Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Privacy The Internet Your Rights Online

Do You Need to Surf Anonymously? 301

Posted by Zonk
from the don't-forget-to-wear-sneakers dept.
An anonymous reader writes "Computerworld has up an article entitled 'How to Surf Anonymously without a Trace'. It purports to offer tips on how to avoid detection by anyone attempting to monitor your internet access. 'If you don't like the limitations imposed on you by [proxy] sites like the Cloak or would simply prefer to configure anonymous surfing yourself, you can easily set up your browser to use an anonymous proxy server to sit between you and the sites you visit. To use an anonymous proxy server with your browser, first find an anonymous proxy server. Hundreds of free, public proxy servers are available, but many frequently go offline or are very slow. Many sites compile lists of these proxy servers, including Public Proxy Servers and the Atom InterSoft proxy server list.'"
This discussion has been archived. No new comments can be posted.

Do You Need to Surf Anonymously?

Comments Filter:
  • by Nom du Keyboard (633989) on Tuesday March 13, 2007 @11:06AM (#18333751)
    The question is, how does one surf anonymously at work when you're forced to use your employer's proxy to get through the firewall. Tried configuring Tor to encrypt and hide my queries before the ISA proxy ever saw them, but never could figure out how to get FireFox to work with it, nor find any Tor help sites or discussion groups for what should be a simple enough question.
  • You got proxy, kid (Score:4, Insightful)

    by Reason58 (775044) on Tuesday March 13, 2007 @11:08AM (#18333801)
    Seems to me like proxy servers just replace Big Brother knowing everything you do with some tiny "anonymous browsing" site. And you are willfully giving them all this information to boot, so if they decide to turn over all their logs there isn't a thing you could do.
  • by boxlight (928484) on Tuesday March 13, 2007 @11:10AM (#18333823)
    It is illegal for a library to keep a record of the books you have checked out after they're returned.
    It should also be illegal for your ISP to record your browsing history.
    It's about privacy and freedom.
  • by TheThiefMaster (992038) on Tuesday March 13, 2007 @11:12AM (#18333861)
    And even better, if you're using a web proxy then your ISP can still see what you're doing, after all your packets have to pass through their network first. They probably closely monitor anyone that they see connecting to an anonymous proxy, to see if you're doing anything they should cancel your connection for.

    An anonymous proxy may make you anonymous to the final site, but both your ISP and the proxy know where you've been and when.
  • by gatorflux (759239) on Tuesday March 13, 2007 @11:13AM (#18333879)
    Anyone who has ever needed this capability already knew how to do it. The article will undoubtedly lead to many "normal" users trying it out and inevitably deciding it is a waste of time. The majority of proxy servers are as slow as molasses since the adult site crackers are running all their scripts through them. You have to be pretty dedicated to actually use these servers on a regular basis.
  • That's it? (Score:3, Insightful)

    by omeomi (675045) on Tuesday March 13, 2007 @11:15AM (#18333917) Homepage
    That's it? Use a proxy? Who here didn't already know that?
  • by RyanFenton (230700) on Tuesday March 13, 2007 @11:17AM (#18333951)
    Yes, defending your own brand of craziness from the craziness of others is sometimes important, and for that reason and many others, anonymity can be very important in a civilized society. But I think it is somewhat overused on the internet.

    The other half of the anonymity consideration though is that when everyone gets used to only having 'full' freedom when cloaked from the sight of others, they begin to accept a greater lack of freedom in their 'real' lives. That's why I don't choose anonymity whenever I can - I want my mistakes to be my own, and when I discuss, for instance, digital freedoms, I don't want to hide behind the ubiquitous pseudonyms we've all grown so used to while doing so.

    I don't want to 'get away' with looking into for 'bad things' - I want REAL people to be free to do what they want. Of course, I, like everyone else, have some things I'm not going to disclose, and would like to have anonymity available - but I'd much rather push for less need to hide things, rather than disappear behind a fake name most of my online life.

    Ryan Fenton
  • by StarvingSE (875139) on Tuesday March 13, 2007 @11:26AM (#18334119)
    You probably don't mind the government illegally tapping your phone either. I mean, if you're not doing anything wrong, why does it matter?

