Ask Slashdot: Choosing Anonymous Proxies?

bradley13 writes "There are lots of anonymous proxies out there, and anyone concerned about their privacy probably uses one for at least some of their web browsing. The Megaupload story highlights the fact that having servers in the USA is not a great idea. There are also other countries one may not want to trust. Oddly, very few proxy services mention where their equipment is located. What anonymous proxy services do you use? What criteria do you use to select them? How paranoid are you, and for what types of Internet usage?"

Botnets and Seven Chains

[Christopher+B.+Linn]

It's the only way to stay truly anonymous and secure on the internet. You cannot trust companies to provide you true anonymity and proxies, especially if money is involved.

Never trust anyone, and never expose to anyone who you are. That is the only way to stay secure on the internet.

Re:Botnets and Seven Chains

[El+Torico]

Agent Mulder, is that you?

Re:Botnets and Seven Chains

[bobbied]

Smart, Maxwell Smart!

And Loving It!

Re:Botnets and Seven Chains

No, he is Christopher B. Linn; but don't tell anyone, especially the internet! (he doesn't want to reveal who he is!

All jokes aside, this reminds me of an XKDC post... about anonymity

http://xkcd.com/834/

Re:Botnets and Seven Chains

[Hatta]

Or Tor. Which is the same thing as a bot net proxy, but consensual. Make sure you don't send any personally identifiable traffic through the tunnel, because the exit nodes are monitored.

Re:Botnets and Seven Chains

never expose to anyone who you are

Aren't you the guy who just said:

I work as a software engineer at Cisco in our San Jose headquarters

Re:Botnets and Seven Chains

[GameboyRMH]

An anti-MITM browser plugin like Perspectives or Convergence is a good thing to use when browsing via a proxy.

Re:Botnets and Seven Chains

[postbigbang]

That's ok. We all use Christopher's machine for *our* anonymous proxies. Of course, he's probably unaware about those cites he surfed with our handy-dandy XSS routine that implanted the proxy on his machine in the first place. Chris, dude, don't you wonder about your cable bill-- at all?

Re:Botnets and Seven Chains

[Ethanol-fueled]

The point he's trying to make is that nobody knows that better than he does - Cisco gear is widely used to facilitate eavesdropping and contains multiple undocumented backdoors for the 3-letter agencies.

Your proxy could be 100% dedicated to customer privacy, but can be unwittingly monitored and its users exposed as long as the proxy utilizes Cisco gear.

He did not slip or contradict himself - he is doing you all a favor, and speaks with authority.

Re:Botnets and Seven Chains

Develop MPD. I split myself like this. The real life me, I have an email/chat account, that everyone knows, as far as they know I only spend time on the net reading or gaming. Then I have another completely different persona, facebook/gmail account for gaming and socializing, none of them with even a glimpse into my real life. Fake name, birth date, everything. There are some games where I spend some money. If those games I play with RL people, then I use my RL account, if not, I use another completely different persona, again different personal information.

Seems strange, paranoid, but that's not the reason I do it. I like my privacy and personal time. When I turn off the computer, my socializing on the web is done. RL is on and vice-versa.

For RL, I have a phone, and living in a small town makes any travel trivial.

Re:Botnets and Seven Chains

[jamstar7]

You sound like one of those evil evil filesharing pirates. Naughty, naughty.

Now give me the address of a couple good proxies so I can get some more bootlegged Canadian TV shows or I'll turn you in!

Re:Botnets and Seven Chains

The point he's trying to make is that nobody knows that better than he does - Cisco gear is widely used to facilitate eavesdropping and contains multiple undocumented backdoors for the 3-letter agencies.

That sounds highly dubious. Do you have any proof of this?

Re:Botnets and Seven Chains

[Dainutehvs]

Where does "seven chains" come from? Some metaphor? I assume it was meant as proxy behind proxy behind proxy .. makes You more difficult to find... But why seven? Is there a "seven chains" rule? Cannot google any sensible explanation.

Re:Botnets and Seven Chains

[TweakedDewAddict]

I thought it originated with this http://knowyourmeme.com/memes/good-luck-im-behind-7-proxies

Re:Botnets and Seven Chains

Or Tor. Which is the same thing as a bot net proxy, but consensual. Make sure you don't send any personally identifiable traffic through the tunnel, because the exit nodes are monitored.

All backbone traffic is monitored and packet headers stored in perpetuity to allow for reconstruction of any kind of proxy session, including Tor, at a later date. So act accordingly, or not.

Re:Botnets and Seven Chains

http://www.forbes.com/2010/02/03/hackers-networking-equipment-technology-security-cisco.html

http://www.networkworld.com/community/node/57070

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040407-username

Re:Botnets and Seven Chains

"Cisco gear is widely used to facilitate eavesdropping and contains multiple undocumented backdoors for the 3-letter agencies".

They are no undocumented backdoors there are only documented ones here is the reference:
http://www.cisco.com/en/US/docs/ios/12_2sb/feature/guide/ht_ssi.html

And before you say it, I can guarantee there are no other undocumented backdoors into the switches, routers, firewall and IPSs.

Anon (from San Jose, CA - who works somewhere on Tasman Dr)

Re:Botnets and Seven Chains

never expose to anyone who you are

Aren't you the guy who just said:

I work as a software engineer at Cisco in our San Jose headquarters

I've said shit like that too. Doesn't make it true.

Re:Botnets and Seven Chains

[Zero__Kelvin]

"No, he is Christopher B. Linn"

Or maybe we can conclude that the one person he is not is Christopher B. Linn. You don't need software to masquerade as someone else, you know. ;-)

Re:Botnets and Seven Chains

Many botnets have a larger number of nodes than Tor. So actually, a botnet chain would be more anonymous than Tor.

(Though less moral.)

Re:Botnets and Seven Chains

[torgis]

I accidentally the seven proxies. Is this bad?

Anonymouse

[Trepidity]

I use this thing.

Selection criteria:

1. First google hit for [anonymous proxy]
2. It's been around since forever and I remember its url (but when I don't, see #1)

Yeah, not that scientific.

The most venerable lineage in this space is probably The Anonymizer, which was once hosted by CMU researchers, but it seems to have been bought and turned into a commercial desktop application.

Re:Anonymouse

[mrclisdue]

I use whatever from the list here:

http://www.samair.ru/proxy/type-01.htm

Otherwise, it's TOR

cheers,

Re:Anonymouse

Using Russian proxies has the added benefit of being in a country that does not have an extradition treaty with the United States. This means that you can rest assured that the US government will have no leverage to take custody of those server owners and thus the IP logs on those machines.

Obligatory TOR post

[ajpuciat]

It's easy, free, and for the most part anonymous if all you are doing is simple web browsing.

Not sure that I would want to do any banking or accessing sensitive data through that network, but it is a start.

They're all the same.

[RyuuzakiTetsuya]

See: http://xkcd.com/908/

Except it's all pointing to one gnarly Tor endpoint

The Onion Router

It is fine for most purposes, and if you are really worried about backtracking, login from an open WiFi, route through TOR out the exit node and through one or two of the numerous free online proxies. Slow as molasses in January, but there it is.

Re:The Onion Router

Thats about it right there. Mod parent up!

Anonymous != secure

[mindcandy]

Many TOR nodes are run for malicious purposes (a few have resorted to 'wall of sheep' sort of tactics' to reinforce this fact). TOR gives you anonymity but NOT privacy.

Re:Anonymous != secure

[lister+king+of+smeg]

that is what 'https everywhere' is for

Re:Anonymous != secure

How can you trust other proxies any more than a Tor node? Also, just don't send information through a proxy in cleartext and it doesn't matter how malicious the proxy is. No technology can keep you anonymous if you connect through a proxy and tell the proxy your name and address in the clear.

Some options

I use Giganews' 'VyperVPN service. They have servers all over the world and you can select which country you want to use.
I've also used privatetunnels.com which is based in the Ukraine and that was a great service as well.

I do not trust Anonymous proxies.

[Dareth]

I do not trust Anonymous proxies. So I always host my own "anonymous" proxies myself. That is what I call secure!

