If you’re uncomfortable about browsing the Internet and leaving behind tracks that a hacker or even just unwanted prying eyes could find, don’t feel alone. There are many people who would prefer having the option to browse without worrying about what trails they might be leaving behind.
There’s a whole category of software that can help address these issues: anonymizers. They’re written with security-conscious users in mind, people who don’t necessarily have anything to hide, but don’t want their browsing or Internet activities exposed to others. Anonymizers let you surf as if you were someone else—or more precisely, as if you’re no one in particular—and prevent hackers from tracing your browsing habits.
For this review I originally rounded up a collection of seven or eight programs and was quite startled by what I found. Many of them were well-written and had proxying services provided by their manufacturers, but some of them were little more than front ends for questionable lists of third-party “open relay”-type proxies around the Internet. (See the “Get Anonymity, Not Unaccountability” sidebar for more information.)
For an additional perspective, I also tested each anonymizer’s proxy information using the wealth of tools available from DSLReports.com.
 Anonymizer Anonymous Surfing 6.0 | 
The lack of configurable options makes using Anonymizer a “set it and forget it” experience, for better or worse. |
Anonymous Surfing 6.0
$29.99 (one-year subscription)
Anonymizer
www.anonymizer.com
CPUs: 2.5
Anonymous Surfing is a deliberately simple application, designed only to anonymize Web surfing and nothing else. For the most part, Anonymizer uses a “set it and forget it” approach: You install the program, turn it on, and use your computer normally.
You can manage the program through an icon in your Taskbar: Click it to bring up Anonymous Surfing’s Control Panel. In this window you can turn Anonymous Surfing on or off. For added security, you can turn on the Surfing Security SSL Encryption feature, which encrypts all traffic to and from Anonymizer using 128-bit SSL. Another optional feature, listed as Malicious Web Site Filtering, filters out potentially hazardous Web sites. This dangerous-site filter is a bit of a black box: There’s apparently no way to configure it because it relies on Anonymizer’s automated robot crawlers to determine what's dangerous. It's good that Anonymous Surfing provides this feature, but I left it off when I did most of my surfing.
One significant difference I noticed between anonymized and regular traffic was a trade-off in line speed, even if the differences were mostly observational. Opening the graphics-heavy Amazon.com home page took noticeably longer through the proxy, for instance. DSLReports
.com reported my anonymized address as being part of ISP GBU Internet LLC. Anonymous Surfing reports your real and anonymized IP address in its Control Panel for easy reference.
The software’s manual includes instructions on how to configure Anonymous Surfing with several desktop firewall products such as ZoneAlarm or McAfee Internet Security Suite. If you’re using a hardware firewall, though, the program doesn’t list details on how to configure it. Most of the outbound services from the application appear to be across HTTPS, which makes it relatively easy to work with. Anonymous Surfing’s biggest limitation, again, is that it only anonymizes Web traffic and nothing else. If you want a broader range of anonymized services, the company also offers a more advanced software called Total Net Shield (see the review below). For additional protection, you can purchase Anti-Spyware and/or a Digital Shredder Lite tool (for erasing locally stored information such as browser histories) directly from the company. But, like the additional applications GhostSurf includes (see the “Tenebril GhostSurf 2005/GhostSurf Platinum 2006” review), there’s not much in the bonuses you can’t get for free elsewhere.
Anonymizer Total Net Shield | 
Total Net Shield is a more sophisticated (and expensive) program than its little brother, Anonymous Surfing, but it covers just about everything you could need. |
Total Net Shield
$99.95 (one-year subscription)
Anonymizer
www.anonymizer.com
CPUs: 4
Anonymizer Total Net Shield is the bigger brother to Anonymous Surfing. It not only anonymizes Web browsing, but also IRC, email, and Usenet news, as well. The software does all of this through a VPN connection that the company runs, so it’s an approach that’s somewhat similar to the Steganos software (see the “Steganos Internet Anonym VPN 1.0.5” review). However, there are no bandwidth limits; although you can only buy a year’s worth of service at a time, meaning you can’t buy in one-month increments as you can with Steganos.
