Anonymous Browsing And The Difficulties Of HTTP



Posted: Tuesday, March 17, 2009

by Oliver Macpherson
SSL 247

HTTP is a basically the methods through which your browser communicates with any website and exchan
ge information but there are many problems within the protocol that restricts anonymity like the fact that it exists on the TCP port 80.

Port 80 has become a standard TCP port to use and almost every web server will list that port with the exception of security such as SSL but as a general rule most connection are through the TCP port 80. Firewalls will usually allow all TCP80 communications as a first rule. The protocol itself is text based ASCII to be precise which means that all communication must be readable this means no translation, decryption or decoding. It is quite bad easy to follow a HTTP trace and if you ignore all the GET requests/responses you can pretty much read the rest which is bad when we are told to protect and be secure with our personal information.

HTTP treats every request and response as individual questions and answers this means it cannot follow long or draw out complicated conversations. Even when the communication comes from the same place HTTP will treat the information as a totally separate thing. HTTP also suffers a severe lack of security and does not authenticate users. Through the use of cookies HTTP can get round some of the authentication issues by maintaining a connected state between the sever and the client there can also be protocols such as NTLM and certain forms and services like Microsoft Passport.

The HTTP protocol was never written with security in mind and should not be thought of a bad because it doesn’t have security features, it was designed for the quick exchange of information in a simple manner it does this jobs really well otherwise it would not have survived the rate in which the internet is expanding and developing.

Clearly HTTP cannot be anonymous as it is designed to exchange passwords, usernames and identities the same way as all of the information it transfers and it cannot protect your information or identity even when HTTP just blocks your IP address this is not really achieving any anonymity.

Oliver is a passionate web analyst who likes to promote the correct ways to safeguard business websites. Oliver works for ssl247.co.uk who specialise in SSL certificate buy as well as apache SSL certificates for web servers in the UK.
This Article has been viewed 24 times. (Not updated in real-time.)
Top-level comments on this article: (1 total)
» left by Connor Davidson
 3 years 71 days ago.
95 fans. Follow Connor Davidson on twitter!
It is a good article with intersting information. However the last paragraph contains a website. I dislike advertising at the best of times. Advertising like that though small does in my oppinion not belong on SearchWarp.
 
Sorry.
We want your comments! If you can read this, you don't have javascript enabled, so you can't use this comment system. Please enable javascript.