Slashdot Mirror
Peek-a-Boo (ty)
Anemophilous Coward writes "Tom's Hardware has a story detailing cDc's new anonymity app, just demonstrated Sunday. Peek-A-Booty is designed to let surfers access sites blocked by government restrictions, and is essentially, a distributed proxy network. It uses a peer-to-peer model, masking the identity of each node. This means the user can route around censorship that blocks citizens' access to specific IP addresses, because the censor doesn't know they're going there. There is also a website dedicated to the project."
Aside - I first read cDc as 'Center for Disease Control', heh, sure changed the article.
What?
If someone has blocked you from the PrOn sites, you get this device and you still get to peek-a-booty ???
I can see both the good and bad of this application.
On the good side: China. Folks over there who have to deal with the gigantic "Firewall O' Death" (also known as the "Damn it, Communism works so stop reading about how it doesn't" Firewall) can possibly use this tool to get to the outside information they need to keep spreadin' the news that "Information good."
On the other side, as a Security Manager in a bank who's sometimes asked to go find out if person XYZ has been accessing nakedhairyeyebrowedcheerleaders.com, I can see how this utility might make it impossible for me to do my job.
So I've got mixed feelings on this utility.
52 Weeks, 52 Religions with John Hummel
THe problem is restrictive governments have people on staff to look for stuff like this. This app (while I haven't tested it) pulls from multiple sources. I like the idea a lot. Sorta moving towards a P2P web network where you can browse content like you do now but peer to peer rather than client / server.
Luck favors the prepared, darling.
I wish I'd seen this before I submitted the story on the Great Firewall to kuro5hin. Arrgh.
Best Slashdot Co
Well, the software is still very easy to block.
I assume that they use HTTP as the transport. So it's enough to use firewall that understands HTTP, i.e. any that is advertised as 'application layer' firewall.
And if you don't block per IP you probably already use such an firewall. The only difference is that you will scan for forbidden URL (or a part of thereof) in the POST fields or GET agruments and not in the URL prefix.
Writing a piece of software that monitors all your HTTP connections and blocks any that match the string 'goatse' is very easy (less than 4 hours if you don't care about scalability and configurability).
e-mail: karol at tls-technologies.com
www: http://www.tls-technologies.com
sig: not found
The problem: Say I'm a user who wants to connect to a Peek-A-Booty network. I need to get the address of a node to connect to. How do I get this? The obvious solution, and the one used for Gnutella and other peer-to-peer apps, is to publish a list of nodes (or at least one). But that won't work here -- because then the censors can use the same list to track down the nodes and block and/or disable them. This is especially problematic if you're using Peek-A-Booty as it claims it is meant to be: if you're in a country that filters access (say, China) and the government can track down the users trying to circumvent the filters, they can and will punish/torture/kill those people.
Peek-A-Booty has not solved this problem. Read what Tom's article has to say about it:
That's right -- the only way to connect to a Peek-A-Booty network is word-of-mouth, which is horribly ineffective. Finding a node will be extremely difficult unless you know the right people, and then it's very easy for the censor to ruin it. Trust the wrong person, and your whole network is exposed. Government spies could give out addresses that the claim are Peek-A-Booty networks, then catch anyone who tries to connect to those. Worst of all, they could just offer some huge incentive to people for turning in their friends.I hate to say it, but this system simply isn't ready yet. They have not come up with a technically sound solution.
-- Imagine how much more advanced our technology would be if we had eight fingers per hand.
unless it's done the same way as the *tella style p2p.
It's just so annoying that when I wanted something from the *tella network, the server isn't even on. Or I kept seeing people probing my computer for a *tella server.
Then again if it's done similar to the central location way, it can be easily blocked too. Hrm. Guess there'll be more traffic hammering my firewall. *sigh*
And naturally our wonderful corporate wwwproxy kicks in and leaves me unable to see the peekabooty site...
Well, I guess it is good for me since it could rupture my fragile little mind..
