Web Anonymization Techniques 101

Image for post
Image for post
Credit
Image for post
Image for post
This triangle graphic illustrates how convenience detracts from security and privacy

Conflating Anonymization With Privacy

Anonymity is not the same as privacy which is not the same as security. It is a sort of cascading effect. For us to achieve privacy by way of anonymity, we must first have information security implemented. Encryption, database table obfuscation, the ability to use handles and aliases is just the tip of the iceberg here.

Telemetry and Metadata

Image for post
Image for post
Credit: Tribune Media Services

Web Browser Options

Image for post
Image for post
Credit: Statista & Mashable
Image for post
Image for post
Apple is one company that takes user privacy seriously

Internet Search Engines

Image for post
Image for post
Image for post
Image for post
Credit: Statista
Image for post
Image for post
Credit: @businessunions

Privacy Tools

If you haven’t paid a visit to the Electronic Frontier Foundation (EFF), it is a good one-stop source for data privacy information and some free tools that you should check out and use.

Privacy Badger

Image for post
Image for post

Panopticlick

Image for post
Image for post

Tor & Virtual Private Network Web Proxies

Image for post
Image for post

Virtual Private Networks (VPN)

Image for post
Image for post
Credit: PrivacyTools.io
Image for post
Image for post

The Onion Router (Tor)

Image for post
Image for post

Tor Bridges

Knowing when to use a VPN in combination with Tor and when to just use a Tor bridge is more important than many internet users may realize. There are a couple of different schools of thought on it for different use case scenarios. For instance, if you’re using Tor to perform cryptocurrency transactions then the VPN may allow for a ‘money trail’ that can be used to trace your transactions back to you. I don’t know what you buy with cryptocurrency but I am assuming you probably want to keep that private.

Image for post
Image for post
Credit: ProtonVPN
Image for post
Image for post
Twitter post I made about the topic of Tor over VPN money trail vulnerabilities

Command Line Interface (CLI)

Proxychains

If you’re a Linux user then chances are you a bit more advanced with your knowledge of computers, but Linux is becoming more commonly used by non-IT folks. Proxychains is a built-in feature that can be utilized from the command line add layers of proxy IP addresses to your anonymity to sites you visit. The way to use it is to add the command “proxychains” before each task such as:

Image for post
Image for post
Image for post
Image for post
Image for post
Image for post

Mobile Devices

Encryption is not only a critical component of information security but also privacy and anonymity. For the best anonymity on mobile devices, it is best to use End-to-End Encrypted (E2EE) apps like Signal to communicate and the Tor app to browse the internet. All other applications you download and install or that come with phones are potential attack surfaces that must be updated regularly, along with the device’s OS. Otherwise, it doesn’t matter what lengths you go to anonymize yourself online. Your always one software app exploit from full identity exposure depending on what other information is stored on your phone.

Physical Anonymity Hacks

Image for post
Image for post

Additional Resources:

The one & only z3r0trust. 26 years of experience as a Sr. Security Engineer focused on spreading privacy & information security awareness.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store