I appreciate your skepticism over SafeWeb as privacy advocates and would like to clarify several legitimate concerns you raise.
(1) SafeWeb is a filter proxy and more. It not only rewrites HTML but also is the first to seriously rewrite and sanitize all DHTML (our unique achievement). It also encrypts all content with up to 128 bit SSL protecting you against dangers bigger than DoubleClick like invasive employers, IT staff, ISPs, governments, etc.
(2) Anyone you trust your data stream to is in a position to abuse it including SafeWeb. ZeroKnowledge has designed an elegant system that makes this much less likely, but ultimately some trust must be vested in all these systems.
(3) SafeWeb targets ads based upon content, not cookies. We can accurately target a Nike Tiger Woods ad based upon the fact we are serving up Yahoo:Sports:Golf rather than knowing anything about who is viewing this page. This is more than sustainable.
(4) SafeWeb is a web-based privacy product and is not intended to secure NNTP, IRC, SMTP, or FTP. However, it can secure web-based news, chat, mail, and ftp via your browser which is the ubiquitous Internet application.
(5) Anonymizer, ProxyMate, and others predate SafeWeb, but they are not encrypted nor do they rewrite DHTML so most sites break or are passed unsecured. This is why we make the claim of "first".
I apologize for inflaming the many passionate supporters of ZeroKnowledge. It is a technically elegant product that works well in specific situations. SafeWeb's strength is its effectiveness, free accessibility, and ease of use for general situations. This is the fundamental distinction I think is reasonable to draw without slighting either side unfairly. Let's take this discussion off-line; please email any serious follow-ups or inquires to webmaster@safeweb.com.
In my original post I was trying to describe the limitations of current privacy solutions which we found frustrating and which motivated us to create SafeWeb. A couple of readers took exception to various claims made which I would like to substantiate and explain.
ZeroKnowledge's product, although very sophisticated, suffers from a number of drawbacks that make it difficult to use for most people in common situations. It is clearly not a one click solution to privacy that is accessible for everyone, anywhere, for free, without downloads. Online privacy problems affect everyone, yet most publicized solutions are only partial or specialized and consequently impractical and frustrating for the average Internet user. These users then resign themselves to surrendering their online privacy as a technical cost of using the Internet. The result is a flawed Internet community, and governments threatening to regulate the Internet with overtones of censorship.
First, let's address some issues I raised in my original post.
(6) It does not work with popular software such as McAfee's Personal Firewall, FrontPage webserver, Netware Client32. If you are using Nyms, it also does not work with Outlook, Napster, or PCAnywhere. This is documented on the ZeroKnowledge website under the main support page as #3 among the Top 10 Known Issues and detailed in Issue #57: Applications not supported by Freedom.
(8) Most users are simply not going to be willing to (or, in managed networks, permitted to) install Freedom. The office is where users have access to a new computer, fast Internet connections, and a nice laser printer. In the increasingly long workday, many people are forced to attend to personal matters from their workplace. Individuals need private access to the Internet at work just as they need private access to the telephone to conduct their lives.
I respect and admire ZeroKnowlege for the challenges they took on in addressing Internet privacy issues. However, their product is very specialized in its architecture and designed to solve a particular subset of privacy problems. The ZK folks have been big supporters, educators, and sponsors of privacy, and we owe them our gratitude. Finally, the depth of their technical product speaks directly to their skill set and ingenuity.
I'm posting to inform people about our web-based solution to the privacy problem, a solution that addresses all the issues outlined above and that aims to serve a broader audience. Our approach has many distinct technical challenges just like the download model. We do not claim to have the complete solution, but we feel we are the closest to a practical solution that works for the majority of Internet users. Ultimately the veracity of these claims will be borne out by users: try out SafeWeb and compare it to Freedom. Decide for yourself. Again, if you have constructive feedback in how we can build a better privacy technology we are eager to hear your suggestions. Email us at webmaster@safeweb.com.
Although ZeroKnowledge has great technologies it suffers from a few basic fatal flaws that makes it unworkable as a general privacy solution:
(1) Costs money which experience shows very few will pay for
(2) Very slow due to fundamental network design of bouncing packets multiple times across smaller ISPs - nothing can be done about this
(3) Easy to block at firewall because it always runs at fixed high numbered ports (51101,02,07,09) so forget about relying upon access at work, libraries, schools, etc
(4) Currently only works/supported on Win95/98 - other version promised but none delivered and it will be a long, slow, expensive process to port and support - do you really think that Mac or Linux users will get the same support levels as Win95/98 users?