For a while I've been browsing the web from work without my employer knowing which sites I go to. I've been doing this using Teraterm secure shell to redirect a port from my work machine to a linux machine at home. At home I have linux running squid, a proxy server. I change my work browser's proxy settings to localhost and the redirected port number. Anyone sniffing my traffic at work will just see encrypted packets flying by with no idea what they mean.
I would block the download site right now. Are sites like /. also censored? I'm not taking the pessimistic view, but I bet they are some really anal geeks working for the chinesse government. Probably looking for projects like PB and then banning them.
My university has an agonizingly frustrating download limit of 500 megs per week. Could this program possibly circumvent my limit? I'd try it now, but I'm at home (reading week).
Actually, those bastards also block out morpheus. Could this program get around that, too?
--
These aren't the droids you're looking for.
Hmmm... gangs act in funny ways. They often think if they conduct illegal activites en masse they are somehow shielded from the law.
I certainly would not want to use an anonymous network where some sicko could be using your computer to conduct their crimes. Do you think the cops would really understand or care how those files got onto your computer? No. Off to jail you go.
The "download" page on www.peek-a-booty.org doesn't have anything.
Has anyone been able to download it?
Hopefully the good will outweigh the bad, to that end I imagine that the test of time will tell.
-- Dan
The Great Rogerborgio will make a spooky prediction. When Peek-a-Booty 1.0 reaches 100,000 downloads, a story will break that the client contains a hostile trojan that lets "evil hackers" take control of your machine, impersonate you, steal your credit card details, and screw your shrieking girlfriend in the ass while you watch helplessly, tears of frustration streaming down your shocked, betrayed face.
The story will be submitted by a "credible group of anonymous white hat hackers" and run - unquestioned - by BBC Online and - slightly questioned, at best - by Reuturs, and every other online news source will pick it up from there and spread it as gospel truth.
It will not be true. It will be Fear, Uncertainty and Doubt, pure and simple. Many interested parties will want Peek-a-Booty to fail. In fact, there are so many - governmental and industrial - that even the Great Rogerborgio cannot peer through the mists of time sharply enough to determine the culprit.
But it will happen. And remember, you read it here first.
If you were blocking sigs, you wouldn't have to read this.
So you mean I can go to any website out there, even if my websurfing is blocked? Great! How do I get this software? Oh go to this website. Hey. It's blocked.
While the aims and goals of this project are commendable, I can't help but think that this program will be utilized moreso by old men wanting to look at kiddie porn safely, than those in oppressed countries.
One can simply see this trend with the GNUtella network, and monitoring the search strings people send out. They're full of stuff such as "hairless pre-teen sex" and "dogs fucking women".
I'd be much more interested in running Peek-A-Booty if it had some sort of information-type limiting, but this would go against the whole basic concept of the program. I'd be glad to assist those who are oppressed, but WILL NOT help sexual predators and the like.
Maybe people who want to help those in oppressive countries should throw up rogue squid proxy servers with bandwidth rate limiting and perhaps some client access limiting (*.cn, *.ru, and soon, *.us). This is what I do and it works quite well.
I don't even advertise it, but quite a few people find it and use it (mostly people in southeast asia, actually)
this supposdly "non vaporware" still isn't downloadable from the peekabooty website.
Just because people have seen it run, doesn't make it non vaporware, it has to be distributed.
So where's the Beef? ([lame joke]or should that be dead cow?[/lame joke])
(n/t)
Say no to software patents.
Never on Slashdot did I think I'd see a story title with the word 'booty' in it.
AnonyCoward
Doen't this system remind anyone of the media network in Neal Stephenson's The Diamond Age? Information gets passed from one place to another by different people, so that no one can tell where the person on the other end is. Looks like another one of Stephenson's ideas has become a reality.
... some cracker will set up a node that, when asked for a web page, issues spam instead.
... or worse yet the web page requested with spam interspearsed.