    I am a law-abiding citizen, and I still demand my privacy rights. I don't want anyone monitoring the trail of web sites I visit daily, no more than I would like someone following me around in a car while I run run my daily errands.
  • by voice_of_all_reason (926702) on Tuesday March 13, 2007 @11:29AM (#18334167)
    Libraries are run by the government, which you are in a relationship with by fiat.

    Private enterprises (an ISP) are free to impose any demands they like (as long as the government agrees)
  • MiM attack. (Score:3, Insightful)

    by s31523 (926314) on Tuesday March 13, 2007 @11:31AM (#18334191)
    Seems like a great front for a Man in The Middle attack, except that rather then setting up tons of fake ARP packets you get people to come to your site. Brilliant! Why not just use the coffee shop in the town next to you, and reprogram your MAC address to.
  • by LordSnooty (853791) on Tuesday March 13, 2007 @11:31AM (#18334199)

    So if you are doing something that you don't want people to know you are doing, my question is, what the hell is wrong with you?
    I'm in China and I'm researching about local groups who campaign for democracy, you insensitive clod!

    And given what's happening to privacy and protest in some Western countries. soon the same reasons may apply there too.
  • Why do people do things anonymously that they wouldn't do if their name was stamped on it? I think the world would be a lot better place if everyone took responsibility for what they said and what they did.

    Ironic, particularly since you're writing under a pseudonym. Or is "TheRecklessWanderer" what it says on your birth certificate? I didn't think so.

    Anonymous systems are needed to combat the ease with which modern technology would allow someone to compile a dossier on another person's entire life and activities -- an ability which was never present in the past.

    In the pre-computer (or at least, pre-networked-computers) era, it was fairly safe to use your real name everywhere, because it would take an immense amount of effort for someone else to go around and link together all the various activities you were doing under that name. If the fellow behind the counter at the grocery store knew your name, and you also used your name when you were at your local religious group's meeting, it didn't matter, because there was no connection between the two. Short of following you around town and then asking everyone, using your real name didn't mean giving anything up.

    However, today, using your real name everywhere creates a near-unique primary key that someone else could easily use to search, and find out everything about you. To continue the example from above, they could simply run a search on your name, and with far less effort than following you around, find out everything they wanted to know about you, because virtually everything is online, and the indexes are only getting more and more complete.

    Online anonymity systems aren't borne out of a desire to have more anonymity than we used to have, they're -- for many people, anyway -- an attempt to recapture the way things were, before it was possible to assemble a dossier about anyone else, just by Googling their name.

    I don't think there's any reason why the people reading what I write on Slashdot, need to know who I am in real life. Likewise, I wouldn't go around advertising where I go to church to everyone in the grocery store. It's just not relevant to my interaction with them. They don't need to know. If they do, they could ask, and I could tell them, but that's none of their business, frankly. Anonymity and pseudonymity are simply attempts to not allow the traditional compartmentalization of our lives to be completely undone via massive searchable indexes and databases.

    (Apologies if this got posted twice -- something has been causing /. to act very strangely for the last few minutes.)
  • by Dare nMc (468959) on Tuesday March 13, 2007 @11:36AM (#18334275)

    So if you are doing something that you don't want people to know you are doing, my question is, what the hell is wrong with you?

    Carlos mencia [wikipedia.org] said it better, if your going to the store to buy dog food, vaseline, and condoms, then you better pay cash. Otherwise why care who tracks your credit card purchases.

    Just a credit card number is mostly useless, or just a password, or just a email address. Watch my surfing enough, I'll drop enough information to scam me good. If you can't tie my surfing to one person/business it's not so valuable. Tie all the web info from a company together you'll learn what paths their thinking of following, and you can take some of the profit for yourself for the idea.

    Also sometimes you realize your actions may be legit, but may draw undo attention. Maybe you want to buy your wife flowers and choclates for a suprise, but she may assume your having a affair. Or maybe your writing a fiction story about someone who murders their wife, but it may never get finished. Or maybe your blowing the whistle on someone really powerfull...

    Thier are lots of obvious times to not be tracked that are legit, writers/reporters are the most obvious, now everyone with internet access becomed a published writer in minutes.

