Slashdot Mirror
The Drawbacks of Anonymous Surfing
BlueCup writes to tell us that one reporter decided to give anonymous web surfing a shot, and found it to be much more trouble than it was worth. Many users take advantage of Tor and other anonymous web browsing tools, but is the amount of hassle worth the effort it takes to remain anonymous?
If you have a few seconds, download Torpark and try it out. It shouldn't take more than half a minute and is Firefox based and pretty much automated.
And if you're worried about having to put Torpark on every machine you use, just put it on a very small USB thumbdrive on your keychain. Plug it into whatever computer you're using and browse the thumbdrive. Double click and go -- no need to worry about leaving personal information on your friend's computer. The application itself is very tiny so it would fit on even very cheap USB drives and there's a Thunderbird extension for it. I was at a conference once and got a free 512MB thumbdrive. I sharpied it as Torpark and now I can serf anonymously if I need to.
The only hassles I can find is that I have it set to not cache anything at all which means sites don't load as fast when I revisit them normally on my desktop. Also, the Tor servers can sometimes be slow to forward packets or the German ranged IP address it masks me with will cause a page to render in German. Oh gut, das ist wert es wohl.
My work here is dung.
on what you're surfing for, and who will be looking at your records in the future. Anon surfing might be a good idea for anyone who ever expects to go into politics, for example.
Is it just my observation, or are there way too many stupid people in the world?
Yes if you are going to lose your freedom, or be executed because of it, probably not if you are a general user who does nothing that could ever be used against them, and only use it in instances where you actually need anonymity rather than using it for all activity.
Warhammer forums
This 'reporter' didn't know that he had to sacrifice a bit of convenience in order to maintain web anonymity?
What a useless article. You mask your IP and use proxies if you want to become *untraceable*. And this guy's crying about how he has to remember his passwords for every site. Bloody lout.
The Tor concept is a great idea, and seems to work okay, but the last time I tried it, it was so slow that it was mostly unusable. Has much changed in the past 6 months or so?
After reading the article and digestig what the reporter wrote, he wasn't being very anonymous even with his efforts. Sure, he deleted his cookies when he was done (I do too) but he never removed all his cache files which could be used to track you. Yes, this will increase the time it takes for a page to load but since apparently everyone but me uses a high-speed connection, waiting that extra half second doesn't seem to be that much of a hassle.
Also, since he had to relogin when he went to Amazon or other sites, he was giving up his anonymity because now the site can track when he last visited, what he went to and so forth.
As far as sites balking that he didn't have a cookie, um, so what? That is the whole point of trying to be anonymous, right?
Had the author simply stuck with sufing around and not registering with sites he would have a better case for his article. As it stands, not so much. He needs to look up the word anonymous and see why he wasn't.
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
Anonymous surfing is first equated with crime, and later a correlation is drawn between a desire for anonymity and Unabomber style, tinfoil hat paranoia.
There are plenty of legitimate reasons not to want your personal information all over the place, barely any of which were touched on in the article.
This is not true as javascripts can read your normal IP address. It can even get your local IP address. Except I've noticed that if you setup a local webserver and set that webservers IP address to 127.0.0.1 then the javascript just shows 127.0.0.1. Seems to work.
What I dont get is why we need to be worried about cookies, IP address tracking and such. So what if I can figure out what IP you came from. That doesnt tell me your name or your home address. The only need for annoimity that I see would be if you are looking at things that are illegal, or you want to bypass your work/school firewall. Other than that.....why does it really matter?
Tracking your IP can help you and web developers. It tells them what is popular, where you came from, and how you went around in the site. It tells them if you even saw some of the pages and how you got to those pages. Ads specific to your IP are also better for advertisers. Tracking helps you by targeting information to you based on your activitys and this makes you happier. So Tracking is good
"Not if you erase history."
you're kidding right?
Even if you erase history your machine is littered with footprints of where you've been, nevermind un-erase utilities.
-nB
whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
- Surfing anonymously is hard, and therefore not worth it.
- Oh noes! My Amazon purchase list is broken! This is stupid!
- Evil criminals can use it!
An excellent thing for a reporter to be saying to his readers. I'd sure love to be one of this guy's sources.I'll be honest, we're throwing science against the wall to see what sticks. -Cave Johnson
This reporter is dumb. He declares that he is a fan of convenience and doesn't care much about anonymity. As he found out that anonymity slows things down, he concluded that it's not worth it.
For him, he should add. If all you need anonymity for is so websites can't point personalised ads at you, guess what: you don't want military-grade anonymity through Tor, you want Adblock or Privoxy. While he continues his convenient existance, more and more people rely on Tor for their democratic right to free unpopular speech. Tor may slow you surfing down, but it sure beats political imprisonment or being outed for being whatever is unpopular where you live.
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
That "Post Anonymously" checkbox ought to be enough for anybody.
To me, one of the biggest threats to privacy is google's logging of what I search for. I tried using foxyproxy, but found it hard to find reliable and speedy proxy servers (which btw need to be in the US else google renders the version tailored for whatever country the ip address comes from). So my solution: I'm writing a little script that will periodically read random entries from a text file I have and submit a search to google for the data. For example, my data file contains "kill the president", "blowjobs from hookers", "boiling dead dogs", "where purchase drugs", "flowers for wifey", "plumbing supplies", etc. More sophisticated versions will include clicking on some of the links returned by google, and better combinatorics for the seach data. All I need do is make the fake google searches outnumber the real searches, and I've got plausible deniability on anything.
