Why NymVPN Anonymous mode provides the best privacy

Appreciating the value of technologically enhanced VPN privacy

September 27, 20241 min Read

Traditional Virtual Private Networks (VPNs), despite their name, do not actually protect our privacy. With advancements in metadata collection, traffic analysis, and AI-powered tracking and surveillance, this goes for even well-reputed VPN services, no matter what they promise. What is needed is the next generation of VPN technology capable of defending privacy through innovative network design.

This is where NymVPN comes in. What makes the app different from other VPNs on the market today is its integration of “mixnet” (or mix network) technology to power the app’s Anonymous Mode.

But why would you need to use the Anonymous Mode?

Try NymVPN for 80% off today

First, what is a mixnet?

A mixnet is a decentralized network, made up of independent servers all over the world, in which user traffic is routed to be anonymous. But as its name indicates, it does something unique: it mixes the traffic of different users up together to make it hard to tell who is sending what to whom.

Check out Nym’s step-by-step guide to learn exactly what happens to your traffic when using the mixnet in NymVPN’s Anonymous Mode.

Mixnet privacy benefits

The Nym mixnet is designed to provide several benefits in preserving user privacy against sophisticated tracking efforts.

Multi-hop routing. Routing through the Nym mixnet sends user traffic through a decentralized network with five hops (or independent servers rerouting your traffic): an entry gateway that permits access to the mixnet, three consecutive mixnet nodes that perform packet mixing, and an exit gateway that sends your data to its final destination. With a decentralized network like this, you can become unlinkable to what you do online and safe from server attacks.
No central point of command. The Nym mixnet has no central point of control for the multiple service operators that route user traffic. Each server is independently owned and operated. While Nym makes efforts to incentivize high reliability and performance of Nym nodes to ensure good user experience, node operators are ultimately autonomous.
No central logging of traffic. No single server in the network has access to the data of the full route for a user’s traffic. Even if a particular server keeps logs of the traffic they handle, they lack information on either the packet origin, its destination, or both. Your traffic remains unlinkable to you, and its content is always encrypted.
No central point of failure. Since full traffic logs cannot be known or obtained by a single hop on the mixnet, there is no one point that can be attacked or breached to link information about the sender and recipient.
Traffic analysis resistance. With the emergence of AI-powered network analytics, the terms of the game for VPN privacy technology have changed. It’s no longer sufficient to rely on even decentralized networks: what’s needed is advanced techniques in confusing traffic analysis. By adding network noise to the Nym mixnet – data mixing, cover traffic, and timing delays – NymVPN is building privacy for the future.

The power of the crowd

Imagine you’re trying to get away from someone, or something, following you in the city. And suddenly, in your flight, you stumble upon a large crowd of people: a street festival, a parade, or a protest. The opportunity suddenly arrives to elude your pursuers, so you blend into the commotion and bodies of the crowd, becoming imperceptible. Just one body like all the others.

The Nym mixnet is like a crowd, but even more concealing. Bodies, of course, have their distinguishing features, like what we try to identify and distinguish between individuals when “finding Waldo.”

But in the crowd of the Nym mixnet, all traffic looks the same in terms of size and format, while the encrypted payloads are reordered and randomized when traversing each intermediate step.

With NymVPN, this process also includes privacy protections that few other VPNs or proxies provide: sending “dummy packets” or cover traffic to increase the crowd of the network, and adding randomized timing obfuscation to make data surveillance as difficult as possible.

So imagine, for example, that when you enter the mixnet, everyone in the crowd exchanges clothes so that when they come out, it’s hard to tell who is who.

Think you might want to join the crowd?

How NymVPN Anonymous Mode compares

Traditional VPNs

The large majority of VPNs on the market are not really privacy-providing services, at least not anymore. This is because they are centralized: all your data passes through, and is potentially logged by, a single server either owned or rented by the VPN company.

Centralization might be a technically efficient thing, but for privacy it’s a huge risk. Cyber attacks and data leaks can reveal the subscription and even traffic records of users, or over-reaching governments can demand to know who is using the VPN and for what. The risk isn’t worth it, and with better VPN network technology now available, it’s simply no longer necessary.

Tor

Decentralized and multi-hop networks are not new. The Tor network, for instance, provides a multi-hop routing architecture to transmit user traffic. This involves three steps: an entry node, intermediary node, and exit node which connects with the public web.

Tor also uses multi-layered “onion” encryption to protect the content of user data in transit through the network. As data passes through a particular node determined by the outermost layer of encryption, that node with the decryption key removes its designated layer, revealing only where to send the data packet next. The process repeats until the data leaves the exit node and arrives at the intended destination on the public web.

The problem is that Tor is suffering from target network attacks and cannot easily combat metadata traffic analysis. Decentralization needs to be taken even further, but what we also need are new anti-tracking technologies to combat AI-powered surveillance.

NymVPN Anonymous Mode

NymVPN’s mixnet alternative increases decentralized routing to 5-servers and 5 layers of encryption and adds additional network noise to confuse surveillance attempts. But what is network noise exactly?

Think of tracking as attempting to find a signal in a noisy network, like Tor, where many proxy servers are handling the traffic flows of many users. With the power of AI, it becomes exponentially easier to find patterns in the noise, effectively linking you to what you do online even through decentralized IP obfuscation.

Nym’s network noise

To combat this, the Nym network is designed to make the network so noisy that AI surveillance can’t find your signal, or pattern. This requires specific techniques, which Nym calls added noise:

Data Fragmentation: When your data passes through the mixnet, it does not travel in one piece that can be intercepted as a whole. Rather, it is broken up into identically sized encrypted packets. This ensures that no correlation can be made between packets and users based on different sizes or encryption types.
Cover Traffic: The bigger the network crowd, the more anonymity individual users have. To ensure that adversaries surveilling the whole network have a hard time, “cover traffic” is regularly introduced into the network from the client, alongside real data packets, to create greater anonymity in greater numbers. These are basically “dummy packets,” in reality empty but indistinguishable from full packets, which simply increase the volume of data flowing through the mixnet.
Traffic Mixing: As your data packets pass through a mix node that relays them simultaneously with the traffic of other users, the packets of different users are mixed up or shuffled together. This makes it extremely difficult to track the inputs and outputs of individual users’ traffic flows.
Timing Obfuscations: One result of traffic mixing performed by a mix node is that surveillance of packet flows based on time (arrival and departure from a mix node) is further impeded. It’s difficult to determine a continuous flow based on the principle of first-in, first-out when a mix node mixes flows together.

Use cases for NymVPN Anonymous Mode

To be clear, not all kinds of online traffic need the robust protections of NymVPN’s Anonymous Mode. With a decentralized network of 5 proxy servers and sophisticated encryption, this will inevitably slow down your connections, increasing latency. Thus it is best for more latency-tolerant traffic which needs advanced privacy protections:

Email
Messaging
Torrenting

When faster connections are needed, there’s no need to worry: NymVPN’s Fast Mode is easily available thanks to the WireGuard protocol and NymVPN’s novel tunnel-in-tunnel implementation.

So why use NymVPN’s Anonymous Mode?

It’s simple: genuine privacy online. There’s no longer a need to worry about all the complex threats facing us: metadata harvesting and sale, government surveillance, hackers waiting on unsecured WiFi networks.

Think you might want to see what the power of the crowd can do? Try it out free today and see for yourself.