There are several ways to enhance your web surfing experience and overcome the range of obstacles that have arisen over the past decade. Have you noticed that your Internet Service Provider (ISP) now blocks access to torrenting sites? Or that your speeds on connections to streaming services are terrible? These are sneaky tricks that ISPs put in place to make life hard for you. However, there are add-ons that you can get for your internet connection that will overcome these impediments.
Other problems with the internet include government spying. America’s National Security Agency (NSA) has been caught snooping on the web traffic of ordinary people in the name of anti-terrorism. In addition, online thieves regularly trap credit card and bank details by putting up fake WiFi hotspots, which allow them to harvest everything you send over the internet. Don’t panic! You can protect yourself against all such kinds of intrusion.
On top of all of this, the network you are on at work or at college will routinely block access to a long list of sites that the institution deems “offensive” or “inappropriate.” The final kick in the teeth is that you may manage to track down a streaming site with plenty of movies you want to watch, only to be locked out by the site itself!
What happened to the freedom of the internet? Rest assured, it is still there – you just have to put in a little work to find it these days. To enjoy unimpeded internet access, use a proxy, a Virtual Private Network (VPN), or Tor.
What is a Proxy Server?
The difference between a proxy and a VPN is a little complicated. There are many different types of proxies, and the VPN is one of them.
The basic definition of a proxy is a person who stands in for someone else. Proxies on the web do just about the same thing. Rather than connecting directly to a resource over the internet, your computer connects to the proxy instead. Your computer tells the proxy the address of the site or service that you want to access. The proxy opens up a second connection between itself and your target, then delivers the request on your behalf.
The important point here is that there is no direct connection between your computer and the server that you want to connect to. Both your computer and the server are connected to the proxy. The proxy does not make an internal pathway between the two connections. Instead, it poses as the originator of the request, so the server has no idea that you exist. This gives you anonymity.
The proxy reads the incoming messages from the server and then writes those replies onto the connection to you. When your computer sends a message back, the proxy reads that and then sends the same message out on the separate connection to the server. The proxy mediates communication between you and the server without actually making a connection between the two.
How to Set up a Proxy
Proxies are lightweight and cheap. If you choose a proxy server that is located in the same country as the computer you want to communicate with, that target system does not realize that it is receiving requests from abroad. That factor makes it possible to dodge regional restrictions on sites like streaming services, which only allow access to content from inside the same country. It also means that you can access TV services for a specific country of your choice, rather than having to put up with the rubbish that is shown in the country you happen to be in.
Types of Proxies
There are three types of proxy service. The first gives you a list of server addresses, from which you pick one. You alter the network settings of your browser to use the proxy. For example, on Chrome, access Settings and click on “Show advanced settings.”
Scroll down to the Network section and click on the “Change proxy settings” button.
In the next screen, click on the “LAN settings” button.
This gives you access to the proxy settings area of your network definition.
Type in the proxy address that you copied off the proxy server list. Job done.
Another type of proxy server is a web proxy site. You just go to a web page and enter the address of the site that you want to surf to anonymously.
Pressing the “Go” button in this site takes you to the page you want to see. However, the web server that delivers it has no idea that you exist. It only deals with the web proxy.
Smart Domain Name System (DNS) Proxies
Many proxies that use the proxy server model or proxy website delivery systems are free. A great feature is that such proxies offer protection from malware, because they filter out all scripts in the pages that they deliver.
This presents a problem when you want to access media sites, however, because the content delivery system of streaming services relies on the implementation of scripts. Thus watching a show on a site such as abc.com is nigh on impossible.
The third type of proxy – the Smart DNS proxy – is different. These systems allow through scripts, so they can get you into streaming services without blocking the delivery of content. These proxies get their name because they hijack the process that your browser goes through to translate a web address into an Internet Protocol (IP) address through the Domain Name System.
For a specific list of web addresses, which are usually media sites, they substitute the IP address of the proxy server for the one that would otherwise have been retrieved by the DNS server. In the case of all the other sites that you might visit, the proxy software lets you go to the regular site directly. Smart DNS proxies are great for getting into streaming services and bypassing their regional restrictions.
What is a Virtual Private Network?
VPN stands for “virtual private network.” It uses encryption to create the same level of privacy that data crossing a private network enjoys, even though it operates on the public medium of the internet.
Communication with any website that has https:// in front of its address has all of the data that passes back and forth encrypted. VPNs take that privacy to another level. They not only encrypt the data in a message, but also all of the routing information. Routers need to be able to see the header of a data packet in order to know where to send it. Thus the VPN software puts another packet around the entirely encrypted packet, and writes its own home server’s address on the front of it.