That will be the end of that.
The End. (uggh) Nice idea though!
-"The early bird catches the worm, but the late bird sleeps the most"
If I'm a Evil Opressive Government (TM), does this really do anything to circumvent my ability to oppress the masses? Great, so a bunch of dissidents decide to go out and get their information on-line through this system. I, as the Evil Oppressive Government use my intelligence networks and eventually discover this system. So what I do is find several of these proxies and begin logging their activity.
A few months later after I've seen a lot of people going to these systems I begin sending out visitors in the wee hours of the night to "educate" these people. Really these systems may actually make it EASIER to find incorrect thinking individuals. I don't have to compromise an entire network of dissidents, I just have to find a couple proxy sites and let the proxy logs do my work for me.
I've spent a lot of spare brain cycles thinking about this stuff and it seems like you really need a way to obfuscate that nature of your communication over multiple channels. You need legitimate looking sites to act as proxies and to limit the frequency and size of transmissions to reduce their visibility. Anything that can make connection profiling possible rules it out as a viable solution.
Now, this system does have a host of possible uses, don't get me wrong. It will make it possible for somebody at the library to work around net nanny software, etc. It will make it easier to avoid the snoopy firewalls at the office who want to keep track of how many times I visited Ebay today. But I don't think this will do dissidents much good.
This sig has been temporarily disconnected or is no longer in service
If the user can't install it, they can't use it.
In a bank, a user shouldn't be able to install anything at all.
Don't answer me. Moderate. Slashdot is about moderation, not discussion.
So in other words, I can put the full use of my internet pipe to a distributed and proxied "load test" of slashdot, or whatever site annoys me today. For the non-techy monkeys out there that's a denial of service attack...convieniently anonymized and distributed for me. Slashdot has some moderately big pipes, but a handful of people doing this, and your gonna see some problems. Especially if they intentionally keep hitting lots of database intensive, non-static html screens.
FREEEEEDOM! Thanks cDc! And thank YOU slashdot, for telling me about it!
Hey guys, this ain't released yet, and for good reason. There's still work to do. If you have an attack which you think is probable of success, you would do good to let them know so they can design countermeasures.
"Let him go, Ralph. He knows what he's doing." --Otto Mann (simpsons)
Its easy, just block the proxy network, and boom... its blocked again. That was easy!
It isn't a lie if you belive it.
Couldn't you (as a net admin) block the IP to the peekaboo(ty) site?
... done.
Lesseee, according to my monitor Jimmy in accounting has used 1.8 gigs of bandwidth on our t1 in the last 4 hours all from one IP. Hm, IP doesn't show up on my list of naughty sites, and it's not stileproject.com. OK, I'll just ban that IP, copy the contents of his temp file to my admin machine
In that circumstance what has peekabooty done except given poor Jimmy a false sense of security. In that respect, it's a Machiavellian netadmin's dream.
-Styopa
I'd like to use this, but my company has blocked access to the site.
Finally a way around Norways oppressive censorship :P
Those who use these technologies to bypass governmental restrictions are merely jealous of those who are able to grab control of governments and use them to their advantage.
Seastead this.
'Look! Neal Stephenson was right in !' He's not that great people, nor all that presicent. Most of the science in the Diamond Age was bad or ill-concieved, and even the media system is somewhat mangled and unworkable. It involves a really major paradigm shift that he never bothers to explain. That said, I like most of his books, except for the constant and irritating moralizing that he's doing more and more with each book. The Diamond age is stuffed to the ears with 'magic', not tech, so I wish that people would stop crowing that the man is right all the time. He's basically a conservative commentator that writes Sci-Fi. That doesn't make him bad, but it also doesn't make him a futurologist (which wouldn't make him nessecarily more correct anyway, looking at some of the lastest stories here.).
Sig: What Happened To The Censorware Project (censorware.org)
It will never end, and there will never be a winner. The game just goes on and on and on...move and counter move, move and counter move...