Re:I do not trust Anonymous proxies.

[multimediavt]

I do not trust Anonymous proxies. So I always host my own "anonymous" proxies myself. That is what I call secure!

How do you figure that's "anonymous"? You are paying for the Internet connection so SOMEBODY knows who you are. If you are using a machine at work to do same, then still, SOMEBODY knows who you are. The bottom line is, there is no truly anonymous proxies anymore...not that there really were any to begin with. Somebody always knows unless you are IP spoofing on top of a proxy, but even that is becoming less secure as governments and law enforcement get more capable.

Re:I do not trust Anonymous proxies.

So your anon proxy has the same IP address as your your named account with your ISP, so all your anon traffic is immediately traceable without any effort whatsoever, directly to you. That means your traffic is most definitely NOT anonymous!

Re:I do not trust Anonymous proxies.

WOOSH!

Re:I do not trust Anonymous proxies.

[obarthelemy]

whooosh !

Re:I do not trust Anonymous proxies.

[obarthelemy]

and double whooosh !

Re:I do not trust Anonymous proxies.

[Cryacin]

There must be quite a few Sheldon Cooper's out there who don't understand sarcasm apparently. Informative? Really?!?

Re:I do not trust Anonymous proxies.

[v1]

How do you figure that's "anonymous"? You are paying for the Internet connection so SOMEBODY knows who you are.

I think that falls under the "I'm behind seven proxies, good luck!" meme. Granted, you get more and more latency each hop, but if you can give someone enough busywork trying to follow the breadcrumbs, you're likely to either (A) make them decide it's not worth the effort to get a 5th, 6th, and 7th court order, or by the time they get to the last proxy they have wiped your session data and simply have nothing to give anyone with a badge on their letterhead.

Good proxy providers make a point to not retain session data for any longer than is absolutely necessary. Or if they don't, you've made a bad selection of providers. I know if I were working in Anonymous, I sure as hell would be using a proxy chain paid for using prepaid visa cards.

Re:I do not trust Anonymous proxies.

[kiwimate]

Pfft, amateur. I use a WGET to have my web pages e-mailed to me. That way anyone who's watching my activity thinks it's Richard Stallman.

Re:I do not trust Anonymous proxies.

[elsurexiste]

I finally understand the "Woosh" idiom! Thank you multimediavt!

Re:I do not trust Anonymous proxies.

[sconeu]

Darn. I was going to guess sarcasm, but changed my mind!

Re:I do not trust Anonymous proxies.

wwwwhhhhooooossssshhhhh!!!

Re:I do not trust Anonymous proxies.

[idontgno]

and double ROT13 whooosh !

FTFY.

Re:I do not trust Anonymous proxies.

You, my friend, have succeeded brilliantly in completely missing the joke.

Re:I do not trust Anonymous proxies.

[Joe+Snipe]

huh?

Re:I do not trust Anonymous proxies.

Or use bitcoin. AirVPN accepts bitcoin and provides a great service. Bitcoin may not be entirely anonyous, but tracking down the blockchain transactions to specific IP addresses would take years, if not decades, so I'm pretty confortable using BTC.

Avoid HideMyAss at all costs. HideMyAss bent over, dropped their pants, and handed all their logs to the FBI when they were trying to track down anonymous DDoS activists last year. AirVPN's CEO posted a press release immediately afterward promising that AirVPN would never do anything like that to their customers and, being based in Europe, had no obligation to recognize U.S. laws.

Re:I do not trust Anonymous proxies.

[Ocker3]

So, uh, with all this talk of warrantless wiretaps, you still think it's going to take a court order for them to back-trace the signal?

Re:I do not trust Anonymous proxies.

[godel_56]

>

Avoid HideMyAss at all costs. HideMyAss bent over, dropped their pants, and handed all their logs to the FBI when they were trying to track down anonymous DDoS activists last year. AirVPN's CEO posted a press release immediately afterward promising that AirVPN would never do anything like that to their customers and, being based in Europe, had no obligation to recognize U.S. laws.

Unfair, I don't think HMA ever pretended to be a TOR replacement, they're mainly a way to get disposable email addresses to hide from spam.

Re:I do not trust Anonymous proxies.

[v1]

So, uh, with all this talk of warrantless wiretaps, you still think it's going to take a court order for them to back-trace the signal?

The reason warrantless wiretapping works so efficiently in the USA is that every major phone exchange has a small room in the building with more alarms than you can shake a stick at, that's run remotely by DHS, and that's their siphon point for any traffic that runs through the building. (not making this up, I actually know someone that is cleared to work on the computers in one of those rooms) It lets them remotely grab any information they want, in real-time. There's no warrants, no court orders, no phonecalls, no faxes, they just press a button at their office in Cali or wherever and the information comes up on their screen. A lot of this hardware was installed before it was legal to use, as with most DHS stuff they implement it and then worry about making it retroactively legal later or maybe after they get caught using it.

So until DHS manages to secure space inside every major ISP, (and the day MAY come) we're ok for now. Warrantless wiretapping is already on the books, so they can do it to the telcos. There's nothing on the books yet that forces ISPs to let DHS have ongoing physical access. That I know of anyway. Anyone with information to the contrary please speak up. So for now at least it requires warrants or some personal social engineering at each proxy hop. Each of these hops takes time to get information on (from hours to days) to see where the next hop is. All they can do is hope the ISP they faxed has good turnaround time and hope that the next hop is actually the origin point. (and the really scary thing here is that most of them will just blindly reply back to any faxed request sent on authentic looking letterhead, since misuse of govt seal is a crime they can say it was safe to assume you were LEA, they have no further responsibility to verify the identity of the requestor - I have personal experience with handling such faxed requests)

On the surface I'm surprised that the ISPs aren't under the same controls as the telcos, but then again the telcos have a long history of working closely with law enforcement agents, (mostly to the benefit of the telcos) so maybe it was more a case of "you owe us one" that got a "foot in the door" (literally) for DHS. The ISPs have nothing to gain by being overly cooperative, and a lot to lose in the way of negative press if they do. Just imagine all the people that cancelled their subscriptions to HideMyAss after they handed over all their proxy records during the Anonymous witchhunt.

Re:I do not trust Anonymous proxies.

I'm pretty skeptical....... they don't need physical access if they have backdoors that shipped with the hardware. An if anyone in the world has a BIND 9 remote code execution exploit its the US government.

Overplay

[fiannaFailMan]

I use Overplay for region-restricted web content. Very useful when watching British TV shows on the BBC iPlayer and Irish Gaelic sports like hurling and Gaelic football which saves me the trouble of having to go to a pub and pay $20 per game.

Bitcoin, yes, seriously

Google for "vpn services accepting bitcoin". Done. We learned from the spectacular failure of HideMyAss that you cannot pay for you proxy with credit card when the FBI comes looking.

Re:Bitcoin, yes, seriously

[bryanp]

Pay cash for a visa gift card. Pay for proxy service with said gift card. When time comes to renew, repeat.

Re:Bitcoin, yes, seriously

BitCoin is not anonymous. It might be more anonymous than PayPal or a credit card, but the coins spent will still have your name on it, and that info will be with a number of third parties.

Re:Bitcoin, yes, seriously

It's not anonymous, but they don't have "anyone's name on them". It's a huge obstacle to anything ever holding up in court.

Re:Bitcoin, yes, seriously

The issuer tracks where each gift card was sold, so you'll either need to buy in bulk (which will raise the retailer's suspicion) or spend a lot of time travelling.

Re:Bitcoin, yes, seriously

[JWSmythe]

    That's not very hard. Plenty of people travel a lot. If I had been so inclined, I could have collected cards from multiple locations in about 12 states. Since you can buy them in most gas stations, you can get them anywhere, regardless of if it's on your route or not. If you're really dedicated, a nice 4 hour drive away can put you in another state to make the purchase.

    From what I have seen of the prepaid credit cards is, you are expected to provide personal information, and have the card with your name on it sent via USPS.

    Use of the temporary card is limited. You'll get funny looks using it at a point of sale. You'll have a hard time using it online if they ask for *any* identifiable information. You don't have even a name and zip code, which are the bare minimum that most ask for. Depending on the merchant account, they may let it slide, but it's a big risk for the vendor.