  • by gurps_npc (621217) on Tuesday March 13, 2007 @11:45AM (#18334407) Homepage
    Ah, the classic fascist question (What do you have to hide, my slave.). Despite the obvious fact that you don't own me, and have no right to even ask the question, I will reply, in 4 parts:

    1st: Throughout history, there have been wonderfull governments, but also some horrible governments. And even the Wonderfull Governments often keep records, that get passed on to their replacement, horrible governments when the evil SOB's have revolution. Governments have in the past killed people for: Being Jewish. Being Gay. Belonging to a political party that objected to that government. Asking if the government had killed other people. Being a family member of any of the above people. Looking at Pornography. While I trust (just barely) the current government, I do not trust the unknown government that will take power in 4 years, because I don't know who they are yet.

    2nd: If you have nothing to hide, then that quite literally means you are willing to let me photograph you naked? And I get full rights to that photograph - so I can show it to your neighbors?

    Because THAT is what you are saying. You DO have things you do not want people to see. So do I. Yours might be your pretty body. Mine might be the fact that I am gay. And a member of the legalize marijuana political action group. And a member of the "Send the Africans back to Africa" Charity. Also, I routinely travel 56 mph in a 55 mph zone. And get drunk 1/month in my closet. And I once masturbated while looking at pictures of dead dogs. And I collect my own snot and eat it. I still wet my bed. I won't do business with those dirty, thieving Jews. And I am a card carrying member of the ACLU. And I despise children. All of these things are legal (or at least not serious crimes worthy of being investigated). Now, assuming I was not being sarcastic, do you think I would have a job tomorrow if my boss knew them?

    3rd consider this: I have a right to privacy, not because I have things to hide, but because trust is a two way street. Think about a parent. What would you think of a father that says "My honor student has never done anything wrong. But just to be 'sure', I hired a private investigator to follow them around all the time, sneak into his bedroom at night and check his computer, diary, underwear draw" It takes WAY too much effort and cost for the government to actually fairly investigate everyone. So we tell them that if they want to investigate people, they must prove it to a judge that they are worth investigating. If the cop can't do that, then THE COPS ARE THE SICKO PERVERTS. Just like the dad/mom that treated their honor student like a gangbanger, if the government does the same to us, THEY demonstrate that they are A) poor government, B) can't be trusted themselves and C) have serious emotional problems.

    4th: The last, best argument is simple. Every test has a false positive rate as well as a false negative rate. If you test too many people, you end up convicting the innocent more than the guilty. I.E. if you have a test that 5% of the time falsely says "drug user" even if they are not, and use it on a population where only 1% of the people use drugs, than you arrest, charge and try 5 innocent people for every 1 guilty. Those innocent had nothing to hide. Hackers break into your computer, zombifie it and use it to store child porn. You don't know about this, till the police track down your computer as the server for a child porn ring, break down your door and arrest you. (Several cases like this exist).

  • by Kadin2048 (468275) <`ten.yxox' `ta' `nidak.todhsals'> on Tuesday March 13, 2007 @11:49AM (#18334501) Homepage Journal
    This is what Privoxy and certain Firefox extensions are for; they catch the outgoing DNS requests and make sure that they're relayed (in encrypted form) to the proxy as well, so that you're not giving away the addresses of the pages you're requesting by leaking DNS requests.

    IMO, all software ought to proxy DNS requests automatically if it's being told to use a proxy that supports DNS resolution (SOCKS4a or SOCKS5); that Firefox and some other software leak requests even in the presence of a proxy that's capable of doing it, is a serious bug and security flaw.
  • Here is one reason (Score:2, Insightful)

    by an.echte.trilingue (1063180) on Tuesday March 13, 2007 @11:53AM (#18334557) Homepage
    Amazon has admitted to experimenting with "targeted" pricing, that is they track their customers, and raise or lower the price to what they think that person will pay. Based on browsing history, you can make pretty good guesses as to what a person really wants and what their income is. When we loose our anonymity, this kind of scenario becomes possible. Thus, any service that helps maintain internet anonymity is a good thing (tm)

    However, more fundamentally, the answer is: it does not matter. I am innocent until proven guilty.

  • by End Program (963207) on Tuesday March 13, 2007 @11:55AM (#18334597)
    the only time the average user would need to surf anonymous is when he/she knows he is doing something wrong.

    What about someone doing a search about a medical problem or depression?

    What about political dissent?

    What about searching for a new job?