It certainly is fun to make the other team (whoever they may be) squirm, though.
Got Rhinos?
Information-type limiting works against the very idea of the system.
I don't mind helping everyone equally. Even sexual predators- there are other ways to catch them.
Sorry, kiddie porn is not a trump card with me.
What we call folk wisdom is often no more than a kind of expedient stupidity.-Edward Abbey
Wait a minute...those aren't pom-poms! Ewww, gross!
Got Rhinos?
Already, we have the "Internet 2" project for researchers, so they can have their own Internet, free of commercial traffic and home users clogging things up with streaming video/audio and file downloads.
I see more of this coming. In the future, I predict businesses will get together and pay in to some sort of entity that builds (or promises to build) an independent Internet type network just for business purposes. If you're a porn provider or warez site, you simply won't qualify to be a part of this private network. The only question remaining is how many ties to the rest of the Internet will it have? It seems it has to have at least a few, because employees working from home will want to tunnel in via VPN to the workplace.
What your forgetting here is all i need is a start node to connect to the network. From there I'll know the location of more and more nodes. So ip address 10.9.0.1 is the first node and I'm able to connect. After I know where that node is I know where the other 1000 nodes connected to it are. Then if someone blocks access to that node I connect to one of the others. Then anyone I know can initially connect to me. The idea is the network will have a spider web effect similar to how the internet works now. So if one route goes down there are other routes to go through. And the spider web just gets bigger and bigger where it's impossible to take it down without totally disconnecting you from the internet. It's not a hard concept the network just needs to be created.
If your not cheating your not trying. If your not trying your not winning and if your not winning why play?
The biggest problem I see is management content to drop the whole Internet surfing problem in the lap of the I.T. department. What most I.T. workers are saying is "Hey, I want to spend my time taking care of the computer systems and network -- not becoming the Internet police."
It's the job of a manager to oversee his/her employees and make sure they're using their time efficiently. As I've always said, employees who want to waste time will find a million ways to do it. If you restrict them from surfing the net, they'll just talk to friends on the phone, or bring in a newspaper to read, or walk the halls with a cup of coffee and try to look busy.
I have no problem with putting the basics of an automated system in place to block known porn sites and other blatantly illegal sites. Just by doing that, you're showing you took measures to prevent sexual harassment in the workplace. I think most companies would like to be in a position to say they did that, if it ever came up in court.
Beyond that, I think it's wrong for managers of other departments to request/expect I.T. to "fill them in on what so-and-so is doing on the web", or to complain that something's not "locked down tight enough". If you know you have employees surfing where you don't want them surfing, take care of it yourself!
Here's the question I have.
Let's say someone where I work (NASA) decides to install this to get around the proxy. It allows them to connect to blocked sites through other peek-a-booty clients, right? Does this in turn punch a hole through our firewall and allow others to access our intranet that they are blocked from accessing?
It sounds like this is can be used as a voluntarily installed cracking tool.
I'm sure that getting upset at people for how they refer to employees probably hasn't helped you get a job.
Instead of saying "I resent that you call employees drones!", you should try, "Who should I talk to about becoming one of your drones?"
Got Rhinos?
I see a lot of posts which seem to imply that employee surfing should be ignored. Why is it a big deal if an employee does some personal surfing? Why not measure an employee's productivity and leave it at that?
I used to work at a company that had a very liberal internet use policy. We were pretty early adopters as far as the corporate world goes. We wanted people to use the Internet as a tool and didn't want to micromanage or scrutinize its usage.
Over the years we had to tighten our policy as abuses started to mount. The final straw was an idiot who was collecting kiddie porn and saving it on our network server! We immediately notified the police and he has arrested and prosecuted. The guy literally had hundreds of pictures carefully organized into directories to categorize them. It was obvious (1) that he had been doing it for a while, (2) he had invested a great deal of thought and time in these activities.