When you register for Total Net Shield, you’ll create a username and password to log into the VPN. This is also your email address through the anonymization service—the address is username@mail.anonymizer.com—so you can send and receive email anonymously, as well. (Steganos doesn’t currently allow sending anonymous mail, more in just a moment.) The program also automatically configures a number of popular email, Web browser, newsreader, and IRC clients for you. Once I installed and set up Total Net Shield, using the program was pretty seamless. As with many of the other proxies, browsing is incrementally slower than when not using the proxy, mostly when surfing a site that opens several connections at once. A Whois trace on the IP address Total Net Shield assigned me showed it was coming from a block in Verio.net (NTT America).
Using other applications through the proxy wasn’t too hard, although it requires some savvy about how to do it because the instructions don’t have any generic directions. You can always run the application configuration wizard separately from the program itself, as well, although doing so won’t help with applications Total Net Shield doesn’t explicitly list there. AOL Instant Messenger isn’t on the list of programs that TNS configures automatically, but with a little work I was able to get AIM running by redirecting it through the HTTP proxy.
The Control Panel for the program is much more sophisticated and malleable than Anonymous Surfing’s Control Panel. The main window lists the SSH ports that the program listens on for its local proxy (Web, news, mail, etc.), the login settings, any current authentication activity to the proxy, and a set of buttons for launching preconfigured applications. The advanced settings for the program let you choose from many available encryptions; the most common is 256-bit AES. You can restrict using less-robust algorithms if you’re worried about them being compromised. You can also switch off the proxy with one button if you want to go back to normal surfing on the fly.
Total Net Shield doesn’t have any of the local data-scrubbing tools some of the other programs listed here have (although it’s fairly easy to get those for free), and its cost may be prohibitive. But if you’re willing to swallow that, this program comes very close to living up to the “total” in its name.
Tenebril GhostSurf 2005/GhostSurf Platinum 2006 | 
GhostSurf affords the user some flexibility in how it configures services—what to block and how much to anonymize. |
GhostSurf 2005/GhostSurf Platinum 2006
$29.95/$49.95 (one-year updates)
Tenebril
www.tenebril.com
CPUs: 3
The standard version of GhostSurf 2005 anonymizes both regular Web traffic and a number of other services via a set of add-ons: IRC, Usenet news, instant messaging, and variable levels of encryption (up to 1,024 bits) are all available for free. GhostSurf’s designed to be an application that you can set up and forget about, so when you first install it, it configures Internet Explorer to use the local proxy it sets up. Also, you can easily set any other programs that use proxies, such as Firefox, to use the local proxy (port 7212). For a given connection, GhostSurf institutes three levels of protection: It blocks cookies, routes data through GhostSurf’s anonymous servers, and encrypts data in transit. The default encryption strength is 56 bits, but if you are a U.S. resident, you can upgrade to 256-bit encryption for free. One of the best features of this program is that according to the product’s technical support people, there’s no inherent bandwidth limit: You can surf and download as freely as you like. GhostSurf also has a certain amount of flexibility when it comes to how it sanitizes data. For instance, if you want to log into a site that requires cookies, you can continue to accept cookies and still encrypt your connection.
Most of the time you won't need to deal with the program's interface, but you can summon it from the System Tray whenever you need to make changes. From there you can change the program's privacy level on the fly, add or remove instructions on how to sanitize data to or from specific domains, see a log of all traffic, set up add-on components, and control which HTTP headers it sanitizes. A reverse query on the proxy I was using came back as ServerBeach.com, based in Texas.
Browsing is painless, but unfortunately the instructions for how to use the instant messaging component are somewhat confusing and contradictory. When I looked up details for the IM component, the information said I didn't need to configure anything. Elsewhere in the help file, however, I read that users need to modify certain Web site entries that come preconfigured with the program to anonymize IM traffic. Worse, I couldn’t tell from the program’s monitoring screen if it was protecting IM traffic. The NNTP/Usenet anonymizer will only work if your ISP allows connections to its news servers from outside (mine didn’t), or if you use a third-party news provider.
