Do You Need to Surf Anonymously?

An anonymous reader writes "Computerworld has up an article entitled 'How to Surf Anonymously without a Trace'. It purports to offer tips on how to avoid detection by anyone attempting to monitor your internet access. 'If you don't like the limitations imposed on you by [proxy] sites like the Cloak or would simply prefer to configure anonymous surfing yourself, you can easily set up your browser to use an anonymous proxy server to sit between you and the sites you visit. To use an anonymous proxy server with your browser, first find an anonymous proxy server. Hundreds of free, public proxy servers are available, but many frequently go offline or are very slow. Many sites compile lists of these proxy servers, including Public Proxy Servers and the Atom InterSoft proxy server list.'"

Public Proxy != Anonymous

[db32]

Do you know who owns it? Do you know what kind of logs they keep? Do you know who else reads their logs? Seems to me like a terribly good way to fish for undesireables would be to setup an "anonymous" proxy and wait for people to start using it. I mean, its not like police go out and pretend to be hookers to catch 'johns', or pretend to be dealers to catch users, or even pretend to be young children to catch pedophiles. If you don't own it, you can't trust it, and if you do own it then its not terribly anonymous. Even the whole onion router business has come into question as of late.

Not a whole lot of anonymous anything left on the internet these days with all the data mining that goes on. The best you can do is leech wireless and pretend to be someone else.

Re:

[TheThiefMaster]

And even better, if you're using a web proxy then your ISP can still see what you're doing, after all your packets have to pass through their network first. They probably closely monitor anyone that they see connecting to an anonymous proxy, to see if you're doing anything they should cancel your connection for.

An anonymous proxy may make you anonymous to the final site, but both your ISP and the proxy know where you've been and when.

Re:

[Intron]

"They probably closely monitor anyone that they see connecting to an anonymous proxy"

My ISP doesn't even closely monitor whether my line is up or down. Look at Comcast, I just got an email from 24 seconds in the future. They can't even manage NTP on their email servers, how could they claim to be keeping accurate logs?

Instead of logging HTTP traffic, the ones who really know what you're doing are a) search engines, and b) DNS servers. Just knowing what names you are looking up would give me more informat

Re:

[TheThiefMaster]

Except if you're using an anonymous proxy the search queries and DNS queries are likely to be anonymised by it too.

Though again the ISP and proxy can both log this info easily.

Re:Public Proxy != Anonymous

[Kadin2048]

This is what Privoxy and certain Firefox extensions are for; they catch the outgoing DNS requests and make sure that they're relayed (in encrypted form) to the proxy as well, so that you're not giving away the addresses of the pages you're requesting by leaking DNS requests.

IMO, all software ought to proxy DNS requests automatically if it's being told to use a proxy that supports DNS resolution (SOCKS4a or SOCKS5); that Firefox and some other software leak requests even in the presence of a proxy that's capable of doing it, is a serious bug and security flaw.

Firefox, Tor, and DNS resolves.

[Kadin2048]

You don't even have to install anything else to proxy DNS requests in Firefox. Just go to about:config and set network.proxy.socks_remote_dns to true.

Thanks for the tip, AC.

Why that's not set to "true" by default in Firefox just boggles the mind. If someone's using a proxy, it seems reasonable to assume that they probably want all of their web-browsing-related traffic proxied. A situation where someone wanted only the HTTP content proxied, but not the DNS resolves, seems like an exception to the rule, where

Re:

[Rei]

Also useful, besides anonymous proxies, are distorting proxies. They announce that you're surfing through a proxy, but they still mask your IP. I made good use of both a while back. Colbert Report fans probably remember his contest to get a bridge named after him. I was one of the people who wrote scripts to help him win (I think I was the only one with a Jon Stewart script, too, and got Jon up to second place). You had to vote with a unique email address and confirm the link that they send, so I wrote

Re:

[pclminion]

They probably closely monitor anyone that they see connecting to an anonymous proxy, to see if you're doing anything they should cancel your connection for.

They most certainly don't. That would open them to an enormous liability. As soon as they start looking at traffic, they become responsible for enforcing regulations upon ALL users. If they screw up and miss something, they are now legally responsible. Who the hell would want to expose themselves to that kind of liability?

Re:

[db32]

If you are clever you proxy with SSL :). The only thing people inbetween will see is encrypted traffic. Either way its still not a terribly efficient way to hide your identity. You are still correct in that they will still know that you are doing it, just not specifically what you are doing with it.

Re:Public Proxy != Anonymous

[jfengel]

Or hack into somebody's wide-open box (usually Windows) and run your proxy daemon. It seems to keep the spammers safe.

Re:

[bill_mcgonigle]

If you don't own it, you can't trust it

Yeah, I have a friend who accidentally ran an open proxy server and made the lists. He found out about it when a police department supeanoed his logs.

