Slashdot Mirror

I use this thing.

Selection criteria:

1. First google hit for [anonymous proxy]
2. It's been around since forever and I remember its url (but when I don't, see #1)

Yeah, not that scientific.

The most venerable lineage in this space is probably The Anonymizer, which was once hosted by CMU researchers, but it seems to have been bought and turned into a commercial desktop application.

Check out how it works here: http://www.anonymizer.com/learningcenter/#lc_labs I used nevercookie as sort of a fitness test, but it wasn't designed to only defeat evercookie, it was designed to address the larger problem of tracking via all kinds of local storage mechanisms.

My name is Geoff and I created "nevercookie". I'm a researcher at Anonymizer. I can assure you all that it is not vaporware, it works and has been pretty thoroughly tested, it's just that marketing wants to brand it and make it all slick before we release it to the general public (which should be in a week or two). I've sent out a few beta versions for friends in the security field to test out, and I might be able to send out a few more if anyone is interested in field testing it early (I'll ask my boss). To address concerns about how it works, it's pretty simple actually. When private browsing mode in firefox is initiated, the external data storage of Flash and Silverlight is quarantined (this is done because the browser normally can't touch these things cause they are browser independent, this is the most obvious place that an evercookie can respawn from (unless you clean it manually)). Then a clean, temporary user profile is spawned for the current browsing session, eliminating any lingering cached data. There's actually a decent explanation here: http://www.anonymizer.com/learningcenter/#lc_labs

There are plenty of highly anonymous VPN/SSL tunneling services available for 10 or 15 bucks a month. No need to take a speed hit or trust an unknown foreign proxy server. -Steganos https://www.steganos.com/us/products/home-office/internet-anonym-vpn/overview/ -VPNGates http://www.vpngates.com/ -SecureIX http://www.secureix.com/ -Relakks https://www.relakks.com/?cid=gb -Anonymizer http://www.anonymizer.com/

I meant to say CustomizeGoogle Firefox plugin

That helps.

Of course, if you want to shorten log retention further than Google's "only 2 years!", you can go through a proxy like Anonymizer or Tor. If the fullbore proxies are too much of a hassle, there's always the search proxies like Scroogle Scraper (where the log retention is 48 hours).

Another approach is to poison the data mine with TrackMeNot by generating thousands of random searches in the background.

I've heard about Anonymizer and how it hides your IP. Is that good enough to keep the RIAA off your back or can they see through that to your real IP/ISP?

I think Anomymizer.com is an American company. Any chance that they could get in trouble for this? http://www.anonymizer.com/consumer/media/press_rel eases/03312006.html

Please read that article involving what they are doing in China.

Well now you just start a privacy company that you connect to using a VPN before sending any traffic across the connection. http://www.anonymizer.com/

I have had no major problems surfing anonymously using the service. Minor problems are certain pages not loading correctly due to CSS/cookies/etc. being blocked or mangled by the Anonymizer service. Most of those pages were places I did not need/want to browse anonymously anyway (/., banking, and others of that sort) so it wasn't that big of a deal to turn it off and reload the page. Also included in the package is a secure delete program where you can set the number of passes it makes and so on. Very nice to wipe out cookies that somehow managed to get in, browsing history, etc.

It seems that there solution "will provide a regularly changing URL that users can access to open the doors to unfettered access of the World Wide Web. In addition, users' identities will be protected from online tracking and monitoring by the Chinese government." http://anonymizer.com/consumer/media/press_release s/02012006.html

Proxy?

Located where? Wouldn't you have to rent an account on a server somewhere if your parents don't have a reliable always-on PC at home? Doesn't such an account cost $100 per year? At that price, if you just want to do two or three legit torrents, it might be better to ask someone to burn a CD and mail it to you.