    Getting something less traceable, like a Starbucks gift card, isn't quite as usable for this purpose.

   

Re:Bitcoin, yes, seriously

Some (many?) allow you to enter "your" personal information on a web site so that you have a name and zip code to enter .

Re:Bitcoin, yes, seriously

You have not tried this. Most credit card gift cards require a valid Social security number and address when activated.
Joseph Elwell.

The best anonymouse proxy is an open wifi

[Anon-Admin]

I personally use open wifi connections, they are about as anonymous as you can get. I picked up a 10" google pad with GPS, installed the software and took a drive. They are all over the place, that is assuming you dont use the open one at the local bar, Denny's, McDonalds, Cigar club, Starbucks, etc, etc, etc.

If you look, you will find that open and available wifi connections are easy to find, completely anonymous, and fun. Fun because it is amazing what people will share on there local network with an open wifi connection ;)

Re:The best anonymouse proxy is an open wifi

[93+Escort+Wagon]

I personally use open wifi connections, they are about as anonymous as you can get. I picked up a 10" google pad with GPS, installed the software and took a drive. They are all over the place, that is assuming you dont use the open one at the local bar, Denny's, McDonalds, Cigar club, Starbucks, etc, etc, etc.

Hmm... so "Anon-Admin" likes cigars, lattes, Big Macs and Grand Slam Breakfasts - that narrows things down considerably... I've almost got him!

Re:The best anonymouse proxy is an open wifi

[Anon-Admin]

Ok, that is funny...

Cigars, yes

The rest, well they showed up on the wifi scan and most surprised me. Heck, all the Whataburgers now have open wifi's. I never would have thought that a chain like Wataburger would have open wifi.

Re:The best anonymouse proxy is an open wifi

Whataburger is a regional chain, I'm guessing you are in Texas somewhere...

Re:The best anonymouse proxy is an open wifi

[Crudely_Indecent]

Be sure to alter the MAC address of your wireless adapter, or the log files on the open wifi router could be used to identify your computer.

Re:The best anonymouse proxy is an open wifi

[mollymoo]

I hope you're spoofing your MAC address. Not that it's very likely random open networks will keep the log for very long, if at all, but if you really care you'd want to be sure.

Re:The best anonymouse proxy is an open wifi

And now we know your general location geographically. Wataburger is not nationwide.

Re:The best anonymouse proxy is an open wifi

the net is closing on Anon-Admin...

Re:The best anonymouse proxy is an open wifi

[mjr167]

Doesn't count as unauthorized access to a computer network and is thus a crime?

Re:The best anonymouse proxy is an open wifi

[Jeng]

Or at one time visited or lived in the region that Whataburger is in.

Doesn't narrow it down much, hell he could have even googled that information.

Re:The best anonymouse proxy is an open wifi

[cayenne8]

I picked up a 10" google pad with GPS, installed the software and took a drive.

What software did you install on the google pad?

Re:The best anonymouse proxy is an open wifi

[cayenne8]

Whataburger is a regional chain, I'm guessing you are in Texas somewhere...

They have them in LA too....

Re:The best anonymouse proxy is an open wifi

[cayenne8]

I hope you're spoofing your MAC address. Not that it's very likely random open networks will keep the log for very long, if at all, but if you really care you'd want to be sure.

How does one do with with a windows machine?

Re:The best anonymouse proxy is an open wifi

[jackbird]

It's driver-dependent. All the consumer Linksys stuff I've run across has it, and some other vendors, too.

Re:The best anonymouse proxy is an open wifi

[Defenestrar]

Go for something like 01:23:45:67:89:AB. That way even if the logs get nabbed it'll save a lot of headache for both the open network admin and others involved. It makes it obvious that further tracking is pointless (good for you) and does a nice turn for anyone kind enough to leave open bandwidth for public use by (presumably) ending their harassment by investigators.

The other way to do it is to leave your home router's wireless open to the public (regulating bandwidth as you see fit), control the logs yourself, and then make any connection to a proxy via (registry/OS footprint free) utilities on a hidden volume or usb drive. Thus even if all of the proxies, anonymizers, and etc. are compromised you'll still have enough reasonable doubt. Of course reasonable doubt is only good in some locations. The places or circumstances these tools are often invented for (i.e. Arab Spring) may not care enough about western due process in the middle of a civil revolution.

Re:The best anonymouse proxy is an open wifi

[Bill_the_Engineer]

Go for something like 01:23:45:67:89:AB. That way even if the logs get nabbed it'll save a lot of headache for both the open network admin and others involved. It makes it obvious that further tracking is pointless (good for you) and does a nice turn for anyone kind enough to leave open bandwidth for public use by (presumably) ending their harassment by investigators.

Unless you happen to be the only person using that fake MAC address.

Re:The best anonymouse proxy is an open wifi

[Maniacal]

Wouldn't the ability to use spoofed MAC addresses negate the possibility of law enforcement identifying someone using MAC address. I mean it seems like any 2 buck lawyer would be able to argue that someone could have just spoofed your MAC address.

Re:The best anonymouse proxy is an open wifi

There are billions of possible MAC addresses, so the chances that someone spoofed a MAC address identical to the one on your computer is about the same as their fingerprints matching yours.

Re:The best anonymouse proxy is an open wifi

[Defenestrar]

Well don't leave your nic setup that way! What's the point of spoofing (in this case) if you stick around long enough to be photographed, triangulated, or otherwise caught with proof on the equipment seized?

Rules of MAC cloning: 1) leave it cloned if you're using a router with your ISP, 2) wipe the clone if you expect the inquisition to drop by for a late over a pendulum session.

Re:The best anonymouse proxy is an open wifi

[Lumpy]

No thanks. I prefer to change the mac address randomly EVERY time the dhcp lease is up. Trivial to do on any powerful OS.

Re:The best anonymouse proxy is an open wifi

[Anon-Admin]

Shhhh, stop telling them my secret. I work hard to through them off the scent and you go and give it away.

Re:The best anonymouse proxy is an open wifi

[Anon-Admin]

That would be this one.

https://market.android.com/details?id=de.carknue.gmon2&feature=search_result#?t=W251bGwsMSwyLDEsImRlLmNhcmtudWUuZ21vbjIiXQ..

Re:The best anonymouse proxy is an open wifi

Wouldn't the ability to use spoofed MAC addresses negate the possibility of law enforcement identifying someone using MAC address. I mean it seems like any 2 buck lawyer would be able to argue that someone could have just spoofed your MAC address.

You would think, but I'd be willing to bet they could make it stick with a technologically incompetent jury or judge. For example, you can swap out the barrel on a semi-automatic pistol in about a minute with no tools, and they still rely on "fingerprinting" the bullets.

Re:The best anonymouse proxy is an open wifi

[gknoy]

Sadly, nobody ever expects the Inquisition until its too late.

Re:The best anonymouse proxy is an open wifi

[Crudely_Indecent]

Yes, but, if you're in the habit of doing illegal things using open access points, you might not want to leave a trail that can be followed. Randomly assigning a mac address before connecting to an open wifi is a good way to prevent that kind of trail from ever getting started.

Re:The best anonymouse proxy is an open wifi

[BitwiseX]

I personally use open wifi connections, they are about as anonymous as you can get. I...... that is assuming you dont use the open one at the local bar, Denny's, McDonalds, Cigar club, Starbucks, etc, etc, etc.

If you look, you will find that open and available wifi connections are easy to find, completely anonymous, and fun. Fun because it is amazing what people will share on there local network with an open wifi connection ;)

Careful, I wouldn't trust those either. I've had plenty of fun setting up an "open" access point, and logging traffic with tcpdump etc. It's amazing what people will send across my network even though it's an open wifi connection ;)

Re:The best anonymouse proxy is an open wifi

[mlts]

In reality, the defense lawyer will argue that, while the prosecuter will then rebut with "realistically, would someone actually do this?"