(5) Doesn't work with AOL (23M users in US), CompuServe 2000 (?M users) and free ISPs like DirecPC - over a quarter of US Internet users denied access.
(6) doesn't work with very popular software including McAfee Personal Firewall, Microsoft FrontPage personal webserver, Netware Client32, MS 98SE' Internet Connection Sharing, etc. Nyms will not work with common software such as MS Outlook, Napster, PCAnywhere, cookies filter utilities, etc. I don't know many web surfers who are not using at least one of these applications, which mean ZeroKnowledge will not work for them.
(7) Does not work with common web sites because it does not support client side cookies with nyms. How many users will tolerate being locked out of NYTimes.com or Yahoo.com?
(8) Is a large software download that is easily blocked from installation, detected running, and removed automatically from managed corporate networks - upto 50M US corporate workers lost.
The best way to avoid all these problems is to avoid download software packages altogether. A web-based privacy solution should work with your existing browser, computer, network, and ISP but provide the same levels of encryption as ZeroKnowledge.
Anonymizer has been the best of the web-based privacy solutions but it (1) costs money $60/yr, (2) doesn't encrypt you personal web traffic so all data is visible except the URL, and (3) doesn't work with most popular rich web sites like sony.com, hotmail, webvan, etrade, etc because they cannot handle DHTML like JavaScript, VBScript, CSS. Instead, it either blocks all DHTML breaking a site's functionality *OR* passes it unprotected which reveals your identity online.
SafeWeb.com is a web-based privacy solution that just launched last Wednesday (See CNET news.com). SafeWeb is the solves all the problems that both ZeroKnowledge and Anonymizer have listed above and enables users to surf the entire web privately (cookie management anonymity) and securely (128bit SSL) from anywhere at anytime for free - no downloads. SafeWeb finally delivers a practical solution to the growing problems of online privacy by solving all these technical problems with an easy to use service for your existing browser. Let us know your feedback at webmaster@safeweb.com and in this forum.
Slashdot Mirror
(1) SafeWeb is a filter proxy and more. It not only rewrites HTML but also is the first to seriously rewrite and sanitize all DHTML (our unique achievement). It also encrypts all content with up to 128 bit SSL protecting you against dangers bigger than DoubleClick like invasive employers, IT staff, ISPs, governments, etc.
(2) Anyone you trust your data stream to is in a position to abuse it including SafeWeb. ZeroKnowledge has designed an elegant system that makes this much less likely, but ultimately some trust must be vested in all these systems.
(3) SafeWeb targets ads based upon content, not cookies. We can accurately target a Nike Tiger Woods ad based upon the fact we are serving up Yahoo:Sports:Golf rather than knowing anything about who is viewing this page. This is more than sustainable.
(4) SafeWeb is a web-based privacy product and is not intended to secure NNTP, IRC, SMTP, or FTP. However, it can secure web-based news, chat, mail, and ftp via your browser which is the ubiquitous Internet application.
(5) Anonymizer, ProxyMate, and others predate SafeWeb, but they are not encrypted nor do they rewrite DHTML so most sites break or are passed unsecured. This is why we make the claim of "first".
I apologize for inflaming the many passionate supporters of ZeroKnowledge. It is a technically elegant product that works well in specific situations. SafeWeb's strength is its effectiveness, free accessibility, and ease of use for general situations. This is the fundamental distinction I think is reasonable to draw without slighting either side unfairly. Let's take this discussion off-line; please email any serious follow-ups or inquires to webmaster@safeweb.com.
ZeroKnowledge's product, although very sophisticated, suffers from a number of drawbacks that make it difficult to use for most people in common situations. It is clearly not a one click solution to privacy that is accessible for everyone, anywhere, for free, without downloads. Online privacy problems affect everyone, yet most publicized solutions are only partial or specialized and consequently impractical and frustrating for the average Internet user. These users then resign themselves to surrendering their online privacy as a technical cost of using the Internet. The result is a flawed Internet community, and governments threatening to regulate the Internet with overtones of censorship.
First, let's address some issues I raised in my original post.
(1) ZeroKnowledge's product, Freedom, costs: $49.95 USD
(2) It is unnecessarily slow, bouncing packets between three 2nd tier ISPs.
(3) It is easy to block at firewalls since it requires fixed ports 5110 through 51113 to be open ( the second to last line on this page describes this incompatibility ).
(4) It only runs on Win95/98.
(5) It does not work with AOL, CompuServe2000, and some free ISPs. Even if you think "AOL sucks" as one commentator said, Internet privacy is a global issue and by protecting the 24M AOL users we protect ourselves by making it more difficult for eavesdroppers in general.
