Image: DrAfter123/Getty Images.
When you use your browser, your IP address is visible to websites, online services and potential cyber attackers, who can use this information against you to track you or for other actions that may invade your privacy. But at the same time, IP addresses are necessary for traffic routing and fraud prevention.
This is why Google Chrome wants to offer a new service to hide IP addresses, called IP Protection. The information was spotted by Bleeping Computer.
“As browser manufacturers work to better protect the privacy of their users, the IP address still allows activities to be associated with it through its origin that would not otherwise be possible. This information can be combined over time to create a unique and persistent user profile and track a user’s activity across the web, posing a threat to their privacy. Furthermore, unlike third-party cookies, there is no direct way for users to opt out of this type of surreptitious tracking,” reads the IP Protection (formerly Gnatcatcher) presentation.
What does IP Protection provide?
According to the official presentation of the service, the objectives of IP Protection are as follows:
- improve user privacy by hiding their IP addresses so that they cannot be used as a tracking vector;
- minimize disruption to normal server operation (until another solution is found).
The basic requirements of the service are as follows:
- prevent the destination site from seeing the client’s IP address;
- the proxy and intermediaries cannot see the content of the client’s traffic.
Initially, IP Protection will be an “opt-in” function: users will be able to freely decide whether they wish to hide their IP address from third parties.
A step-by-step deployment
To adapt to each region and to ensure an accessible learning curve, IP Protection will be rolled out in stages.
During the first stage, called phase 0, Google will route queries to its own domains. This phase will continue until Google has had time to refine the list of affected domains. Initially, only IP addresses based in the United States will be able to access these proxies.
In subsequent phases, Google plans to use a two-hop approach to improve privacy. The first hop will be maintained by Google, while the second hop is planned for an external CDN (Content Delivery Network).
Security issues
But Google remains cautious, with the new service raising some concerns. First, it could make it difficult for various services, such as fraud prevention, to block DDoS attacks in the first place. Additionally, if one of Google’s proxy servers is compromised, the attacker would then be able to manipulate the traffic passing through it.
Due to these potential issues, Google is considering implementing a user authentication feature for the proxy to mitigate DDoS attacks.
To learn more, you can read Google’s posts on GitHub and Google Groups.
Source: ZDNet.com