Slashdot Mirror

Firewall blocking is a waste of time, imho.

Zipwow

Anonymizing HTTP proxy: http://www.anonymizer.com

I think it's still free.

As a potential Cyber Patrol customer, I am sure that they would be more than happy to entertain an intensive dialogue with me (via phone and e-mail) in order so that I can better understand why it is that I should not know what sites their product will prevent me from seeing and why they are abusing the legal system in an attempt to supress customer-benefiting Consumer Reports-style reviews and analyses of their products.

During my lunch hour, I will call their Tech. Support dept. so I can get their side of the issue, and express my side. Who knows... I might even have to ask to speak with a "supervisor" (and perhaps even the supervisor's supervisor). If I can think of something to say to them tomorrow that I hadn't thought of today, then I will call them again. And so on.

Tonight, when I arrive home, I will send the company an e-mail message. If and when they reply, I will send them another e-mail, responding to their points and adding any additional ones of my own. (And if they do not reply I will of course e-mail them to enquire as to whether or not they received my original e-mail). And so on. I think that it would mean a lot to them to know that I cared enough about their company and its product to want to get into a long-term e-mail Pen Pal-esque relationship with the company and its employees.

As as an added convenience -- that is to save them the hardship of having to Xerox(tm) duplicate paper copies of my enquiries for their files, I will send a fax version of each of my e-mails as well.

I will take advantage, so to speak, of Mattel's open invitation for me to submit recomendations for sites to be blocked via a website application (http:/ /anon.free.anonymizer.com/http://www.cyberpatrol.c om/forms/listsub.asp) by using this interface to pose press-conference style questions such as: Why does Mattel insult the good faith of its customers by making additions to its so-called ``CyberLISTS'' for purely political reasons?

I assume that if they had wanted this form interface to strictly support only the transmission of URL's (and not insightful questioning) they would have programmed out the polymorphism that permits the latter.

Mattel has a corporate interest to serve the customer. And that's why I am sure that they would be most appreciative if YOU, humble Slashdot Reader, were to likewise contact them in order to let them know that you are interested in finding out more about how their software works and to express to them that it not acceptable for them to pad their list of blocked sites merely for the sake of corporate censorship.

Mattel / Microsystems / The Learning Company ... wants to hear from you! Call them, write to them, e-mail them! Let them know what they can do to better serve you, their (potential) customer!

They will thank you for it! :)

From the cyberpatrol website (http://anon.free .anonymizer.com/http://www.cyberpatrol.com/central ): If you're looking for support on your Cyber Patrol product, please contact:

Cyber Patrol technical support at 1-800-828-2608 or 319-247-3333 Monday thru Friday, 9am to 9pm EST,

or email help@tlcsupport.com, fax 319-395-9600,
or mail The Learning Company 1700 Progress Drive P.O. Box 100 Hiawatha, IA 52233-0100



P.S. If using the website interface (http:/ /anon.free.anonymizer.com/http://www.cyberpatrol.c om/forms/listsub.asp) to pose your questions (instead of URLs)is the only convenient way for you to contact Mattel, I am sure that they will understand. The important thing, as I am sure they would agree is to get the contact going!

As a potential Cyber Patrol customer, I am sure that they would be more than happy to entertain an intensive dialogue with me (via phone and e-mail) in order so that I can better understand why it is that I should not know what sites their product will prevent me from seeing and why they are abusing the legal system in an attempt to supress customer-benefiting Consumer Reports-style reviews and analyses of their products.

During my lunch hour, I will call their Tech. Support dept. so I can get their side of the issue, and express my side. Who knows... I might even have to ask to speak with a "supervisor" (and perhaps even the supervisor's supervisor). If I can think of something to say to them tomorrow that I hadn't thought of today, then I will call them again. And so on.

Tonight, when I arrive home, I will send the company an e-mail message. If and when they reply, I will send them another e-mail, responding to their points and adding any additional ones of my own. (And if they do not reply I will of course e-mail them to enquire as to whether or not they received my original e-mail). And so on. I think that it would mean a lot to them to know that I cared enough about their company and its product to want to get into a long-term e-mail Pen Pal-esque relationship with the company and its employees.

As as an added convenience -- that is to save them the hardship of having to Xerox(tm) duplicate paper copies of my enquiries for their files, I will send a fax version of each of my e-mails as well.

