How can I test if my browsing is anonymous?

I've tried a few of the privacy services. They all seem to work. Various websites report my actual ip address as being hidden. How could I test it further? How could I tell if some program, firefox extension, javascript, or something else might leaking information?

Any suggestions?

 

if you have time to spare, you can use something like wireshark to sniff traffick

 

I have found Browserspy to be pretty complete testing what your browser reveals about you:

 

Anonymous to who, that's the real question ?

Your ISP, maybe, but reading what SteveTX, Gerard Morentzy and others " skilled in the art " have to say should enlighten you !

Scripting etc will leak info.

 

With all due respect, I really struggle to understand why people do this. It's impossible to surf totally anonymous. Maybe you can get close, really close. But if you surf, email or whatever, somebody somewhere knows who you are and where/what you're doing. Otherwise, the other end can't respond back to you with your requests.

 

I don't think most really understand that. Even with very legit, well-meaning anonymous services, they HAVE to know who you are, otherwise, how are you going to sign up for their services? Sure, you could fake your information to an extent, but unlike the days before the digital age, you're known to someone out there whether you try to hide or not.

Does that make these services useless? No, I don't think so at all. I think the most well known services are great at what they are CAPABLE of, which is providing a sense of privacy and SOME anonymity. But, you have got to have it drilled into your head that the days of TRULY being anonymous are long over with, and then learn to adapt to that and do as much as you can.

 

If you run JavaScript, then your real ip address is vulnerable. If you install Adobe Flash or SWF, you may also be vulnerable, so the best strategy when using Firefox is no plugins, no JavaScript. NoScript should be fine to run as a FF add-on.

You should also setup your Firefox about:config to toggle the item:
network.proxy.socks_remote_dns to true
to help prevent DNS leaks by using the DNS service from your proxy rather than the one from your ISP or what is coded into your router.

-- Tom

 

I don't think you'd be anonymous to your ISP because you're connecting through them, but the point is some people wish to make themselves appear anonymous to the website they're connecting to. In other words, to make it look as if you're coming from somewhere else when in fact you're not.

 

Xerobank separates their payments from the account, using a method that, according to Steve, is not reversible.

 

That may be true if you are using Tor or a cheaper VPN or proxy, but it is not so with Xerobank. And It was not so with Iphantom either. And both of those services have secure DNS, and so the DNS requests are encrypted and passed on through the ISP.

 

They know you are there but if you are using something like Xerobank, thay cannot see anything but an encrypted tunnel going to Xerobank. That's it.

 

Qzt, the Anonymity Checker by XeroBank may be of interest.

Han, the fact that a website is able to return pages to your browser does not imply that the website knows who you are. If you’re using a high quality anonymous proxy or VPN service, the website only “sees” that proxy/service – not your actual IP address. Of course, if you logon to a website, then you have voluntarily relinquished your anonymity (assuming that you registered with that website using correct information about yourself). Erasing cookies is a wise step, too.

Concerning email, it’s possible to use services such as Anonymizer Nyms to mask your identity to the recipient, for example.

TonyW, your ISP “sees” that you are online, but it perceives that all of your internet traffic is to/from the anonymous proxy or VPN service - because it is. And, since that traffic is encrypted, the ISP can’t know the websites with which you are actually communicating, as Caspian has noted.

 

This is called privacy, not anonymity. You can't achieve anonymity with your ISP, because he knows who you are. What you can do is to have privacy, meaning that he can't see what you are sending/receiving.

 

You can't even achieve anonymity with a one-hop proxy since they will know whom you are.

Encryption yields security, and the features of privacy are layered where the use of more are better since it increases "plausible deniability" - of which Xerobank appears to currently be the leader - counting their use of multiple features which separate a users Internet transaction from being associated with the user's real identity.

-- Tom

 

You can't really test your browser to see if it is anonymous, you can only test it to see if you fail being anonymous. We'll be releasing an advanced test called DeAnonymizer on the first day of August.

The thing to think about is not if you are "completely anonymous" as this is a static and imaginary state, but rather to consider your attacker and threat model. 1. What do you need to keep anonymous/protected? 2. Who would be a threat to that? 3. Who has the capability and inclination to attack?

 

Hi SteveTX, you are in US and under very implicit communication rules of data retention and data interception and injection as revealed? How you can promise users for anonymous in the Internet when using your xerobank service even downgrade to through TOR?
Reading around this forum and saw your promote of xerobank browser, xbmachine are great to internet anonymous even using TOR? Is it a backdoor or someway to expose users with those pieces of software, relates to your promise of the Aug 1st launch of DeAnonymizer?

 

Personally I am looking forward to this DeAnonymizer, shell see what we can come up with in our Arsenal to defeat it.

 

I am personally in the Dallas area at the moment.

We provide the strongest anonymity network in the world, as it is multi-jurisdictional, multi-hop, no logs, anonymized user identity, multiplexed/crowding optimized fips-140 compliant machines, all running on encrypted drives with tamper detection and fail-secure design. It is not public-participation based, so it is immune to the array of threats that plague the tor network. We do not log, we do not hand over user data, and we never have. We are incorporated in Panama, and are not subject to court orders or data retention directives from US/UK/EU etc. All software is fully open-source/GPL, no backdoors.

DeAnonymizer is a comprehensive and evolvable anonymity testing tool. The test are performed by visiting the website as you normally would through a browser, and beginning the test. It will launch a series of attempts to cause the visitor's system to leak their true IP address.

 

Thanks SteveTX for informative materials on your service.

 

http://www.decloak.net/

 

Here is a test that was once able to reveal your true IP while using Tor. But I guess tor fixed it. But anyway, I just tried it with a cheap proxy, hidemyass.com, and it revealed my IP address.

http://www.frostjedi.com/terra/scripts/ip_unmasker.php

 

This tried to download something.

 

Couldn't you be anonymous to your ISP in a sense? Let's say you were using prepaid internet to avoid contracts/forms with your ISP.

 

I presume it is wireless? Is there such a prepaid wireless internet provider? You know of course, you could never use it from your home or even have the access device turned on in your home or place the frequent, otherwise you are deanonymized.

 

The sociopaths amongst us use other peoples computers (most go without password protection (or if protected can be found on a sticky somewhere in or around the workstation).

The people you trust the most are the most likely to use your computer for unsavory surfing. Sad but true.

Why are lame cliches always so right