Net anonymity project piles in
Virtual ski masks comin at ya
An ambitious technical effort to guarantee anonymity on the Internet has reached an important milestone.
Early ideas for a standard, called NymIP, that will foster anonymous communications and Web browsing for Internet users are to be presented at this week's meeting of the Internet Engineering Task Force in San Diego.
Started by Zero Knowledge Systems and headed by Harvard University's Scott Bradner, the NymIP project aim is to devise protocols that allow user-selectable levels of identity disclosure, as well as resistance to traffic analysis that could reveal someone's online identity.
There are commercial products, such as Zero Knowledge's Freedom client, that allow anonymous surfing but the idea of NymIP is to create a standard protocol that can be more widely adopted. The idea, explained in more detail on the project's web site, is to create a standard for anonymity at the network IP layer and a community of operators using those protocols.
However as the NymIP working group itself admits, considerable technical challenges stand in the way of the project. In particular it's not known how much security can be provided in real networks, or what performance tradeoffs, particularly consumption of bandwidth, any scheme might involve.
This also leaves aside the more important philosophical question of whether it's right to guarantee anonymity on the Internet. Some have described this as the equivalent of giving surfers virtual ski masks, behind which the malicious might hide criminal or antisocial activities behind. This is certainly a well rehearsed argument from the law enforcement community.
The other side of the coin is the individual's right to personal privacy and the right, of say human rights activists, to communicate online without fear of reprisals from repressive regimes needs to be protected.
This is not an easy issue, and not one for which a simple all-encompassing statement of opinion will do. Think it through yourself. ®
Sponsored: Today’s most dangerous security threats