A jury of /.-ers would acquit, or nullify. However, even though we wish that we would get a jury of our peers in cluefulness, most likely the jurors picked will have almost zero clue what a MAC address is, so a good prosecutor setting up a case can say something like it is impossible to forge with almost no real life cases. With this in mind, plus a "ignore the defense's mumbo-jumbo", and a jury with glazed eyes and a brain full of buzzwords they don't know or understand will likely convict... just so they can go back to Mike's Watering Hole and swill some Duff before traffic gets bad.

Re:The best anonymouse proxy is an open wifi

Doesn't count as unauthorized access to a computer network and is thus a crime?

There are a lot of intentionally open wifi routers in my neighborhood. Why would it be a crime to connect to any of them? If one was unintentionally left open, how would a reasonable person distinguish between it and one of the many intentionally open routers?

Re:The best anonymouse proxy is an open wifi

Wouldn't the ability to use spoofed MAC addresses negate the possibility of law enforcement identifying someone using MAC address. I mean it seems like any 2 buck lawyer would be able to argue that someone could have just spoofed your MAC address.

You might be right, but this type of evidence is more often used to get an indictment than in an actual trial. At an indictment you and your lawyer do not get to be there. The state only needs to convince a grand jury that there is a good chance you have committed the crime(s) they say you have. During a hearing for a secret indictment evidence normally considered too flimsy for trial gets used all the time. IANAL but I do forensic work.

Re:The best anonymouse proxy is an open wifi

DHCP? Random mac addresses? WTF?

Configure statically for each new wifi connection. Avoids DHCP / bootstrap protocol server logs and gives you control over who's DNS you use. Clear the ip settings at the end of each session.

Also, if it hasn't occurred to you that "law enforcement" is almost surely running plenty of wifi honeypots, then wake the fuck up.

Secure communications do not involve wires or radios of any kind.

Re:The best anonymouse proxy is an open wifi

Unauthorised access would require that an authorisation system is present.

Re:The best anonymouse proxy is an open wifi

[elashish14]

Don't forget your computer's hostname gets logged as well...

Re:The best anonymouse proxy is an open wifi

Thankfully where I live the city council is happily making this easy

http://www.brisbane.qld.gov.au/facilities-recreation/parks-and-venues/parks/wifi-in-parks/index.htm

Re:The best anonymouse proxy is an open wifi

I mean it seems like any 2 buck lawyer would be able to argue that ...

You can still get a lawyer for like 2 bucks! Wow, where do you live?

Re:The best anonymouse proxy is an open wifi

There was talk some time ago about browser finger prints. https://panopticlick.eff.org/
mandated Cisco backdoors also some discussion of VIIV DRM identifying the CPU and inteface.

With effort you can make it difficult to be tracked but you are not perfectly anonymous.

Re:The best anonymouse proxy is an open wifi

Arlington

Re:The best anonymouse proxy is an open wifi

Wouldn't the ability to use spoofed MAC addresses negate the possibility of law enforcement identifying someone using MAC address. I mean it seems like any 2 buck lawyer would be able to argue that someone could have just spoofed your MAC address.

Does the possibility that somebody stole your license plates and used them on the getaway car for a bank robbery mean the cops will just smile and say "Oh, that's possible, so we'll not bother you anymore at all Good Sir" and write the case off as "unsolvable"? No. Because what is possible is almost limitless... the question is how likely that was to have happened.

The MAC is enough evidence to get a warrant to search your system for evidence. They might not be able to take you to trial and get a conviction with that alone, but if you really are doing shady stuff and not being setup then don't bet on it.

Re:The best anonymouse proxy is an open wifi

Doesn't count as unauthorized access to a computer network and is thus a crime?

It's kind of a grey area. Usually if the name of the AP has the word "open" or "public" or "free" then it's reasonable to assume it's public and thus you can use it without specific authorization.
In tech terms, we don't make a distinction between an AP which is intentionally left open vs. one which is simply unsecured. However in legal terms, it does matter.

The easy analogy is that if you leave your door unlocked, it's still illegal for people to just walk in without permission. But if you hang up a sign that says "Come on Inside, the Door is Open!" then permission has been given.

The short answer is, if you're hopping onto some average person's unsecured AP, it's probably going to be considered unauthorized access.

Re:The best anonymouse proxy is an open wifi

And then worry about what might well be a unique browser thumbprint as well, depending upon your OS, browser, versions, plug-ins etc.

And then theres the COMINT angle too, longterm, what sites you visit frequently in what order, quite apart from any login IDs on your favourites. All these things give you away!

Re:The best anonymouse proxy is an open wifi

[Vrtigo1]

I think you have a false sense of security there. The connection may be anonymous, however the IP is still traceable to the venue's ISP account, and if they have surveillance cameras (like just about everywhere does these days, for legal liability reasons) it's a simple matter to look at the timestamp and see who was in the place on a laptop at the time in question.

I have servers in the USA

[ShavedOrangutan]

It's never been a problem. Ditto for lots of other people and companies. What's the issue?

Re:I have servers in the USA

[kiwimate]

1. People want to do illegal stuff and not get caught; and/or
2. People are overly paranoid.

Modern life is complicated enough without trying to get into trouble. Why bother? (Answer: people have a raging sense of entitlement. "Whine, I don't want to pay for stuff.")

Re:I have servers in the USA

[RatBastard]

It's not always about not paying for things. Some people have fetishes for... well, let us just say illegal things. In some places frontal nudity would count. Other places you're talking pictures featuring pyrohomonecropedobestiality.

Re:I have servers in the USA

>> 2. People are overly paranoid.

Paranoid is a thought process believed to be heavily influenced by anxiety or fear. I wasn't paranoid until the TSA was created and domestic spying at a all time high. Eric Schmidt defines paranoia perfectly, “If you have something that you don’t want anyone to know maybe you shouldn’t be doing it in the first place”.

Re:I have servers in the USA

I guess they're upset about Megaupload. To be fair, it sounds like they might have knowingly been defying the DMCA safe harbor rules (in which case, they sort of deserve the consequences). The way some people are acting, you'd think it was just randomly decided to take them down but some of the evidence (according to Ars Technica's coverage which I find to be relatively fair) is pretty damning.

Still, I guess if I was a pirate, I might have some concern about using servers in the US.

Re:I have servers in the USA

[Genda]

Alright, you watch "48 Hours" or "Criminal minds" on TV and something you see about terrorism or murder piques your interest so gawd forbid you Google it. Whether it the "Anarchists Cookbook" or "How to hide murder by using succinylcholine", you have just made yourself a potential target of a law enforcement agency, and if gawd forbid again, anything bad happens in your household or neighborhood in the next 24 months, your browsing habits have just planted a smoking gun in your hand.

You don't even have to be the one who does the search. You leave you home PC logged in as you, and your eldest male-child does a search on how to "Terminate a butthead little brother" and you could be buggered.

Its not paranoia if Government Agencies have virtually unlimited resources to smoke your hinny like a Cohiba, at the first blush of illegal activity. Its also not particularly heart warming to discover that Prosecuting Attorneys have almost no interest in getting the right guy (that's the job of the police), just winning the case. The number of poor innocent bastards in prison in this country does not exactly inspire confidence in our legal system. Hell, Texas just executed what the entire planet now knows was almost certainly an innocent man just for political value.

You better believe that I find myself faced with two options in these modern times. They are; Willfully avoid any appearance or opportunity to be caught doing anything that might get me buggered, or Run silent and run deep. Anything else is Russian Roulette.

Re:I have servers in the USA

3. Foreign companies refuse to sell you content AT ANY PRICE depending on your location.

Try going to amazon.de and purchasing full price mp3's. They flat out won't sell them to you if you live in the US.

Re:I have servers in the USA

1. People want to do illegal stuff and not get caught; and/or
2. People are overly paranoid.

Modern life is complicated enough without trying to get into trouble. Why bother? (Answer: people have a raging sense of entitlement. "Whine, I don't want to pay for stuff.")

As long as someone else feels the responsibility to legislate my morality there will be the need to break the law.
Like Boobies?
Like Liquor?
Like to make sarcastic comments about those in power?
All carry heavy penalties somewhere...

Re:I have servers in the USA

[Fned]

pyrohomonecropedobestiality.

