Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anonymous Surfing?

Posted by Cliff on from the another-layer-of-protection dept.

Just Alex asks: "I just got Comcast High-Speed Internet service, and found out that just up to a few months ago they were recording the actions of all of their users and saving it for who knows what. Now I'm thinking about getting an 'anonymous' service like anonymizer.com, but I wonder what other folks are using. Are all of these services the same? What should I be looking for? And what people recommend given their experience with them? Also, which ones play better with Linux?"

16 of 42 comments (clear)

  1. Remembering anon.penet.fi... by prisonernumber7 · · Score: 3, Informative


    Remembering anon.penet.fi, the world famous anonymous remailer and news posting service, I can only *stress* that your anonymity will be guaranteed only as long as nobody sues to resolve it.

    --
    && aemula C. ab stirpe interiit
    1. Re:Remembering anon.penet.fi... by AtariDatacenter · · Score: 2

      Assuming that the 'anonymous site' keeps logs or otherwise tracks userids and relates them to an identity somewhere else. In the case of anon.penet.fi, they had to store which anonymous ID remails to which email address.

      However, something like FuckedCompany is completely different. If you post anonymously there, they don't keep server logs, and as Pud would tell you, "Sue me all you want. There aren't any logs to get your hands on."

    2. Re:Remembering anon.penet.fi... by prisonernumber7 · · Score: 2

      However, something like FuckedCompany is completely different. If you post anonymously there, they don't keep server logs, and as Pud would tell you, "Sue me all you want. There aren't any logs to get your hands on."

      If I may, there is a strong concern rising inside me in regards to this method aswell. Once the entity that offers such a valuable and privacy protecting service has their pants down, your privacy is in jeopardy again.

      Logs are something that can be generated at a future point - if the user in question would be gone after due to repetitive action of his side then logs could be installed at any point of time and have merit for the suing party.

      Not expecting that he would be monitored and certainly not informed about it, the user's anonymity would be broken. And as pitiful as it sounds, history has proven that exactly these things happen.

      As much as I respect people who grow services like these to protect the innocent (for god's sake, there are countries in this world where free speech is a crime!), my trust in them would be very limited. You simply cannot expect anybody to suffer all his life due to a frivolous lawsuit simply to protect *you*.

      --
      && aemula C. ab stirpe interiit
  2. uh by tps12 · · Score: 2, Insightful

    If your ISP is monitoring you, you're out of luck. All your packets are going down a wire to Comcast before they go to whatever "anonymizer" you use. Encryption would help, but if you're doing anything in plaintext then there's not much you can do to prevent them from looking in on it.

    (Note to the good folks at Verizon: I'll get my bill in the mail today, I promise.)

    --

    Karma: Good (despite my invention of the Karma: sig)
    1. Re:uh by kableh · · Score: 2

      And if they are doing that, they are most likely redirecting requests to port 80 through their proxy, thus negating any settings your browser is using. This is trvially simple to do in any ipfw/chains/tables firewall, as well as a commercial unit like a PIX.

      Though I'm impressed you managed to get the word "distributed IDS" in your post. 100% buzzword compliant! =)

  3. Why not drop the service? by dasunt · · Score: 3, Insightful

    Sure this will be the more expensive route, but drop cable (and explain that the reason you are dropping them is that they are monitoring your surfing habits), and get DSL.

    If enough people did this, the company will what they are doing or go out of business.

    After all, why pay for an inferior service?

    1. Re:Why not drop the service? by m_evanchik · · Score: 2

      Can't a DSL provider monitor your traffic just as easily as a cable-based provider?

      --

      evanchik.net

    2. Re:Why not drop the service? by zsmooth · · Score: 3, Interesting

      Sure, but generally they don't. And that's the point. Any ISP can monitor your traffic but so far cable providers are the only ones that do.

    3. Re:Why not drop the service? by Rick+the+Red · · Score: 2
      Some of us have no real option. In my case, the local phone monopoly provides such a crappy circuit that we can only get 24,000 bps on a dialup, and NOBODY offers DSL here -- too far from the switch. We're damn lucky AT&T Broadband offers internet service (although if they raise our rates again we're gonna seriously consider going back to dialup) -- friends of ours further down the road can't even get cable TV (they're closer to TPC's switch, but still no DSL).

      --
      If all this should have a reason, we would be the last to know.
  4. Which anon sites are honeypots? by Anonymous Coward · · Score: 4, Interesting

    How does one know that the anonymizer and or
    proxy sites are not honeypots run whatever
    corps or agencies that are especially
    interested in tracking users who *want* to
    be anonymous?

    1. Re:Which anon sites are honeypots? by DNAGuy · · Score: 2

      Whoever modded parent down is nuts. This is an excellent point. When everyone uses postcards, only criminals will have envelopes.

      --

      BRENT ROCKWOOD, EST'd 1975

  5. Anonymous proxies by ralphus · · Score: 2, Informative
    Anonymizer works ok as long as you are not trying to hide from the government. Use SSH to tunnel your traffic to anonymizer proxy and you are safe from your ISP monitoring and the site you are going to knowing where you are coming from. Go get a bunch of kiddie porn or terrorist stuff and Anonymizer will have to give you up when the FBI comes knocking on their door.

    Someone already mentioned multiproxy. Also check out Java Anonymous Proxy and Peekabooty. You seem kind of new to the game of paranoia. Why not just start here and do some reading.

    It's important to understand exactly what these anonymous services get you and who and what they are protecting against so take some time and realistically educate yourself to the risks and threats.

