What Makes You Anonymous?
There are multiple things that happen when you connect to the Internet. The most important part of it all is the assignment of an IP address. Once that happens, you’re tied to this number. It’s your identification when you go online. Whether or not you are “logging in” to a site, you can always be identified by that address. To be anonymous is to be clear of any form of identification. Since you cannot connect to the Internet without first requesting the assignment of an address, the only way you can remain anonymous is to mask this address under another one. Proxies come to mind. But when you connect to a website via a proxy, you could be walking into a trap! Proxy servers have a tendency to keep records of where you’ve been and what your real IP is. So, to be truly anonymous on the web, some may say that you have to avoid using a proxy that keeps records. They may suggest that you use something called Tor (or Onion Routing). Despite the fact that Tor does a good job of masking your IP, you’re still running into another little problem…
Traffic Correlation Can Bust You
Let’s say you log in to Facebook using Tor. Your IP is masked, so it will show that you’re connecting from somewhere (relatively) far from where you’re really located. Bravo! You’ve managed to get this far. It’s still not anonymous enough, though. As soon as you log in to Facebook, you’re still tying your name to that IP at least for the duration of your login session. Anything else you do outside of Facebook will be tied to you regardless. This is known as traffic correlation. If you log in to a website where you can be identified, a malicious Tor exit node can sniff out everything else you do, keep the records, and associate everything with you. When using Tor, if you want to avoid traffic correlation, don’t log in to any accounts that contain information such as your name, address, phone number, or personal email addresses.
JavaScript Gives You Away
JavaScript is a client-side scripting language, meaning that your browser doesn’t necessarily need to be actively connected to the server to run a script. All of the functions executed by scripts in this language will run on your computer, not the server. That said, an opportunistic programmer can easily write a script that makes your computer send its real IP address to the server using JavaScript. This kind of thing happens all of the time and many people fall into this trap. Just because you’re connected to the Tor network or a proxy doesn’t necessarily mean that your IP is completely hidden. If your browser is executing something written in JavaScript, you run the risk of compromising your identity.
Things To Be Aware Of
If you really want to be anonymous on the web, you need to learn a couple of tenets:
End-to-end encryption is your friend. Proxies will compromise you. It’s better to use something like Tor. Any tiny bit of unencrypted data you send risks being grabbed by your Internet service provider. “Anonymity” applications can always keep records of your interactions. Nothing is absolutely anonymous if it’s asking you for information rather than just giving it to you. And even then, you still can end up revealing your identity if you have JavaScript enabled.
Yes, it’s that difficult to be anonymous! If you have more to add to this, please leave a comment below so that we may discuss it!