On a modern Internet, privacy concerns get stronger every year. As a result, many people are searching for tools that will help them hide from Big Brother ( whoever he may be).

However, it is hard to navigate through multiple technologies, apps, and tools. There is an app for everything: even hiding an IP address can be implemented in different ways.

Today we will talk about SOCKS proxy technology, the principles by which it works, and its advantages over another well-known privacy-related tech.

What is it?

SOCKS is an internet protocol used to send data packets from the server to the client via a proxy server. As of today, it is the most advanced proxy technology on the Internet. When you use SOCKS, traffic goes via the proxy server, which generates an arbitrary IP address. This address is used for establishing a connection with a destination host.

The latest protocol specification is SOCKS5. It uses UDP and TCP connections for traffic delivery. There are also several authentication methods used in SOCKS5:

  • Null authentication – no authentication needed to connect to a proxy;
  • Login/password-based authentication – to use a proxy, you need to enter valid credentials.
  • GSS-API authentication – both the client and the server use authentication methods working at an OS level.

Why use SOCKS proxies?

There are two main reasons for using SOCKS proxies:

Censorship circumvention

The most obvious reason is that the internet blocks circumvention. If a particular IP gets blacklisted and blocked, you are still able to access it via a proxy.

Sometimes proxies can be handy for the circumvention of government-implied blockades. However, this is not always possible, as many such blocks are implemented using DPI (deep packet inspection) technology, and the traffic is blocked at the ISP side even before it reaches the blocked website. Proxies won't help here.

Important: while HTTP proxies can only work with web pages, SOCKS5 can process traffic of any kind. These proxies work at a lower level.

Increased speed and performance

SOCKS5 predecessors used a TCP protocol, while newer proxies can also work with UDP packets.

TCP is a protocol with guaranteed delivery, meaning that packets going between the client and the destination are always delivered. To ensure such deliverability, you need to thoroughly format messages. In the case of UDP, this is not required, as this protocol does not provide guarantees that every message will be delivered. This allows the avoidance of spending time on packet structuring, and the overall speed of the communication increases.

SOCKS5 proxies never change packet headers, which sometimes happens in the case of other proxy technologies. This increases overall performance. There are some downsides as well: as headers may contain personal information, they can be easily spoofed and disclosed.

However, SOCKS5 proxies operate with smaller data packets than other proxies. This is beneficial for the speed of communication, which is better seen in the case of P2P traffic.

SOCKS vs VPN: what’s the difference?

Not all proxy providers talk about this, but there is a vital difference between SOCKS and VPN. The thing is that you can achieve dramatically different anonymity level using these tools. When you use a VPN, all your data is encrypted, while there is no encryption in SOCKS.

Proxies are useful for block circumvention and hiding an IP address, but they are not tools suitable for better privacy. It is easy to identify the proxy user and hijack his or her traffic.

However, when used in combination with a good VPN, proxies can be a part of a better protection system, which is both fast and reliable.