I will take advantage, so to speak, of Mattel's open invitation for me to submit recomendations for sites to be blocked via a website application (http:/ /anon.free.anonymizer.com/http://www.cyberpatrol.c om/forms/listsub.asp) by using this interface to pose press-conference style questions such as: Why does Mattel insult the good faith of its customers by making additions to its so-called ``CyberLISTS'' for purely political reasons?

I assume that if they had wanted this form interface to strictly support only the transmission of URL's (and not insightful questioning) they would have programmed out the polymorphism that permits the latter.

Mattel has a corporate interest to serve the customer. And that's why I am sure that they would be most appreciative if YOU, humble Slashdot Reader, were to likewise contact them in order to let them know that you are interested in finding out more about how their software works and to express to them that it not acceptable for them to pad their list of blocked sites merely for the sake of corporate censorship.

Mattel / Microsystems / The Learning Company ... wants to hear from you! Call them, write to them, e-mail them! Let them know what they can do to better serve you, their (potential) customer!

They will thank you for it! :)

From the cyberpatrol website (http://anon.free .anonymizer.com/http://www.cyberpatrol.com/central ): If you're looking for support on your Cyber Patrol product, please contact:

Cyber Patrol technical support at 1-800-828-2608 or 319-247-3333 Monday thru Friday, 9am to 9pm EST,

or email help@tlcsupport.com, fax 319-395-9600,
or mail The Learning Company 1700 Progress Drive P.O. Box 100 Hiawatha, IA 52233-0100



P.S. If using the website interface (http:/ /anon.free.anonymizer.com/http://www.cyberpatrol.c om/forms/listsub.asp) to pose your questions (instead of URLs)is the only convenient way for you to contact Mattel, I am sure that they will understand. The important thing, as I am sure they would agree is to get the contact going!

As a potential Cyber Patrol customer, I am sure that they would be more than happy to entertain an intensive dialogue with me (via phone and e-mail) in order so that I can better understand why it is that I should not know what sites their product will prevent me from seeing and why they are abusing the legal system in an attempt to supress customer-benefiting Consumer Reports-style reviews and analyses of their products.

During my lunch hour, I will call their Tech. Support dept. so I can get their side of the issue, and express my side. Who knows... I might even have to ask to speak with a "supervisor" (and perhaps even the supervisor's supervisor). If I can think of something to say to them tomorrow that I hadn't thought of today, then I will call them again. And so on.

Tonight, when I arrive home, I will send the company an e-mail message. If and when they reply, I will send them another e-mail, responding to their points and adding any additional ones of my own. (And if they do not reply I will of course e-mail them to enquire as to whether or not they received my original e-mail). And so on. I think that it would mean a lot to them to know that I cared enough about their company and its product to want to get into a long-term e-mail Pen Pal-esque relationship with the company and its employees.

As as an added convenience -- that is to save them the hardship of having to Xerox(tm) duplicate paper copies of my enquiries for their files, I will send a fax version of each of my e-mails as well.

I will take advantage, so to speak, of Mattel's open invitation for me to submit recomendations for sites to be blocked via a website application (http:/ /anon.free.anonymizer.com/http://www.cyberpatrol.c om/forms/listsub.asp) by using this interface to pose press-conference style questions such as: Why does Mattel insult the good faith of its customers by making additions to its so-called ``CyberLISTS'' for purely political reasons?

I assume that if they had wanted this form interface to strictly support only the transmission of URL's (and not insightful questioning) they would have programmed out the polymorphism that permits the latter.

Mattel has a corporate interest to serve the customer. And that's why I am sure that they would be most appreciative if YOU, humble Slashdot Reader, were to likewise contact them in order to let them know that you are interested in finding out more about how their software works and to express to them that it not acceptable for them to pad their list of blocked sites merely for the sake of corporate censorship.

Mattel / Microsystems / The Learning Company ... wants to hear from you! Call them, write to them, e-mail them! Let them know what they can do to better serve you, their (potential) customer!

They will thank you for it! :)

From the cyberpatrol website (http://anon.free .anonymizer.com/http://www.cyberpatrol.com/central ): If you're looking for support on your Cyber Patrol product, please contact:

Cyber Patrol technical support at 1-800-828-2608 or 319-247-3333 Monday thru Friday, 9am to 9pm EST,

or email help@tlcsupport.com, fax 319-395-9600,
or mail The Learning Company 1700 Progress Drive P.O. Box 100 Hiawatha, IA 52233-0100



P.S. If using the website interface (http:/ /anon.free.anonymizer.com/http://www.cyberpatrol.c om/forms/listsub.asp) to pose your questions (instead of URLs)is the only convenient way for you to contact Mattel, I am sure that they will understand. The important thing, as I am sure they would agree is to get the contact going!