Anonymouse surfing: http://www.anonymization.net/ http://www.anonymizer.com/ http://osiris.978.org/~brianr/ians/ http://www.guardster.com/ http://www.antiproxy.com/ http://www.attackcensorship.com/ http://proxify.com/ http://www.anonymous.as/ http://www.mezzy.com/s-index.php http://anonymouse.ws/anonwww.html http://unipeak.com/ http://www.urlencoded.com/ http://www.behidden.com/ Full system proxy systems: http://tor.eff.org/ http://freenet.sourceforge.net/ http://internet.flashback.se/ http://anon.inf.tu-dresden.de/index_en.html http://www.privoxy.org/ http://www.silentsurf.com/ http://www.peacefire.org/circumventor/simple-circu mventor-instructions.html Ordinary proxies: http://www.atomintersoft.com/products/firewall/cou ntry.aspx/Sweden-se http://www.proxy4free.com/page1.html http://www.publicproxyservers.com/page1.html http://www.proxz.com/ http://www.digitalcybersoft.com/ProxyList/ http://www.freeproxy.ru/ http://www.samair.ru/proxy/ http://www.multiproxy.org/anon_proxy.htm http://www.rrdb.org/ http://www.free-proxy-servers.com/ http://www.proxylists.net/ http://www.proxywhois.com/anonymous-proxy-list.htm http://www.openproxies.com/ Plenty, as said.

If you really suspect a web site as being a vector for attack, then use lynx and study the output before surfing to it with a modern browser. Alternatively, you could use an anonymous proxy.

http://www.anonymizer.com/ ?

Well done! Keep on the good work. Anyway we can help?

I'm the sr. sysadmin for Anonymizer and we have a contract with VOA to provide free proxy service to Iran.

It's based off of PrivateSurfing (which you can try out for free at the Anonymizer homepage, sorry you can't surf /. with it...Rob hates me). Added features for the Iran proxy is full time SSL, URL encryption, Farsi language support, and we switch the proxy website about once a month (every time the Iranian government blocks us). We perform checks on the service from within Iran to see if our site is actually blocked (yes, it works), and we maintain a database of all known e-mail addresses that we can detect as being located in Iran. Every time we switch the proxy site we send an e-mail informing them of the new free proxy location so the citizens of Iran can find it. The sites are also broadcast via radio and TV into Iran by the VOA. To be honest, we're usually about a day behind the blocks, due mostly to time zone differences.

The systems that run the Iran proxies are dedicated and used quite heavily. Much more than any of the servers that we have for everything else. The loadav is pretty high, and we're working on upgrading them in the next few months to increase capacity.

Most of our customers are under NDA so I don't mention where I work much, but the VOA is one of our very few public contracts due to it's anti-censorship nature.

I'm the sr. sysadmin for Anonymizer and we have a contract with VOA to provide free proxy service to Iran.

It's based off of PrivateSurfing (which you can try out for free at the Anonymizer homepage, sorry you can't surf /. with it...Rob hates me). Added features for the Iran proxy is full time SSL, URL encryption, Farsi language support, and we switch the proxy website about once a month (every time the Iranian government blocks us). We perform checks on the service from within Iran to see if our site is actually blocked (yes, it works), and we maintain a database of all known e-mail addresses that we can detect as being located in Iran. Every time we switch the proxy site we send an e-mail informing them of the new free proxy location so the citizens of Iran can find it. The sites are also broadcast via radio and TV into Iran by the VOA. To be honest, we're usually about a day behind the blocks, due mostly to time zone differences.

The systems that run the Iran proxies are dedicated and used quite heavily. Much more than any of the servers that we have for everything else. The loadav is pretty high, and we're working on upgrading them in the next few months to increase capacity.

Most of our customers are under NDA so I don't mention where I work much, but the VOA is one of our very few public contracts due to it's anti-censorship nature.

http://www.anonymizer.com/ is your friend.

Just in case his site gets /.'ed, here is his impressive list of links. - Jonah Hex in non-karma whore mode.
Downloads
Linux Wipe Tools: Three shell scripts for securely wiping all data from the swap partition, wiping unused disk space on the root partition, or wiping an entire disk, by Thomas C. Greene.

