You may have heared the term “VPN.”It stands for Virtual Private Network. Now, presuming that you already understand what a computer network is, I’ll proceed to explain the Virtual and Private parts.
A private network would involve separate physical cables between offices. The cables would be connected between certain computers and those only – no outside connection at all. This would create a “private network.”
To make a “virtual” private network, we simply substitute encrypted (secretly coded) transmissions for the separate cables. Only those people who have the keys to unlock the encryption can see what is being sent through the network. To anyone else, it is a long, fast stream of gibberish. This is called a “virtual” network. Instead of private cables, it uses private, unreadable signals.
This Virtual Private Network arrangement can also be called a Virtual Tunnel. The meaning is the same: It creates connections between computers that can only be understood by the people who have the proper codes. It creates a “tunnel” between your computers and others – a tunnel that no one else can see into.
Here is a diagram of a VPN, which may help:
So, a VPN is not a physically separate network, but a “virtually” separate network. It operates over the regular Internet, but it is completely private. Instead of doors and walls keeping intruders away, encryption (mathematics) keeps them away. In actual use, a good VPN can be setup in only a few minutes, then will run with almost no attention at all.
HOW ONLINE ANONYMITY IS ACHIEVED
The VPN tunnel shown above is a fine technology, but it isn’t enough to beat professional snoops and thieves. By watching the traffic that comes to your ISP and matching it with what comes out the other side of the tunnel, they can pick up the trail without much trouble.
In order to beat professional surveillance, two more steps are required:
1. Obscuring the traffic much better.
2. Removing your “return address.”
These two things are accomplished with an anonymity network. Here is a simplified view of the Cryptohippie network that I am associated with:
In this illustration, the client is in the US and a VPN tunnel runs from their computer to one of our entry nodes in either Canada or Panama, where the return address is also stripped-off. This means that a single surveillance operation is likely to lose the traffic here. Then, the traffic goes through one or more cascades. Think of this as a Mixmaster for data.
Finally, it comes out the other side in still another jurisdiction, where Cryptohippie’s return address is added, so the sites you visit can respond to you (anonymously).
There is more to our operation than this (we do a few exotic things like rotating IP addresses), but the basics are illustrated here. The network is the key to the operation, and it is the thing that separates us from simple VPNs and proxies.
A network of this type allows you to surf the web, use voice communications like Skype, email, chat, download files, etc., while remaining anonymous. At any point, it can be seen that signals are being sent, but the point of origin (and with it your identity) remains unknown.
THE 1990S WAY
There is another, simpler anonymization method called an anonymous proxy. It is a fine technology, and was very, very cool in the 1990s, when people in the (much smaller) Internet community would send lists of anonymous proxies back and forth. It was fun, and effective for the time.
The anonymous proxy is the same (or almost the same) as the VPN link illustrated at the beginning of this article. It is a secure connection between you and the proxy, with only their information visible from the other side. The technology is fine by itself, and they are very cheap to operate.
The problem with the proxy (properly, a single-hop proxy), is that surveillance technology has passed it up. By spying from two or more points, it is cheap and simple to connect A to B. Lots of spies, commercial and otherwise, do that every day. The simple proxy just doesn’t cut it anymore. You need multiple hops in widely-scattered locations, and unseen links in-between.
The real problem with the single-hop proxy is not the tech, but reliance on it. The technology is old. It was great in its day, but that day is over, unfortunately.
YEAH, YOU HAVE TO PAY
If you are going to take security seriously, you have to pay professionals. There really isn’t any such thing as a free lunch. Remember, there are plenty of bad guys working forty, sixty or eighty hours per week to gather every possible piece of your information. If you think you’re going to counter them with a free or discount service that shows you flashy graphics, you’re kidding yourself. You do get what you pay for.
Do I have a vested interest in you paying for anonymity? Sure I do, but what I’ve written is true just the same.
If you’d like more information on Cryptohippie, just email them: firstname.lastname@example.org
Paul Rosenberg is the CEO of cryptohippie.com