Hey Mattel's (Cyber Patrol's) "Help Us Block, Baby!" websit e interface works great! I just plugged in the URL for every Mattel/Learning Company/Microsystems -based site I could find. Turn about is fair play!

I think everyone who reads slashdot should pick a working URL at random and plug it into their interface.

Mattel doesn't seem to be too worried about blocking normal, non-pornographic websites, so we might as well help them finish the job.

Let's feed them the whole fscking Internet!

Ha, I just told them to look into blocking http://www.mattel.com/ I wonder if they will take the bait?

Paybacks are hell Mattel.

Do us all a favor and go fuck yourself.

Thanks!

One word: Anonymizer.

Direct link to there.. This link will allow you post to the boxster board through anonymizer.

Direct link to there.. This link will allow you post to the boxster board through anonymizer.

Let ISP customers take responsibility.

And let's make it harder for web tracking and government sponsored invasions of privacy. Let's eliminate illegal acts of government spying and espionage by preventing them from doing it in the first place.

Most people have heard of the anonymizer to promote privacy. Well, you can do the same thing yourself with junkbuster by allowing others to use your proxy and eliminate doubleclick invasions at the same time.

There was another site that I saw recently, but I forget the URL that had a sequence of servers providing this service and which would scramble routing information between servers thereby making it very difficult to backtrack along packet paths any further than the first 'secure' server.

Once you extend this to cover all common protocols coupled with strong encryption in both directions (on top of whatever normal encryption that would be used between you and the client if you where surfing normally) then you arrive at a situation where snooping is very difficult.

Of course the authorities could then put these servers on a black-list and block traffic to them, but what if there was an open-source module that could be optionally compiled into any sympathetic server in the world that would provide this service? Every time that they would block one site, there would be hundreds more available offering the same service...

You can always try Anonymizer.com for annonymous web access.

I've found it usefull in the past when I haven't wanted my IP traced (somebody had managed to get my ISPs range of IPs banned from a forum I needed to post to, it wasn't me BTW)

--

My school (Tufts University) blocked Napster way back in November when it first started getting popular. I just started using CuteMX as a replacement (which I found at download.com), but unfortunately, it doesn't have as many users.

The new Napster beta circumvents the obstacles our network administrators put up, so they went and blocked access to the Napster website completely! Well, using our good friend the Anonymizer we have managed to download the new version anyway and spread it around campus. What will the network folk come up with next? Suspensions for all Napster users?

Anyway, the whole trial and tribulation has been documented on our online underground newspaper . You should read it - it's rather funny.


-----------------

Posted via Anonymizer as an AC for reasons which will become obvious ...

This is off-topic as far as this story is concerned, but I'm posting because there are (I think) lots of people in a similar position & I really would like to hear some fresh thinking about how to wake my employers up.

I'm employed as an intranet developer by AMegaCorp.,Inc., a business services firm. With the thrill of anonymity I can name a client to give you an idea of how big they are : Ford Motor Co.

Our people have daily access to insanely sensitive stuff. Stock prices moves would be the tip of the iceberg. There's a fair amount of, um, politically sensitive stuff in there, too; let's just say defense, nuclear ... that kind of thing.

• We have no corporate IT policy.
• We issue staff with Win 95 laptops; it's also on all the desktops. (Yes folks, even NT would be safer than 95 :) )
• We have no IDS.
• We have 'a firewall'.
• We have a reasonable virus protection package.
• We have fast desktop net access; I'm no expert, but I can see a LOT of ports on external boxes.
• I actually had a support call from a user who's "internet is broken, yeah, since I disconnected this modem I was using to access hotmail, could that be it ?"
• We are about to embark on a major rollout of RAS ...

I've tried raising these issues in various ways, with no effect. Should I just run away ASAP ? Or am I morally obliged to do something about this ?

Seriously, any suggestions ?? This is doing my head in !