The company was dragged into the employee's defense trial. We spent a lot of time and money on attorneys, depositions, etc. It was a nightmare. We were forced to implement a system to control and monitor access to the Internet to insure that this type of thing did not happen again. It is one thing to get caught in that type of situation once but it can't happen again.
So we spent a lot of time and money watching and controlling Internet access. It sucks but it only takes one idiot to mess things up for everyone and there are a lot of idiots out there.
I still think that ideally Internet usage should be the employees' responsibility but in the real world things often get much more complicated.
If the user can't install it, they can't use it. In a bank, a user shouldn't be able to install anything at all.
Some software doesn't need to write to the registry to be installed; it can run from a simple unzipped folder. The only way to disallow installing software is not to let the user write to storage at all.
Will I retire or break 10K?
It's not going to be a big a deal as you think, because of the way it's set up.
(Note: I've never seen the software, all this is based on how I *think* it would have to work. YMMV.)
(Note: I'm probably going to hell, because you know the Commies are reading this, and they'll use this stuff just the same as your company will.)
The system does no initial discovery, you have to know the address of an upstream node. Presumably, any folks using this within your company are probably going to know each other, and they're going to have one, maybe two upstream nodes that they're connecting to.
Syslog your firewall port 443 (or whatever port this thing ends us using - - if it's not port 443, even easier!), and every so often, check the destination addresses. You'll find your PaB users soon enough.
If, once the inital connection is made to a known node, the system jumps around from node to node, then scan for single machines making large numbers of SSL connections to different addresses.
If it *is* truely P2P, then the machines inside your organization are also nodes. Portscan your machines for the incoming port(s), and they'll show up easily.
Also, if you have an intranet, chances are the proxy's going to try to contact an external peer for your own internal web offerings. You'll be getting help desk calls that your people can't see your intranet soon after this thing's put in place.
*evil bofh grin*
I think it's going to be easy to pick out inside any network.
Ed R.Zahurak
You know, oblivion keeps looking better every day.
On the other side, as a Security Manager in a bank who's sometimes asked to go find out if person XYZ has been accessing nakedhairyeyebrowedcheerleaders.com, I can see how this utility might make it impossible for me to do my job.
So tell them, "its no longer possible"
you might also suggest; if this person is doing his job, what does it matter if he watches po*n - and if he doesn't do his job... fire him. Simple.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
Millions of drug users use this model quite happily.
My Karma: ran over your Dogma
StrawberryFrog
http://cultdeadcow.com/details.php3?listing_id=426
PEEKABOOTY UPDATE
FOR IMMEDIATE RELEASE
LUBBOCK, TX, February 7 -- The CULT OF THE DEAD COW (cDc) would like to clarify a few matters in relation to Peekabooty, an anti-censorship software application currently under development.
Peekabooty was originally the brainchild of the Hacktivismo group, an international cadre of hackers founded by the cDc's Oxblood Ruffin. Hacktivismo's mandate was and is to develop technology in the service of human rights. Peekabooty was its first project; others are in various stages of planning and development.
The CULT OF THE DEAD COW has supported this work from its conception, because we view censorship of the Internet as a cancer that must be excised. However, it should be noted that the cDc membership have not been contributing code or driving the development schedule for Peekabooty. This project was entirely the concern of Hacktivismo group.
Two years ago, Bronc Buster and Mr. Pink wrote the proto-code for the current iteration of Peekabooty. Paul Baranowski (who until recently used the handle "Drunken Master") later became its chief architect and took charge of the Peekabooty programming effort. Some months ago, Paul chose to dedicate himself full-time to refactoring the codebase and finish implementing the remaining functionality.
Paul has recently decided to sever ties with the Hacktivismo group but he will continue to develop the Peekabooty app. Occasionally developers can't find the environment they need to do their best work and now is one such time.
Paul will be leaving Hacktivismo and taking on full responsibility for his work and all future development of his software. So from now on, Paul is directing all aspects of the Peekabooty project. It is no longer a Hacktivismo production. The Hacktivismo group will shift its main focus back to other projects in the pipeline.
