Slashdot Mirror
Triangle Boy Lives
mlinksva writes: "Safeweb cancelled their free service late last year, but their P2P anonymizing proxy, Triangle Boy, has been spotted in the wild (south of Fort Worth, Texas). 'Because of its stealth nature, the P2P software does not show up in reports from many filtering products and the administrator doesn't even know the problem exists and has no way to check it.'(via UniteTheCows)."
Orange, Calif.-based 8e6 Technologies helped conduct the tests.
"The results were startling," said Chad Ingram, network technician at Crowley. "The only filter we tested that stopped Triangle Boy use was the 8e6 Technologies R2000. Then, using the 8e6 Enterprise Reporter, we took a look at the logs to see if we actually had users trying to contact the Triangle Boy network. We found that in the first 48 hours, users had gone to the primary Triangle Boy Website over 30 separate times."
Fucking fancy that! The only way to detect this evil P2P software is to use this peice of software. Of course is just so happens that the people who discovered the shocking truth also sell that product.
It must be the wildest fucking coincedence in the history of computing.
I can understand the concern that people have over Triangle Boy, but one must consider something important (in terms of the school in the article, anyway): Filters in schools are put in place primarily to prevent students from accidentally accessing some content that the parents may sue over. That, and to prevent kids from wasting their schooltime sending emails. However, to make use of the Triangle Boy, one must a) know how to use it, and b) have a specific reason for accessing blocked material. I don't see the liability issue there - its a piece of "stealth" software that the student, of his own free will, has used - despite acceptable measures to prevent he or she from doing so.
*shrug* Just a thought.
Triangle Boy, Triangle Boy,
Triangle Boy hates Filtering Boy,
They have a fight, Triangle wins.
Triangle Boy.
"The school said it is now adjusting its network to detect Triangle Boy and other similar applications." What if anything about this software will keep it from being filtered in the next revisions of filtering software?
The same function as Triangle Boy can easily be duplicated by anyone with a linux box on a permanent Internet connection. Just set up an HTTPS squid proxy.
Clever users will also note that you can tunnel this over just about any port you want. Make this an encrypted tunnel and no filter in the world will detect it. If your school/network allows even a single TCP port out to the Internet you can do this. (Some places allow arbitrary TCP ports to be forwarded via the HTTP proxy. Other places may have a SOCKS or similar proxy available. Those would both work for this in the event all direct connections are blocked.)
I do miss Safeweb. That open proxy was very helpful for casual browsing. The closest non-open substitute I've found is http://www.anonymizer.com.
Sya, which company was it again? This Triangle Boy is surely a threat to my network security! I must go and by the only firewall product that can block this terrorist menace!
Not only do they get their press release on siliconvalley.internet.com, they get a free ad on Slashdot too!
According to this article it works by spoofing the the source address. I know at least my firewall would block that.
And furthermore, it needs to contact a server somewhere (that is, another PC running triangle boy). Now, unless they rely on word-of-mouth to tell people where those servers are, they would have to have one or more (easily blockable) servers to hand out IP-addresses and port numbers to connect to.
I don't know what's the most frightening part. That administrators think they must block users instead of simply having strict but reasonable rules that people will understand and follow? That windows let users install programs like triangle-boy without administrator privileges (or that administrators regularly give users administrator privileges). That most commercial firewalls don't block spoofed addresses? That administrators who for some reason want to lock users in don't know about Triangle boy?
...this one is. It just bounces requests off of other triangle boy users, as opposed to a server you've set up at home.
I personally have been in a University which performed heavy filtering, and even worked in the IT department of the school. I do not have a problem with blocking or lowering priority for certain p2p apps such as Napster (back in the day), kazaa, etc. I do however have a major problem with filtering web access. While p2p is a major problem in terms of bandwidth and is clearly not for academic purposes (the vast majority of the time), many blocked websites are quite useful for academic purposes. As an example, my school blocked the Google cache and pretty much all translation sites, because they could be "used to access pornographic content" (not neccessarily images). It seems that the possible benefits of said cache (which include pdf -> html and .doc -> html converters) and benefits of all the translation software massively outweigh the possible use for reading pornographic content. I must say, I welcome all such apps as triangle boy and hope to see them spread more widely, as it appears that is the only way we will keep the internet a place where information flows freely, without restrictions from those who would love to brainwash the masses. May Triangle Boy, Peekabooty, and any other similar projects flourish.
I google searched for Triangle Boy... and found articles about it... and some stuff saying that the source code was released...
But I gave up trying to find it.
Anybody wanna post where to get it?
Also looking for it on p2p networks...
haven't found it yet
squid support the 'CONNECT' method which allows forwarding of arbitrary tcp connections (that's how it supports https).
