INTERNAUT

Anonymity networks take privacy to a new level

Shawn P. McCarthy

Anonymity networks, depending on who's talking about them, are either great weapons to combat the growing lack of Internet privacy, or secret enablers of illegal activity.

The truth probably lies somewhere in between.

Anonymity networks can bypass eavesdropping systems such as the FBI's Carnivore. Activity on them supposedly is untraceable.

Government Web managers need to learn about and maybe worry about anonymity networks.

Supporters promote them as a great way to share information with people in heavily censored countries. The networks also bypass the tracking methods used by many Web sites to keep tabs on visitors'and collect marketing demographics about them.

An anonymity network, at bottom, relies on peer-to-peer networking. Similar to file-sharing services such as Napster and Gnutella, these networks have decentralized and distributed designs. Layered on top are encryption, secure e-mail, instant messaging and file-swapping support.

The encryption and protection mechanisms operate automatically, freeing users from having to set up an infrastructure themselves. In some cases, anonymity networks add fake data streams to make it more difficult to sniff out real traffic.

Even with such cloak-and-dagger features, anonymity networks can't claim foolproof security. But it would take significant resources to break through the layers of encryption and trace data to a specific individual.

The highest-profile of these anonymous, peer-to-peer systems is probably Freenet, also known as the Free Network Project, at www.freenetproject.org. Volunteers make the Freenet software available for download to multiple platforms.

Information stored and transferred on the network is 'encrypted and digitally signed to prevent data from being tampered with or counterfeited,' according to Freenet documentation. 'Only the original publisher of a file has the power to modify it.'

Data can be copied and shifted between participants based on demand for a particular file. When its popularity drops, the number of its mirror sites automatically drops, too.

This shifting nature makes the data resistant to hacking, especially distributed denial-of-service attacks that target a small group of IP addresses.

Read more about the Freenet design at www.freenetproject.org/index.php?page=icsi-revised. And take a look at the donation page, which accepts visitors' contributions using PayPal accounts. Donations keep the project going.

Another large anonymous network effort is called Cryptobox. Its Canadian developers describe it as 'a security and anonymity layer that can be interfaced with any application that needs to communicate securely.'

Cryptobox uses its own Extensible Markup Language-based Internet protocol, then relays data for transport via the User Datagram Protocol, TCP/IP and other Net standards.

In theory, the Cryptobox layer could be run over Freenet, though it's probably not necessary to use both.

The controversial part of the anonymity formula is that users who donate a slice of their hard drives as storage centers can't view the encrypted information they're storing.

The users don't really know what's in there.

This prevents censorship but also increases the danger that inappropriate or illegal data will pass through a participant's system.

Shawn P. McCarthy designs products for a Web search engine provider. E-mail him at smccarthy@lycos-inc.com.

inside gcn

  • cloud migration (deepadesigns/Shutterstock.com)

    What agencies can learn from the Army’s complicated move to the cloud

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group