I said, "my goodness - a police department that prosecutes online crime!"

Re:Public Proxy != Anonymous

[Lumpy]

The best you can do is leech wireless and pretend to be someone else.

you are 1/2 way there. First use a OS that allows you to change your MAC address, BEFORE you ever go online and do things you dont want traced to you, CHANGE YOUR MAC ADDRESS. in fact I reccomend changing it every time you go online. That is what they are looking to trace because the data mining guys still think that it's a unique identifier. Second you need to use a browser that allows you to change it's identifier and allow you to destroy all cookies every session. Honestly changing your identifier on a regular basis a little bit and getting rid of cookies does help a LOT. last thing you need is having a doubleckick cookie ratting on you.

Do those and NEVER use a network that is tied to you. This is all really basic dont get caught hacker stuff guys.

Change MAC when renewing DHCP?

[Kadin2048]

I wonder if anyone has a script that would automatically change your reported MAC address to a random (but valid) value, every 24 hours or so, or when the DHCP releases and renews.

Doesn't seem like it would really be all that hard on a Linux/BSD system, no idea what it requires on Windows to script that sort of thing.

Re:

[Fear the Clam]

Under Windows you can just put that program in the Start menu.

Re:

[Rogerborg]

Zing! 1999 called, they'd like their "Windoze is teh suxxorz" joke back.

Re:

[Crizp]

Google for a program that sets your MAC address. Run that program with necessary parameters in rc.local or read the man page for cron and add a job that runs every x hours...

Re:

[isorox]

foo@bar:~$ ls -l /usr/local/bin/changeMac.sh

-rwxr-xr-x 1 foo users 354 Feb 31 12:34 /usr/local/bin/changeMac.sh

foo@bar:~$ cat /usr/local/bin/changeMac.sh

#!/bin/bash
IF=eth1
HEX1=`printf '%02x' $(($RANDOM%256))`:`printf '%02x' $(($RANDOM%256))`:`printf '%02x' $(($RANDOM%256))`
HEX2=`printf '%02x' $(($RANDOM%256))`:`printf '%02x' $(($RANDOM%256))`:`printf '%02x' $(($RANDOM%256))`
MAC=$HEX1:$HEX2
echo "Setting $IF to $MAC"
sudo ifconfig $IF down
sudo ifconfig $IF hw ether $MAC
sudo ifconfig $IF up

foo@bar:~$ cron

Re:

[pclminion]

Umm... MACs do not pass over the Internet. The only place your MAC is visible is at the first hop, inside your ISP.

Re:

[drinkypoo]

Umm... MACs do not pass over the Internet. The only place your MAC is visible is at the first hop, inside your ISP.

Uh, you are aware that cable modems (at least; not sure about DSL to be honest) have their own MAC, yes?

As such, unless they are monitoring your CM, which I admit is not impossible, all they see is your cable modem's MAC.

Re:

[pclminion]

As such, unless they are monitoring your CM, which I admit is not impossible, all they see is your cable modem's MAC.

Well yeah, but I'm not sure I understand your point. It sounds like you're saying "The cable company knows who their customers are." True, but I don't see what you're getting at.

It seems we're in agreement that changing the MAC is a useless exercise. So I'm not sure what part of what I said you are disagreeing with.

Re:

[TheLastUser]

I didn't think that the mac went beyond the local net, its not part of ip packets. So changing it might theoretically prevent your local provider from tracking you. But then they know what port you are coming from and can always sniff that.

Am I off base here?

Re:

[Lumpy]

Yes you are off base.

Think of it this way. your computer's MAC address is like your fingerprint. when you touch something you leave your fingerprint.

If I use a phone to make long distance threats, my fingerprints dont transfer to the other side, but they are there on the phone that I used which is easily found.

understand now?

Re:

[db32]

Please read about the concepts of routing and switching. MAC is not like a fingerprint in any way shape or form. Your analogy doesn't even begin to make sense based on how MACs are used. Aside from not being unique and being easily manipulated any trace of a MAC address only exists in the local subnet before it hits the first router and vanishes minutes after the last packet was sent.

Re:Public Proxy != Anonymous

[db32]

Only when you and the investigator are both active on the network at the same time in which case changing your MAC really makes no real difference. As I mentioned, the MAC goes away within minutes on the network, its not transmitted past the first hop router, and its not unique beyond the 1st hop router. Given that that end of forensics is part of my job I am pretty sure I know how it works. I don't care what your friends tell you, the cops, feds, and investigators are not using MAC addresses as 'fingerprints' of hardware. It just simply cannot be used like that with even a shred of reliability. The only place your MAC address even is used in ANY part of the connection is between your computer and your default gateway with any switches (not hubs) in between keeping that record for a few minutes.

