VPN…You think you are anonymous!


This post is the first in a small series on the theme of anonymity, VPNs, and by extension, possible attacks. For a more comfortable reading, which should be one ticket will make several at once, they will have a more or less technical. The first is a (long) introduction to the basics of IP anonymization … good reading.

VPN this word used anyhow and all the sauces, and especially to hear so many cons-truths about their virtues “anonymization.” Here are some thoughts on VPNs, driven by an increase in spam on this blog related to operations of noise around HADOPI. If some rather courteous offer me to try their solutions, others are downright rotten systematically all tickets they come to paste a link on their website that claims to sell the security at $ 5 per months. But most disturbing of all, it is mostly misconceptions that are carried on many sites and wikis, and tend to say that a VPN is the ultimate weapon to make you immune from inspection deep packet (IPR) and preserve your anonymity.

What is a VPN?

A virtual private network or VPN is an encrypted tunnel which passes in its communications in order to secure them. Thus, it intends to monitor the routes the information to avoid capture by unauthorized third parties.

While VPNs are currently very reasonably effective response to pass under the radar of Trident Media Guard, they are not a panacea, and not enough to maintain your anonymity. Whether on P2P networks or simple websites, there are even behind a VPN, several techniques to reveal your real IP address. There are many pitfalls, as they emanate from the sites you visit as your own doing, it is important to be aware of that.

The roots of evil

By laying text as uninspired that HADOPI our good legislator has unwittingly exposed to a very real threat which we can observe some undesirable effects in other countries. Many companies have rushed into this new market of mass surveillance and control generalized others try to make parades. Our Minister of Industry has something to rub his hands, he will emerge here to see a new part of the economy hexagonal, although smelly, that of the digital arms race. On the Internet as in real life, trader’s guns can be very friendly people, it is the protection they sell you on paper, but death is their stock in trade. People who need to ensure their perfect anonymity were either professional whose Confidentiality is required by the nature of their duties, or people whose illicit nature and criminogenic activities required to avoid get caught. By reducing the need for anonymity in order behaviors tort type MP3 download copyrighted, so do not be surprised to see some mafias rub their hands and say they will be able to tackle public larger markets. Infrastructures are there, they are just waiting for the right!

This is very disturbing and paradoxical because the anonymity and privacy (or privacy) is a legitimate need, securing the exchange is too. Administrative procedures (taxes, URSSAF …), banking or financial (…) require secure data exchange.


We can thank our elected officials for making this choice for the Internet Company, often due to a lack of political courage, sometimes by ignorance.

Internet is a public network

Internet was not designed for anonymity and privacy, it is a public network, the routing information is public and therefore the data are originally not encrypted. Internet naturally allows encryption, but it does not hide the identity of the sender or the recipient (encryption hides the payload but not the routing information or metadata).

The basis of anonymity

I certainly do not pretend to give a comprehensive course on anonymity but being aware of what it entails, let me just, I hope to break a myth that is to make you swallow that “solutions “simplistic just to meet 10% of the anonymity issues are long-term solutions for protecting your identity on the network. All this is far more complex than love to tell you.

A VPN (virtual private network), proposed the creation of a tunnel, usually encrypted between your computer (or in some cases your router) and the service provider. In most cases, all that passes between the service provider and the content that you target plaintext passwords over the network. Few services offer encryption “end to end” (end to end), this is the first vulnerability VPN solutions. If all goes clear between your provider and the content target your visit, usually on a remote server, at the bottom right of the Internets, you better have damn confidence. Take good conscience in choosing a VPN service provider, you give him the same thing that you entrust your ISP, any precautions is to know the laws in force in the country of the supplier service.

In terms of errors, the most commonly observed is the confusion between content protection (encryption) and protection of the environment, between encryption and processes to reduce the risk of data capture. If one had to summarize it simply looks like:

Define the information content

The context defines the environment and how to access the information.

It protects content through encryption.

It protects the environment through a series of methods and techniques adapted, and certainly not a product, whether hardware or software.

If the content or the context is compromised, your anonymity is compromised.

It should also make the difference between protecting privacy and anonymity

Anonymity: the right not to be identified by a third party;

Protection of privacy: the ability to protect its communications uptake by unauthorized third parties … In other words, to prevent others from what you say or what you do.

If I read correctly, you must understand such a network is not encrypted necessarily guarantee your anonymity. And conversely, protects the digital context … but not the content (but we’ll come back in a future post the same small set).

Who listens to what and where?

You have all heard a stupid sentence, even from the mouth of people known as “Mark Zuckerberg” (Facebook founder) of the type: “If you have nothing to hide, you have nothing to hide”. There must be people who have never made ​​a purchase for example on the Internet or who have never exchanged an email or photos with family…

Are you entrusting your personal data…

Come on, close your eyes and imagine for a moment that I work for Universal Music, how I will proceed to your opinion if I wanted to hunt small freeloaders? Bingo, I will ascend VPN service more or less clearly branded “circumvent Hadopi.