A public school system in a country that values democracy and free speech filters its web access, most likely for not only pornography but also for hate speech, breast cancer information, and 2600.com, and is now desperately trying to get rid of a stealthy program that is meant to circumvent the oppression of free speech in repressive dictatorships.
From what I saw in my time in the US school system, this sad, ironic situation pretty well sums up how the school system here works.
. . .
Boy does this sort of advisory wind me up. FUD about users downloading applications, I've seen this on almost every pitch for expensive firwalls and security consultancy recently.
This ought to be so simple - do not allow users to have sufficient priviledges to install software!
Problem solved.
Okay, before I get flamed, this won't work for developer teams or your admins - for whom I merely suggest you can implement a draconian contract - i.e. fire anyone using any software not explicitly authorised (a minimum policy imo) and have a regular *external* audit.
Neither will this work for networks of Win9x clients, because you can't set appropriate secuirity policies. However you could always get SMS from M$$$$ or write your own scripts to call registry entries and check them against a permitted template so as to flag suspicious installations. At the end of the day it may even be worth upgrading your clients. Or just installing Linux and StarOffice, if you can, he he :). But with respect to upgrading even say from Win9x to Win2k, which ain't cheap, it's still probably less expensive than all the FUD claims - even the reality - of lost security and lost productivity from unauthorised use of your network resources and manpower.
Oh yeah, and you *do* only open ports explicitly at your firewall, not close off ports in response to the latest "advisory" don't you :-)
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
"Dave Salch, CTO of 8e6 Technologies, said because of its stealth nature, the P2P software does not show up in reports from many filtering products and the administrator doesn't even know the problem exists and has no way to check it."
." I seem to have gone off on a rant....
It seems to me that if the Administrator isn't even aware that it's happening, it must not be too much of "a problem", at least not yet. It's obviously not bringing the network down. Of course as the P2P network grows it might become a problem if users do not act responsibly.
Of course network usage is only part of the equation. Using the network to steal intellectual property is already being used as justification by the entertainment industries to ram digital rights management enabled hardware down out throats.
Yeah, we all know it is really about profits, being able to prevent people from exercising their fair use rights and thus artificially create a market where the music and video industries can charge us for every piece of music we listen to or video that we watch. Eventually we'll all have to pay EVERYTIME we listen to music or view video because it will all be a service. We will pay each month a little for this service and a little for that service.
We won't own CDs and DVDs any more. In their infinite corporate wisdom, the remaining few largest corporations that haven't been gobbled up by other mega-corporations, will simplify our lives by removing the burden of actually owning anything. Won't that be wonderful! Just like John Lennon said "no possestions. .
I think my original point was that the
The race isn't always to the swift... but that's the way to bet!
That is until someone in Taiwan spammed a whole bunch of people with my IP address advertising it as a way to get around Chinese Internet censorship (my friend translated the Simplified Chinese in the e-mail). My ISP found out that my IP address was in the e-mail and was pissed and suspended my account (Ironically not because I was running Triangle Boy, but because my IP address was in the e-mail. They though *I* sent out the spam!) I just shut down the program, but lesson learned I guess.
When the subject is Spam, I see lots of people insisting that they have the right to control what is on their computers. (True)
When the subject changes to filters, suddenly the people who own the computer suddenly lose the right to control the content? The Company you work or or the school that you attend owns that computer that they installed the internet filtering software on, and they have as much right to "censor" internet access on their computer as you have to "censor" email from spammers on your computer.
I'll admit that the commerical filtering software is garbage that often blocks the wrong sites and allows access to some sites that they should have picked up, but that dosen't change the fact that the owners of the computers have the right to install the software.
Don't like the poor software availble? Then start developing an open source filtering software that works better and offer that as an alternitive to the junk that is currently used.
Want full unrestricted access? Use your computer instead of one that was provided to you to do a job or for educational access.
Quemadmodum gladius neminem occidit, occidentis telum est
"Software that promises users anonymity on the Web has caught the eye of the U.S. Central Intelligence Agency's nonprofit venture capital company, In-Q-Tel, which says the technology can help the spy agency fulfill its mission."
From http://www.pcworld.com/news/article/0,aid,41462,00 .asp Feb 13, 2001.
If you are wondering what 'mission' they are referring to:
"Internet May Threaten National Security:
Wars of the future may be fought with viruses and hack attacks, not with guns and bombs, studies say. During the next 15 years, the U.S. will face a new breed of Internet-enabled terrorists, criminals, and nation/state adversaries that will launch attacks not with planes and tanks, but with computer viruses and logic bombs, according to two reports released last month."
That from http://www.pcworld.com/news/article/0,aid,37483,00 .asp. January 4, 2001.
Open source or not, I wouldn't choose to use this software...