No Messenger: A batch file that eliminates Windows Messenger and fixes the problem of Outlook Express loading slowly when Messenger is absent, by an anonymous friend of The Register.

FileCheck MD5: A free, simple, lightweight MD5 utility for Windows, courtesy of Brandon Staggs.

Errata: A text file containing my various blunders and ommissions in the book (right-click and "save as," or view as HTML). Last updated 6 June 2004.

Links to Other Goodies
Mozilla: A free, open source Web browser and e-mail client for Linux and Windows, feature rich and far more secure than Internet Explorer and Outlook Express. Recommended for novices.

Firefox: A free, open source, stand-alone Web browser for Linux and Windows. Very light and fast. Recommended for intermediate users.

Thunderbird: A free, open source e-mail and news client for Linux and Windows. Recommended for intermediate users.

GnuPG: Gnu Privacy Guard; a free, open source replacement for PGP, for Windows and Linux.

WinPT: Windows Privacy Tools; a free, open source GUI frontend to GnuPG for Windows.

Anonymizer: Various services for anonymous Web surfing, e-mail, chat, etc.

OpenSSH: A free, open source SSH (Secure Shell) client and server for Windows and Linux.

PuTTY: A free, open source GUI frontend to OpenSSH for Windows.

Ethereal: A free, open source network traffic analyzer for Windows and Linux. Windows users will need to install WinPcap before installing Ethereal.

Ad-Aware: A free, closed source adware/spyware scanner for Windows.

SpyBot Search & Destroy: A free, closed source adware/spyware scanner for Windows.

Sam Spade: CGI gateways to numerous online tools, such as whois, traceroute, etc.

SourceForge: A vast repository of open-source software for Windows and Linux. The site can be overwhelming, but it has a search engine to help users locate packages.

GNU Project: The home base of the open source movement. A repository of open source products, chiefly for UNIX-compatible systems.

Security Information
About Internet/Network Security: An informative and useful site dealing with computer and Internet security, with reviews of security products and books, practical howtos and tips, and links to numerous tools and information resources, geared toward beginners and intermediate users.

SANS Institute: An educational and research organization with a vast archive of security research documents, news, and advisories, geared toward intermediate and advanced users.

CERT/CC: Computer Emergency Response Team Coordination Cente

What if they used anonymous surfing software like Primedius, or Anonymizer, could they still be tracked?

Foo: If you've got nothing to hide...
Bar: Why do I need to have something to hide in order to want privacy? Can't I simply desire to prevent others from gathering unnecessary information on me?

My definition of "liberty" includes the right to explore the boundaries... and sometimes, to step on the other side.

When I was younger (in the '80s, statute of limitations has long passed, heh), I did my share of vadding (long before I ever heard the term). Technically, I was trespassing -- got caught once, while still in high school, and were my parents ever pi^Wupset!

I sure wouldn't explore those places now -- I'm older and I know better. But would I have known better if I hadn't checked out the limits when I was young?

Online, there are places that probably shouldn't be found (goat-related links are just one eye-melting example). But truthfully, I'm not terribly worried about my teens finding the goatse guy -- because once they know how bad it can get, they'll be much happier back in the "safe" zone.

Contrast that with the self-appointed mavens of online "decency", whose worst online experience was the face on Janet's nipple, and therefore want to regulate everything into blandness.

Of course, this is threading away from the main topic, the A9 "I Know Where You Surfed Last Summer" search engine. I guess the risk is that A9's all-seeing eye could become the norm, rather than the exception. At least we still have Lance Cottrell on our side.

Hook up a phone, especially one of the ones with faster access (ATT's EDGE or Verizon's new network) and you instantly have shareable access anywhere.

Alternatively, you could just log on to an existing WiFi hot spot, and make its Internet connection free to all. I think I'd enjoy connecting at Starbucks even more* if I could watch random strangers enjoying my largesse.

Or, as someone has referenced, you could have a network of friends relay wireless from a high-bandwidth hot spot back to, say, the college dorm. Just have your friends stand around with their backpacks every 20 feet or so. Don't forget redundant links in case someone has to take a potty/food/tequila break.