I'm trying to figure out how this would work... fucking a fertilized-egg omelet with a strap-on...?

Re:I have servers in the USA

1) People may have political and ideological differences with current governments and corporations and are thus a target.
2) People may be aware of the rampant corruption and malign influences present in "law enforcement".

We don't all agree to play their game.

That said, anyone smart enough to know this does not use the internet or telephones for secure comms of any kind.

p.s. smartass addendum: some people may want to post as AC on slashdot without time restrictions - poor slashdot - such a blunt anti-spam instrument. I have had to resort to proxies to do exactly this myself on occasion. At least /. has removed the lame excuse they used to use for it: "fair chance for everyone to comment" - now it just says "you have to wait for access to this resource".

But no one will see this anyway, user run censorship rules here at slashdot. Speak out against anything and you will promptly be put down. Such a lack of responsibility for their own site. "Oh the users do it all! Hurrah!" Sad. Amazing it has lasted this long.

Why am I even typing this? Might as well be talking to a tree... actually talking to a tree might be halfway productive compared to this.

Re:I have servers in the USA

pyrohomonecropedobestiality.

I'm trying to figure out how this would work... fucking a fertilized-egg omelet with a strap-on...?

And somewhere, someone is starting a website right now.

Re:I have servers in the USA

No one would deny artists should be paid. What many have disputed is large corporations purchasing legislation and implementing technology that impairs your ability to speak freely and without fear from your employer or government.

Anonymity is the light that allows knowledge to illuminate the dark places where breach of trust hides, Speaks truth to power, Protects the innocent from persecution and possibly death.

Re:I have servers in the USA

I would be very surprised if Eric Schmidt doesn't do *anything* that some moral crusader doesn't find highly objectionable. For example, Santorum thinks birth control should be curtailed. In some alternate reality where he actually had some chance of winning the general election, he'd be pushing for regulation with an eye toward eventual criminalization. Maybe Eric Schmidt has never used a condom...

Think you'd still be allowed to serve on the PTA board after everyone knows you've got a subscription to brutaldildos.com or fistedmilf.com? Good luck with that.

It's easy to come up with less contrived examples. It's not just about what's illegal - it's not even mainly about that.

- T

Coffee shop?

[hawguy]

How about a coffee shop's free Wifi using a spoofed MAC address while I'm sitting at the restaurant next door?

Re:Coffee shop?

[parlancex]

Just make sure if you buy anything it's cash only. :)

Re:Coffee shop?

Wear latex gloves, shave every hair off, and wear a fake mustache....

Re:Coffee shop?

Just make sure if you buy anything it's cash only. :)

And make sure to turn off your cellphone

Re:Coffee shop?

[Joe+Snipe]

Pawn Shop laptop at a McDonalds. Only way to go.

Re:Coffee shop?

[GameboyRMH]

And more important than all of that, use a totally clean browser with geolocation and any other privacy-destroying features disabled, and locked down tightly to put scripts, flash, cookies (including flash cookies and HTML5 storage) and off-site requests on a whielist system.

Re:Coffee shop?

Perfect is the only thing I can say. And of course watch homemade porn :D

Re:Coffee shop?

[killmenow]

And make sure to turn off your cellphone

Pull the battery.

Re:Coffee shop?

[Lumpy]

Why?

Your laptop running a Live linux distro and USB drive. Untraceable, or do you think that Mac addresses can not be changed.

It is perfectly safe to use the same laptop for good and evil.

Re:Coffee shop?

[Lumpy]

"And more important than all of that, use a totally clean browser with geolocation and any other privacy-destroying features disabled,"

Again why? a good "haxor" would be running a script that is changing the data at random or delivering known false data. It's better to hide in a sea of noise than it is to stand out by delivering NOTHING at all.

Re:Coffee shop?

And more important than all of that, use a totally clean browser with geolocation and any other privacy-destroying features disabled, and locked down tightly to put scripts, flash, cookies (including flash cookies and HTML5 storage) and off-site requests on a whielist system.

You mean something like the TOR browser bundle, or Portable FireFox, or I2P? Check. I use all three in different combinations.

Re:Coffee shop?

Why?

Your laptop running a Live linux distro and USB drive. Untraceable, or do you think that Mac addresses can not be changed.

It is perfectly safe to use the same laptop for good and evil.

Topping that, why even bother spoofing your mac address when you can get a "disposable" usb wifi adapter for less than 10 $.

Re:Coffee shop?

[hawguy]

Why?

Your laptop running a Live linux distro and USB drive. Untraceable, or do you think that Mac addresses can not be changed.

It is perfectly safe to use the same laptop for good and evil.

Topping that, why even bother spoofing your mac address when you can get a "disposable" usb wifi adapter for less than 10 $.

Because unless you dispose of it regularly, if the cops confiscate it and find that it matches the MAC address linked with questionable activity at a coffee shop, then you're screwed. If you set your MAC address to some randomly generated number on each visit, then they can't easily link your hardware to the coffee shop logs. (i'm ignoring other fingerprinting that they could be doing to identify your hardware since if someone is interested in you enough to do advanced network analysis to find you, they're interested enough to track down your Wifi signal the next time you get online.)

But if you are worried about Wifi fingerprinting, then the disposable Wifi adapters you mentioned would be the way to go - as long as you really do dispose of them.

Re:Coffee shop?

Sounds good, just make sure your not logged into your google or facebook account while you do it.

Re:Coffee shop?

[Larryish]

True dat.

LiveCD is your friend.

Re:Coffee shop?

[BitterOak]

How about a coffee shop's free Wifi using a spoofed MAC address while I'm sitting at the restaurant next door?

Just make sure the restaurant doesn't have any security cameras. And make doubly sure you don't walk past that coffee shop going to the restaurant as their security cameras might pick you up through the window. And don't park anywhere nearby. And make sure no security cameras catch you walking from the restaurant to your car, etc.

Re:Coffee shop?

How about a Tails Live CD tails.boum.org/
hard to beat linux +Tor on a live CD

Re:Coffee shop?

[AverageWindowsUser]

who even really needs a cell phone to begin with?

panopticlick

[jginspace]

What degree of anonymity are you looking for? Exactly which of the HTTP request headers do you wish to be anonymized? Okay so your proxy is not passing on your IP address. So It's not passing on common proxy behaviours (like HTTP 1.0 requests). And there's no 'proxy' anywhere in the request. You're not even using TOR. Well done. Now check Panopticlick. You're not anonymous. Now exactly what kind of proxy where you looking for and what kind of anonymity were you looking for?

Re:panopticlick

...And absolutely NOTHING that's uniquely identifying comes up from that site.

Try again? Please insert coin.

Re:panopticlick

[Flere+Imsaho]

"Within our dataset of several million visitors, only one in 64,462 browsers have the same fingerprint as yours."

I'm special! I knew mother was right!

Re:panopticlick

Tor Browswer bundle

Re:panopticlick

"Your browser fingerprint appears to be unique among the 1,934,376 tested so far."

So there...

Re:panopticlick

[gknoy]

Your browser being unique means that, in theory, your behavior on various sites could be correlated, even if you have proxies hiding your IP. On the other hand, identifying who those fingerprints belong to might be a bit hard to do, except perhaps for various three letter agencies.

The moral is clearly that if one wants to do Secret Stuff online, one should use both many proxies (paid for with prepaid cards as mentioned above), and a browser/OS that is not your normal one. Don't post torrents on the same machine that you do your banking, basically.

Re:panopticlick

"Your browser fingerprint appears to be unique among the 1,934,548 tested so far."

jesus christ!

Re:panopticlick

except the java shit i was asked to run...

Re:panopticlick

[religious+freak]

Wow - people should take a look at this. Great (if a little disturbing) info! I should really donate a few bucks to EFF.

Re:panopticlick

[Trax3001BBS]

"Within our dataset of several million visitors, only one in 64,462 browsers have the same fingerprint as yours."

I'm special! I knew mother was right!

Snicker... my browser's "fingerprint appears to be unique among the 1,935,397 tested so far."

Opera, I allow cookies which I then shift through for sites to put in my HOSTS file.