    What about a whistleblower going to a Gov website to report abuse of gov contracts?

    etc...
  • by wikdwarlock (570969) on Tuesday March 13, 2007 @12:04PM (#18334767) Homepage
    Unfortunately, you don't have any rights to privacy in the US. This is a common misconception. You do make a good point, though, that we should all DEMAND it as a right, and hopefully cause a legal change to take effect.
  • by rilister (316428) on Tuesday March 13, 2007 @12:08PM (#18334839)
    ...Says an "Anonymous Coward".
    This is either Twain-level satire or the most self-defeating comment ever on Slashdot. And, heaven knows, there's some pretty stiff competition.
  • by TheLastUser (550621) on Tuesday March 13, 2007 @12:17PM (#18334971)
    I didn't think that the mac went beyond the local net, its not part of ip packets. So changing it might theoretically prevent your local provider from tracking you. But then they know what port you are coming from and can always sniff that.

    Am I off base here?
  • by darthnoodles (831210) on Tuesday March 13, 2007 @12:23PM (#18335065)

    If your married, and your wife doesn't want you looking at porn, then she should offer alternatives or shut up.

    Nice slant.
    Does this apply too?

    If your married, and your wife doesn't want you porking her sister/best friend/random woman, then she should offer alternatives or shut up.
    Let's slant it the other way:
    - If your married, and your wife doesn't want you looking at porn, then be happy with what you have (your wife) or shut up, or leave her.
    - If your married, and your wife doesn't want you porking her sister/best friend/random woman, then be happy with what you have (your wife) or shut up, or leave her.
    Why is the responsibility on her to stop you from looking at something she doesn't want you to look at?
    Now let's try being neutral:
    If your married, and your wife doesn't want you looking at porn, then talk to her about it and work out a mutually beneficial understanding.
  • by falconwolf (725481) <falconsoaring_2000.yahoo@com> on Tuesday March 13, 2007 @12:33PM (#18335257)

    Unfortunately, you don't have any rights to privacy in the US. This is a common misconception.

    You're quite wrong I'm glad to say. As early as the early 1800s the US Supreme Court ruled anonymousity was an important part of the First Amendment's Freedom of Speech. The ruling said that if a person could not remain anonymous then they could not enjoy freed political speech, that if they had to watch their words then they wouldn't speak out. Denying anonymousity is a powerful tool for authoritarian regimes.

    Falcon
  • by westlake (615356) on Tuesday March 13, 2007 @12:45PM (#18335493)
    The question is, how does one surf anonymously at work when you're forced to use your employer's proxy to get through the firewall.

    if you are attempting to surf anonymously at work - outside the scope of your employment - then you are an idiot. your employer will assume - probably quite rightly - that whatever it is you are after, it is not good news.

  • by caluml (551744) <slashdot&spamgoeshere,calum,org> on Tuesday March 13, 2007 @02:06PM (#18336901) Homepage
    If my married what?
  • by alexo (9335) on Tuesday March 13, 2007 @02:10PM (#18336949) Journal

    Sure, I don't want average joe idiot getting hold of my name here on /. and having him start calling my house. I don't give out my home phone number for that exact reason.

    But privacy against the police or government can (in most cases) only be for less than virtuous reasons.
    Because we all know that people who work for the government or police are perfect and can never be corrupt or just jerks.

  • by BrianGKUAC (919321) on Tuesday March 13, 2007 @02:10PM (#18336973)
    Traffic statistics?
  • by TheRecklessWanderer (929556) on Tuesday March 13, 2007 @02:21PM (#18337141) Journal

    Because we all know that people who work for the government or police are perfect and can never be corrupt or just jerks.

    I know that the government is full of inept, incompetent and quite likely corrupt individuals. Same with the police. But still, both those agencies have a job to do, which is theoretically to make life safer and better for the majority of people.

    If we want a complete breakdown of society fine, lets find the off switch, but realistically, you have to deal with the corruption, just like you have to deal with a jerk boss.

    It doesn't mean the overall concept isn't good, and deserves our support.

  • by Asphalt (529464) on Tuesday March 13, 2007 @02:47PM (#18337443)
    The truth is, if your not doing something illegal, you aren't very interesting to the police or the government.

    I wish I could find the article, but the gist of it was that the average American breaks 7 laws per day. Be it speeding, jaywalking, littering, whatever.

    The US has more laws than any nation on earth. It puts a larger percentage of it's population in cages than any other nation ... by far. And with the vague wording of many of the laws, just about any action one takes could technically be deemed illegal, or at least suspicious.