Anonymity affecionados might like the idea, too... the re-transmitter is the only one who shows up in the connection logs.

* Disclaimer: I've never connected at a Starbucks or anywhere else -- I don't even have a laptop. Donations accepted.

who don't have your interests at heart.

please just go and submit all your personal information directly to Upromise.com to expedite your complete enslavement to your corporate masters.

nothing is free.

if the above statement rings true for you then the next obvious question to ask of a "free" service being offered to you by a bottom-line for-profit corporation is, "how does the corporation profit?"

i'm annoyed at how quickly my fellow geeks are rushing our society headlong into a dystopian fantasy novel.

skip Friendster, Orkut, Upromise, and other data profiling entities and go sign-up for an Anonymizer account (yes, i know they are not perfect). do something to further the vision you have for the type of society you want to live in.

hoping to not meet you all in more repressive and restrictive society a few years down the road. please choose something different.

peace

That's my plan too for the salvaged Compaq with Debian vanilla. I haven't setup squid yet, but I'm looking forward to my own personal Anonymizer.

Re: snooping around the trashed Win98 PC for personal information,
"MIT researchers uncover mountains of private data on discarded computers"

Read their 'privacy' policy. It's got more loopholes than a ship full of tennis shoes from China. And the fact that they have all those exceptions means the system is designed to make them able to give you up.

anonymizer

Of course it would be better to find some friendly admin at a non-http-redirected site who would give you access to his proxy server, but then not everybody has this kind of friends.

There's always the Anonymizer service. I've had great luck using them when my IP address got banned from Slashdot. (It was my own dumb fault, so I wasn't complaining.) Their site has Yahooified -- it used to be easy to find stuff, but now it appears to have been portalized. But if I'm translating correctly, they're now offering anonymous surfing in the "Privacy Manager" package for us$30/year (payable by PayPal, credit card, or other methods).

Or, for another type of proxying, you could always just read Slashdot in Pig Latin...

You can't post and moderate in the same discussion.

Like it's all that hard to get rid of your IP Address? And you call yourself a Slashdotter?

Is it still dangerous to do this if you go through anonymizer?

Possibly, yes. But any country in which the courts rule forwarding requests to illegal content to be illegal will also have made public HTTP proxies (like anonymizer.com) illegal. At that point a different system will be necessary, something where it would be impossible to distinguish publisher/retriever from 'innocent' bystander. There are possibilities for such systems, but they're going to be even less efficient/fast/simple, so let's hope they aren't necessary.

...my girlfriend works somewhere where they tend to keep logs going back the last decade on what sites people visit. I've been unable to find a good proxying bit of software that is opensource so I could run an anonymizer for her.

Basically what I'm looking for is something like anonymizer.com, where she can put in a URL in an HTML form, click "Go", and it will display the site in a frame with a new form in the top frame with the "go" button, that way instead of seeing that she went to yahoo.com they'd see she went to mysite.com/go.php?1293874 or perhaps go.pl?239861.

Does anyone know of any opensource software for that other than PHP-Proxy which doesn't seem to have been updated, ever (and yes, I can do some hacking on my own, but I'd prefer a mature project to save time).

So, it would seem that we need a peer-to-peer service that is built with the following attributes:

-completely anonymous users, file transfers, hosts, etc.
-reliable and stable structure
-decentralized topology
-efficient data management
-and complete deniability (I didn't host that file, or I didn't download that file, as member's cant control content on the network)

We do. We have several.
- FreeNet, and similar projects (Publius, FreeHaven) for distributing anonymous files
- The Invisible IRC Project for anonymous, deniable instant messaging
- InvisiBlog for blogging
- MixMaster and Hushmail for email
- Anonymizer and Peek-a-booty for browsing

Anyone care to add to this list? I've only put the ones that immediately spring to mind, but I know there are more distributed anonymous deniable chaffed encrypted file-share programs that I've not tried.

