← Autodidact Archive · Original Dissent · Unexpurgated

Thread 1567

Thread ID: 1567 | Posts: 12 | Started: 2002-07-05

Unexpurgated [OP]

2002-07-05 18:37 | User Profile

The [url=http://www.anonymizer.com]http://www.anonymizer.com[/url] home page now features a "snoop" test--see what information your computer reveals about you.

Or take that new proxy out for a test drive! ;)

madrussian

2002-07-05 21:17 | User Profile

The test is pretty useless, at least for me, because it doesn't seem to list any vulnerabilities and looks like a template designed to make people part with their money ;)

Their software isn't guaranteed to prevent snooping on one at work, because their secure tunnel encripts the data stream, but doesn't protect against employer-installed snooping software that can capture keystrokes or screen-shots.

But for someone wanting to use an anonimous proxy to hide one's ip address their basic service may be a good choice.

Okiereddust

2002-07-06 06:23 | User Profile

Originally posted by madrussian@Jul 5 2002, 21:17 **

But for someone wanting to use an anonimous proxy to hide one's ip address their basic service may be a good choice.**

Speaking of the anonymizer MR, I was wondering if you might be able to speculate on a simple question I have. Why would I continually have difficulty logging onto the encrypted version of the anonymizer (the cloak.com) where I work. I can log onto the encypted version fine at home (I'm using it now) but it never seems to work at work - I get "page not available".

Actually I don't understand exactly why anonymizer has this feature anyway, since aren't our browsers all supposed to be using 128 bit encryption anyway?

Leveller

2002-07-06 12:25 | User Profile

Okie,

Although all modern browsers offer 128 bit encryption, only secure sessions - ecommerce usually- are actually encrypted by the server (usually using the SSL protocol). 'The cloak' presumably encrypts all incoming web traffic, so that snooping your local machine won't reveal the website contents, even from plain old unencrypted websites. That's my guess anyway, I haven't used their service.

Faust

2002-07-07 17:09 | User Profile

How did it know where I live. It did get that right. Does anyone know?

Avalanche

2003-01-26 04:01 | User Profile

Anonymizer got both these wrong (well, partly, I use the open source Mozilla, which is kinda Netscape...) But it's an XP machine not NT!

Your Browser Is: Netscape Your Operating System is: Windows NT

It only found 4 previous site visits -- because I use "Open in a New Window" on most links... I keep my first one open as my 'home base, and then open links I want to visit in a new window -- which means each 'version' of Mozilla has very few sites in its history!

darkeddy

2003-01-26 04:32 | User Profile

'User Solution Microsoft in their great wisdom put in some a setting for script clipboard access. You can edit this via Tools > Internet Options > Security > Select a security zone > Custom Level > Scripting > Allow paste operations via script. You can set this to Enable (the default for the internet zone), Disable (default for restricted sites) or Prompt. Personally I recommend you set it to prompt - scripts can still have clipboard access, but only when you say so.'

This approach may reduce clipboard exposure.

Leveller

2003-01-26 08:10 | User Profile

Originally posted by Avalanche@Jan 26 2003, 04:01 ** Anonymizer got both these wrong (well, partly, I use the open source Mozilla, which is kinda Netscape...) But it's an XP machine not NT!

Your Browser Is: Netscape Your Operating System is: Windows NT

Avalanche, Microsoft designates Windows XP as windows NT 5 internally (same as win2000 which I use). This is why it's reported as such. The platform and browser info are reported by the browser when a http request is made. Some browsers, especially little used ones, deliberately report the wrong browser types to ensure greater compatability with web pages designed for IE/netscape.

Drakmal

2003-01-26 08:48 | User Profile

Originally posted by Faust@Jul 7 2002, 11:09 How did it know where I live. It did get that right. Does anyone know?

When someone has your IP (which they have as soon as you connect to them), a simple traceroute will reveal which of the backbone routers traffic to you is going through. They're named by location. Eg:

(snip - from my computer) 9 56 ms 56 ms 55 ms tbr1-p012501.cgcil.ip.att.net [12.122.9.133] 10 76 ms 75 ms 74 ms tbr1-p012301.n54ny.ip.att.net [12.122.10.1] 11 74 ms 75 ms 74 ms gar1-p3100.nwrnj.ip.att.net [12.123.214.181] 12 75 ms 74 ms 73 ms 12.119.140.30 13 76 ms 78 ms 76 ms 1189.at-0-1-0.gbr1.oct.nac.net [209.123.11.69] 14 77 ms 115 ms 77 ms 0095.gi-1-1.msfc1.oct.nac.net [64.21.102.2] (snip - on to OD)

The OD Forum is thus "revealed" to be in the region of Newark, NJ (within a couple hundred miles). Anonymizer probably has a modest database of the locations of the various backbone servers.

Edit: Actually, NJ may be where it hands the torch off to the next network, nac.net, which uses less descriptive server names. "at" could be Atlanta, and "gi" somewhere in the south. Now I'm curious where the server is located. :P

Entertainingly, the last big hop to my own address is in a city several hundred miles away, so that's all the closer the anonymizer test got to me. :) It also missed most critical features about my browser, thanks to my ol' pal Proxomitron.

-D

Bardamu

2003-03-08 15:38 | User Profile

Originally posted by Current93@Jan 29 2003, 14:53 ** What if these anonymizers are run by Israelis... **

I was thinking the same thing.

Happy Hacker

2003-03-09 00:58 | User Profile

A group of friends should get together and run their own recordless proxy. This gives deniability. For an extra level of protection, use a 2nd proxy.

Paleocon

2003-03-09 13:02 | User Profile

It got where I live wrong.

State correct, city wrong.