(6) It does not work with popular software such as McAfee's Personal Firewall, FrontPage webserver, Netware Client32. If you are using Nyms, it also does not work with Outlook, Napster, or PCAnywhere. This is documented on the ZeroKnowledge website under the main support page as #3 among the Top 10 Known Issues and detailed in Issue #57: Applications not supported by Freedom.
(7) ZeroKnowlege has difficulty with cookies. Their support page lists two known, unresolved problems dealing with client-side cookies in Issue #222: Websites say I don't have cookies enabled and Issue #223: Some websites won't let me log in.
(8) Most users are simply not going to be willing to (or, in managed networks, permitted to) install Freedom. The office is where users have access to a new computer, fast Internet connections, and a nice laser printer. In the increasingly long workday, many people are forced to attend to personal matters from their workplace. Individuals need private access to the Internet at work just as they need private access to the telephone to conduct their lives.
(9) ZeroKnowledge users must register personal and credit card information. The less information out there about you the more secure and private you'll be online.
I respect and admire ZeroKnowlege for the challenges they took on in addressing Internet privacy issues. However, their product is very specialized in its architecture and designed to solve a particular subset of privacy problems. The ZK folks have been big supporters, educators, and sponsors of privacy, and we owe them our gratitude. Finally, the depth of their technical product speaks directly to their skill set and ingenuity.
I'm posting to inform people about our web-based solution to the privacy problem, a solution that addresses all the issues outlined above and that aims to serve a broader audience. Our approach has many distinct technical challenges just like the download model. We do not claim to have the complete solution, but we feel we are the closest to a practical solution that works for the majority of Internet users. Ultimately the veracity of these claims will be borne out by users: try out SafeWeb and compare it to Freedom. Decide for yourself. Again, if you have constructive feedback in how we can build a better privacy technology we are eager to hear your suggestions. Email us at webmaster@safeweb.com.
Jon Chun
President
SafeWeb
(1) Costs money which experience shows very few will pay for
(2) Very slow due to fundamental network design of bouncing packets multiple times across smaller ISPs - nothing can be done about this
(3) Easy to block at firewall because it always runs at fixed high numbered ports (51101,02,07,09) so forget about relying upon access at work, libraries, schools, etc
(4) Currently only works/supported on Win95/98 - other version promised but none delivered and it will be a long, slow, expensive process to port and support - do you really think that Mac or Linux users will get the same support levels as Win95/98 users?
(5) Doesn't work with AOL (23M users in US), CompuServe 2000 (?M users) and free ISPs like DirecPC - over a quarter of US Internet users denied access.
(6) doesn't work with very popular software including McAfee Personal Firewall, Microsoft FrontPage personal webserver, Netware Client32, MS 98SE' Internet Connection Sharing, etc. Nyms will not work with common software such as MS Outlook, Napster, PCAnywhere, cookies filter utilities, etc. I don't know many web surfers who are not using at least one of these applications, which mean ZeroKnowledge will not work for them.
(7) Does not work with common web sites because it does not support client side cookies with nyms. How many users will tolerate being locked out of NYTimes.com or Yahoo.com?
(8) Is a large software download that is easily blocked from installation, detected running, and removed automatically from managed corporate networks - upto 50M US corporate workers lost.
The best way to avoid all these problems is to avoid download software packages altogether. A web-based privacy solution should work with your existing browser, computer, network, and ISP but provide the same levels of encryption as ZeroKnowledge.
Anonymizer has been the best of the web-based privacy solutions but it (1) costs money $60/yr, (2) doesn't encrypt you personal web traffic so all data is visible except the URL, and (3) doesn't work with most popular rich web sites like sony.com, hotmail, webvan, etrade, etc because they cannot handle DHTML like JavaScript, VBScript, CSS. Instead, it either blocks all DHTML breaking a site's functionality *OR* passes it unprotected which reveals your identity online.
SafeWeb.com is a web-based privacy solution that just launched last Wednesday (See CNET news.com). SafeWeb is the solves all the problems that both ZeroKnowledge and Anonymizer have listed above and enables users to surf the entire web privately (cookie management anonymity) and securely (128bit SSL) from anywhere at anytime for free - no downloads. SafeWeb finally delivers a practical solution to the growing problems of online privacy by solving all these technical problems with an easy to use service for your existing browser. Let us know your feedback at webmaster@safeweb.com and in this forum.
Jon Chun
President
SafeWeb