Interestingly that page is only accessible in the US. Coming from Canada I got the warning

"We at Showtime Online express our apologies; however, these pages are intended for access only from within the United States."

I could view it through www.anonymizer.com though.

p.s.

A 1-year subscription to Anonymizer is included when you join the EFF

Never discount the possibility that whoever set up the filtering is clueless or incompetent. For that matter, the person who set up the filtering system may well have had to do so for legal reasons. Or they may be opposed to such filtering in principle, but not enough to put their job on the line. In which case they may well have conciously not blocked Anonymizer-type sites.

The reason why the supermarket puts locks on their sliding glass doors is not because it's impossible for someone to get in by smashing the glass, but rather because the insurance company needs to be shown that "reasonable effort" was made in deterring crime.

FWIW, for you people with minds in the gutter, my employer's new firewall is configured in a screwy way that was preventing me from posting to Slashdot (apparently this was not intentional; I have a (low-priority) help ticket open to get it fixed). You can see details in my log; apparently there's a Slashdot FAQ about this.

Anyways, the point is, by connecting to Slashdot thru Anonymizer's proxy, I get around my employer's firewall issue. The same logic holds for people behind N2H2's Bess or other similar "blockers".

Screw NAT. If I read it correctly, this makes all anonymous communication illegal!

Under the Patriot act the government has already gone to Safeway to collect information on all people who buy a lot of Humus. Don't you think they have dived in at the anonymizers of the web????

In five years I can really see an internet that would have the cops at your door if you surf the wrong site. Let's hope the expiration date on 60% of the Patriot act actually happens.

hmmm. Let's try this:

bomb bomb bomb bomb Ala Ala bomb bomb bomb bomb bomb bomb bomb bomb bomb bomb bomb bomb bomb bomb hijack praise Ala death to America death to America death to America

If you don't hear from me again, you'll know I'm being indefinitely questioned by the FBI for this post.

Whatever will the terrorists
do?

Seriously though, the advent of projects like Freenet makes this legislation a complete farce. ANY subversive and violent organization who wants to communicate securely and confidentially over the Internet can do so, in a myriad number of ways, with a little bit of research, and have a fairly high chance of escaping detection by a Carnivore-type system.

There's only two possible explanations for this bill: 1) Ignorance on the part of those drafting the legislation, and 2) Terrorism being used as a pretext to clamp down on other criminal activity that would otherwise be difficult to investigate and prosecute, due to Fourth Amendment restrictions.

I don't know which explanation worries and frightens me more.

Keep your data out of the databases. Use cash, ask marketers to remove your name from their lists. Use cash. Use cash. Use cash.

If you've got a "shoppers club" card with your name attached to it. Give it up. Cut it up. Get another one - without your real name and address.

Encrypt your IM traffic with others that are capable. Put SSL on your web server.

Adopt IPv6. Setup IPsec on IPv4/v6 connections. Use SSH (duh!). Get an anonymizer.com account. $30 bones for a year. You can get a 6-month free trial if you sign up as a member of the EFF. $25 bones. You get a sticker. Spend a little more and you get a hat or a T-shirt. Do it.

If you've got flash, watch this.

No need to contribute "useful" data to the databases, right?

Your HTTP anonymizing services would of course divulge any and all information about the original IP address to the Ministry of Truth - sorry, I mean Homeland Security

Which anonymizer service are you using? Read the first section of http://www.anonymizer.com/docs/privacy_statement.s html for a typical declaration of what's kept and for how long.

My point is, anonymity can occur at the application layer, and should not occur at the IP layer.

There is no law requiring web site operators to keep logs of activity, and certainly none requiring anonymizing proxies to keep track of who accesses what sites. The amount of "damage" you can do over anonymized HTTP is insignificant next to the amount of damage you can do over anonymized IP. But for anonymizing your identity when posting some bit of information, either technique works. So why advocate the method that would also anonymize every criminal act performed on the Internet?

I did. With IE. Here is what happened:

1. Your IP address

It picked up my IP address. Fair enough. I'm not running through an anonymous proxy.

