Forum > Non-Gaming Discussion > How do you stop your ISP spying on you?
How do you stop your ISP spying on you?
That comment was in a blog and off-the-cuff, so I'll go into more detail here.
The first thing I have to do is give an overview of what the ISP does and what its powers are. Your ISP assigns you an IP address in order to connect to its Internet service lines. From there, by default you are set up to use their Domain Name Servers that translate HTTP browser requests and translate them to get you to the right place (you enter http://google.com and it converts it to an IP and routes you).
Since this is on the ISPs lines, it can snoop the packets. This is impossible if you have an encrypted connection, so information transferred over HTTPS instead of HTTP cannot be read.
Using an alternate DNS eliminates the logging of DNS requests as a spying tactic.
Privoxy is a proxy server used to maintain privacy. It strips out information related to spying on your usage, such as tracking cookies as well as various ads.
Tor is comparable to bitTorrent as you connect to peers. You are routed through several layers of encryption such that everything you do is encrypted and cannot be spied on. You pass through several peers and at each level a layer of encryption is removed, so those peers cannot read the traffic. Tor does not require Firefox; I have a Tor client set up and usable with Opera and Konqueror.
Using OpenDNS, Tor and Privoxy covers tracking DNS, traffic and webpage content to be as hidden as is reasonably possible.
This, however, is not perfect as you will take a performance hit to your Internet connection so it's not good for multimedia and general browsing where it doesn't matter. The solution is virtually impenetrable, so if necessary can be used, but is not preferable overall.
Virtual Private Networks (VPNs) are used to authenticate as a local user from an external network. So if you need LAN access from Starbucks, you can access it through a VPN if you have that set up. This is unrelated to maintaining privacy for home web browsing.
The first thing I have to do is give an overview of what the ISP does and what its powers are. Your ISP assigns you an IP address in order to connect to its Internet service lines. From there, by default you are set up to use their Domain Name Servers that translate HTTP browser requests and translate them to get you to the right place (you enter http://google.com and it converts it to an IP and routes you).
Since this is on the ISPs lines, it can snoop the packets. This is impossible if you have an encrypted connection, so information transferred over HTTPS instead of HTTP cannot be read.
Using an alternate DNS eliminates the logging of DNS requests as a spying tactic.
Privoxy is a proxy server used to maintain privacy. It strips out information related to spying on your usage, such as tracking cookies as well as various ads.
Tor is comparable to bitTorrent as you connect to peers. You are routed through several layers of encryption such that everything you do is encrypted and cannot be spied on. You pass through several peers and at each level a layer of encryption is removed, so those peers cannot read the traffic. Tor does not require Firefox; I have a Tor client set up and usable with Opera and Konqueror.
Using OpenDNS, Tor and Privoxy covers tracking DNS, traffic and webpage content to be as hidden as is reasonably possible.
This, however, is not perfect as you will take a performance hit to your Internet connection so it's not good for multimedia and general browsing where it doesn't matter. The solution is virtually impenetrable, so if necessary can be used, but is not preferable overall.
Virtual Private Networks (VPNs) are used to authenticate as a local user from an external network. So if you need LAN access from Starbucks, you can access it through a VPN if you have that set up. This is unrelated to maintaining privacy for home web browsing.
---
Tell me to get back to rewriting this site so it's not horrible on mobileInteresting thanks.
So change the DNS of your router. Then install Tor and use it through opera. How?
And then Privoxy is another program? How do you use it? Through Opera too?
And it slows everything down a lot?
Like bitTorrent, the speed is going to depend on the peers through which you connect. Honestly I haven't set up Tor in Windows, only Linux, so I don't know what differences there are. Here is a walkthrough though:
http://www.torproject.org/docs/tor-doc-windows.html.en
Basically you run Tor configured for Privoxy, and set your browser proxy settings to Privoxy, and that then runs through Tor. You can use any browser you want through this methodology.
And yes, if you're going through a router, you can set your DNS there.
--
In other news, there's a torrent program that's getting press lately with regard to privacy, and that's BitBlinder. It uses a conceptually similarly methodology to Tor, but structured better for large transfer. For free use, though, it requires you maintain a certain share ratio. You can see an article on it here.
http://www.torproject.org/docs/tor-doc-windows.html.en
Basically you run Tor configured for Privoxy, and set your browser proxy settings to Privoxy, and that then runs through Tor. You can use any browser you want through this methodology.
And yes, if you're going through a router, you can set your DNS there.
--
In other news, there's a torrent program that's getting press lately with regard to privacy, and that's BitBlinder. It uses a conceptually similarly methodology to Tor, but structured better for large transfer. For free use, though, it requires you maintain a certain share ratio. You can see an article on it here.
---
Tell me to get back to rewriting this site so it's not horrible on mobileOh, and I noticed something about my original post I should clarify.
A VPN works by providing a direct encrypted connection. What I meant by it not really being related as you can't set this up on your home computer and be anonymous, it just wouldn't make sense.
There are, however, VPN services you can use to route through like a proxy for the sake of privacy. Given the nature of the service, it's always going to be a paid service, though, and the privacy aspect is then mitigated at least to some degree as you'd have to provide information enough to pay the subscription price.
A VPN works by providing a direct encrypted connection. What I meant by it not really being related as you can't set this up on your home computer and be anonymous, it just wouldn't make sense.
There are, however, VPN services you can use to route through like a proxy for the sake of privacy. Given the nature of the service, it's always going to be a paid service, though, and the privacy aspect is then mitigated at least to some degree as you'd have to provide information enough to pay the subscription price.
Edited: Sat, 13 Jun 2009 04:03:30
---
Tell me to get back to rewriting this site so it's not horrible on mobile
Thanks Yo. It sounds complicated for a tech boob.
Why aren't there all in one programs?
There are all-in-one packages that include the software and configuration for the various components. I use Tork, which install and manages the running of Tor and Privoxy, as well as the browser configuration (Linux only, though, and still a little rough around then edges).
In terms of just one thing that covers it all; it just doesn't work quite like that because they're simply different services.
In terms of just one thing that covers it all; it just doesn't work quite like that because they're simply different services.
---
Tell me to get back to rewriting this site so it's not horrible on mobileIs there any difference between setting up OpenDNS on your router vs your computer?
I know on the router it can protect all devices but is there any other difference.
I have it on the computer but when the computer sends things through the router can the ISP still spy on it, unless the actual router DNS is changed?
There's no other meaningful difference. Instead of sending google.com to your ISP to be converted to its IP address, it's sent to OpenDNS. The purpose of this is so that any monitoring or caching on the domain name servers won't help. Packet inspection could still technically see the request, but that's not practical.
---
Tell me to get back to rewriting this site so it's not horrible on mobileYodariquo said:There's no other meaningful difference. Instead of sending google.com to your ISP to be converted to its IP address, it's sent to OpenDNS. The purpose of this is so that any monitoring or caching on the domain name servers won't help. Packet inspection could still technically see the request, but that's not practical.
And this happens if you have it set up on your computer but not on your router still?
Log in or Register for free to comment
Recently Spotted:
gamingeek (5m)
Yodariquo wrote:
So they want to log all your online traffic?
Might I suggest OpenDNS + Tor Anonymity Network + Privoxy
You draw a knife, I draw a gun...
So I've been reading through them. Open DNS sounds allright. Tor sounds sketchy though and you have to use Firefox?
Privoxy? There is no FAQ on the site? What is it? What does it do and work with? How do you use it?
What about VPNs? How do they work, are there free ones that are reliable?