Are you looking to surf the web anonymously using a vpn service? If so, this page will provide you with an introduction to the complexities of anonymous surfing and how to best achieve anonymity on the Internet. Anonymity is the state of being anonymous and generally means that your personal identity cannot be determined whilst in that state. Achieving anonymity on the Internet is actually far more difficult than most people imagine, not to mention that there are also multiple levels of anonymity that can be achieved.
The most commonly used data to (initially) determine your identity is your IP address. In other words, your IP address is the greatest threat to your online anonymity. When you connect to the Internet your computer (or broadband router if you use one) is assigned an IP address. Some vpn service providers issue static IP addresses, others dynamic. A dynamic IP generally changes each time you disconnect and reconnect but since most users nowadays never disconnect, they maintain the same IP for long periods. Regardless, every time an IP address is assigned to you, this data is recorded by your ISP. In most countries ISP’s are required by law to keep this data for at least 3 months and in many cases often years. As data storage becomes cheaper and governments more controlling, this data will be kept for longer and longer periods and almost certainly at some point will be kept indefinitly.
This means that you could connect to a website today at 16:30, and a year later the relevant authorities in your country could subpoena your ISP to provide them with the full identity of the subscriber who had the IP address 365 days ago at 16:30. Most countries have some legislation which restricts the Government from being able to freely request this information (such as the Electronic Communications Privacy Act in the USA) but unfortunately in many cases this data is released without any evidence of crime being committed. Ultimately, we cannot trust our ISP to protect our identities and hence we cannot allow our ISP to monitor and record our online activity. Anonymous web browsing is required for any modern civilized society to function and privacy is indeed fundamental to the human condition. So the question then is..
How can I be anonymous to my ISP?
There is no obvious way to conceal from your ISP the IP address of the web server that you are connecting to since they are by definition responsible for routing all your traffic to the Internet. However, a technology known as VPN (Virtual Private Networking) has surfaced over the past 10 years which provides a solution for those seeking anonymity. VPN technology was designed to protect confidential data being sent over a public network such as the Internet. The most popular type of VPN is the ‘site to site’ VPN where a company joins two geographically separate networks via the public Internet. The other type of VPN, often referred to as ‘road warrior’ enables a remote worker to connect to their company network from anywhere on the Internet e.g. their hotel room. It is this ‘road warrior’ type VPN configuration which can provide us anonymity with respect to our ISP.
When data is sent on the Internet, it is broken up into small units (called datagrams) which each have a source address and destination address. The source address is the IP address assigned to you from your ISP and the destination IP address is the web service that you are trying to connect to. When the web service responds, their packets will have your IP address as the destination address so they are routed back to your computer. When you use a VPN service, all the data sent between your computer and the VPN server is encrypted. However, the source and destination IP address cannot be encrypted or else your ISP and the other routers on the Internet would not know who to send the data to. VPN technology uses a concept known as tunnelling where data is wrapped up in another layer – the equivalent of taking a postcard and putting it into an envelope and readdressing it. The VPN takes the original packet of data with its real source and destination address and puts it into a new envelope and puts the destination address of the VPN server. When the VPN server receives the packet of data, it open the envelope and decrypts its contents so it knows where to route the data. By doing this, the ISP can only see that you are communicating with the VPN server and has no way of determining which web services you are communicating with. Anonymous surfing is now possible and extremely secure.
Once you are connected to the VPN, the only information your ISP has is that you are sending and receiving data with the VPN service. The websites and web services that you connect to are unknown to the ISP since that data is encrypted.
The next logical step for anyone interested in anonymous browsing is to be concerned with your anonymity with respect to the VPN service since the VPN service now has a similar level of access to your data that your ISP had before you connected. This is a very important concern and should not be taken lightly since it would not be infeasible for a government or other monitoring entity to set themselves up as a VPN service specifically to monitor their customers.
The reason why your real identity has to be known by your ISP is because you have to pay them to use the service and most if not all require your bank account details. Assuming your bank knows your identity and you are using this account to pay your ISP, the ISP can reliably and accurately identify you.
When you are using any type of anonymous web browsing service you should obviously minimize the amount of personal information you provide. Good anonymity providers will never ask you for any more information than they need in order to provide you with the service. The major problem arises when using a paid service. Always seek to pay using some form of anonymous payment if possible. Examples of trusted anonymous payment methods are Cash, Payoffline and Bitcoin (if you understand how to use Bitcoin anonymously). All of these service allow you to pay the anonymity service without revealing any personal information. If you cannot pay using an anonymous form of payment then you need to ensure that you provide the VPN service with the minimum information required to process your payment. For example, IVPN only requires an email address to sign up, we have no interest in your name or address and we do not require this information to receive a payment from you.
Most anonymity providers make claims to never store any log or records of who and when their customers connect to the service. In many cases this is not actually true and is simply fraudulent advertising. Unfortunately, this is an extremely serious situation because it encourages a false sense of security within the customer and can lead to a customer’s identity being disclosed. In the case of IVPN, we take the approach that the less information we have, the better, after all we cannot be forced to provide information we do not have. There is no way to verify whether a VPN service is actually logging your Internet activity, this is where your trust and intuition are required. If you used an anonymous form of payment then the risk of your activity being logged and your identity being disclosed is greatly reduced.
The anonymous web is indeed a reality for all freedom fighters however it is very important that the above information is understood and implemented. Additionally, there are many other steps you can and should take to protect your identity even further whilst connected to the Internet.