--

healing bex

but I think soon, once I get enough accounts set up, I'm going to make it a point to send at least one email a day to Rob requesting the source code to his open source advocacy site.... I encourage you all to do the same... Only two things can happen - we get the source soon, or we hopelessly delay it until mid-2068, due to his stupid "delay by another 24 hour rule"...

posted via anonymizer for fear of karmatic reprisals by the powers that be. :)

these guys and those guys both offer free proxying. The lucent boys also had a free service, but it's since exitted beta. Of course, running nmap and searching for port 8000 for awhile will also yield some "free" services... although *cough* you'd get more than you pay for if you hit the wrong one. :\

the anonymizer "snoop" is here in case ppl are interested. It doesn't come close to showing all that doubleclick and friends know about you.

Some things to check out:


The Anonymizer
Surf the Web anonymously

Replays Anonymous Remailers
Send email anonymously

Onion Routing
Onion Routing allows you to send IP packets anonymously.

SSonet
Multilevel security in computer networks.

Let me know how this sounds. We establish a proxy mesh, so that all unencrypted requests for controversial material hit the originating server from non-sensitive territory. We encrypt the connection from our browser to the proxy for untraceability.
SSL improves upon PGP/GPG for this purpose. If you are used to PGP terminology, read 'certificate' as 'public key', and 'certification authority' as 'someone the browser trusts.'

1. GPG/PGP is not a stream cipher. The proxy couldn't pass any part of the file on until it had received the whole thing. In contrast, a streaming cipher like SSL can work on data - and pass it along - as it flows in.
2. It is already in browsers. In Netscape 2+ and MSIE 3+, you even can add new Certificate Authorities; having Verisign sign your certificate is not strictly necessary, but still useful.
3. An implementation (with source) is available both inside and outside the United States. SSLeay is a freely available implementation of SSL.
4. It can handle other protocols. SSLeay has been used in a secure telnet application. See section 16.2 of the FAQ pointed at above for info; the link may fail due to spaces in the anchor name.

The Internet Junkbuster Proxy, Muffin and RabbIT are all filtering proxies, well-adapted to block PICS quickly. These could also anonymize well, to avoid signalling the browser locale to the webserver. Squid is adapted for speed and caching, but not-at-all for filtering; I doubt it has any hooks in the code for that.

http://www.anonymizer.com/3.0/index.shtml for those that can't cut and paste.

There are several technical solutions available to stop yahoo (or any other site), in their tracks. these guys run an anonymizing proxy, as do these people. Of course, you also have several CGI proxies out there too, but I don't have the URL's offhand. lucent also ran a proxy, but it has since been discontinued. Freedom now has the functionality - currently free, but will eventually be fee based.

In short, the moral of the story is - if you want anonymity... you need to make a meager attempt at getting it. But not much more - there's plenty of us out there willing to thumb people like yahoo and their court odors (or should that be orders?)

.

--

While Moon was OK, he just wasn't sober enough to match Gene Krupa. Krupa had more than rhythm. He had that extra oomph that separates real drummers from garbage can bangers. Of course Moon was very good, and certainly *NOT* a garbage can banger. But Krupa was so much better in phrasing and the subtle wrist modulation that Moon lacked.

To really get around it, you'll want to find out which product you're up against, and then visit PeaceFire. They have instructions to get around a variety of different products, possibly including yours.

Jamie McCarthy

Here are a few more links for more information about HTTP and some neat things that are being done with it...

• Get the latest dirt from the World Wide Web Consortium.
• RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1 ( text, PostScript, PDF)
• Berkeley's TranSend service is a cluster of workstations working together to act as a massive HTTP proxy. This proxy "transforms" Web pages based on clients settings. Was the basis of the ( now-commercial) Top Gun Wingman Web browser for the PalmPilot.
• The Anonymizer acts as a proxy that strips out all the unwanted/unneeded header lines that your Web browser sends.

I had started hacking together an HTTP/1.1-compliant proxy in perl that did on-the-fly compression if the client supported it, but I never got around to completing it. Initial results were impressive, especially when it was paired with a caching proxy like Squid or a CacheFlow box. Of course, with DSL and cable modems getting more widespread use, people like myself that are still pinned to a 33.6k connection are being left behind.

Caching/compressing/proxying is still in widespread usage outside North America (most notably Australia and European countries). Their problem was (is!) outrageous access prices and relatively slow overseas connections, so they've been using caching for a long time to help solve it. The US and Canada have solved their "problem" of Web pages not instantaneously loading by throwing more bandwidth at it...

