Anonymous Surfing?

Just Alex asks: "I just got Comcast High-Speed Internet service, and found out that just up to a few months ago they were recording the actions of all of their users and saving it for who knows what. Now I'm thinking about getting an 'anonymous' service like anonymizer.com, but I wonder what other folks are using. Are all of these services the same? What should I be looking for? And what people recommend given their experience with them? Also, which ones play better with Linux?"

Which anon sites are honeypots?

How does one know that the anonymizer and or
proxy sites are not honeypots run whatever
corps or agencies that are especially
interested in tracking users who *want* to
be anonymous?

Re:Why not drop the service?

[zsmooth]

Sure, but generally they don't. And that's the point. Any ISP can monitor your traffic but so far cable providers are the only ones that do.

There is no such thing as anonymous surfing...

[Hyped01]

Everyone considering "anonymous" surfing should first consider their reasons for doing so or more appropriately what their fears are of being monitored.

We run a web based newsgroup service called BinFeeds and sometimes have users who are concerned about anonymous surfing.

First point we often tell them is this. We dont care what service you use, we know who you are. Like any subscription service... you have to log in, and thus we know who we are sending the data to - unless someone stole your account. Many of our customers think that services like the anonymizer will protect them from that. In our experience, webmasters running protected sites more often run into "anonymizer-like" users actually being people with stolen accounts or who are using it for other purposes (site mirroring, etc). 75% of Anonymizer users on our service have been of that type and they (The Anonymizer owners) refuse to act (disable the account, block the user, assist in the credit fraud investifation, etc) or take months (thus we currently block all Anonymizer users). On signups, 95% of Anonymizer users are those trying to fraudulently use a credit card. We expect both from noting the increase of such errors on Anonymizer and from our own decisions, that many webmasters will be blocking such services on an increasing basis, because for us to track anonymous users is very difficult (even though I learned it is trivial from my time at a very very large ISP/Telco).

Basically, if you just dont want your ISP to have a log of where you are surfing and what you are doing, then great! Look into one and sign up for whichever service best meets those needs.

If you are worrying about law enforcement officials or a big ISP tracking usage then just surf normally.

Though they will never admit it the telcos (or fiber providers of similar technology) know exactly what you are looking at and more importantly, where you are. By "where you are" I mean that literally. Your physical address.

On CableModems as in the initial post, it may be more difficult, but under DSL, T3, T1 (DS1, which is often dual sDSL circuits nowadays) and dialup, etc, there are multiple networking protocols and layers not ever discussed. The telcos run their own network protocols and layers on their hardware that route the data for the ISP's data layer over the telco equipment.

In the past, while working for a major ISP (who owns a very large chunk of the Internet backbone and their own fiber network and telco), a person was seriously breaching our AUP terms and the law for actions he was doing using one of our customer's accounts. He THOUGHT he was anonymous, but since we owned our telco arm (and since they are all interconnected) we did a network (circuit) trace on the connection and viola! Through that we end up with the physical address (street address and number) of the loser.

Most people forget or dont realize that in order for your local telco to be able to route internet data to you, they needed your physical address to bring the wires to your house. The network hardware isnt computer based in the sense we all think and runs different protocols in a transparent fashion that doesnt make the end user think of it as anything more than a wire going to a router someplace else (like on an internal ethernet/TCPIP network), but it is not. It is it's own network on different hardware that transports the signals to "standard" network routers (Cisco, Ascend, etc). Much like NetBIOS over TCP/IP. To the user once configured, it's "Windows file sharing" and that's it, but the reality is it is running through TCPIP.

Since "we" (my former employer) ran such a large telco, a simple call to the NOC (telco) got us the info in under 5 minutes. This can be done to an active connection or to a past connection via the activity logs. Also easy to coordinate with the other telcos for cooperation since they needed us/we needed them for the telco services to work.

If you as a user or owner of a small ISP try to get that info you will get a dozen different "I dont think that's possible" or "There is no way of doing that" or "I dont know what you are talking about" answers. Just the way it works. No one is supposed to know it works that way, and few people actually seem to think nowadays - even the technical ones - about how such a system would work - or half the world would realize that any entity with enough "power" or authority can determine exactly where you are at what you are connected to, anonymous surfing, encryption and proxying aside.

Just the sad truth... even if you are on a cell phone (btw, the logs for your location when your cell phone is ON (and in some phone's cases, off as well as long as it has power) are kept for decades and have been since the late 80's at least... right down to a few hundred foot circle.

- Rob