Tips to Avoid IP-Address Tracking

The state-of-the-art way of avoiding IP tracking is to use a Virtual Private Network (VPN) like IP Vanish. The way it works is that you log into the VPN just like you would log into your ISP. After that point, all of your traffic goes to the VPN company which then sends it out to the internet. If somebody sniffs your packets, they will just see one encrypted stream going to-and-from the VPN company.

For example, if you were logged into a VPN right now, we would have no idea who you were. Our server logs would show an IP address that belongs to your VPN company, and that would be all we would know. We could identify the VPN company, and guess at what country you are in based on their home address, but that’s about it. And even that doesn’t always work because with a VPN like IP Vanish you can select which server to log into, and they have servers all over the world! You could live in Iceland, log into their Panama server, and the internet would have no clue as to your location.

Of course, nothing is perfect. The VPN company knows who you are, and if they get a subpena, they might have to hand over your name. However, VPNs work well enough and have grown in popularity in response to the “Six Strikes” campaign by U.S. ISPs.

If you cannot use a VPN, there are some low-tech things you can do:

Make Sure That Your IP Address Changes Frequently.

  1. If you have a static IP address at work, one that never changes, you might want to do the majority of your surfing from a different computer.
  2. Use this page to see your IP Address.
  3. Most people have “leased” IP addresses with their cable-modem or DSL accounts. That means your IP won’t change until you turn off your modem. So, power it down as often as you feel necessary.
  4. America Online’s dial-up accounts go through a thing called a proxy server. What this means is that when you are logged into AOL, you do not make direct contact with the websites you visit. You only talk to the proxy server, which in turn contacts the website. The IP address logged into the website’s server logs are not yours, but that of the proxy server. And since AOL has many proxy servers, chances are that more than one IP address will be logged during a session since the proxy servers are load-balanced, which means that they take turns. The bottom line is that using an AOL account makes you harder to track. Some other ISP’s use proxy servers also, so you can ask about that when choosing an ISP.

Change Your “User Agent”

Most web servers log the browser you are using, and if you have a unique “User Agent” string, it can be used to track you. Here is an example produced by the Opera browser:

Opera/9.50 (X11; FreeBSD 7.0-PRERELEASE i386; U; en)

Anybody using that user-agent sticks out like a sore thumb.

Use this page to see your user-agent. To learn how to change the user agent in your browser, Google-up something like this: “change user agent Firefox”.

Keep in mind that many websites use your user-agent to determine what content to send to you. If your user-agent indicates that you are on a mobile device, you might see a completely different page than when you are on your notebook. So be careful when changing it.

Your user-agent will also change automatically whenever you update your web browser, and maybe when you upgrade your operating system. So, you might want to check it after doing those things.

Don’t Allow Cookies

Most people know that cookies can be used for tracking. You can go into your browser’s security settings and turn them off completely, or have them flushed when you close down the browser.

Never Click Links

To prevent a website from logging where you linked from, never click on a link or advert. Instead, hover your mouse over the link to see what it is, and then type it into your browser’s address bar. Or just Google the domain name of the site, or product name advertised.

This data is called the “referrer”. So, if you found this page with a Google search, we could look in our server log and see exactly what you typed in. Chances are it would be something like “avoid IP tracking”. When you click a link, your browser includes the URL of the page containing the link. To prevent this data from being sent, look in your browser’s docs and see if you can find an option to not send the referrer data.

In 2011, Google began to block the referrer for logged-in users. So, if you were logged into Gmail or AdWords, or another Google website, when you searched for this site, we could not tell what you searched on. But of course, Google still knows.

Note: “Referrer” is sometimes miss-spelled “referer”, probably because it was spelled that way in the original Apache server software. Just something to keep in mind when searching.


Update: Tor has been cracked.
Tor is free, open-source software produced by a non-profit organization, and a volunteer international network of servers. Tor encrypts your traffic and sends it through this network masking your real IP address. Download Tor here. Tor has been used by dissidents in dictatorships like Iran and Egypt, however make sure to read the Wikipedia article for a discussion of its potential vulnerabilities. Tor volunteers use their own bandwidth to run their servers, so as you can imagine, they are not friendly to the network being used for file-sharing applications like BitTorrent.