|Line 112:||Line 112:|
Where JonDonym is not protecting you...
Revision as of 21:27, 23 March 2010
Benefits using JonDonym
It is possible to harm you in manifold ways using the data you left behind while using the Internet. The Benefits describe specific risks, which the IP-anonymization provided by JonDonym is protecting you against.
If you have made own experiences how JonDonym has helped yourself, please help us, too, and write us. For every submission which is published here you will get a JonDonym-couponcode worth of 500 MB for free.
All that your IP-address is revealing!
Every web site can find out the following about you using your Internet-connection:
- Your current whereabouts
- Your Internet-provider
Personal data can be retrieved using your provider.
- Your access technology
With the help of data bases one can find out whether you are using, for instance, DSL, a modem or a mobile in order to surf the Web.
- Your company / your authority
In case you are surfing from within the network of a company or an authority its name can be find out.
- How long your computer is running
This is possible due to the analysis of so-called TCP-timestamps which makes even your computer identifiable.
Data thieves see your plaintext
If you are using a wireless network in an Internet-cafe, on an airport or a railway station other users and the provider of this wireless network can observe you: they see which web sites you are visiting and which data you are putting into them. They are even able to manipulate and redirect your access to web sites.
- Password- and identity-theft
If your are using unsecured Internet-shops your password, account information and address can be read out. Now, a third party would be able to order things in the Internet-shop using your data, as well. Besides, your e-mail-passwords could be intercepted and then your conversation by e-mail could be read along, until you are changing your passwords again.
- Loss of confidential information
Your private messages can be intercepted and, later on, be used against you or your company. Are you writing a message to your wife and afterwards to your mistress? Are you sending business documents to a colleague which outsiders are not allowed to get?
- Anonymous proxies do not protect you but steal your data
In the Internet there are a myriad of proxy-services both for free and with costs which promise anonymity. But: In most cases these services do not even encrypt your data against other parties' access. Additionally, it is assumed that many of them are running on cracked computers and are controlled by criminals in order to spy on the users' data purposefully.
Competitors identify the actions of your company
Most of the companies and organizations are identifiable unambiguously by means of their IP-address. Competitors can make use of that.
- Investigations using the Internet do not remain confidentially
Your investigations on web sites which are directly or indirectly controlled by your competitors (e.g. due to a service contract) do not remain confidentially. Thus, searching the Internet it can happen that you give away business secrets unnoticed, for instance while you are looking for patents or making a market analysis.
- Web sites of your competitors "are playing around" with you
Employees of competitors are able to observe your IP-address while you are visiting the web sites of them. Because of that they may present wrong or no information at all to you. They are even able to show a special career-page in order to headhunt your employees. You might also get an advertisement call or advertisement e-mails.
- Spies in the industry may redirect the data traffic of your company to their own servers
Technically experienced spies are perhaps able to redirect your whole network traffic from your provider to their own servers. As a result your whole Internet communication would be uncovered. That is how all unencrypted messages and all Internet services, which were contacted by your company, would be known by your competitors.
Prohibiting free information
Besides direct Internet censorship, which is aimed at prohibiting access to specific web sites technically, there is a indirect censorship as well: the fear of suffering disadvantages just because one is consuming unpleasant contents.
- Journalists are not able to inform themselves freely
Internet-censorship is impeding free journalism. In the scope of investigations journalists must be able to access censored contents as well, because they have to judge whether these contents are relevant to the public or not.
- Citizens are not able to form their own opinions
In the real world there is usually not only one single truth - but many. Due to direct censorship or fear of reprisals citizens full of age are not able to get all the necessary information in order to judge the facts properly.
- Just retrieving unpleasant contents is punished
The "Operation Himmel" (operation heaven) was praised in Germany as a big success of the investigators: But just a few of the suspects were actually guilty and the short clicking on web sites destroyed the social existence of innocents.
- Anti-censorship-services are selling your data
Beware of anti-censorship-services: There are some which are collecting and selling your data: probably even to censors!
Work of secret service is endangered
Although the range of IP-addresses belonging to the secret service are kept secret, it sometimes happens that all or just a part of it comes to the public.
- Mistakes made by employees unmask secret net-structures
Employees of the German Intelligence Service (BND) have already unmasked themselves on our web sites due to the fact that their browser contained a referrer to internal BND-sites. Now, we just could have saved the corresponding IP-addresses (something we have not done as a matter of principle), and the range of BND-IP-addresses (or that of the Federal Crime Police Office (BKA) because its proxy was used in some cases) could have been analyzed step by step.
- Staying in contact in a hostile environment is dangerous
If employees of a secret service want to contact computers in their head quarters, this communication can be intercepted. And if, furthermore, the contacted IP-address is known as one belonging to the secret service, the employee is unmasked.