- First they ignore you, then they laugh at you, then ???, then profit.
I don't think the author of the article has a handle on this whole privacy thing. People who care about privacy don't sign up for "loyalty" cards at grocery stores, don't give out their phone numbers to every retail clerk who asks for it, don't put their names in telephone directories, don't enter contests that require you to provide personal information on the entrance form
I could go on and on.
He laments the loss of "conveniences" such as not having to enter his username and password everytime he logs on to the Wall Street Journal online, or having Amazon recommend books to him based on his past purchases. If these things are more important to him than his privacy, that's his choice.
You have to determine what price would you pay to receive these services, then ask youself if that is a fair price for the data you are providing to the providers of these services, and anyone they choose to sell the data to in the future. I suspect that for the majority of people, the answer would - unfortunately - be yes.
I don't care why you're posting AC
I just encrypt my entire /home partition. Its another way to help.
Well, that's where criptography comes in... someone posted this link in response to a post of mine a few days ago... seems very interesting...
They cannot find the data if it's all covered with garbage...
Ignore this signature. By order.
The "hassles" he talks about are mostly the lost convienences of cookies and the occassional site that doesn't work w/out cookies.
Seriously.
That about sums up his complaints.
I'm not terribly impressed by the issues he discovered while using an anonymizing service.
[Fuck Beta]
o0t!
Yes if you are going to lose your freedom, or be executed because of it,
The nature of the internet and the records kept means you could pay for something you did last night, 10 years from now. Take the whole steroid hysteria right now. 3 years ago, if you used andro, you did nothing illegal, it wasn't considered a steroid and was available at practically every health shop. If there is an internet record of you talking about using andro and the great results you got from it now, NOW YOU'RE A STEROID USER WITH A DOCUMENTED HISTORY OF USING, because now it's illegal and considered a steroid. This could happen with just about anything in this nation of partisan embiciles.
The problem with the question of "is it worth it?" is, you don't know if it was worth it for you personally, until you find yourself in circumstances where either doing it saved your ass, or not doing it costs you dearly.
"Our morality is good, theirs is repressive."- Partisanship Rule #3
Tor's not a real hassle to use, but it is slow (just like FreeNet is), and always will be.
To use Tor, simply install it, then tell your browser (or privoxy proxy) to use the socks proxy on port 9050 (or wherever). Nothing much can be done about the sluggish latency and low bandwidth, though, because for true anonymity to work you just HAVE to relay through a certain random number of random nodes of various quality. So instead of taking 15 fast intra-country hops to reach Google, it might take 100+ hops all over the globe and back, with each hop being another weak link in the chain.
Speed is the #1 reason I don't use Tor much... except for the rare occasion when I need to upload beheading videos^W^W^W send ransom notes^W^W^W troll IRC^W^W hide p2p downloads^W^W^W research something privately.
Power to the Peaceful
Not your browser history, he meant you actually go back and *ERASE HISTORY*. Cool huh?
what forensic traces are left on YOUR machine.
It's about what trace you leave across the Internet/Googlesphere/SkyNet.
"Flyin' in just a sweet place,
Never been known to fail..."
I've been using FoxyProxy/Privoxy/Tor for a few months now. It wasn't nearly as difficult to set up as I'd imagined (I'm running Ubuntu), and it didn't degrade or slow down my web experience as much as I feared, either. It caused me an unexpected problem last week, though. I ordered some hardware from NewEgg. The process went exactly as usual and I got the confirmation e-mails as usual. The next day, however, I got another form e-mail that said my order had been cancelled because my bank was outside the United States. WTF, I thought - this is clearly not the case. I called NewEgg's support line and was told that it was actually *my* IP that appeared to be outside the US. I explained that I was using anonymizing software to protect my privacy online, but that I'd used my NewEgg account and completed the VerifiedByVISA process, and that I was shipping to a verified address, etc. The support guy said he couldn't un-cancel my order; I'd just have to re-order using "my real IP" this time. Fine, I grumbled. I went through the process again; when I supplied NewEgg's cart app with my account credentials this time, I was told that my account was suspended! I called NewEgg again; apparently my account was suspended because of the "suspicious transaction" referenced above. It took me a half hour to get my account reinstated.
You can make Tor very easy to use with any application (on Windows or other VMWare/OpenVPN supported OS) with JanusVM:
http://januswifi.dyndns.org:85/
When you start the Windows VPN connection to the VMWare virtual machine that PPTP network becomes you default route. All DNS lookups, http requests, and other TCP traffic is now transparently routed through Tor. Simply disconnect the VPN to terminate anonymous onion routing...
Also see the user documentation: http://januswifi.dyndns.org:85/Instructions.htm
Transparent proxy avoids many common problems with explicit SOCKS configuration and DNS leaks. Worth a look...
You are posutlating an internet before Al Gore. That is simply not possible absent some mind-bending time-travelling paradox!
Yeah, except that anyone in the area with a little knowhow and a WiFi enabled laptop can read any unencrypted information you're transferring (which, in a lot of cases can include passwords). Most anonymising services have built in encryption.
Plus, using someone elses WiFi without permission is a grey area legally.
That's OK, provided you don't live in a country governed by a facist regime. In the UK, failure to disclose encryption keys to the police upon request can land you in prison, regardless of whether or not you've committed any other crimes.
Relatively simple: record all license plates of cars that do that, see which ones are there consistently with the bahaviour you're trying to catch.
Undelete utilities are of considerably LESS use if the information was never written to disk in the first place.