We continue to wish Paul the best of luck. We believe that Peekabooty will prove itself to be a liberating force on the Net. Although Hacktivismo has severed formal ties with the project, some members intend to informally contribute their testing skills, etc. to the ongoing effort.
Paul will be presenting a recent snapshot at CodeCon, February 15 - 17, in San Francisco. Go check it out. But please be aware that this is not a launch; Peekabooty is still a work in progress.
Could this thing give you the ability to run a ddos attack completely anonymously? So much so that it would be impossible to shut down. If you can't detect who is sending it or it keeps sending different IPs, it would be impossible to stop the attack. Also it could shut down everyone on peek-a-booty. They may have made that impossible to do but since I can't find anything on it I have to leave it open as a possiblity. If it is possible, once the peek-a-booty network was going the whole web could be taken down. I like the idea of this thing but it was developed by hackers for hackers so I am a little warey.
If your not cheating your not trying. If your not trying your not winning and if your not winning why play?
Isn't this project illegal since the DMCA doesn't allow people to make software that "cracks" the "security" (and I'm sure thats what the chinese goverment call it.... protecting their people from all bad stuff on the net.)
I think this is a great idea. Lots of posts have already raised the issues that always arise with free speech. When people are free to speak (and more importantly hear) what they like, then sometimes they use that freedom to say and hear unpleasant things. Personally I think that this price is trivial compared to the benefits that flow from freedom.
However, I do have another concern. We all know how hollow claims of security often turn out to be. This project invites people to commit crimes which, in some countries, carry severe penalties including (in a few countries) the death penalty. So I hope that this system really is secure, and that if it isn't entirely secure, I hope that the people running it are honest about the risks.
It would be a pity if someone were to encourage people in (lets say) China to seek the truth, and then left them exposed to the Chinese government.
The people who are working on this project ought to think long and hard about any promises or assurances of security that they make.
Praksys
Most of the comments I've seen for this story talk about how it will be good (or bad) for employee surfing. It occurs to me that this will also be a way to defeat the websites that try to lock out certain regions from being able to access them, for matters of national licensing and such. (I saw a story about that sort of thing on /. a while back, but I'm too lazy to go look it up. :)
Editor Emeritus and Senior Writer, TeleRead.org
Technology merits aside, why did they have to choose the name 'peek a booty' ?? This really isn't helping us getting rid of the 'pron-fiend-p2p-user' stereotype. I can't imagine the company or technology being recognized by corporate types, either.
-Linux was for the masses, who spoke, and everything was crystal clear.
I wonder if a program like Quick Browse - http://www.quickbrowse.com - might also do the trick?
How come it is whenever I see the vast majority screencaps on a *nix machine, it is ALWAYS running these two apps:
XEYES
XLOGO
It really makes me wonder if *nix is all it's cracked up to be if this is all I ever see?
At my last admin gig, I refused to provide managers with info on what sites were being accessed, what email was being rec'd, and what personal files were on hard drives. If a direct order didn't come from an executive or the IT Director, then it was not my place to rat out employees.
Talk about liability! I have no way of knowing/proving that John Doe accessed this site. I only know that John Doe's PC accessed xxx.com. But PHB's won't understand the difference.
Managers wouldn't ask someone in a cube famr what the guy next to him was surfing, why should I be put in that position? The other employees are my colleagues, and I refuse to disrespect them simply because I control the servers.
I heard about this program a year ago. Back then I wasn't sure what to think about it, because cDc isn't one of the "software producers" I trust. Personally, I would never install anyhing written by them on my computer.
Peek-a-booty appears to be a valid program, and may even be really useful for people who have governments blocking them from freely accessing the internet. However, I do think that they should get rid of the cDc name, mainly because cDc is associated with lame backdoor trojans by a lot of people. Also, if it ever got mainstream media attention, it is likely that they would start the article by saying something like: "cDC, the makers of the infamous backdoor trojan program Backorifice...". This is likely to scare people from installing it.
