Vassar Technology Today | Third-party solutions: Your virtual bodyguards

Matthew Leung Managing Editor

The proverbial “free lunch” offered by peer-to-peer applications such as Kazaa and Limewire is very tempting to scores of Web users. Not long ago, record companies started suing users who illegally download music through these applications. As evidence, record companies compiled detailed lists of those illegal activities with specifics such as time, location, and names of downloaded songs. It was not difficult for these companies to invade the privacy of their customers, because most sensitive information is exposed when a standard unprotected connection to the Internet is made.

Fortunately, only an understanding of a few networking theories is required in order to secure an Internet connection and to prevent unsolicited surveillance of online activities.

To help explain these theories, an analogy of the Internet to the human mind can be effective: just as we can consider the mind to be distinct from the neural processes of physical body, so too can we conceptualize the Internet as an immaterial place distinct from our physical world. Accordingly, major companies can bridge the two worlds by constructing the necessary cables, and most of the available bandwidth on the Internet today comes from major Internet Service Providers (ISPs) like America Online, Verizon, and Optimum.

Internet traffic is tracked with IP I.D.s
By purchasing a connection from ISPs, people can gain access to the immaterial world. Data that go in and out of that connection are tagged by a port number. Port numbers allow servers to handle different types of data properly. Continuing our analogy, think of a port in this sense as a door to the immaterial world.

There are different ports designated for different actions one might take on the Internet. For example, one steps through port number 80 to browse a Web site and port number 21 to download a file.

There are hundreds of ports, and once a connection to the Internet is established, all ports are usually open, allowing one to step through more than one port at a time.

Once people step into this world, they take up virtual identities, called Internet Protocol (IP) addresses, which uniquely identify the connection of each user. From information contained in the IP address, an individual might be visible to others as Verizon-Philadelphia-141 or Vassar-Poughkeepsie-242. But no one besides the ISP knows exactly who number 141 or 242 is or can link his/her geographical location back to the material world. This is why if a crime is committed on the Internet, the police must trace IPs through the ISP for the identity of the individual, like tracing a phone number. And like phone numbers, the individual usually has a permanent IP address (or at least for the duration of one connection session).

Even though IP addresses allow for unique identification, they are often abused. For example, while one is walking on the streets of the immaterial world browsing Web sites, others might take interest and follow him/her around, kind of like phone tapping. It is also possible to use an IP address to gain unauthorized access to a user’s computer.

Third-party software secures Web sites
In light of the possibility of unauthorized access, some take measures to protect themselves. In addition to using a firewall to monitor and lock the hundreds of doors in the connection, some also use third-party services to avoid being seen on the streets while browsing Web sites or downloading files.

There are three kinds of third-party solutions for this. The first kind is the most popular and basic. Remember port number 80, used for browsing Web sites? This door to Web sites has a secured twin, called door 443, which is used for browsing a small number of Web sites that support a secured protocol called Secured Socket Layer (SSL). All communications through door 443 are encrypted with SSL to prevent eavesdropping.

Some of these secured Web sites, such as Torpark (torpark.nfshost.com/download.html), act as a private store that allows the user to enter it through door 443 and stay there, so to speak. The Web site then sends a brave agent to go out into the public immaterial world to browse Web sites for the user. That way, the user is not seen on the public streets. The agent reports information back to the store, which then reports back to the user through door 443.

However, this protection does not apply to downloading files or viewing videos because other doors are needed for those actions. For comprehensive protection of all activities, the second kind of protection is needed called port forwarding. For port forwarding, the user downloads a piece of software from a company such as Sterling Security Research (secure-tunnel.com), one of the few pieces of software that still supports peer-to-peer applications, and routes all communications (including files, videos, and Web sites) through door 443 exclusively. In port forwarding, the different kinds of data going through door 443 are all masked as if they were they same type.

The third kind of protection, called Virtual Private Network (VPN)/Tunneling, is similar to port forwarding except that it does not try to jam all kinds of data through one door. Instead, it uses encrypted door number 1723, which is dedicated for the VPN connection. Once this connection is made via door 1723, all other doors are closed and the VPN is the only open connection. This connection, however, is not to the Internet, but instead to the third-party server, which then sends out its own agent to the Internet.