Re:Public Proxy != Anonymous

[db32]

Your other replyer "Lumpy" doesn't know what he is talking about.

1. You are correct, the MAC address doesn't get any farther than the first router. That is how routers operate, by swapping the mac address in the packet with their own and the next hop while leaving the network address the same so it can be 'routed' there.
2. If you own the whole network you can eventually trace a mac back to an originating port on a switch, but that involves owning quite a bit of gear, and its not like its a logged thing, switches eventually allow mac entries to expire or things would break if you moved ports on the switch.
3. In the instance of home networking you are behind a router before you even get to your ISPs router, they never see your mac (unless you are directly connected to the modem, but we are talking leeching wireless).
4. MAC address ARE NOT UNIQUE! They are nearly unique, but if you operate under the idea that mac addresses are unique then your life will be hell when you have to track down a duplicate MAC on a large enterprise network because you believe it cannot happen. It does, although infrequently, and it makes networking very very 'interesting' when it happens.

The best they can do is rush down and grab that wireless access points within a few minutes of the last packet you sent and try and get the MAC before it gets flushed. Then they would have to go after the manufacturer to try and associate that MAC to YOU purchasing it. Now given that the manufacturer has likely made more than one device with that same MAC under the correct assumption they will likely never exist on the same network, and also that a MAC is not a hard thing to spoof, that information is completely worthless. Saying they can track you down based on your MAC is like saying I can identify an individual based on him using 192.168.100.15. Ultimately the best they can really do is determine that the traffic came from the IP the ISP assigned, and there is no real way to verify with any accuracy the traffic came from any specific hardware.

Re:

[number11]

First use a OS that allows you to change your MAC address

For Win XP, you can use FOSS macshift [natetrue.com] to set either a specific or random MAC address.

Re:

[bill_mcgonigle]

I think in most cases it's because they are embarrassed in what they are doing.

Or they don't trust their carrier. Go hop on a Comcast connection and spend some time searching for DOCSIS UNCAPPING and see what happens.

I put a bunch of invisible HTML tags between the above capitalized letters....

Re:Public Proxy != Anonymous

[StarvingSE]

You probably don't mind the government illegally tapping your phone either. I mean, if you're not doing anything wrong, why does it matter?

I am a law-abiding citizen, and I still demand my privacy rights. I don't want anyone monitoring the trail of web sites I visit daily, no more than I would like someone following me around in a car while I run run my daily errands.

Re:

[wikdwarlock]

Unfortunately, you don't have any rights to privacy in the US. This is a common misconception. You do make a good point, though, that we should all DEMAND it as a right, and hopefully cause a legal change to take effect.

right to Anonymousity

[falconwolf]

Unfortunately, you don't have any rights to privacy in the US. This is a common misconception.

You're quite wrong I'm glad to say. As early as the early 1800s the US Supreme Court ruled anonymousity was an important part of the First Amendment's Freedom of Speech. The ruling said that if a person could not remain anonymous then they could not enjoy freed political speech, that if they had to watch their words then they wouldn't speak out. Denying anonymousity is a powerful tool for authoritarian regimes.

Falcon

Re:

[Asphalt]

The truth is, if your not doing something illegal, you aren't very interesting to the police or the government.

I wish I could find the article, but the gist of it was that the average American breaks 7 laws per day. Be it speeding, jaywalking, littering, whatever.

The US has more laws than any nation on earth. It puts a larger percentage of it's population in cages than any other nation ... by far. And with the vague wording of many of the laws, just about any action one takes could technically be dee

Re:Public Proxy != Anonymous

[LordSnooty]

So if you are doing something that you don't want people to know you are doing, my question is, what the hell is wrong with you?

I'm in China and I'm researching about local groups who campaign for democracy, you insensitive clod!

And given what's happening to privacy and protest in some Western countries. soon the same reasons may apply there too.

Re:

[neonfrog]

Isn't it true that until you personalize the protest (actually become a visible or known protester), there is actually no real protest to respond to?

Re:Public Proxy != Anonymous

[TheLinuxSRC]

My company hosts an anonymous proxy (see my sig). While there is a fair amount of pr0n and the like, there is a *lot* of traffic from China and other countries with restrictive laws about what you can and cannot research. This only amounts to about 15-30% of our traffic though. Most of our traffic is to sites like myspace, facebook, photobucket etc.

There are actually many good reasons for using an anonymous proxy.

1). You want to search for information regarding an embarrassing physical condition and don't want those URLs logged at your router.
2). You are worried about the site you are visiting trying to infect your machine. Most anonymous proxies will block most scripts (in addition to advertisements).
3). You are researching your competitions website and don't want to show up in their logs.
4). In the U.S. you have a right to privacy and you simply want to exercise that right.
5). You work in government and want to visit sites that might otherwise be logged or blocked. [webpronews.com]

There are many other legitimate uses for anonymous proxies.