Just my two cents...
Since when is porn "Blatantly Illegal?"
People in Soviet Russia, however, appear to be afflicted with amusing juxtapositions of the aforementioned situation
Do any of you seriously trust this tool, or cDc at all? What's the last big "product" that they dumped on the Internet? Back Orifice. And we all know how respectable a "remote administration tool" that was, don't we? Especially the part where all the positive results for server scans made by the old GUI client were sent to a cDc affiliate's website, that was REAL trustworthy on their part. I'm sure as hell not going to put my privacy, my machine, my connection and my LEGAL STATUS in the hands of people that don't even respect the community they claim to be a part of. If you want to do something constructive for free speech on the Internet, do the following:
Visit http://freenet.sourceforge.net and download their client. Run it. Submit bug reports, feature requests..anything you can think of to improve the TRUSTWORTHY privacy software already in the making.
Visit http://www.eff.org and do whatever you can to support them.
Lobby your local officials in government, talk to representatives..try to get things done. Don't support a program made by a bunch of underhanded blackhats, because in the end, what's going to happen? Within a week CNN will be televising the first White House briefing about how Peek-a-Booty is yet more proof that encryption and privacy software in general are supportive of terrorism.
Remember, the proxies get discovered by word of mouth or perhaps off a website. The oppressive government has the same resources if not more to find these proxies. I don't need to know what you actually transmit over the proxy, as long as I know what the proxy could be used for I can do what I want with you.
This sig has been temporarily disconnected or is no longer in service
I believe that Peek-a-Booty will be GPL'd, or at least open-sourced.. in that case, one would simply distrust the binaries and compile (or DL from trusted site) the program locally. .. it's a neat piece of code. Assuming the widely-heralded P-a-Booty is coded to the same high standards, I would very much like to get ahold of it.
As far as it goes, however, Back Orifice is notable as one of the trickier trojays to ferret out
An even geater problem than finding the first node address would be actually finding the program. Wouldn't china(or any other censoring country) have any sites that provide this software blocked? and if they didnt, are they really that censored?
So, are you telling that the cult of the dead cow is behind all this?
You conspirance theorist. :)
...because someone decided to use peek-a-booty to try to crack whitehouse.gov, and the luck of the draw gives him *my* machine to use as a proxy, so when the Secret Service traces the attack back, they find just lil old me. This has happened to me in the past (not through a proxy, I got back orificed)stupid windows user!!)), and my ISP shut down my account for 2 days until I managed to convince them that I'm not a cracker.
But as long as that can't happen, then I'm all for this project!
If all the world's a stage, anyone who says they want better lighting spends far too much time in a dark theatre.
For example, consider that you are currently in an environment that you have connectivity out to the world, but it is monitored. Once you connect, won't some fraction of the "anonomized" traffic come through you?
At some point, if you are trying to view a website with potentially objectionable material, a clear connection has to come from somewhere, and if someone else's connection comes from you, the gestapo could come looking for you.
Once I started looking at Snort, I became very afraid of what is possible. NIDS is a wonderful thing, but if used in the wrong way it could become a good tool for someone wanting to be big brother....
-Jeff
Good Fast Cheap. Pick any two.
The problem is, some of it is very illegal. Your average user may just be surfing for cheerleaders or whatever, but a small minority of people are looking for exploitative or paedophile sites. This isn't necessarily an argument for keeping everyone under observation at all times, but if it becomes impossible to watch what's coming in and out even on those rare occasions when you want to, then there is a legitimate concern.
Then you're obviously an employee, and thus a luser.
Or are you unemployed? Well, then you're obviously a luser who can't even get a job.
Either way, your ridiculously high uid marks you as a luser.
Christian R. Conrad
mail me at iki.fi ; same user ID as here