—just like traffic cameras might along our way to Philadelphia.
So what can we do about it? In both situations, the problem has to do with “centralization of authority” in different ways. The second example isn’t as problematic if we could only hide our traffic from the “toll booths” which it passes through. The answer, then, involves decentralization of authority and encryption.
DNS hasn’t been changed much since its inception, and several alternate propositions are in place for a distributed DNS that might make the situation better. The strongest proposal I have found was here. The idea of integrating trust into DNS servers for resolving IP addresses would help de-centralize the reliance on government servers which are essentially automatically trusted. If then there were more distributed DNS servers from which one could democratically choose, one would hypothetically create a situation wherein the nodes that censored the most would be used the least. The internet would essentially “re-route” itself around DNS servers that were not censored. If then encryption were placed on DNS queries themselves, then one would have a situation where DNS would be highly conducive to privacy and resilience to censorship.
So, on the DNS side of the internet, one could start getting behind projects that have encryption and “trust” as main thrusts where DNS is concerned. Several such projects exist, and most of them refer to making a “meshnet”. Some meshnets dispense with DNS all together with the aim of replacing the internet with wireless router nodes. Others suggest creating “darknets” which are networks that are built on-top of or “underneath” the existing internet in various clever ways. We’ll talk about those solutions next.
DNS solutions are things which are “mostly out of our hands” with the exception of maybe downloading some of the “meshnet” projects such as Byzantium and running them on our systems—especially if we are in large cities.
However, anonymous traffic routing systems are not at all out of our hands. There are several options, but I want to center on two in specific. The two I’m going to center on are Tor and I2P.
If you wanted to send a letter to an address, but you didn’t want the sender to get your address, you might send it as though it were from some other address. If you could link this some other address such that it knew yours and you could get mail from it, that’d be ideal. It would be an intermediary. This is equivalent to what one refers to in internet lingo as a “proxy”. A proxy sits in the middle and uses its IP address instead of yours when you access sites. That’s not enough to make you completely private, but it is a step in the right direction. The proxy has a log of you, and so if something were to happen wherein someone wanted your IP, all they would have to do is ask the proxy. Now, what if hypothetically there were millions of you in what amounted to one proxy? What if all of your IP’s were scrambled and encrypted? What if you comprised a network INSIDE the proxy that allowed people to route through you while you were inside the proxy? That’d be pretty secure, wouldn’t it? The internet never sees your IP address, it only sees the proxy. However, the proxy is not tied to any one computer, but tied to thousands upon millions. That would make your traffic pretty anonymous, no?
In essence, this is what Tor and I2P do. They exist as ways to surf the web amongst peers. Tor doesn’t specifically require users to allow other users to route through one another. Likewise, it doesn’t aim to replace the web as it stands. Tor is more of a “pretty private” solution that exists on the net as it is. It uses encryption at no more than three hops at a time so that it becomes nearly impossible to trace the route back to where a packet originated. However, it has a weakness. Remember our old friend DNS? Eventually, a request made to the internet outside of Tor has to pop out of an exit node. At the point of this exit node, it becomes possible to “sniff traffic”. Since DNS is not encrypted, it forces us to drop out of Tor privacy. The same thing is true for I2P, but I2P has one important difference. It aims to basically replace the internet as it stands entirely. How is it going to do that?
Well, mainly by making everything peer to peer. When you fire up i2p, your computer is automatically a node on the network. You are both able to browse and to send information on the behalf of others. Your computer basically becomes a router. It appears to me that I2p is attempting to make a self-contained universe more than connect to the old “internet” as the “outproxies” that connect to the DNS servers that allow people to suck up information are few and far in between. There are, however, a bounty of “darknet” sites one can visit that are otherwise hidden. Tor has this feature as well, but what makes Tor different is the optional “opt in” for being part of the network, and “exit node” issues. I2p is more insular—and accomplishes what I discussed as being the main issue with internet privacy—an encrypted system with a de-centralization of domain names. It doesn’t do this task perfectly, but it is a step in the appropriate direction.
So what does this mean for you? Well for one, you could download tor. I’d recommend using a linux system with tor already loaded on it—something like whonix would probably be best. If you want to try out i2p, then download a copy of ipredia. You will of course likely need a copy of virtual box, which I assume won’t be an issue for the users this article is primarily targeted towards. Turn these services on, and leave them on. Allocate them bandwidth, and that’s step 1 toward making the internet more privacy aware since it changes the authority the internet is accustomed to utilizing.
What about steps mere mortals who don’t want to install these tools can take? I’ll cover that in my next article: services you can use that make the internet more private.