- Proxy-services can be operated by your enemy
Proxy- or VPN-services which are controlled centrally can be operated by an enemy of a secret service. It is quite conceivable that secret services are deploying such computers under false names in order to eavesdrop on the data traffic of employees belonging to other secret services and that feel themselves save using these proxies. This is quite a inexpensive opportunity of espionage. Probably, one can even earn some money setting up a commercial service which is faked using this proxy/VPN-service.
No freedom of speech for blogger and activists
Blogging is a kind of "diary-journalism": Blogger are posting their experiences and views on the Internet in order to inform as much different people as possible of them. Many blogger are writing anonymously in order to avoid punishment, disadvantages at work or ostracism because of their freely expressed opinion.
- Business partners are deterred
Someone is observing your connection to your anonymous blog. He recognizes, that you are defending certain political and religious views there. Provided this information comes to the public, your business partners may be deterred to cooperate with you.
- Excessive liability concerning the own opinion
In case it comes to negative portrayals of companies and VIPs liability suits are often quick at hand. In authoritarian states blogger are furthermore prosecuted because of unpleasant political and religious opinions. Since your blog-provider must reveal your IP-address in case of an official order, you are only able to express your opinion in a limited way.
- Punishment of political and human rights activists
Activists contacting web sites of political organizations can be observed and punished. However, in a free society it should be possible to inform oneself about political opinions without any punishment at all.
Online-investigators are unmasked
The IP-address contains direct or indirect information regarding the own organization. But often online-investigators of the police have to mask themselves in order to get important information.
- On suspicious web sites investigators are recognizable as such
Some forums- and chat-systems show directly the IP-address of every user. The owner of a particular web site notices the IP-address of the user as well. An IP-address belonging to the Federal Criminal Police Office (BKA) is not really trust-enhancing then.
- Operations cannot be kept secret
Investigators may use proxy- or VPN-services to anonymize themselves. As far as these are controlled by a single organization, the investigators must nevertheless reckon on the organized crime observing their steps. Criminals may operate the services themselves or bribe employees in order to be able to follow the actions of the investigators.
- Investigators are suspicious if they are surfing noticeable insecure
If investigators surf on sites where users normally anonymize themselves they attract special attention being unmasked.
- Whistle-blower reveal themselves or are betrayed
If not-anonymized messages to and from whistle-blowers are sent over the Internet and are intercepted, or if a mole in an agency is forwarding the IP-address of a particular whistle-blower, then he is unmasked.
Search engines and statistic-services are recording your surfing-behaviour
Search engines, like Google, Yahoo and MSN, are recording your IP-address and your queries for several months or even years. Companies concerned with statistical services or advertisement like Phorm, Doubleclick, Google Adwords or Google Analytics may record your IP-address or web sites visited by you as well. These services are distributed of millions of web sites and are even used by your Internet provider.
- Your surfing-behaviour can be recorded almost completely
Big service providers, like Google, are able to merge both statistical and query data to a detailed profile of your surfing-behaviour. Depending on how much you are surfing the Web your behaviour may reveal a lot about your life, your interests, your businesses, your relations, and your problems.
- Data-leaks bring your behaviour to the public
Due to a huge data-leak all queries using AOL were published in 2006. Thanks to digital reproduction everybody is able to reproduce the query history of all users now. People who are sick or mentally unstable could easily be unmasked for the public.
- Proxy- and VPN-services can record everything as well!
Proxy- and VPN-services promise to protect you against such observations. But all current VPN- and proxy-services (except JonDonym, Tor and I2P) are controlled centrally and are therefore able to keep you under surveillance completely.
Where JonDonym is not protecting you...
There are particular circumstances, in which an IP anonymization via JonDonym is of little or no use at all. It is important to be aware of these situations in order to avoid being lulled into a false sense of security.
- Personal observation: Strong attackers, for instance secret services, are able to eavesdrop on the contents of your display by detecting its (or your computer's) electromagnetic emissions. On that way they are able to see what you are working on at the moment. They are even able to record and analyze the reflections of your glasses or your eyes.
- Standard Web browser: Normal Web browsers are configured so insecurely, that it is easy to obtain your IP address (and further data). You have to use a "hardened" Web browser like JonDoFox in order to protect yourself against it. Please bear as well in your mind to configure your PDF reader securely.
- Global observer: An eavesdropper who is able to collect traffic data before the first and after the last mix of a cascade may unmask users by computing correlations. Although Jondos is developing countermeasures (middle mixes, volume slices, mixing, burst proxy, dummy traffic,...) it can never be quite prevented. So, choose cascades with widely distributed first and last mixes.
- Data thieves within the last mix: It is true that the last mix is not able to track you with technical means. However, it can intercept data which you are sending to web sites unencrypted. The mix operator is liable for such infringements of your privacy. But they cannot be prevented technically.