Anonymity and security on the internet
JAP
Backtracking visitor traces in the internet is simple. Every visit to a
website leaves an IP address in the server's logfile.
"nslookup" quickly tells the provider and a short visit brings out the
phone number or the neighbourhood of the internet user (when presenting the
necessary documents).
Mix it Baby
Hiding in the crowd is the principle of JAP. This anonymizer comes as a Java
application.
This application is configured as a proxy in your web browser and all requests
will be encrypted and sent to a server at the TU Dresden.
The remote site is a so called Mix, which sends the request to other Mixes until
the intended web page is requested after some intermediate steps.
The result comes from the same detours back to the Java application. The user does
not get anything of this process except for a significantly slower transmission
rate.
The advantage of this method in comparison to common anonymizers is, that the provider of this service cannot backtrack the users because the requests coming from other Mixes are not distinguishable. Even his own log files do not report anything about the origin of the requests.
Installation
The software can be downloaded from
http://anon.inf.tu-dresden.de/ for
different Java platforms and versions.
After you have downloaded the program you can start it by
>> java JAP.jar
By clicking "Anonymen Webzugriff aktivieren" the connection to the Mix of the TU-Dresden is established. Up to date preferences and updates are fetched automatically. More detailed configuration advice can be received from the short but substantial help file.
Port 4001 of your own computer (IP=127.0.0.1) must be set as a
proxy in your web
browser and soon safe web access can begin.
Besides anonymization of web access, the program can be used to access web
pages that would perhaps be blocked by a filter on a standard connection.
Protecting a whole LAN
The scenario of duty for JAP so far has been restricted to a single web
connection of a single computer. In the options you can provide protected web
access to other computers but this is not suitable for a whole company's
network. You could run JAP on the company's server in a VNC session but a pure
console based version would be much better for a server.
Besides the Mix Server of the TU Dresden is not running permanently but is
turned off sometimes for code development.
A console version is already developed and the code for this proxy can be retrieved via CVS:
>> cvs -d :pserver:anonymous@cvs.inf.tu-dresden.de:/home/sk13/cvssource login >> cvs -d :pserver:anonymous@cvs.inf.tu-dresden.de:/home/sk13/cvssource co proxytestUnfortunately I have not been able to compile the code on Linux, which could perhaps be because of the early development stage.
There is only one negative point about the otherwise well turned out program:
Perhaps in far future you could have to pay for it. Then, the anonymizer will
not be free any more. But money transactions would be bad for extensive
anonymization.
Because all sources are open and subject to the BSD license, a free clone could
be developed in a short time.
Talkback Area
Enter Own Comment