Triangle Boy Lives

mlinksva writes: "Safeweb cancelled their free service late last year, but their P2P anonymizing proxy, Triangle Boy, has been spotted in the wild (south of Fort Worth, Texas). 'Because of its stealth nature, the P2P software does not show up in reports from many filtering products and the administrator doesn't even know the problem exists and has no way to check it.'(via UniteTheCows)."

Yeah. Wow.

Orange, Calif.-based 8e6 Technologies helped conduct the tests.

"The results were startling," said Chad Ingram, network technician at Crowley. "The only filter we tested that stopped Triangle Boy use was the 8e6 Technologies R2000. Then, using the 8e6 Enterprise Reporter, we took a look at the logs to see if we actually had users trying to contact the Triangle Boy network. We found that in the first 48 hours, users had gone to the primary Triangle Boy Website over 30 separate times."

Fucking fancy that! The only way to detect this evil P2P software is to use this peice of software. Of course is just so happens that the people who discovered the shocking truth also sell that product.

It must be the wildest fucking coincedence in the history of computing.

So?

[neksys]

I can understand the concern that people have over Triangle Boy, but one must consider something important (in terms of the school in the article, anyway): Filters in schools are put in place primarily to prevent students from accidentally accessing some content that the parents may sue over. That, and to prevent kids from wasting their schooltime sending emails. However, to make use of the Triangle Boy, one must a) know how to use it, and b) have a specific reason for accessing blocked material. I don't see the liability issue there - its a piece of "stealth" software that the student, of his own free will, has used - despite acceptable measures to prevent he or she from doing so.
*shrug* Just a thought.

Triangle wins.

[scamcdan]

Triangle Boy, Triangle Boy,
Triangle Boy hates Filtering Boy,
They have a fight, Triangle wins.
Triangle Boy.

P2P

[Wanker]

Dave Salch, CTO of 8e6 Technologies, said because of its stealth nature, the P2P software does not show up in reports from many filtering products and the administrator doesn't even know the problem exists and has no way to check it.

Since when is a web proxy P2P software?

The same function as Triangle Boy can easily be duplicated by anyone with a linux box on a permanent Internet connection. Just set up an HTTPS squid proxy.

Clever users will also note that you can tunnel this over just about any port you want. Make this an encrypted tunnel and no filter in the world will detect it. If your school/network allows even a single TCP port out to the Internet you can do this. (Some places allow arbitrary TCP ports to be forwarded via the HTTP proxy. Other places may have a SOCKS or similar proxy available. Those would both work for this in the event all direct connections are blocked.)

I do miss Safeweb. That open proxy was very helpful for casual browsing. The closest non-open substitute I've found is http://www.anonymizer.com.

Filters are in danger... Oh no.

[FuegoFuerte]

I personally have been in a University which performed heavy filtering, and even worked in the IT department of the school. I do not have a problem with blocking or lowering priority for certain p2p apps such as Napster (back in the day), kazaa, etc. I do however have a major problem with filtering web access. While p2p is a major problem in terms of bandwidth and is clearly not for academic purposes (the vast majority of the time), many blocked websites are quite useful for academic purposes. As an example, my school blocked the Google cache and pretty much all translation sites, because they could be "used to access pornographic content" (not neccessarily images). It seems that the possible benefits of said cache (which include pdf -> html and .doc -> html converters) and benefits of all the translation software massively outweigh the possible use for reading pornographic content. I must say, I welcome all such apps as triangle boy and hope to see them spread more widely, as it appears that is the only way we will keep the internet a place where information flows freely, without restrictions from those who would love to brainwash the masses. May Triangle Boy, Peekabooty, and any other similar projects flourish.

Re:Need Link to Source Code and or Binary

http://www.safeweb.com/pr_tboy1.html says
---
The source code for Triangle Boy 1.0 is available immediately. Those who wish to volunteer to host a Triangle Boy machine can download the free program from the SafeWeb site at http://fugu.safeweb.com/webpage/tboy-1.0.3.tar.gz. Volunteers must have a PC running Linux or Windows NT/2000.

Overlooking Elementary Security

[new500]

. . .

Boy does this sort of advisory wind me up. FUD about users downloading applications, I've seen this on almost every pitch for expensive firwalls and security consultancy recently.

This ought to be so simple - do not allow users to have sufficient priviledges to install software!

Problem solved.

Okay, before I get flamed, this won't work for developer teams or your admins - for whom I merely suggest you can implement a draconian contract - i.e. fire anyone using any software not explicitly authorised (a minimum policy imo) and have a regular *external* audit.

Neither will this work for networks of Win9x clients, because you can't set appropriate secuirity policies. However you could always get SMS from M$$$$ or write your own scripts to call registry entries and check them against a permitted template so as to flag suspicious installations. At the end of the day it may even be worth upgrading your clients. Or just installing Linux and StarOffice, if you can, he he :). But with respect to upgrading even say from Win9x to Win2k, which ain't cheap, it's still probably less expensive than all the FUD claims - even the reality - of lost security and lost productivity from unauthorised use of your network resources and manpower.

Oh yeah, and you *do* only open ports explicitly at your firewall, not close off ports in response to the latest "advisory" don't you :-)

Blocking Free Speech

[evilviper]

SafeWeb developed the Triangle Boy software for use with its project with Voice of America in an effort to circumvent foreign governments [...] that block free speech.

It says a great deal that software, which was designed to circumvent opressive foreign government, is put into use in public schools, libraries, etc.

That old Double standard

[thales]

Spam and Filters.

When the subject is Spam, I see lots of people insisting that they have the right to control what is on their computers. (True)

When the subject changes to filters, suddenly the people who own the computer suddenly lose the right to control the content? The Company you work or or the school that you attend owns that computer that they installed the internet filtering software on, and they have as much right to "censor" internet access on their computer as you have to "censor" email from spammers on your computer.

I'll admit that the commerical filtering software is garbage that often blocks the wrong sites and allows access to some sites that they should have picked up, but that dosen't change the fact that the owners of the computers have the right to install the software.

Don't like the poor software availble? Then start developing an open source filtering software that works better and offer that as an alternitive to the junk that is currently used.

Want full unrestricted access? Use your computer instead of one that was provided to you to do a job or for educational access.