    Oh, and don't forget to check out Freenet

    --
    Revolutions are never about freedom or justice. They're about who's going to be top dog. -- Kilgore Trout
  6. One more data point and question by vegetablespork · · Score: 2
    It truly pales in comparison to the old freedom.net, which securely tunneled http, telnet, and IRC (but died in the post-9/11 hysteria for "lack of market"), but ZKS also sells an (IE only) anonymizing proxy, WebSecure. Note well, though, that ZKS are not who they once were: with the old freedom.net, they couldn't give you up if they wanted to, provided you chose a route with servers not under their control. Now, their privacy policy says (in usual flowery legalese) that they pretty much give themselves carte blanche to log, monitor, and report:
    To securely browse the Internet, Freedom WebSecure customers must login with their usernames and passwords. This is always done in a secure manner, e.g. using encrypted SSL connections, to prevent unauthorized interception.

    nice

    To ensure the fastest service and minimal performance degradation, Zero-Knowledge does not collect or store any information about WebSecure customers' online browsing activities.

    the above paragraph giveth

    Please note that, in some exceptional instances, we may need to log certain traffic data, for example, in order to detect and diagnose technical problems, prevent network abuse, or if compelled to do so by law

    while that one taketh away--emphasis mine

    "Compelled to do so by law" could mean anything from an airtight subpoena to some random LEO flashing a badge and asking nicely. Thus, this service is only useful for protecting against casual snooping. It's strong point is that it uses an ActiveX control and can easily be used on (non-locked down) public machines.

    --

    Call (206) 338-5780 COLLECT for information about a genuine BA, BS, MA, MS, MBA, or Ph.D.

  7. Re: anonymisers? by blibbleblobble · · Score: 3, Informative

    /Links/Dir/Privacy/Anonymisers/

    Just a list from my site.

  8. There is no such thing as anonymous surfing... by Hyped01 · · Score: 4, Interesting
    Everyone considering "anonymous" surfing should first consider their reasons for doing so or more appropriately what their fears are of being monitored.

    We run a web based newsgroup service called BinFeeds and sometimes have users who are concerned about anonymous surfing.

    First point we often tell them is this. We dont care what service you use, we know who you are. Like any subscription service... you have to log in, and thus we know who we are sending the data to - unless someone stole your account. Many of our customers think that services like the anonymizer will protect them from that. In our experience, webmasters running protected sites more often run into "anonymizer-like" users actually being people with stolen accounts or who are using it for other purposes (site mirroring, etc). 75% of Anonymizer users on our service have been of that type and they (The Anonymizer owners) refuse to act (disable the account, block the user, assist in the credit fraud investifation, etc) or take months (thus we currently block all Anonymizer users). On signups, 95% of Anonymizer users are those trying to fraudulently use a credit card. We expect both from noting the increase of such errors on Anonymizer and from our own decisions, that many webmasters will be blocking such services on an increasing basis, because for us to track anonymous users is very difficult (even though I learned it is trivial from my time at a very very large ISP/Telco).

    Basically, if you just dont want your ISP to have a log of where you are surfing and what you are doing, then great! Look into one and sign up for whichever service best meets those needs.

    If you are worrying about law enforcement officials or a big ISP tracking usage then just surf normally.

    Though they will never admit it the telcos (or fiber providers of similar technology) know exactly what you are looking at and more importantly, where you are. By "where you are" I mean that literally. Your physical address.

    On CableModems as in the initial post, it may be more difficult, but under DSL, T3, T1 (DS1, which is often dual sDSL circuits nowadays) and dialup, etc, there are multiple networking protocols and layers not ever discussed. The telcos run their own network protocols and layers on their hardware that route the data for the ISP's data layer over the telco equipment.

    In the past, while working for a major ISP (who owns a very large chunk of the Internet backbone and their own fiber network and telco), a person was seriously breaching our AUP terms and the law for actions he was doing using one of our customer's accounts. He THOUGHT he was anonymous, but since we owned our telco arm (and since they are all interconnected) we did a network (circuit) trace on the connection and viola! Through that we end up with the physical address (street address and number) of the loser.

    Most people forget or dont realize that in order for your local telco to be able to route internet data to you, they needed your physical address to bring the wires to your house. The network hardware isnt computer based in the sense we all think and runs different protocols in a transparent fashion that doesnt make the end user think of it as anything more than a wire going to a router someplace else (like on an internal ethernet/TCPIP network), but it is not. It is it's own network on different hardware that transports the signals to "standard" network routers (Cisco, Ascend, etc). Much like NetBIOS over TCP/IP. To the user once configured, it's "Windows file sharing" and that's it, but the reality is it is running through TCPIP.

    Since "we" (my former employer) ran such a large telco, a simple call to the NOC (telco) got us the info in under 5 minutes. This can be done to an active connection or to a past connection via the activity logs. Also easy to coordinate with the other telcos for cooperation since they needed us/we needed them for the telco services to work.

    If you as a user or owner of a small ISP try to get that info you will get a dozen different "I dont think that's possible" or "There is no way of doing that" or "I dont know what you are talking about" answers. Just the way it works. No one is supposed to know it works that way, and few people actually seem to think nowadays - even the technical ones - about how such a system would work - or half the world would realize that any entity with enough "power" or authority can determine exactly where you are at what you are connected to, anonymous surfing, encryption and proxying aside.

    Just the sad truth... even if you are on a cell phone (btw, the logs for your location when your cell phone is ON (and in some phone's cases, off as well as long as it has power) are kept for decades and have been since the late 80's at least... right down to a few hundred foot circle.

    - Rob

    --

    WebMaster:
    BinFeeds
    XXX Thumbnailed Image Newsgroups but

  9. DSL providers usually don't offer their own servic by pardasaniman · · Score: 2, Informative

    You see, it does not matter whether DSL providers are small or big, they usually buy DSL equipment and rent infrastructure from a larger company. If that large company wants to monitor you, it does not matter if the puny DSL company monitors you or not.