I know it's a site like GRC's "Sheilds up" https://www.grc.com/x/ne.dll?bh0bkyd2
I know better but still get a warm fuzzy being graded stealthy.

----
Thanks for posting this question. I've been thinking of putting
up a TOR site for public use, but for now pulling stuff out of my
rear as I know little to nothing about it.

This thread gives me more of a clue... Just need to figure out what a "Seven Chains" is :}

anonproxy.fbi.gov works for me

n/t

VPNReator

I was using Patriot Internet, but since they no longer run a VPN service I switched to VPNReactor.

https://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/

Get Coccon

[mbeckman]

I use Cocoon (GetCoccon.com). It's free, and they are very clear in their privacy policy that they don't store logs tracking where you go:

.

"Inside Cocoon we do not track where you go or what you do online... Only operational information, such as processing speed or what features are under greatest demand, may be used to ensure Cocoon provides the best possible performance and experience to our users."

There is the question of how enforceable this promise is, since Cocoon is ad-supported. It's in their privacy policy, however, so I presume that is legally binding on them. I like that Cocoon comes right out and say that they don't track anything, though. Does any other proxy do that?

Depends on why ..

[mindcandy]

Like always, the question you have to ask is "who am I hiding it from"?

TOR works well, but is neither anonymous or private (meaning TOR traffic is easy to identify at entry, so the ISP will know you're doing it). At exit, the traffic is the same as it entered .. so unless your transport itself is encrypted, it's game over if the exit op is malicious.

Paid proxies are good for casual "don't want the boss seeing it", and many of these are plain HTTPS so they're harder to spot. Teathering your personal phone also works here.

If you're doing something illegal, the safest bet is probably long-range wifi (to somebody else's equipment) + proxy (tor, VPS with stolen CC, etc.) and even then you've got to move around a bit.

you're chasing a snark

What makes you think that there is any anonymous proxy in the world that can not be traced back to the user with the investment of sufficient funds and force by a sufficiently motivated tracker?

The only thing that you can do is cover your tracks enough that it is not worth the cost for anyone to track you down. Anything beyond that is illusory.

Re:you're chasing a snark

I ain't sure if this could be used to help hide ones tracks, but you can plug an activated time warner cable modem into pretty much any active time warner cable connection and it will work.

I've been paying for my little sisters internet and time warner is three addresses behind on her information, but it still works since her apartment complex has free standard cable.

Obviously it won't be hard to track down once it gets noticed, but I imagine they would check the address it is suppose to be at first before trying to back track it's location though their network to find it's actual location.

Re:you're chasing a snark

[EETech1]

The condos I used to live in came with free cable and Internet. When I called TWC to ask how to connect to the Internet, they told me to use the cable modem that was installed. When I said there was none, and after two weeks screwing around on the phone, I went into the local office, and asked there. She went through the billing, and found the old modem, and called someone and told them the old numbers, and gave me a new one. When I asked if they were using that modem to get free Internet at a different location, she laughed and said only for about 5 years now, but that will stop soon, as soon as they located which house it was in!

Cheers

Re:you're chasing a snark

Was about to celebrate till I realized that the apartment complex was paying for the persons internet and that it wasn't just that time warner can't figure out how to cut someone off when they quit paying and aren't where they should be. They should only have to inactivate the mac address for the modem to cut someone off.

Re:you're chasing a snark

They were paying a bulk rate for the whole building, and did not charge a monthly fee for the modems. I did try to go to Best Buy and get my own cable modem, and have it activated there with the hope of having one I could also take with me if I left. Alas they could not provision it for some reason, and I had to get one from them. I hope it still works if I ever get cable again:)

I asked the TWC technicians about locating the old box while they were there fixing an outage caused by construction in the building, and they said they find out what part of the network it is on, and has been on, and try to tie it to a name that has had similar addresses in the system to try and find it that way first.

Then the techs at the local office see if they can find out anything by seeing what's connected to it, and gather info on the connected devices (computer name or router info (according to him no DPI)) or have it ping a few other devices in the suspected home or area to see if it is noticeably close to anything that helps them find it further.

Then they will ultimately try to connect to it at the pole or cabinet and get it to respond to a ping, and go knock on the door. He said they tend to disappear (rapidly and) temporarily from the network when the cable truck is in the neighborhood so getting the right cable the first time really helps in actually finding it!

This was about 3 years ago BTW, and it seemed like one of their more enjoyable work order items by the way their faces lit up and they bubbled off information.

He said as long as the account is paid, they usually don't care if it moves because someone might bring it to their significant others house to do homework, or watch Netflix, so they want to give them the flexibility to bring their Internet or DVR with them, instead of locking it down (easy) to a particular subnet and having to deal with every legitimate reason people would want to move it, and all the calls and wasted time to do that would just end up giving the customer a worse customer experience, and a possible desire to switch to a mobile data provider to let them do what they want to do.

It's just another way to lock you in essentially, (or one less reason to leave, depending on how you look at it) that saves them a ton of time and hassle along the way.

Cheers!

VTunnel has a proven track record

[diversiform]

of thwarting FBI requests: http://arstechnica.com/tech-policy/news/2011/08/exclusive-how-the-fbi-investigates-the-activities-of-anonymous.ars

Torrent Security

My company has used Torrent Security for private browsing and it seems to work and the setup is really easy. Just my 2 cents worth.

Tor + Https?

How about tor and https?

Anonymity of tor plus the privacy of https...

homer do good?

How do you know they're anonymous?

[harl]

Let me point out the elephant is in the room.

How do you verify the anonymity?

Re:How do you know they're anonymous?

[Dwedit]

Load a website you control and look for "X-Forwarded-For" in the HTTP headers?

Re:How do you know they're anonymous?

[kiwimate]

How do you verify the anonymity?

Because they haven't been caught yet. Duh.

It's either that, or face up to the fact that nobody's actually looking for you/you're not really all that terribly interesting.

Re:How do you know they're anonymous?

[harl]

How does that tell you that when someone comes asking they won't turn over all the logs?

Re:How do you know they're anonymous?

Load a website you control and look for "X-Forwarded-For" in the HTTP headers?

This site will give you all the headers, and highlight a few significant ones:
http://simplesniff.com/

Re:How do you know they're anonymous?

[Dwedit]

It doesn't. There's no way to find out who won't rat on you later on.

Re:How do you know they're anonymous?

[harl]

Exactly my original point.

Obvious

Computer equipment is regularly stolen (cough, "seized") by the US government when they can make up an excuse -- and even when they can't make up an excuse. It's a power trip for the low-level pawns who do the actual work, but it's part of a much bigger, longer-running plan for the elite at the top of the pyramid who actually put this system in place.

In a nutshell: Government is a business; oppression expands market share and raises operating costs. (They aren't spending their own money in case you didn't know.)

but why so much?

[doston]

I completely respect people's privacy, but when they insist on SO MUCH and total privacy, it even makes me wonder what they're up to. Personally, I use the "do not track" feature on firefox, which is probably useless and per the WSJ article on privacy, I added the Ghostery and Better Privacy add-ons to Firefox...they're supposed to further help. I'm not sure what I'd be doing to require a botnet or a truly anonymous proxy. Even when I thought about growing my own pot, I just used my regular browser and emailed friends about it over gmail. Probably not real bright. I'd like to know what you're all up to that requires such anonymity.

Re:but why so much?

[That+Guy+From+Mrktng]

Wondering the same but just watching at the current situation there little difference between kiddiporn and some 12 yo downloading the latest Biever POS.

Soon Facebook will be the sanctioned INTERNET (with it's own currency and all) and everything outside will be cast with a shadow of illegality. Prove me wrong.

Re:but why so much?

Blarf, that is the "If you have something to hide, you would protest survelliance" argument.

Some ISPs log behavior and sell it. I'm sure people don't want their pr0n browsing history sold to whomever ponies up enough to buy it. Other ISPs actively inject ads into the browsing stream.

I use a proxy not because I'm running warez/moviez/music, but for privacy reasons. When I'm done with a browsing session, only the target I browsed and I should be aware of the activity afterwards.