GhostSurf Platinum 2006 comes bundled with four tools: AdArmor (blocks advertising), SpyCatcher (a spyware-detecting application), and Personal Data Vault and TracksCleaner (two data-sanitizing and -erasing tools). These tools aren’t bad, and they fit in with the program’s overall mission to protect your privacy. If you just want to pick up the basic edition of GhostSurf, though, other implementations of these tools are often available elsewhere for free.
Steganos Internet Anonym VPN 1.0.5 | 
Steganos Internet Anonym VPN’s interface shows you how much bandwidth of your total allotment you’re using per month. |
Internet Anonym VPN 1.0.5
$14.95 (one month)/$99.95 (one year)
Steganos
www.steganos.com
CPUs: 3.5
Steganos Internet Anonym works by redirecting all of your system traffic through a VPN connection to its own anonymizing servers. As a result, all of your network services are completely anonymized by default, and you’re given a totally new IP address that you can verify at any time.
When you set up the program, it installs a software VPN adapter into the Windows networking stack. A warning window will pop up because the adapter isn’t a Microsoft-certified driver, but the program briefs you about this beforehand so the installation goes fairly smoothly. If you’re running a software firewall, you’ll need to adjust it to grant access to Internet Anonym. (The program includes instructions on how to do this for a couple of common software firewalls.) On the other hand, if you’re using a hardware router or network sharing device, Internet Anonym doesn’t list details in its help file about how to deal with these devices. For the sake of simplicity, I just put the test computer into my hardware firewall’s DMZ and proceeded from there.
The Steganos VPN uses 128-bit SSL encryption for all of its traffic, which is more than enough to keep casual surveillance out. Browsing the ’Net through the VPN seemed only marginally slower to me than usual. Like a lot of other proxying products, it seemed to be slower at establishing several connections at a time, although the speed over each individual connection is satisfactory. The program’s main interface shows your public IP address and a handy bandwidth meter to let you know if you’re getting close to your monthly 25GB allowance. The new IP address I was assigned apparently originated from a block assigned to Schlund.de in Germany
One of the things you can’t do through the Steganos VPN is send email via SMTP. When you first install the product, you’ll get a warning about how Steganos has disabled the ability to send SMTP email because some users have been using this feature to send spam. The company is working on a way for legitimate email users to work through the VPN, though. But if you use Web mail services such as Gmail or Hotmail, these restrictions won’t apply. (And you can always shut off Steganos’ VPN to access SMTP email.) Another problem is that any local services, such as Usenet news that you can only access from within your ISP’s address block, won’t work through the VPN.
Because Steganos was written and developed overseas, there are some small irregularities I noticed in the interface—not fatal, just quirky. For one, the registration page came up in German (although you can easily change that), and some of the program’s prompts used a comma instead of a decimal point.
The default version of the program allows 25GB of transfers for one month (about a gig per day) for $14.95. A more advanced version offers 12 months of 25GB per month for $100, and for $259 you can get 85GB per month for a whole year. The trial version of Internet Anonym lets you test it for a few days under the 25GB limit, which is an excellent way to get a feel for the program before you buy. 
by Serdar Yegulalp
| Application/ Features | Anonymizer Anonymous Surfing | Anonymizer Total Net Shield | Tenebril GhostSurf 2005 | Steganos Internet Anonym VPN | | Max encryption level | 128-bit | 256-bit several encryptions available | 56-bit with 256-bit upgrade for U.S. residents | 128-bit | | Supports all protocols | HTTP only | Yes, provided they can be redirected through the proxy | HTTP, plus other services with add-ons | Yes | | Protection against spyware | Yes, with Anonymizer Anti-Spyware app | No | No | No | | Automatic file deletion/cleanup | Yes, with Digital Shredder Lite app | No | Yes, with Platinum edition | No | | Compatible with firewall apps | Yes | Yes | Yes | Yes | | Known malicious site warnings | Yes | No | No | No | | Monthly bandwidth | No limit | No limit | No limit | 25GB | | Selective anonymization of sites or data | No | No | Yes | No | | Email services | No | Yes | No | No | | Price | $29.99 (one year) | $99.99 (one year) | $29.95 (one year) | $14.95 (one month); $99.95 (one year) |
Get Anonymity, Not Unaccountability
A number of the programs I rounded up for this review were advertised as anonymity applications that use proxies to disguise your connection. Rather than using networks the manufacturers supply, however, they were simply plugging into connections from a scavenged list of publicly accessible proxies.
