Helder Almeida - Fotolia


Cloud browsers: The security benefits of anonymity in the cloud

Cloud browsers can provide a level of security for users seeking anonymity in the cloud. Expert Frank Siemons of the Infosec Institute explains the benefits of cloud browsers.

Discussions about personal privacy have been amplified while organizations and governments attempt to get a grip...

on social networks and the challenges presented by encrypted web traffic.

As a result, tools are being developed -- and marketed -- to provide privacy with anonymity because many vulnerable people rely on anonymity to protect themselves from abusers. In many countries, anonymity can be a matter of life and death, such as when it conceals the identity of someone who is critical of an oppressive government, for instance.

There are many tools available to provide some degree of anonymity, each with its own benefits and drawbacks.

A private or personal VPN is an example of an accessible and easy-to-use tool. However, VPN providers often use a paid subscription model, and customers should be aware that VPN providers themselves have access to all of their private browsing activity.

Another drawback with VPNs is that many countries and organizations block access to these services. Beyond limiting or preventing the use of these tools, governments and organizations may also log and investigate the attempted use of anonymity tools, such as a private VPN, as suspicious activity.

A further option for anonymity is using the dark web. This can be a complex environment to navigate, however. The dark web is full of malicious content and it's neither quick nor easy to use for the average user.

An interesting development for anonymity in recent years has been the introduction of cloud browsers.

The cloud browser

Cloud browsers, sometimes called remote browsers, are located within a cloud platform's data center. Cloud browsers effectively operate as proxies between users and the web. An end user requests a page from the cloud browser and the cloud browser then requests that page from the target server and processes the response.

The only traffic the end user accesses is a near-real-time streamed image of the requested page, not the code on the page itself. The owner of the webpage simply sees a request coming from the cloud platform and cannot trace where the original request came from. This is a reliable way to preserve user anonymity, but it comes with some effect on the user experience, as there is a delay in website response due to the extra hop the traffic needs to take both ways.

Commercial products are available in this space from vendors such as Cisco, Authentic8 and Citrix. Most of these offerings come with a subscription fee, as the provider processes the traffic and system resources for the end users.

Some limited freeware cloud browser options are available, as well, such as the Maxthon 5 cloud browser offered by Maxthon International, a browser developer based in Beijing.

Security benefits of cloud browsers

There are other benefits of using cloud browsers. The biggest one by far is protecting the user against malicious code. The end user never directly processes any data from the target site itself, as any potentially malicious code is loaded by the intermediary cloud system.

Even if the code manages to do any damage despite the high level of security on these systems, the user simply sees a streamed version of the browsing session and is fully protected from any real harm. The continued adoption of cloud-based browsers by companies and end users could severely limit the success of malware in the future.

Another benefit of using cloud browsers is that they can fully control the activity of their users on the internet. They can, for example, block access to social media sites like Facebook or to streaming video sites like YouTube with the click of a button and without the need to constantly maintain access lists in firewalls or domains in proxy servers.

Are cloud browser providers trustworthy?

When individuals are looking for anonymity, cloud browsers may be a good option. However, cloud browsers are often adopted at scale by large organizations to protect their endpoints. In that case, the companies' end users should not expect anonymity. That is not why the business obtained the service, and it is highly likely the provider supplies usage logs to the organization in addition to the browser itself.

When individuals use the browsers, they will likely be required to pay, as is usually the case when signing up for a commercial private VPN.

If anonymity is important, it is essential to do some research into whether a cloud browser provider stores any usage logs on its own platform. It is common for private VPN providers to promise not to log any usage data, but that is not always clear when it comes to cloud browser services. If there are usage logs, it is important to understand from whom they need to be protected and where they are stored.

A cloud browser is a viable tool for web anonymity; it is fairly easy to use and it comes with significant malware protection benefits. When it comes to the user experience, it is a matter of trying the service out because of the many variables, such as where the actual browser is located and the speed of the internet service provider.

Like with a private VPN, a quality service is usually not free. One of the benefits of running a VPN for privacy is that other, non-browser traffic -- such as a mail client running in the background -- cannot inadvertently reveal a user's identity. A VPN does not protect against browser-based malicious code though. It is really a matter of weighing the pros and cons of these services.

Dig Deeper on Cloud Provisioning and Cloud Identity Management Issues