How to Build Anonymity Into the Internet
Most people leave a trail when surfing the Web. Information such as a computer’s IP address can be traced back to users, or used to reconstruct a profile of browsing habits. Search engines amass large quantities of data on individuals. Though they don’t store this along with usernames, researchers have previously shown that individuals can still be identified using this data.
People who want to avoid leaving this trail can turn to services such as Tor, an open-source system designed to muddy the path a user’s data travels over the Internet (see “Dissent Made Safer”). But Tor struggles with slow network performance, and the service might be overwhelmed if too many users adopted it without also contributing resources.
Last week, at the 9th annual Privacy Enhancing Technologies Symposium, researchers described some more robust protections. They wondered if privacy protection could come from the ISPs responsible for the backbone of the Internet.
One project, anon.next, presented by Matthew Wright, who co-directs the iSec research lab at the University of Texas at Arlington, looks ahead to next-generation deployments of the Internet itself. In the event of a redesign of Internet architecture, Wright argues, proxies that help preserve anonymity could be built in. He envisions working with ISPs to determine points in the network where the proxies would be effective both in terms of protection and performance.
Other researchers are looking for solutions that could work on the Web as it is today. Barath Raghavan, a visiting assistant professor at Williams College in Massachusetts, along with researchers from the University of California, San Diego, and the University of Washington, suggest a protocol that could effectively hide a user’s IP address within the rest of an Internet service provider’s traffic. The researchers say that adding their system wouldn’t hurt performance, and would work in conjunction with Tor and other privacy-protection services. They suggest that ISPs might be willing to add the protocol as a benefit to attract customers, similar to services offered by telephone companies that prevent users from being identified by called ID.
While ISPs are a logical place to turn for privacy help, events such as the passage of the Patriot Act in the United States, which made it possible for the authorities to demand information without a subpoena, make ISPs uncertain allies. The bottom line is, they’re only likely to help if there’s a large customer demand for privacy.
Most people think of online privacy as something most important for citizen journalists in countries with oppressive regimes. However, the number of business models that rely on the collection and sale of user data may for some people in this country to reconsider taking steps to protect it.
Geoffrey Hinton tells us why he’s now scared of the tech he helped build
“I have suddenly switched my views on whether these things are going to be more intelligent than us.”
ChatGPT is going to change education, not destroy it
The narrative around cheating students doesn’t tell the whole story. Meet the teachers who think generative AI could actually make learning better.
Meet the people who use Notion to plan their whole lives
The workplace tool’s appeal extends far beyond organizing work projects. Many users find it’s just as useful for managing their free time.
Learning to code isn’t enough
Historically, learn-to-code efforts have provided opportunities for the few, but new efforts are aiming to be inclusive.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.