The packet arrives at the VPN server, which strips off the outer packet and sends the unencrypted packet (which may have an encrypted payload) on to its intended destination. The target server receives the packet with the VPN’s IP address on it as the source, so it sends the reply to the VPN server. The VPN server then encrypts the reply and encapsulates it in an outer packet to send on to the requesting computer. The client software on the customer’s computer unbundles the packet, decrypts it, and sends it on to the application that created the original request.
This type of service is a secure form of a proxy server.
The Benefits of VPNs
VPNs offer all of the security and anonymity of regular proxies, but with the added feature of privacy. The advantages of hiding the true destination address of your traffic go way beyond just stopping snoopers seeing the headers in your connections.
ISPs have been known to reduce the bandwidth on certain types of traffic. They particularly hate streaming services and online gaming, because they gobble up bandwidth. Limiting that bandwidth is called “throttling.” Doing so enables ISPs to reduce costs by diverting certain types of traffic onto cheaper, slower networks. VPNs prevent throttling, because the ISP can’t see which sites you are accessing.
Another benefit of paid VPN services is that they invest a lot of money in infrastructure. Many VPNs even have their own cable, which can connect to large portions of the internet directly – these are known as Tier 1 networks. That means that a VPN can speed up a slow internet service for all types of traffic, not just throttled applications.
Like regular proxies, VPNs get around network filters that stop you accessing blacklisted sites from private networks. The masking of both the origin and destination addresses in each packet helps those in repressive countries who want to access banned websites. In some regimes, accessing forbidden sites can get you arrested, so the privacy that VPN encryption systems render can be literally life-saving.
What is the Onion Router?
Tor was originally called “the Onion Router” before being boiled down to initials, and ultimately capped down. The great thing about Tor is that it has many of the security features of a VPN, but it is absolutely free. You don’t have to subscribe to a VPN service, because the traffic doesn’t need to be mediated.
Tor obscures the origin of a connection. However, the final journey of the data packets once they leave the Tor network for their destination is unprotected. Tor isn’t about end-to-end privacy. Instead, it makes it impossible to tell where the originator of the message is located.
The system was invented by the US Navy, to help spies use the internet to deliver information without exposing their location. Nowadays, the method is available to the public. You need a special Tor browser, which works out a route before sending out the packets of a connection. It selects a series of volunteer-run nodes and routes the connection through them. The nodes are chosen randomly, so they are very rarely geographically close.
The originating client software picks the exit node of the network and encrypts all the packets in a connection entirely, just like a VPN does. It then picks the next router back and encapsulates the packet again. After that, it encrypts and encapsulates the packet again for the next router back, repeating the process until the packet has been encrypted and encapsulated over and over again. This makes the packet seem like it is constructed in layers, like the flesh of an onion.
Tor uses a public key system. This is an encryption method where the key that encrypts a message is different to the key that decrypts it. Thus, each router has a different encryption key, which the originator of the message can find out from a separate database. Each layer of encryption is addressed to a node, which is the only device that can decrypt the message. Each node in the chain knows where the packet came from. When the next layer of encryption is unbundled, the router discovers the address of the next node in the chain. Thus, each node can only ever identify the previous and next node in the path.
A big problem of Tor is that most servers don’t run it, so the traffic has to come out of the Tor network in order to get to its destination. If the data in the packet isn’t encrypted, anyone can intercept it and read it. The origin IP address on the packet is the last node in the Tor chain, so the target server thinks it is communicating with that computer. In theory, no one reading the headers of Tor packets can identify the true origin of the connection.
The random route of the connection makes the system extremely inefficient and slow. Packets bounce all over the world before leaving the network at an exit point that may be on the other side of the world from the target server. This means that your connection may have just as far to travel once it leaves the Tor network as it would have had if Tor was not engaged – or even further.
The inability to predict the exit point of the network means that you can’t set a fake location to get around regional restrictions. Another problem is that the Tor system drops the connection and reroutes all traffic every ten minutes, so if you are in the middle of a battle in an online game, you will have to log in all over again, losing precious minutes.
The Benefits of Tor
Tor is regularly used by advocacy groups to help protect battered women on the run and abused children. The big aim of Tor is to obscure the origin of the connection, so a woman who has been spirited away to a shelter can use the internet without being tracked down.
Many investigative journalists encourage whistleblowers to access Tor in order to contact them. News sites that welcome insider disclosure publish details on special pages, which include instructions on how to download and install Tor. Better still, Tor can be installed on a memory stick, so those on the move can go to an internet café and use the system from any computer.