The identity and security of those proxies was questionable enough, but what was even more disturbing was how these programs didn’t even mention the possibility that using these proxies in this manner might not even be legal. I wasn’t reassured by the manufacturers listing their programs as “public proxies” because a number of the addresses (such as open mail relays) seemed to be far from suitable for public use. Laws about what constitutes illegal Internet usage vary widely among countries, which only makes the issue all the stickier.
Anonymity 4 Proxy is a good example of these questionable proxies. It’s not a portal for a service; it’s just a front end through which you can access proxy servers you register with the program. When I installed the demo version, it came with a list of proxies that all turned out to be useless. This didn’t surprise me much because they were all last verified on July 6, 2004. Worse, many of them seemed to be mail servers—open relays—which means that surfing through them could be illegal. And nowhere on Anonymity 4 Proxy’s Web site is there any mention that the accessing proxies it lists could be illegal or dangerous.
AnonySurf has the same problem as Anonymity 4 Proxy. It’s a front end for a number of third-party proxy servers on the Internet, but these proxies have no testable pedigree. Likewise, nowhere on the program’s Web site is there anything about the possibility that using a third-party proxy is potentially illegal. ViewSpace Technologies’ ViewShield, another proxy router product, has its proxying as a relatively minor feature (it’s mostly for blocking cookies, pop-ups, and the like). But again, nowhere in ViewShield’s documentation does it mention that using proxies may be questionable.
What’s the difference between programs like these and the ones I reviewed in the main article? Accountability. With the companies not listed in this sidebar, there’s a name and a “terms of service” you can associate with their applications and services. With the programs in this sidebar, however, unless you supply a proxy you actually know and trust, it’s entirely at your own risk. For users who are genuinely conscientious of their privacy, this is unacceptable. In short: Don’t use an anonymity program that doesn’t work on its own dedicated network or that doesn’t have a list of contractual terms of service. |
Surf In The Dark: Darknets For Anonymity
Instead of paying for anonymity applications, some users have started to roll their own free and open-source anonymity systems from the ground up. Imagine a system where you could download a client and connect to a “cloud” of other users, all operating peer-to-peer, and retrieve any piece of information from the Internet through this cloud. Along the way, users could encrypt and randomize all transfers, making it nigh impossible to trace any particular download to any particular user. Such clouds are often called darknets because they exist on the Internet itself but are invisible (“dark”) to anyone not using them.
One implementation of such a system already exists: Tor (TheOnionRouter; tor.eff.org), which works almost exactly in the manner I described above. Anyone who uses Tor can either run as a client or donate some of his own bandwidth to let other users browse anonymously. The more people who use Tor, the more powerful and heavily anonymized the system becomes. Right now the whole system is still technically a beta-test, under-development project, but anyone curious about how it works can use it. |
A Zone For Free Speech
A step beyond Tor is another project called Freenet (freenetproject.org). Freenet isn’t designed for browsing the Web itself, however: It’s a “free speech zone” into which anyone can publish and retrieve anything anonymously. Each user that runs Freenet acts as both a client and a server, hosting a tiny piece of the total share of data he inserts into Freenet on his computer. If you want to retrieve a given piece of data, you need to know its corresponding encryption key—provided you know the encryption key for a given piece of data.
A user can’t manually delete anything he publishes into Freenet, either, because everything put into it is encrypted and anonymized. This also means that it doesn’t really matter who’s running what node because he has no way of knowing what’s stored in his own node. Countries with heavy Internet censorship policies, such as China, have successfully used Freenet to share information about everything from government perfidy to locally censored news. Right now the program is undergoing a major rewrite to improve its speed and routing efficiency, but the curious and stalwart can try one of the new stable alpha builds. |
|
Email This
Print This