Safeweb Turns Off Free Service

An Anonymous Coward writes: "Seems like Safeweb was the last one to cancel providing free anonymizing service. Rest in peace, Safeweb, I loved you a lot. With Anonymouse down and Anonymizer.com restricted, are there any free services left for those suffering from corporate oppression?"

WTF?

[3waygeek]

Anonymous Cowards here aren't, because their IP addresses are still subject to subpoena, and there's a 2 week long window where Slashdot stores the IP address as an MD5 hash, which can be easily defeated.

How can MD5 be "easily defeated"? I was under the impression that MD5 is a one-way algorithm, so that the original IP address couldn't be recovered from the logs.

Re:WTF?

[ichimunki]

With only 2.3 billion possible IP addresses it is trivial to loop over them, hashing each as you go, and comparing it to the target. Nearly as trivial would be to build a database table that contained every possible IP address and its respective hash. Then you could just put your list of target hashes into a table and do a join to get matches.

This approach assumes you know that the hash represents a valid, unaltered IP address. You could also show that the hash does *not* derive from a valid IP address as well, since the hash would not be in your list of 2.3 billion possible hashes.

I can't see any reason to store IP addresses this way, though. Maybe someone from the Slash development team could elaborate on this.

Re:WTF?

[ichimunki]

Ack! Dyslexia (or something)!

4.29 billion!

pity...

[ariehk]

It's a pity that the anonymizers are dying. There are a whole number of pressures on them:

* The dryup in advertising revenue. A lot of these site's revenue was from the banners they add in on the webpages you viewed using them. The global slowdown has cut all advertising budgets, so they lose out.

* As someone pointed out, the nature of anonymizing sites is that they dont advertise much themselves, so no mass audience.

* A lot of these sites were used in schools and libraries who blocked certain URLS. People used the anonymizers to get round the blocks. However, the sysadmins got wise to this and blocked the major anonymous web services. So much of the key audience is cut out.

It's a pity, though. Next time I want to ogle at goatpr0n at the public library, my trusty safeWeb will be gone.

Well, a bit less

[srichman]

There are lots of invalid IP addresses and private IP addresses that can't transit the Internet.

Re:Well, a bit less

[ichimunki]

Just for the sake of completeness I would probably check those. They are a small portion of the total possible number. My main point was to correct my math error. The limit on IP addresses is 256**4, which is approx 4.3 billion.

Re:Well, a bit less

[srichman]

They are a small portion of the total possible number.

Agreed, I was just being anal. There are 2^24 + 2^20 + 2^16 = 17,891,328 private IP addresses. I don't know offhand how many representable IP addresses are invalid (I'd have to look up an RFC and I'm lazy), but it's not too many.

My main point was to correct my math error.

I know :)

Speaking of which...

[3ryon]

I have been looking to set up a proxy inside our firewall and have been unable to find one that will meet my requirements. If you know of any, please reply to this message.

What I'm trying to accomplish: we have a VPN solution that will let users access our intranet pages, but they must use a different DNS name (one that is resolvable on the Internet) than what is used internally. Yes, this is stupid, but it's the way it is. The problem arises when they click a link on one intranet site that would bump them to another intranet site (inter-site link). The DNS name in that link will only work inside the firewall, as they can't resolve the internal name. Now, I was thinking if I could put an anonymizer-style proxy server inside the firewall, all of my users could connect to that, and the proxy server would have no problems connecting to the internal DNS names as it actually resides inside the firewall. I don't care at all about the service being anonymous, I just want a true proxy.

Problems: I have looked at a lot of solutions, but most are either very expensive (licensing software from anonymizer.com, etc), or simply not good enough (cgi-proxy vomits on a lot of client-side Javascript). Most solutions are for *nix, which I'm not opposed to, but my team doesn't really have strong skills in that arena.

Does anyone know of an inexpensive ( less than $1,000) proxy solution that works flawlessly (forms, Basic Authentication, SSL, Client-side Javascript) that ideally runs on Win2k? On any OS?

Disposable email addresses

[tgeller]

They're not quite the same thing, but disposable email addresses can be used "anonymously" -- and you can throw them out when you're done with them.

--Tom

"Flamebait" moderation for religious comment

[Frank+T.+Lofaro+Jr.]

Why must every time someone says anything pro-Christian or pro-religion they get modded down?

"Flamebait"? Nothing up there is flamebait as far as I can tell. It seems to be a good argument, one that one could disagree with, but not "flamebait". But someone moderated it as such, and I suspect it is due to anti-religious bias.

There is more to the world than technology, folks.

(P.S. I suspect this one likely will get modded down also. Just remember, there is always metamod.)

Re:Corporate Oppression?

[Arandir]

But I don't want cheeese... I can't eat cheeese... How can you eat cheeese when the corporate masters won't let you get pr0n for freee...

sniffle sniffle