Re:but why so much?

when you were about to tell your pals about your quest for the green thumb you didn't think about privateness of your communication channels, so it must mean that OP is probably a mass murder.
right.
it's not about how big could be OP's crime, it's about how dumb you were.

Re:but why so much?

Perhaps you haven't given a lot of thought to your career, how much you'd like to keep it, and how easy it would be for you to lose it.

In my case, I work at a federal civilian agency whose mandate is supposedly of a strictly technical nature. It is, however, extremely political.
My personal viewpoints are not the same as the officially sanctioned ones. Diametrically opposed, in some cases.

I don't have to do or say anything illegal. Just saying something that doesn't reflect the party line is enough. Maybe I won't feel the repercussions the next day.
More like I wouldn't get as much of a raise. Or perhaps my government customer would 'run out of funding' for my position. Or that the winning contractor on the recompete for the contract I'm on would drop me because they didn't like what I'd said, or even that in the negotiations with the government, someone said 'you can drop that one' when the pool of incumbents to stay on is being reviewed.

All of these are soft, untraceable punishments for not thinking the right way.
I like my job, I'm good at it and it allows me to serve my country. I also *need* my job.
Knowing this, I don't post my personal thoughts, ever. I'm sufficiently paranoid that I'd also prefer that even my reading habits remain anonymous as well.

Most = SLOW AS DIRT, but here goes... apk

http://www.publicproxyservers.com/

* Surfing via allegedly "non-big-brother run" ANONYMOUS PROXIES is slow as frozen honey, but, that's a list I have used before...

(Once in awhile though, you can find one that's pretty fast actually, but I've found that 9/10++ times or better, most are again, slow...)

APK

P.S.=> Enjoy... apk

HideIPVPN

[b0bby]

http://www.hideipvpn.com/ has servers in the US & UK; I use them once in a while if I want to access region specific content. Pretty cheap and fast enough for my needs so I'm happy.

Re:HideIPVPN

[allo]

us and uk are the regions, where vpns need to keep logs. try using a swedish one, if you want to be anonymous.

FoxyProxy - fastest, most reliable IMO

[THE_WELL_HUNG_OYSTER]

https://getfoxyproxy.org/proxyservice/

IIRC - They & those LIKE they, used "Triangle

OR, they did - I posted about it way, Way, WAY back yrs. ago on another forum, approximately 2001-2002 iirc in fact!

(Someone NEW joined those forums in fact, directly confronting ME on it no less, & he was claiming to be from the U.S. Gov't. asked me HOW I knew of it (I read it in a magazine, iirc, EWeek or something like it))

---

PERTINENT QUOTE/EXCERPT:

http://en.wikipedia.org/wiki/TriangleBoy

"TriangleBoy is a proxying tool designed to allow users to get around firewalls and censorship, and anonymously visit web sites. The tool was created by Stephen Hsu, founder of SafeWeb,[1] which later stopped support and distribution of the tool. The software was developed using seed money from the CIA,[1][2] and TriangleBoy was supported in part by the Voice of America as a way for Chinese readers to be able to reach the VoA website while bypassing China's Great Firewall."

---

(Sounds PRETTY MUCH like today's "TOR" with exit node endpoints & all... now, allegedly, it's no longer developed, but I have the feeling & have "heard tell" that the gov't. has its OWN setups of "TOR-like"/"Triangle Boy"-like systems anyhow nowadays - I wouldn't doubt that whatever's in use by they now came from its roots in TriangleBoy code I'd wager...)

APK

P.S.=> And? Well... there you go, enjoy... apk

Free VPN

[metrometro]

Many people will post suggestions for incredibly difficult to implement solutions. I work with groups of people (journalists, mostly) which need something NOW, that they can run themselves without getting a degree in network engineering.

For them, I send them to AnchorFree Hotspot Shield.

Free, ad supported (you can run AdBlockPlus) and allegedly does not log for non-paying accounts (I wouldn't want to know either). It gives you a random IP address terminating in Northern California, which is very helpful for people with censorship issues.

Proxies etc

The place I have been using for about a year now is Torrent Security, they have a solid socks v5 proxy that works for torrent clients as well as in your browser for anonymous surfing - They have a 3 day trial as well, had nothing but good luck with them. - http://www.torrentsecurity.com/

People are such idiots

1. User thinks "Hey, I'm in danger and the F..B...I... is looking at my surfing of Sailor Moon/blogging about naughtiness from my parents' basement".
2. User goes through all this junk to try and hide something which nobody cares about.

On the flip side:

1. Various security organizations are fully cognizant that this is going on.
2. So they focus their efforts on the same tools being used in User's step #2.
3. ...with a huge amount of success. Yeah, really - you think those things actually work? Security theater, jackasses.

FBI running proxies

Assume proxies are being run by the authorities or at least more closely watched. Same with using encryption; it will be under far more scrutiny. Unless you personally know the person running the proxy server there isn't any reliability.

Never trusted them either

[AlienSexist]

Being paranoid, I cannot resolve the chain-of-trust for anonymous proxies. For all I know Big Brother, with his infinite budget, owns and operates all of these so called proxies anyway. Honeypots if you will. Not only are they well-positioned to see what you are trying to conceal but even collaborate among other owned nodes to see just how far you're willing to take it. So in the worst case you are drawing even more attention upon yourself. You cannot really know. Is it safer than not using a proxy at all? Possibly.

if I'm reading this correctly....

...don't trust the government?

Recommended by Anonymous

[IronHalik]

IPpredator.se and anonine.se. Both from the freedom loving land of Sweden. You get SSL and PPTP with 2048kb or 128kb encryption (IPredator supports PPTP only IIRC).

PRQ

[dissy]

http://prq.se/?p=tunnel&intl=1

PRQ is based in Sweden, and has their own ASN (read: they are their own network, connected to multiple upstream backbones)
They offer all types of services in addition to VPNs: colo, dedicated hosting, and shared hosting.

Their tunnels offer a static IP and no ports blocked (for running servers if that's your thing), so you'll want to provide your own firewalling. They use straight OpenVPN too.
They have a strict privacy policy and appear to follow it.

This is the same ISP that hosts the pirate bay too, which should give you an idea how they handle requests from certain other countries due to the whining of certain media cartels...

I've been a customer for awhile now and quite happy.
I am even planning to colo with them in the next couple of months if all goes well. (Previous data center I've been with has changed company names like three times now in the past six months, and now plans to jack their pricing up)

Test them

[PPH]

1) Log on using someone else's credentials (someone you don't like).
2) Generate a file of random bytes.
3) Post it to a file sharing site through the proxy with an annotation that these are the final plans for World Jihad. Append "Allahu Akbar" for good measure.
4) See if the person who'd credentials you borrowed is dragged off to Gitmo.

Never underestimate traffic analysis...

[kbonin]

Think what you could do with an unlimited budget and sufficient taps of peering and backbone links. Now add in CALEA backdoors with poor security, and think about how these scale. Now think about how anonymizers work. Now read up on traffic analysis. Don tin foil hat...

VPNs

[penguinman1337]

IF you're really serious about security the best way is to find a non-logging vpn service, preferably one that's encrypted. US based companies are legally required to keep logs on their us based servers. Best bet is a sweedish server. It's not 100% but still much better than most options.

When it matters

When it really matters, and you don't want to rely on an open WiFi connection being available.

* Netbook/Laptop
* Fresh install of any convenient OS. Bonus for booting from USB.
* 3G USB modem - buy with cash.
* Prepaid 3G SIM chip - buy with cash.
* Voucher for prepaid SIM chip - buy with cash.

  If it really matters, destroy the SIM chip and 3G modem when done.

  Consider the possibility that you were recorded on CCTV when buying the SIM chip, the 3G modem, the voucher.
  The chance that the Powers That Be will trace the these to a given retail outlet and search back for CCTV is probably small, but if it matters enough, take appropriate steps - something simple might be OK, like wearing a Guy Fawkes mask while doing the shopping.
Buy your modem, simchip long before you need to use them. Top-up vouchers have a limited life, but are available everywhere. Choose somewhere without CCTV for buying this.

use a Road Warrior VPN

Just use a Road Warrior VPN, to secure all your connections!

