The Cloud Browser
Discussions around personal privacy are becoming louder and more complicated, while many countries are trying to get a grip on social networks and on the challenges presented by encrypted Web traffic.
Many tools being developed and marketed promise this privacy through anonymity. Anonymity is not always sought in order to hide malicious activities. In many countries around the world, anonymity can be a matter of life and death — such as when it conceals the identity of someone who is critical of a suppressive government.
There are many tools available to gain anonymity, each with its own benefits and some drawbacks. A private (or personal) VPN, for instance, is an example of an accessible and easy-to-use tool. This is quite often a paid subscription model, however, and many countries and organizations block the infrastructure to these services. Not only will this limit or even prevent the use of these tools, the attempted use can be logged and investigated as a suspicious activity. (Why does this user need anonymity?)
Another option is the use of the Dark Net. However, this can be a complex environment to navigate, full of malicious content. It is far from quick and easy to use for the average user.
But the forward march of technology continues, and new solutions are being developed all the time. An interesting recent development may have the answer to some of these privacy problems. This is the cloud browser.
The Cloud Browser
The vast scale and the unprecedented availability of most cloud platforms allowed companies and individuals to completely rely on outsourced online applications. One of these is the cloud browser, sometimes also called the remote browser.
A cloud browser, located within a cloud platform’s datacenter, effectively operates like a proxy between a user and a target Web server. An end user requests a page from the cloud browser and the cloud browser then requests that page from the target server and processes the response. The only traffic returning to the end-user is a near-real-time streamed image of the requested page, not the code itself. The owner of the webpage will simply see a request coming from the cloud platform without being able to trace where the original request came from.
This is a very reliable way to preserve user anonymity but comes with a slight impact on the user experience: a delay in website response due to the extra “hop” the traffic will need to take in both directions.
Several commercial products are available in this space from vendors such as Cisco, Authentic8 and Citrix. Most of these offerings comes with a subscription fee due to the requirement of the provider to process the traffic and system resources for the end users. Some, limited freeware cloud browser options are available as well, such as by Chinese company Maxthon.
Other Security Benefits
There are some other benefits of using a remote cloud browser. The biggest one by far is the protection against malicious code. Because the end user never actually processes the data from the target site itself, any potentially malicious code will be loaded by the intermediary cloud system. Even if the code manages to do any damage despite the high level of security on these systems, the user will simply see a streamed session and will be fully protected from any real harm. A continued uptake of the cloud-based browsers by companies and end users could severely limit the success of malware in the future. This is certainly a space to watch for anyone active in the anti-malware sector.
Another benefit that many companies will really appreciate from these products is that they can fully control the Internet activity of their users online. They can, for instance, block Facebook access or access to streaming video without the need to constantly maintain access lists in firewalls or domains in proxy servers.
Can I Trust the Cloud Browser Provider?
When looking for anonymity, the cloud browser solution can be a good option for individuals. However, the use of cloud browsers is often adopted at scale by large organizations in order to protect their endpoint security. When that is the case, the companies end users should not expect anonymity. That is not why the service was obtained by the business and it is highly likely the provider also supplies requested usage logs to the customer organization as well.
When used by individuals, there will likely be a required payment and a signup stage, as is usually the case when signing up to a commercial private VPN. If anonymity is important, it is essential to do some research into whether the cloud browser provider stores any usage logs on their own platform. It is common for private VPN providers to promise not to log any usage data, but this is not always clear when it comes to these cloud browser services. If there are logs, it is important to realize who they need to be protected from and where they are stored (in which jurisdiction and how secure?).
The cloud browser is a viable tool for web anonymity. It is fairly easy to use and it comes with significant malware protection benefits. When it comes to the user experience, it is a matter of trying the service out because of the many variables such as where the actual browser is located and the speed of the ISP. But as with a private VPN, a quality service is usually not free.
One of the benefits of running a VPN for privacy is that other, non-browser traffic (think for instance about running a mail client on the background) cannot inadvertently reveal the user’s identity. The VPN does not protect against browser-based malicious code, though. When weighing up the pros and cons of a VPN and a cloud browser, it really is a matter of what you need and what you’re willing to put up with for increased security.
The darknet is not a hellhole, it’s an answer to internet privacy, The Conversation
Cisco Cloud Web Security, Cisco