2. Hidden tracking files (cookies)

It couldn't list any of my cookies.

3. Exposed Clipboard

This was a little scary. It picked up what was in my clipboard and displayed it.

4. Hack and Exploit Vulnerability

Sophos immediately popped up a message telling me it had detected 'Troj/Codebase-A' in my temporary internet files. A window appeared with some HTML telling me that file:///c:/winnt/win.ini had moved. But nothing else.

I couldn't open the click here links, the links below that didn't work and MSN wasn't giving out my contacts.

5. Browser and Operating System

Big deal. It got them from the HTTP_USERAGENT. I'm not totally paranoid - I don't mind people knowing what browser I use.

6. Geographical location

Middlesex, England, GBR. Well, 2 out of 3 isn't bad but not exactly something to get worried about. Wonder why it thought Middlesex though?

7. Your network

This took the piss. It's just a traceroute from them to the IP address that they determined in the first test. It's not much of a big deal.

I run Internet Explorer 5.50.4919.2200. Sure, I don't doubt that IE has it's problems - but the stuff that Anonymiser is shreaking about is generally not that big a deal and flagged only so they can sell their products.

(mind you the clipboard one was a little spooky)

Since hackers tend to go after the biggest fish, perhaps a better strategy (applied with other common sense measures), is to protect yourself by going heterogeneous. Pick a perfectly fine alternative browser such as Mozilla, run on a Mac or Linux and throw in a couple of other variables that automated exploits won't work for. It doesn't make you immune from attack but it certainly saves you from the latest exploit du jour. If you think you're safe sticking with IE, you should try taking the Anonymizer.com Snoop Test.

The same strategy applies for email. I reckon I get a macro / mime exploit virus in my inbox once a week, but thanks to the simple fact that I don't even run Outlook, I get a level of built-in protection reaching which so far has been 100%. Moz Mail still has vulnerabilities (every software does), but since it takes security seriously to begin with and is a much smaller target, it is considerably safer (and dare I say better and more usable) than Outlook. Using Outlook or IE is like waving a red flag to a bull.

I wonder how many people Santa will turn into unwitting victims this Christmas when they get a brand new PC with Outlook and IE installed on it.

I can think of a thousand different scenarios in which a person may appear to have an address located in Hong Kong but is in reality in the United States. care to enumerate any of those?

ssh into a box in country B, from country A. Then tunnel the file to your machine.

connect to the internet, then connect to a router in country B, ala anonymous browsing services

have a looooong network cable from country B to country A :)

hack into a major internet provider ;)

alter the program which reports the IP, or otherwise spoof the IP address verification

et etc...

Note that there are only two main methods I can think of here:

Going somehow through a machine which actually has the country B IP address

Somehow faking your IP so the verification process is foiled.

like www.anonymizer.com.

Someone already mentioned multiproxy. Also check out Java Anonymous Proxy and Peekabooty. You seem kind of new to the game of paranoia. Why not just start here and do some reading.

It's important to understand exactly what these anonymous services get you and who and what they are protecting against so take some time and realistically educate yourself to the risks and threats.

Oh, and don't forget to check out Freenet

OK, so if I send a message that goes through here and I have passed through say here how are you going to track the origin again??

Here's a quick pair of tips for you - if you can't reacha site due to bad DNS, try hitting www.anonymizer.com and using their free proxy. It's imperfect but it may do the trick.
Another option is to use visualroute.visualware.com to get the IP, then going to that instead of the URL.

My job apparently blocks the h2k2.net site

this site may let you look at it. Also if you email yourself the URL to a hotmail account, hotmail will frame it, also, ask jeeves will frame it, if you can find it in their index. Anyhow, that may let you circumvent the block.

I'm figuring that not only will this kind of software allow people to get around censorship, but wouldn't it also create a P2P-style anonymizer? This would pretty much make logging of user activity useless for criminal investigations. Would the "host" of a benevolent node on this network be liable for illegal activity that was routed through hir machine?