Anonymous Browsing: What It Actually Means

Nathan

6 min read
Anonymous Browsing: What It Actually Means
Photo by Sasha Freemind / Unsplash

Most people think they're browsing anonymously when they're not. Incognito mode is the biggest offender — it's one of the most misunderstood features in any browser, and the gap between what people think it does and what it actually does is significant.

This is what anonymous browsing actually means, what tools get you there, and which ones just make you feel like you're there.

Incognito mode doesn't make you anonymous

Let's start here because it's where most people go wrong.

When you open a private or incognito window, your browser stops saving your history, cookies, and form data locally. That's it. Your internet traffic still goes through your ISP. The websites you visit still see your IP address. If you're on a work or school network, the network administrator can still see exactly what you're doing.

Incognito is useful for one thing: keeping your activity off the device you're using. Logging into someone else's computer, shopping for a gift on a shared laptop, not wanting your search history cluttering autocomplete. That's the use case. Privacy from the outside world isn't it.

Google settled a $5 billion lawsuit in 2024 over collecting user data in Chrome's incognito mode. The lawsuit alleged Google tracked users even when they believed they were browsing privately. That tells you most of what you need to know about what incognito actually offers.

What anonymous browsing actually requires

True anonymity online means two things: hiding what you're doing and hiding who you are.

Most tools only address one of those, which is why people end up with a false sense of security.

Your IP address identifies you. Every website you visit logs your IP address. Your IP can be traced back to your ISP, and your ISP knows which customer was assigned that IP at any given time. Without masking your IP, you're not anonymous — you're just browsing without saving a local history.

Your traffic can be read in transit. Unless your connection is encrypted, the data traveling between your device and a website can be intercepted and read. This matters most on public Wi-Fi, where you're sharing a network with strangers and anyone with basic tools can intercept unencrypted traffic.

Websites track you beyond your IP. Browser fingerprinting collects data points about your device — screen resolution, fonts installed, browser version, time zone, and dozens of other attributes — and combines them into a profile that can identify you even if your IP changes. This is how ad networks track people across sites without relying on cookies.

Your DNS queries expose your browsing. When you type a URL, your device sends a DNS query to translate that address into an IP. By default those queries are unencrypted and visible to your ISP. Even with a VPN, DNS leaks can expose the sites you're visiting if the VPN isn't handling DNS correctly.

The tools that actually help

A VPN masks your IP address by routing your traffic through a server in another location. Websites see the VPN server's IP, not yours. Your ISP sees that you're connected to a VPN but can't see what you're doing inside that connection. A good VPN also encrypts your traffic and handles DNS through its own servers, preventing leaks.

The limitation: your VPN provider can see your traffic. A no-logs VPN policy means they don't store records of what you do — but you're trusting them to honor that. This is why the no-logs policy and the jurisdiction a VPN operates under both matter.

Tor routes your traffic through multiple volunteer-run servers, encrypting it at each hop, so no single point in the chain can see both who you are and what you're doing. It's the closest thing to genuine anonymity available to regular users. The tradeoff is speed — Tor is significantly slower than a regular connection, and some websites block Tor exit nodes.

DoH (DNS over HTTPS) encrypts your DNS queries so your ISP can't see which sites you're looking up, even if they can see you're connected to the internet. This closes one of the most common privacy gaps that VPN users don't think about.

A privacy-focused browser like Firefox with the right configuration, or Brave, reduces browser fingerprinting and blocks trackers by default. This matters because even with a VPN, a highly unique browser fingerprint can identify you across sessions.

None of these tools are all-or-nothing. Most people who care about privacy use a combination — a VPN for everyday browsing, a privacy browser, and Tor for situations where stronger anonymity is needed.

What a VPN does and doesn't do

A VPN is the most practical tool for most people, so it's worth being specific about its limits.

A VPN protects you from your ISP seeing your browsing activity. It protects you on public Wi-Fi. It masks your location from the websites you visit. It prevents many forms of traffic analysis. If the VPN uses DoH, it also protects your DNS queries.

A VPN does not make you anonymous if you log into accounts. The moment you sign into Google, Facebook, or any service tied to your identity, that service knows who you are regardless of your IP. Behavioral tracking, logged-in sessions, and cookies all tie your activity back to your identity at the application layer regardless of what's happening at the network layer.

A VPN doesn't protect you from browser fingerprinting unless you're also using a browser that actively works against it.

And a VPN only works if it doesn't leak. DNS leaks, WebRTC leaks, and IPv6 leaks can all expose your real IP or browsing activity despite an active VPN connection. WebRTC in particular is a common issue — it's a browser feature that can reveal your real IP address even when you're connected to a VPN, which is why tools like WebRTC blocking extensions or VPNs that handle WebRTC at the network level matter.

How Veilock approaches this

Veilock routes your traffic through its server network and masks your IP, but a few specifics are worth calling out.

DNS queries are handled through DoH encryption — your ISP sees a connection, not a list of every site you're visiting. The no-logs policy means there's no record of your browsing activity stored on Veilock's infrastructure. And Vortex, Veilock's obfuscation layer, makes the VPN connection itself harder to detect — useful not just in countries with heavy censorship but anywhere deep packet inspection is being used to identify and throttle VPN traffic.

For most people's threat model — ISP tracking, public Wi-Fi risk, location-based restrictions, ad network surveillance — a VPN that's properly configured covers most of the bases. Veilock is built to cover them without requiring technical knowledge to set up.

Start browsing privately with Veilock

The honest version of what's achievable

Complete anonymity online is extremely difficult for regular users and essentially impossible if you're logged into services tied to your real identity. The goal for most people isn't perfect anonymity — it's meaningful privacy. Reducing the amount of data your ISP collects, blocking surveillance-based advertising, protecting your traffic on networks you don't control, and making it harder for data brokers to build a profile on you.

A VPN, a decent browser, and some basic habits get most people most of the way there. Understanding what each tool actually does is the first step.

Common questions

Does incognito mode hide my activity from my ISP?
No. Incognito only prevents your browser from saving history locally on your device. Your ISP, network administrator, and the websites you visit can all still see your activity.

Can I be tracked with a VPN on?
Yes, if you're logged into accounts. Network-level tracking is handled by the VPN, but application-level tracking — logged-in sessions, cookies, behavioral profiling — is not. The sites you're signed into know who you are regardless of your IP address.

What is browser fingerprinting?
A technique that identifies you based on characteristics of your device and browser — screen size, fonts, plugins, settings — rather than your IP address or cookies. It works even in incognito mode and even with a VPN. Privacy browsers like Firefox (hardened) and Brave actively work against it.

Is Tor better than a VPN for anonymity?
For anonymity specifically, yes. Tor is designed for anonymity in a way that VPNs aren't. The tradeoff is speed and usability. For most everyday privacy needs, a good VPN is sufficient. For situations where anonymity genuinely matters, Tor is the stronger choice — ideally used together with a VPN.

What is a WebRTC leak?
WebRTC is a browser feature used for video calls and real-time communication. It can reveal your real IP address to websites even when you're connected to a VPN. Good VPNs either block WebRTC at the network level or provide guidance on disabling it in your browser.

Does Veilock prevent WebRTC leaks?
Yes. Veilock handles WebRTC at the network level, preventing your real IP from being exposed through browser-based WebRTC requests.