Second-level ISP

The last five years have seen the development of Second-level ISP’s. They are actually a type of anonymous internet access providers which is distinct from other anonymous browsing solutions (proxy lists, Tor, JAP). A Second-level ISP provides secure and anonymous internet access using two main technologies: SSH tunnel, also known as port forwarding, and Virtual Private Networks (VPN). The best ones offer both, often for the same price.

Secure internet communications of this type used to be reserved to corporations, especially before year 2000. Second level ISP’s are designed for use by individuals, which have an increasing demand for secure internet access to protect their activity when online, for many reasons, including identity theft.

An Internet Service Provider (ISP) is usually understood as a service that provides users with access to the Internet, whether dial-up or broadband. “Second-level” ISP’s are providers that create an encrypted secure connection within a regular connection. All the traffic is then encrypted starting from the user’s computer all the way to the provider’s secure servers and then redirected to its final destination (the website visited).

In most countries, Internet Service Providers retain log files that shows the times your IP address was used and where it connected to. Some providers save these log files indefinitely and they may give these files to whoever asks with or without a court order, meaning that every website visited, uploads, downloads and all the traffic of millions of users is no longer private. The results of this can be stalking electronically or physically, identity theft, and other forms of harassment.

Why use a second-level ISP? Who needs it?

Internet Service Providers in most countries now log all incoming and outgoing data, downloads and uploads, emails and files transferred, for an unlimited period of time. As of Dec.14th, 2005 the EU Parliament passed a law calling for the European Union ISP's to retain certain records for at least six months. The following data will be saved by ISP's:

* Each website ever visited with time and date stamp
* Each file ever downloaded using FTP or P2P
* A record of every e-mail sent and received, including the e-mail content.
* The name, time, date, etc of every user who chatted with via an Internet Messenging program, including the logs of the chats.
* Each web forum posted on or visited
* Logs of IRC sessions

Those laws have been deemed as "anti-privacy" by many human rights activists, business people, corporations and individuals because they can be used against citizens in a variety of cases.

Personal Privacy reasons

The following are reasons that have been offered for using a second-level ISP:

* To bypass any kind of Internet censorship in the country of residence,
* To access anonymously financial institutions,
* To access online casinos,
* To appear to be in the country of the online service being use. (Some services such as eBay limit access to IP addresses located in the same country.)
* To maintain the Internet privileges of the country of residence when traveling, especially in countries that restrict access to information for different reasons, like Thailand, China, Middle East,
* To anonymize internet activities,
* To prevent the user's internet traffic from being recorded by an ISP,
* To protect online data while using WiFi hotspots in public locations such as hotels, airports, internet cafes, university computers,
* To anonymize VoIP services, allowing for true and easy anonymous phone calls from and to anywhere in the world,

Business reasons

*Small companies cannot afford to pay security consultants or to set up a VPN system. For them it is simpler to subscribe to a second-level ISP which will offers an all-in-one secure remote access to the company’s computers.
*Protect your employees when on travel: sensitive information can be intercepted when in the premices of competitors or in public meetings.
*Remaining anonymous when operating a website, for a variety of reasons: freedom of speech or business and financial privacy
*Ideal to run a cyber-corporation / distributed corporation
*Protect the company from government intrusion/competitors

General background for Second-level ISP use

As the world becomes always more inter-connected, individuals feel less resigned to accept the restrictions imposed on them by their local governments and catch the opportunity to escape these restrictions, at least concerning their online activities.

What is perfectly legal and accepted in one jurisdiction may not be in another. By switching between all possible jurisdictions at the click of a button, second-level ISP’s enable their users to maximize their level of personal and business freedom, generally for no more than a few cents per day.

Commerce Defies Traditional Tax Jurisdictions

Using the internet, a company can, in theory, move its e-commerce business to a “tax haven” country and conduct e-commerce outside the jurisdiction of any country that would otherwise tax the transaction.

Also, because of the speed in which transactions occur and the frequent absence of a traditional paper trail, it will be very difficult, if not impossible, to apply traditional notions of tax jurisdiction. This is especially true with intangible property transmitted by computer such as software, digital music or electronic books and services.

When using offshore proxies through an encrypted connection, the online activity is submitted to the laws of the jurisdiction of the proxy usie. This is equivalent to offshoring at the press of a button.Fact|date=January 2008

Case studies

Case One

A company director travels a lot with his laptop. He needs to be in constant email communication with head office. One day he was at one big conference in the USA where free wireless networking access was provided by the organisers, when one of his colleagues came up to him in the coffee break and told him that he had a copy of Airsnort on his own laptop and that he knew his email password. He then proceeded to show him copies of all his email for that day! This happened even though the wireless network was supposed to be secure!

Case Two

The same director, who usually travels mostly in North America and Europe was scheduled to attend a major conference which was being held in a faraway country. The Government of this country keeps a very watchful eye on their own citizens, as well as on all foreign visitors. Both the telephone company and the country's only Internet Service Provider are run by the President-for-life's brother in law and it is generally known among the local internet community that copies of all emails sent to and received from outside the country end up with the secret police.

Worse still, lists of all the overseas websites which are being read in the country are compiled, and the names and IP addresses of those who are visiting certain sites (such as human rights websites) are highlighted. As the conference proceeded, this company director even found that he couldn't access his daily fix of international news from back home since all access to the CNN news website was being blocked, since it had published stories which critical of the country's Human Rights record

Case Three

Steve, an ordinary Internet user got into an argument with another user on a Usenet news group. Unfortunately, the person he got into the argument with happened to be a system administrator at Steve's ISP. Since this person had administrator privileges on the mail server for the ISP, he was able to read all Steve's email, and found out something about Steve's private life that he subsequently used against him.

Case Four

John worked for a company where he had unrestricted Internet access on his desktop. Unbeknownst to John, however, the company's security system was logging every site that John visited. Since he was looking for another job, he was visiting the Jobserve website most lunchtimes. Most unfortunately for John, his boss knew that he was looking for another job before he found one.

See also

Second-level ISP-related articles

* SSH Tunnel
* Virtual private Network (VPN)

References

Examples of Second-level ISP's:

* [http://www.perfect-privacy.com Perfect Privacy]
* [http://www.cotse.net Cotse]
* [http://www.anonymize.net Anonymize]
* [http://www.secure-tunnel.com Secure Tunnel]
* [http://www.securenetics.com Securenetics]
* [http://www.privacy.li Privacy.li]
* [http://www.securstar.com SecurStar]
* [http://www.findnot.com FindNot]

External links

* [http://www.guardian.co.uk/humanrights/story/0,,1938474,00.html Google 'will be able to keep tabs on us all'] The Guardian, November 3, 2006
* [http://in.today.reuters.com/news/newsArticle.aspx?type=technologyNews&storyID=2007-06-20T054404Z_01_NOOTR_RTRMDNC_0_India-303916-1.xml Where were you online? Advertisers know] Source: Reuters

* [http://news.zdnet.com/2100-9588_22-6199294.html Study: Internet censorship spreading] ZDNet News, Jul 27, 2007
* [http://www.anonic.org/online-privacy-for-business.html Internet Privacy for the Online Business] AnonIC