I think that a service like http://www.anonymizer.com allows one to sidestep blocking of particular IP addresses very nicely -- unless of course the legislation was interpreted as requiring that Australian ISPs had to block access to such services.

I suspect it wouldn't be, and I think that providing such a service -- even in Australia -- may be legal. The person providing the service is (probably) not an internet carriage service under the act, and isn't hosting internet content either, and so isn't subject to the act.
This would make an interesting test case!

I'm pretty sure that providing such a service to Australians wouldn't make anyone subject to extradition.

At worst we might need a service which emails the contents of a URL to you -- that is certainly legal, even if the email contains prohibited content.

What about if everyone had encrypted connections - i.e. every http request, every email, every packet of traffic between a server and a surfer was encrypted? Then it would no longer be even remotely feasible to filter traffic. The sooner that everyone can have their online privacy guaranteed, the better. It seems we not only need privacy from malicious parties watching what we do online - we now need privacy from our own government's protection!

The problem is what protocol(s) to use to do all this, I'm not sure what existing protocols, if any, could be used?

The other major impediment to this idea is the US encryption export law. But I don't think I need to explain all that to slashdot readers :)

Of course, packets coming from domains such as Hustler could still be blocked simply on the basis of IP address - but if another site is mirroring (e.g. something along the lines of anonymizer), and traffic from the mirror is encrypted, then who could say if it had porn or not?

In the meantime, I can only hope enough of an outcry can be raised to convince the Australian Government that this was a bad idea. After all, I have a strong suspicion that Senator Brian Harradine (who's independent vote was crucial to the passing of this Bill) has never really used the internet, let alone has any real understanding of what it actually is, and has the potential to be.

I know that the intent of this regulation isn't to ban sites like slashdot, but the fact that it becomes even a remote possibility is a very disturbing thought indeed.

But now the bigger issue: Privacy. What no one seems to think of is that allowing extensive anonymity on one's system does not a privacy policy make. These are two almost totally separate things. If you want privacy, you should be using PGP or GPG or some other form of encryption technology. If you want anonymity, go to the Anonymizer folks. (Although even they blur the line between the two.)

Privacy is a good thing. If I only want one person to be able to read an email intended for them, I'll bug them into getting and using PGP or something similarly strong. I hope that such people would bug me in return. It's also pretty hard to abuse someone's privacy. Invade it, yes. But cracking a PGP-encrypted message tends to be quite difficult and as long as you have good password policies, it's just that much more difficult.

Anonymity is also pretty good, to an extent. There are some times when you need to say something that would get you in trouble. (I'm talking more than the kind of stuff that gets you flamed; I mean the kind of stuff that'll get you fired from your job or something equally undesirable.) There needs to be that option. It is also very easy to abuse anonymity as is seen every day, over and over again, by spammers and flamers and trolls and their ilk on USENET and many other public "forum"-ish places. That is what needs to be controlled and I don't blame companies like Deja News who need to cover their asses so they can avoid being sued for doing any sort of logging. (Now, if they wanted your private PGP key and password, that's something entirely different and I won't go into that. Key escrow sucks, bigtime. (Okay, so I lied. But I won't get into it any further than that. (Unless you provoke me.)))

Get it straight, folks:

• Privacy != Anonymity

  Anonymity != Privacy

Did anyone go to www.toysrgus.com and read the actual letter? Or are you just going by what News.com actually said?

Gus is a good friend of mine. The website was set up as an archive for Star Wars collectibles, of which there where hundreds, if not thousands. To the best of my knowledge, it was only an archive, not a store. The mere thought of that makes me laugh. If you knew Gus, you'd laugh, too.

Gus hasn't decided what he's going to do yet. He's considered complying, but sees that as only one option. He might fight it; he certainly has enough support. We'll see.

However, reading some of the comments above, I'm confused. It's okay to have a domain name that is the same as a trademarked name but having nothing to do with said trademark; but it's not okay to have one that sounds like a trademark? What kind of double standard is that? It sounds like something Microsoft would pull.

If that's the case, we'd better start shutting down sites like YaHooka (sounds too much like Yahoo!) and anonimizer.com (sounds too much like Anonymizer.com)!!

No more freedom of expression! Close the Internet! Last one off, please turn off the router.

Learn more at the National Alliance.