Denegación de identidad en Internet
| Autor | José Angel González Andrés |
| Cargo | Gerente de Seguridad en Internet de Telefónica Corporación |
| Páginas | 75-101 |
Page 75
Why do we need to be anonymous on Internet? As of in our normal life, we walk anonymously on the street, we enter shops anonymously to take a glance to our favorite musicians' last creation or simply walk anonymously down the street enjoying a spring evening. During such events, we assume that we could be filmed (for security purposes, but regulated by a law de-
Page 76
signed to protect our privacy) and even identified with our ID card when shopping with a credit card (again under the same legal support and for a justified reason).
While browsing on Internet, we are tried to be identified by subtle and not-so-subtle methods by any website we browse or service we use. It is re-quired by technology that some identification must be exchanged between the two components (our computer and the server that hosts the page we are browsing or the service we are using) in order to progress the communi-cation and provide the access to the content and/or the service. In some cases, this identification is kept to a minimum in order to allow a private and non-intrusive browsing (e.g. browsing Wikipedia), while in the oppo-site case, the website behavior is off law limits and try to harm you (e.g. browsing pages which install malware on your browser).
There are also another anonymously web browsing cases (whether for licit or illicit purposes) that must be taken into account:
• Insecure (or «eavesdrop friendly» environments).
Such not trusted environments like public Internet access (mostly wifi), proxy gateway to access Internet on office buildings and similar.
• Country restrictions based on ideology.
Countries that apply filters to Internet access (e.g. United Arab Emir-ates, Iran and specially China).
• Risk of own life (journalists, dissidents).
Countries in which journalists, dissidents or unrelated to the regime could be arrested by reading foreign press and/or posting information related to the political situation of the country, on controlled and registered Internet access (e.g. China, Myanmar, North Korea, Iran and some others).
• A way to develop illegal/alegal activities without being identified. Used by pedophiles, drug cartels, organized crime, criminal hacker groups, investigators and similar groups.
• Intelligence activities.
Intelligence organizations that need to obscure the original place from where they access information, in order of not being identified, nei-ther by the origin (the organization) nor by the item searched (the query or information request).
Page 77
• Citizens.
Using their knowledge and rights in order to be anonymous while browsing on Internet, harming no one.
This article tries to explain how Internet sites and services try to get the most possible information from us, how to avoid them and finally how can we put technology on our side to obtain the required privacy. This article also tries to avoid an excessive usage of technical terms, focusing on concepts and strategies to identify and use anonymous web browsing techniques.
During Internet browsing, there are several components including comput-ers, applications, network components and communication protocols that interact between them to show in our screen the required information. In order to establish a standard for computers communication, «...by the mid 1970s, researchers began searching for a common framework that would tie the various technologies together into a single network. The result of that effort, the TCP/IP protocol suite, began being deployed on the ARPANET by the end of the decade...»,»Based on DARPA experience, NSF decided to adopt the Internet protocols and build a 'network of networks' rather than a single large network.» (KOCHAN, WOODS, 1991, p.50), called TCP/IP architecture, based on the standard OSI model (International Organization for Standardization, ISO/IEC 10731:1994).
The TCP/IP model is the standard protocol used on Internet by computers, defined from bottom to top by international standards and estab-lishing (COMER, 1996, p. 474):
• How a computer communicates with network equipment (based on protocols like ARP, RARP among others).
• How network equipment shares and searches for network information and configurations (based on protocols like BGP, ICMP, IGMP among others).
Page 78
• How a computer communicates with other computers in a network (based mainly on protocols TCP and UDP).
• How applications running on different computers communicates among them (based on protocols like SMTP, RPC, HTTP, FTP, TELNET, DNS, RPC, NFS and many others).
The technical description of all Internet protocols is archived at the RFC main repository on Internet (RFC Editor). It contains technical and organ-izational documents about the Internet, including the technical specifica-tions and policy documents produced by the Internet Engineering Task Force.
Every transaction between two computers on Internet produces —in a less or large scale— tracing information, stored at least temporarily in both computers and in some cases also in network equipment. Knowing this fact, every part involved on the communication and transaction during a brows-ing or service transaction on Internet is able to keep information and even-tually store and process it. This document tries to describe the possible different information that could be obtained based on the different interactions that a user needs to establish when using Internet services.
According to IETF's RFC 791 (RFC Editor), each data packet that leaves a system must keep on it two different addresses: origin and destination. Such addresses are described by the mentioned RFC 791 and subsequent revi-sions and are known by the familiar name of «IP addresses». The IP address of a system on Internet is an unique number that identifies this precise system (when not in use with other techniques as NAT, VPN and/or other technical features —including DNS resolution— not described here for simplicity), allowing each data packet sent by this originator system («a») being routed to the destination computer («b»), and also making «b» aware of the address of «a», allowing «b» to return the answer to «a» as a response for the received petition.
This simple but realistic scenario points out the existence of—at least— three elements in the communication:
Page 79
• «a» the sender of the data packet or «communication».
• «b» the receiver of the data packet or «communication».
• Network components (also referred as «the cloud») between «a» and «b», that normally consists on network components used by the ISP (Internet Services Provider) to physically transmit the data between «a» and «b».
These three elements are completely aware of the address of both sender and receiver of the information. It doesn't mean that the network components could also «read» the information exchanged between «a» and «b», as it could also be encrypted, but «the cloud» is at least aware of «who talks to who». Obviously both sender and receiver are aware of each other and if the payload data of the connection is not encrypted it could be read (or sniffed, jargon for «observation of data passing by») by any component of «the cloud».
Data sniffing
As an illustration of the value of this action, The New York Times reported that a data «sniffing» has occurred during last spring 2010. On the Novem-ber 17th 2010 edition, the journal stated in an article signed by John Markoff entitled «Report Looks at How China Meddled With the Internet» the following fact: «An annual report to Congress touched off a round of speculation Wednesday about the motives of a small Chinese Internet serv-ice provider that briefly rerouted as much as 15 percent of the world's Web traffic on two occasions last spring. The report, by the United States-China Economic and Security Review Commission, noted that the service provider, IDC China Telecommunication, broadcast inaccurate Web traffic routes for about 18 minutes on April 8. That information was then re-transmitted by China's state-owned China Telecommunications, effectively forcing data from the United States and other countries to pass through Chinese computer servers. A similar episode in March drew less attention. The report said the move affected data traveling over both the government and military networks of the United States, including information from the Senate, the Army, the Navy, the Marine Corps, the Air Force, the secretary
Page 80
of defense's office, NASA, the Department of Commerce and the National Oceanic and Atmospheric Administration, as well as from many American companies». «(The New York Times, November 17th 2010, «Report Looks at How China Meddled With the Internet»). Using this technique, China forced an important amount of Internet traffic data to cross network equipment under their control, as data was sent from their origin to their destiny. This kind of attack is called «man-in-the-middle» and obviously that network equipment has the ability to «record» or store the information transmitted (origin, destination and payload data) for a posterior analysis. No one knows if such ability was enabled or not.
User location identification by IP address
IP addresses to users on Internet are not assigned...
Para continuar leyendo
Solicita tu prueba