Combining Smart DNS Proxies with VPNs
Many people wonder whether they can combine the powers of Smart DNS proxies and VPNs to create even better privacy and anonymity. The short answer is no. Although the underlying principle behind both these methods relies on a common mechanism of mediation, the two systems have fundamentally conflicting operating procedures.
The VPN relies on connections being diverted to a specific address every time and includes heavy encryption. The Smart DNS process involves hijacking the DNS lookup process to redirect certain traffic to the proxy server, while allowing other connections to proceed directly.
In order to combine a Smart DNS with a VPN, you would have to rewrite the DNS lookup procedures to divert to the VPN. So, you would be inventing your own selective VPN that applies to some connections and not to others. The encryption of packets could only be applied to the diverted traffic, because the servers at the receiving end of regular connections would not know how to decrypt them.
If you write your own hybrid, you are simply turning off VPN protection for certain traffic. If you don’t, the Smart DNS will readdress some packets before they reach the VPN. The VPN will then process the connection to send the packets to its own home server. It will send some traffic to the proxy server, instead of to the intended destination. Those packets will then get the proxy communicating with the target site. So, you would have encrypted the normally unprotected Smart DNS-processed traffic. However, that traffic would be unprotected again once it got out of the VPN. You just put mediation in front of mediation for some of your connections. The effect of that is to slow down your connections in order to re-anonymize already anonymized requests.
VPN Over Tor
There are a lot of VPN services that specifically advertise their ability to work with Tor traffic. This combination is viable.
Under this scenario, the VPN software encrypts, encapsulates and readdresses the packet before it is passed onto Tor, which bundles it up over and over again with the Tor route embedded in it. The packet works its way through the randomly-selected nodes until it is finally unbundled from its Tor encryption at the exit node. The packet then traverses the internet to arrive at the VPN server. That computer strips off the outer packet, decrypts the inner packet, substitutes its own address for the original packet’s origin IP address and sends it on to its destination.
The receiving server reads the request and sends out a response to the VPN server. The VPN server encrypts the packet of the response and puts it in an outer packet that is addressed to the exit point of the Tor network. The Tor nodes process the packet to send it back to the Tor client software on the originating computer. The Tor software unbundles the packet and sends it to the VPN software, which strips off the VPN router packet and decrypts it before passing it on to the application that made the original request.
Although this combination presents no technical impediments, there is one simple flaw in the scenario that prevents these procedures catching on. There is actually no privacy gain from running VPN traffic over the Tor network. The only benefit of Tor is that it makes it impossible for the destination server to work out the origin of the received packet. However, the VPN system is already performing that service. Putting VPN through Tor just makes it difficult for the VPN server to work out the origin of the packet.
Given that most VPNs keep no logs, you gain no extra privacy by using Tor and VPNs together. The random route of the Tor network is just a prequel to the real journey across the internet, which may end up being longer than the non-Tor route. Thus, this combo just slows down your VPN traffic with no actual privacy gain.
Combining Tor with Smart DNS
This is another combination that is technically feasible. The Smart DNS software returns an IP address from a given web address by accessing a cross-reference table. In certain cases, it substitutes its own server address for the real IP address of the destination. In either case, the Tor software receives a packet that is all addressed and ready to go.
Smart DNS traffic is unencrypted, so Tor adds a level of security by carrying out its secrecy procedures and passing on the packet as far as the exit node. However, the remainder of the journey to the destination server, or to the proxy server, is unencrypted.
Putting Smart DNS traffic through Tor merely extends the journey and provides privacy for half of the route. Anonymity is provided for the diverted traffic by the proxy server, so Tor can only provide anonymity for those connections that the Smart DNS program decided didn’t need to be anonymized.
Anyone considering combining Tor with Smart DNS should just use a VPN instead. You will get anonymity with every connection and end-to-end privacy with a VPN.
Proxy vs VPN vs Tor: Conclusions
Proxies, Smart DNS, VPNs and the Tor network all have their uses. When considering which to use, you should first work out which aspect of your internet service you want to improve.
If you don’t care about privacy, but you want to dodge network blacklists, use a regular proxy. If you want to get around regional restriction blocks on streaming sites, use Smart DNS.
If you need to hide your location and you don’t think you could trust a VPN company to keep your secret, use Tor. If you want end-to-end privacy to avoid government bans on international web access, or to avoid throttling and speed up your connections, and if you also need to get around your work or college website blacklist, use a VPN.