    Yes, you would first have to make someone's shit list to get this level of scrutiny, but to say "I never do anything illegal" is probably not an accurate statement.

  • by why-is-it (318134) on Tuesday March 13, 2007 @03:04PM (#18337703) Homepage Journal

    The question is, how does one surf anonymously at work when you're forced to use your employer's proxy to get through the firewall.

    Let's see:

    • your employer owns the workstation/laptop
    • your employer owns the LAN
    • your employer owns the firewall
    • your employer pays for the WAN connection to the internet
    • Your employer pays you to do something other than surf the net for your own amusement

    It seems to me that there is a simple and obvious solution to your problem: do your recreational surfing at home, and do what you are employed to do at work.

  • I'm not arguing that it should necessarily be impossible for authorities, duly authorized, to monitor someone's communications; there is a legitimate, although very limited, need for that. However, nowhere is it written that we ought to make that terrifically easy, which is what abolishing anonymity and pseudonymity online would amount to.

    Here in the U.S. anyway, we have a strong (and historically, well-justified) distrust of government. They have a job to do, but they have to conform and find ways to do their job, within the greater framework of civil society: civil society doesn't, and shouldn't, bend itself around backwards to make it easy for the authorities to do their job. After all, it would probably make life a whole lot easier for the police if we all had identification numbers tattooed on our foreheads, but I don't think anyone thinks that's a great idea.

    When the cops have a reason to search your house, they come to your door (after getting a warrant and all other necessary authorizations), and -- if you're not there -- they break the door down with a battering ram. They don't mandate that everyone has to have locks made out of balsa wood, so they the doors are easy to kick down; they use a big iron pipe filled with cement. If you have a safe that they need to get inside, they hire safecrackers to open it up -- they don't ban safes. This necessarily implies that there is, at times, a bit of an 'arms race' between criminals and the police, but this is not always a bad thing. There would be obvious negative consequences of simply mandating things in order to make the authorities' lives easier (e.g. balsa wood locks or plywood safes).

    However, this understanding seems to have gotten lost somewhere around the introduction of computers. Now, rather than providing legitimate authorities with the time and equipment necessary to do their jobs correctly within a technologically advanced society, certain politicians and civil authorities have seen fit to try and re-jigger society in order to make it easier on them. Let there be no doubt: this is a destructive shortcut, and it's no better than saying that everyone has to have balsa-wood locks, or drop off a copy of their keys at the local precinct house, in case the police ever need to get in and have a look around. We don't do that, because it would be a vast invitation to abuse, and giving them the ability to tap a few keys and find out everything about what you do online would be no better.

    There are reasons why the authorities have certain extraordinary powers, but also reasons why those powers are limited in scope, and are not supposed to be trivially easy to exercise.
  • by Kadin2048 (468275) <`ten.yxox' `ta' `nidak.todhsals'> on Wednesday March 14, 2007 @11:58AM (#18349391) Homepage Journal
    You don't even have to install anything else to proxy DNS requests in Firefox. Just go to about:config and set network.proxy.socks_remote_dns to true.

    Thanks for the tip, AC.

    Why that's not set to "true" by default in Firefox just boggles the mind. If someone's using a proxy, it seems reasonable to assume that they probably want all of their web-browsing-related traffic proxied. A situation where someone wanted only the HTTP content proxied, but not the DNS resolves, seems like an exception to the rule, where the person could go twiddle preferences -- why they would make the default configuration something that's insecure and potentially dangerous, makes no sense to me.

    I'd also note for the record, that at least according to the EFF documentation, Firefox's socks_remote_dns setting may not be trustworthy.

    http://wiki.noreply.org/noreply/TheOnionRouter/Tor ifyHOWTO#head-07c2f050712eca0e67ac09452fc2f3e0a5b1 c166 [noreply.org]

    In later versions of Firefox, at least in the current version 1.5.0.1 under Linux and Windows XP, you can enable the browser to do remote domain name lookups. The option network.proxy.socks_remote_dns is available via about:config ... Be careful, though: In some versions of Firefox, it is possible that even with this option set remote DNS resolution will not work. In this case, you may want to use Privoxy or similar projects.
    They suggest trying a link like this [6sxoyfb3h2nvok2d.onion] in order to verify that DNS resolves are actually going through the TOR network.

You're already carrying the sphere!

Working...