JonDonym and Tor

Table of Content

JonDo's features

VPN services and Proxies

VPN services like Relakks, Steganos Anonym VPN, Perfect Privacy, Cyber Ghost VPN, XeroBank VPN, Linkideo, Ivacy...

JonDonym and Tor may be the best anonymization systems technically, but both share small restrictions from concept that should be considered when using them:

• Browser plugins for active contents (Java / Flash / Silverlight / ActiveX) must be blocked, e.g. by using JonDoFox. Otherwise, your PC's/router's true IP can be revealed by a website which secretly or visibly embeds such programs.
• While all web browsers do, some Internet applications do not support HTTP/SOCKS proxy settings.
• You have to use additional third-party software to also re-route the IP connections from these applications to JonDonym or Tor, and thus secure their Internet connection.

The combination of JonDo with a so-called VPN system (virtual private network) may slightly fix these restrictions: VPN software creates a single, encrypted connection to a certain VPN provider. This one accepts, similar to an access provider, your whole Internet data traffic (also the separately encrypted JonDonym data traffic), and forwards it to the Internet, while all users get the same exit IP address, similar to JonDonym.

Of course, this provider may thereby observe your whole Internet communication. Hence pay attention to choose a reputable VPN provider, in particular with a reputable company address and similar contact persons. If possible, you should also use a VPN software directly integrated in your Internet router instead of executing a VPN program on your own computer. Thereby the provider's software cannot harm your computer. In addition to that, active contents cannot read your real IP address any more. However, please note that active contents may still read a lot of data about your computer and network configuration.

For web surfing, VPN services should not be used.

• On one hand, their hosts usually do not ensure that users also have an uniform appearance on the Web aside their IP address (see Data Collection Technique). The users are thus distinguishable and easily identifiable by merging the data.
• And on the other hand, a local observer on your network (ISP, WLAN) could guesstimate websites requested over VPN simply by analyzing size and timing of the encrypted VPN data stream. JonDonym and Tor are quite resilient against this attack (a scientific article which demonstrates the attack is found here; the success rates are over 90% for VPNs).
• Moreover, VPN systems, as inherent to their functional principle, normally do not filter or replace your computer's TCP packets. They thereby do not protect you from TCP timestamp attacks like JonDonym.
• You should also keep in mind that VPN hosts can, unlike JonDonym and Tor, track and save every step of yours since they control all servers in the VPN.

Nevertheless, protection by the VPN of a professional and reputable host is often better than no protection at all.

Network proxies

Proxy services are particularly famous for this kind of "anonymization on demand", besides the already mentioned services. They are literally "proxy PCs" which switch communication between your PC and the Internet. They relay your data traffic to the target and send the answer back to your PC so that the web site cannot see your IP address.

Unfortunately, proxies have a high susceptibility to misuse and user data theft: many proxies are PCs hijacked by hackers or criminals, or even exclusively offered for the purpose of user observation. Some automatically give your IP address away to the target webserver. Connections with proxies are almost always unencrypted, so that an eavesdropper on your connection could observe your surfing behavior. Moreover, the proxy operator can, of course, watch exactly what you are doing. Proxies offer thus, if at all, only weak protection from the website's host but not from third parties. Their usage is risky.

Web proxies like Anonymouse.org, Hide My Ass!, Guardster, Megaproxy...

In addition to these proxies, there are webproxy services, Internet pages with a form field in which the user can input the target address that he want's to visit anonymously. The webproxy subsequently delivers the content of the requested website and automatically patches all links to use the webproxy when clicked. For using webproxy services the browser configuration does not have to be changed.

Compared to network proxies, they have the disadvantage not to be able to replace each link correctly, in particular on web sites with JavaScript code. This makes it easier that the user IP address gets "leaked" to the web server, which the proxy should acutally prevent. Our anonymity test displays the weakness of some web proxies:

Legend:  Broken  : Your own IP address gets uncovered. Note that your private browser data is uncovered as well...  *  : The thereby marked service does not even reach the test site if JavaScript is activated. It parses so bad, that the browser just leaves the service silently in some cases... - : not yet broken

JonDonym and Tor

Table of Content

JonDo's features