FYI

[dohnut]

Just so you know, some of these file sharing services block IPs coming from well known (often commercial) proxies. There are, of course, other sites that block IPs from proxies too which may or may not adversely affect your Internet experience while using said proxy.

The main reason to use a proxy when doing things like file sharing is to avoid detection by your ISP. Some ISPs are quite nosy and will block you from file sharing sites especially if they notice you are consuming "too much" bandwidth transferring data from those sites. In cases where your ISP is the only broadband game in town you may want to add an extra layer in between what you are doing online and the ISP and a proxy can be useful to that end. When the copyright owner complains they will complain to the operator of the proxy which then may terminate your (proxy) service but hopefully your ISP is kept out of the loop.

I would never trust a proxy to make me completely anonymous no matter where it was physically located. If you commit a serious enough crime no proxy will protect you.

If you want to be truly "anonomous"

[Lumpy]

Pay for a proxy, but use a prepaid visa that is not registered in your name (hard to od but not impossible) then NEVER connect to that proxy from the same starbucks, mcdonalds, etc...

Yes this means you have to use hacker tactics for not getting caught. That is the price for living in a oppressive country.

VPN list of +100 providers

A VPN works just fine but you need to make sure to choose a provider that will not get scared at the first silly email someone sends to them, you can find a list with over 100 VPN providers here: http://www.privacylover.com/vpn-and-ssh-tunneling-providers-for-anonymous-internet-surfing/

Paying to downl^H^H^H^H^H check email anonymously

Too bad the **AA and similar cannot propose a business model so that some money gets to authors/creators as opposed to VPN providers.
Well I guess they don't really care. They just want to continue as it was in the glorious days.

In the meantime, there are plenty of cheap VPN provider (e.g. vpntunnel.se , very reliable, I recommend) that claim that they store no logs.
Sad.

Loads of services available to you

[beachcoder]

There are literally hundreds of anonymous proxy services for all kinds of situations. In the past I've used these:

Anonymous proxies
IPFreely Proxies

A private VPN might be more up your street though, depending on what exactly you're protecting, but the services will depend on where you live.

Torrentfreak did a great article on private VPNs

They, of course, focus on torrenting through VPN, but anyone private enough to protect you from torrent lawsuits is private enough to protect you from other things you might want to do.

http://torrentfreak.com/best-vpn-proxy-bittorrent-110618/

Torrentfreak has a nice list of private VPNs

[idonthack]

http://torrentfreak.com/which-vpn-providers-really-take-anonymity-seriously-111007/

Re:Torrentfreak has a nice list of private VPNs

[allo]

what does the P in VPN stand for?

Chaining proxies

I imagine that you can connect to any of the available free proxies. Then, use this proxy to connect to other proxies. If you ever got backtraced, someone, somewhere will screw up with the logs, and then you are safe :)

Freenet

[nurb432]

Solves both problems. And you don't have to trust any one company, or result to illegal tactics like bot nets.

Its really about time everyone moves over to it.

Re:Freenet

[Rennt]

Tried it. Learned my lesson. The place is choked with CP. I'm talking actual rape here - not merely the kind of naked kiddie pictures that get you sent to a federal prison these days. This is stuff you NEVER see on the internet. The real, horrific, deal. There may be "safe" areas, but I couldn't find any, and I didn't exactly want to hang around to find out.

I want something like Freenet to exist. I believe we have the right to unregulated communication, individuals should just suck it up when they are offended rather then resorting to censorship and control. But Freenet appears to be used by criminals exclusively. I couldn't see any evidence of the kind of crypto-hippy idealism I expected.

I'm not going back anywhere near that cess-pit, and I'm not helping to enable it.

Re:Freenet

[nurb432]

1 - If you dont like someting dont look at it.. its not that hard really. Plenty of regular content there if you take 5 minutes to look.
2 - Content will only incrase/change if more people use it. ( oh, and speed too.. )

Re:Freenet

[karnal]

But if you have to look, then telling someone not to look at it is kind of an impossible proposition, right?

Re:Freenet

[nurb432]

Not really. If you are using the main 'index' sites, they do their best to completely remove CP and other hard core offensive items, and categorize what is left. So it's quite easy to avoid viewing the "sites" you don't agree with.

Sure you might see that it exists, but you wont see the actual content that offends you. Not much different than real life.

Not exactly anonymous, but close

[reboot246]

I live next door to CowboyNeal and use his unprotected wifi.

The first rule of proxies

[Vrtigo1]

Is you do not talk about proxies! Seriously though, anyone who is halfway serious about their privacy isn't going to post details of how they retain their anonymity on a public blog where it's easily accessible and their IP, e-mail and possibly name is just one subpoena away...

You always have to trust someone

Either that the person(s) running the proxy is reliable or that they are competent. Will they stand up to the government if the government comes knocking at the door? In their place I won't - don't have the time, money, freedom or guts to do that myself, so would they?

Are they snooping on your communications or selling data or access to your communications to someone else? (you might not consider your internet activities important enough for that, so why bother with using an anonymous proxy?). Or are they one of the three letter agencies themselves? If I was running one of those agencies I would be running 'anonymous' proxies and Tor exit nodes all over the place. It does not cost much, especially on the budgets they have. I would be really surprised if they're not doing it already.

Then there is a lot of 'admins' with the unstoppable urge (or breathtaking incompetence) to log everything and store those logs forever. How many dodgy servers have been taken down with lots of people getting arrested based at least partly on what was in the server logs? Server logs!? Seriously?!

Are you sure all your communications are going through the proxy? What about DNS requests? What about the zillion other things things your PC does over the internet in the background that you don't know about? Run Wireshark on your PC for a few hours (Windows AND Linux and probably OSX also) to see what I mean. Again, you might not be too concerned with that, but then why bother anonymizing at all?

You'll always have to trust someone along the way, including what you think you know.

Re:IIRC - They & those LIKE they, used "Triang

You've doomed us all - since you didn't mention the hosts file, the world will now end within the next 24 hours

Tor Worm

The Tor Project is a good start.

http://www.torproject.org

But, we need more Tor Relays and Exit Nodes. If Tor was embedded in malware (and randomly chose to be exit/relay), that might actually might do some good against evil governments around the world. Also, worms that seeded p2p networks with fake known illegal files just to overwhelm the Thought Police in certain countries and give plausible deniability to people in China, Iran, et al.that get raided wouldn't be such a bad thing either. I'm surprised this hasn't already happened.

The big letdown...

[Vrtigo1]

...is that after all the hard work you put yourself through to buy untraceable visa gift cards to pay for a VPN service to use with your 7 proxies on an open wifi connection...you get no satisfaction. What do I mean? Well, what's the payoff? How do you know you were successful? When the feds DON'T break down your front door?

Re:IIRC - They & those LIKE they, used "Triang

He only doomed anonymous coward stalker trolls like you.

Anonymous browsing

Timothy,

All the anonymous proxies you mentioned are internet based proxies and you are right, it is hard to trust a third person with your data. But why dont you use janus VM(just mentioning because it is not one of the options on the link you provided). It is a VM you run on one of your systems on DMZ port for example and then you route through it. So yes, it is hard to trust someone else but you can trust yourself. Have fun.

http://www.vmware.com/appliances/directory/86043

Answer to your question

[Nnaik]

So just out of laziness I posted without login in and SlashDot calls posting anonynously "Anonymous coward"? Strange!!! Timothy, All the anonymous proxies you mentioned are internet based proxies and you are right, it is hard to trust a third person with your data. But why dont you use janus VM(just mentioning because it is not one of the options on the link you provided). It is a VM you run on one of your systems on DMZ port for example and then you route through it. So yes, it is hard to trust someone else but you can trust yourself. Have fun. Timothy, All the anonymous proxies you mentioned are internet based proxies and you are right, it is hard to trust a third person with your data. But why dont you use janus VM(just mentioning because it is not one of the options on the link you provided). It is a VM you run on one of your systems on DMZ port for example and then you route through it. So yes, it is hard to trust someone else but you can trust yourself. Have fun. http://www.vmware.com/appliances/directory/86043 janusvm.com