                                 ANONYMIZER FAQ

THE ANONYMIZER FAQ

--------------------------------------------------------------------------------
Frequently asked questions

Why surf anonymously?

Every time you visit a site, you leave a calling card that reveals where you're
coming from, what kind of computer you have, and other details.  Most sites
keep logs of all your visits.  In many cases, this logging may constitute a
violation of your privacy.

How does the Anonymizer work?

The Anonymizer acts as a middleman between you and the documents you want to
retrieve.  When you want to retrieve a document whose URL is http://xxx.com/,
you prefix that URL with the name of our server, and place your request to
http://www.anonymizer.com:8080/http://xxx.com/.  Our server will retrieve the
document from xxx.com, without revealing your identity, and then send the
document back to you.

Isn't that just the same as a proxy?

Almost.  The differences are:

  * We allow you to specify the proxy's name (http://www.anonymizer.com:8080/)
    in the URL field directly, rather than having to specially configure your
    browser.

  * We forget about your hostname right away, so your identity isn't included
    in the anonymizer's logs.

  * We strip out all references to your email address, computer type, and
    previous page visited before forwarding your request.

  * Our system provides the ability to chain requests, allowing for more
    privacy.

If I follow a hypertext link in the document I'm reading anonymously...?

... then that link will be loaded anonymously, too.

What about imagemaps, forms, redirects, and other weird kinds of links?

They are handled correctly. If, while using the anonymizer, you ever find
yourself loading a URL that does not begin with our prefix
http://www.anonymizer.com, then you have found a bug in our system.  Please
report it to bugs@anonymizer.com.

What do the buttons on the anonymizer bar do?

--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
  * The "open anonymous" button will open up a form where you can type in a URL
    to open anonymously, or start a Web search anonymously.

  * The "bug report" button gives you the opportunity to describe a problem
    with the page you're viewing.  Filling out the provided form automatically
    sends email to bugs@anonymizer.com

  * The "anonymizer help" button opens up this FAQ.

What protocols are handled anonymously?

  * http:

  * ftp:

  * news:

  * gopher:

What happens when other protocols, like https:,

appear in the anonymized document?
When you select such a link, the anonymizer will warn you that it cannot handle
it anonymously, and give you the chance to retrieve it un-anonymously.

How do I make sure I don't forget to be anonymous?

You can configure your WWW browser so that the first page it opens up is opened
using the Anonymizer. In this way you won't forget to use the Anonymizer when
you are using the Web. Various browsers have differents ways of doing this:

Netscape
From the Options Menu, choose General Preferences. Choose the "Appearance" page
in the General Preferences dialog box. Where it says "Browser starts with"
select "Home Page Location". In the "Home Page Location" text box, enter the
address of the Anonymizer. You can enter http://www.anonymizer.com/open.html if
you want to start at the Anonymizer home page. If you want to start at the
Netscape home page, you'd enter
http://www.anonymizer.com:8080/http://www.netscape.com/. For Altavista you'd
enter http://www.anonymizer.com:8080/http://www.altavista.digital.com/.

Do I have to start out by using the forms on your Open URL Anonymously page?

No, you can open a URL anonymously anytime by just prefixing it by
http://www.anonymizer.com:8080/.  You may also place bookmarks on anonymized
pages, or place references to anonymized pages in your HTML files.

Are Lycos searches, etc. executed anonymously?

Yes.

Can I anonymously access sites that require Basic Authentication (e.g.
HotWired, Pathfinder)?

Yes.  You'll still need to provide your own authentication information, but the
site won't know what host you're coming from.

What about external protocol handlers (e.g. RealAudio)?

Anonymity is not guaranteed when you use external protocol handlers (e.g.
external MIME helper programs).  Such programs may potentially create their own
Internet connections, bypassing your browser's http mechanism and thereby
skirting the anonymizer.

Do we log your proxy requests?

Currently, for testing purposes, we keep a log of what documents are retrieved,
but we do not log your hostname or any other information that would associate
you with the document.

Does the proxy cache requests?

Yes.  So if you've just accessed a cool but slow web site at http://foo.com/
and want to tell others to check it out too, then point them to
http://www.anonymizer.com:8080/http://foo.com/ instead, and they'll get the
locally cached copy.  The cache size is currently 100MB.

Can I use the anonymizer as a regular proxy?

You sure can.  In this case, configure your browser so that www.anonymizer.com,
port 8080, is the proxy for all FTP, Gopher, and HTTP transactions.  In
Netscape, this is done under the "Options" menu; in Mosaic, you set environment
variables as follows:
     setenv http_proxy http://www.anonymizer.com:8080/
     setenv ftp_proxy http://www.anonymizer.com:8080/
     setenv file_proxy http://www.anonymizer.com:8080/
     setenv gopher_proxy http://www.anonymizer.com:8080/

Can Java applets bypass the anonymity mechanism?

No, if you use the URL-based anonymizer.  Yes, if you use the anonymizer as a
regular proxy.  We are currently investigating this issue and will post more
info here shortly.

Can JavaScript inline programs bypass the anonymity mechanism?

Yes, they could, if you use the URL-based anonymizer, so the URL-based
anonymizer disables all JavaScript.  If you use the anonymizer as a regular
proxy, then JavaScript is safe and is left enabled.

Who can access the anonymizer?

Everyone.

What are your plans for the anonymizer?

We plan on moving it to faster network links, faster servers, faster software.
We plan on adding encryption, subscriptions for faster guaranteed service, and
more.

How can we be sure you aren't tracking us and violating our privacy?

We don't keep any logs of who is accessing the anonymizer. Community ConneXion,
Inc. has a long history of dedicated privacy services, and our reputation is
highly regarded in privacy circles.

For the more paranoid, we have built the system in such a way that people don't
have to trust us if they don't want. It is built to allow chaining of anonymous
web requests, which allows you to not trust any of the anonymizer operators,
very similar to the distributed trust mechanism used in the anonymous remailer
network.

Who's to thank/blame for this service?

Community ConneXion, Inc., the leading provider of Internet privacy services,
runs the Anonymizer.

Justin Boyan, a Computer Science Ph.D. student at Carnegie Mellon University,
designed and implemented the Anonymizer (and the companion "snoop" script).
Marc Ringuette was the original idea man.  We also thank Darrell Kindred for
his CERN hacks and many helpful tips, Dayne Freitag for his lex script, and Ari
Luotonen for placing the CERN httpd proxy server in the public domain.

to anonymizer home page Email comments to comments@anonymizer.com