As a disclaimer, my company does not keep any logs -- the logs are rotated nightly at which point a cron runs and deletes all of the previous days logs. Our URLs are obfuscated but not encrypted. A sysadmin on the clients end could log all of these connections at their router and be able to decipher the URLs someone is visiting.

We also offer an SSL encrypted (https://) version of the site. You do have to trust our certificate though :) Logs are rotated nightly and dumped, same as on the "insecure" version of the site.

Re:Public Proxy != Anonymous

[TheLinuxSRC]

Bingo! Advertisers want to know how many pageviews you get.

Re:Public Proxy != Anonymous

[Saint Fnordius]

Have you considered that there might be political reasons? Let's say I work for a rabid Bush supporter, do I want him to know that I'm a regular on the Daily Kos even though it's not forbidden to go there on my lunch break? Do I want my ISP to know what sort of games I like to play at home? Do I want you to see all of my browsing habits so that you can harass me based on what you know?

How about a battered wife looking for a way out of her marriage, and a husband who clams to be able to read whatever she writes? (for the record, this really happened to someone I know, but luckily she's free of him now)

There will always be cases where you don't want people to know what you're doing. Many of these cases are legitimate interests in preserving mere privacy, and some are because there really is avoiding oppression.

Pot, meet kettle; kettle, pot.

[Kadin2048]

Why do people do things anonymously that they wouldn't do if their name was stamped on it? I think the world would be a lot better place if everyone took responsibility for what they said and what they did.

Ironic, particularly since you're writing under a pseudonym. Or is "TheRecklessWanderer" what it says on your birth certificate? I didn't think so.

Anonymous systems are needed to combat the ease with which modern technology would allow someone to compile a dossier on another person's entire life and activities -- an ability which was never present in the past.

In the pre-computer (or at least, pre-networked-computers) era, it was fairly safe to use your real name everywhere, because it would take an immense amount of effort for someone else to go around and link together all the various activities you were doing under that name. If the fellow behind the counter at the grocery store knew your name, and you also used your name when you were at your local religious group's meeting, it didn't matter, because there was no connection between the two. Short of following you around town and then asking everyone, using your real name didn't mean giving anything up.

However, today, using your real name everywhere creates a near-unique primary key that someone else could easily use to search, and find out everything about you. To continue the example from above, they could simply run a search on your name, and with far less effort than following you around, find out everything they wanted to know about you, because virtually everything is online, and the indexes are only getting more and more complete.

Online anonymity systems aren't borne out of a desire to have more anonymity than we used to have, they're -- for many people, anyway -- an attempt to recapture the way things were, before it was possible to assemble a dossier about anyone else, just by Googling their name.

I don't think there's any reason why the people reading what I write on Slashdot, need to know who I am in real life. Likewise, I wouldn't go around advertising where I go to church to everyone in the grocery store. It's just not relevant to my interaction with them. They don't need to know. If they do, they could ask, and I could tell them, but that's none of their business, frankly. Anonymity and pseudonymity are simply attempts to not allow the traditional compartmentalization of our lives to be completely undone via massive searchable indexes and databases.

(Apologies if this got posted twice -- something has been causing /. to act very strangely for the last few minutes.)

Re:

[TheRecklessWanderer]

TRW is a pseudo I have used for best part of 25 years. To many people it identifies me pretty well.

I'm surprised nobody has brought up the identity theft argument yet, but there we go.

I think that there is a difference between privacy to the average internet user, and to police/government agencies.

Sure, I don't want average joe idiot getting hold of my name here on /. and having him start calling my house. I don't give out my home phone number for that exact reason.

But privacy against the police o

Re:

[alexo]

Sure, I don't want average joe idiot getting hold of my name here on /. and having him start calling my house. I don't give out my home phone number for that exact reason.

But privacy against the police or government can (in most cases) only be for less than virtuous reasons.

Because we all know that people who work for the government or police are perfect and can never be corrupt or just jerks.

Re:

[TheRecklessWanderer]

Because we all know that people who work for the government or police are perfect and can never be corrupt or just jerks.

I know that the government is full of inept, incompetent and quite likely corrupt individuals. Same with the police. But still, both those agencies have a job to do, which is theoretically to make life safer and better for the majority of people.

If we want a complete breakdown of society fine, lets find the off switch, but realistically, you have to deal with the corruption, just like you have to deal with a jerk boss.

It doesn't mean the overall concept isn't good, and deserves our support.

Not society's job to make the police's job easy.

[Kadin2048]

I'm not arguing that it should necessarily be impossible for authorities, duly authorized, to monitor someone's communications; there is a legitimate, although very limited, need for that. However, nowhere is it written that we ought to make that terrifically easy, which is what abolishing anonymity and pseudonymity online would amount to.

Here in the U.S. anyway, we have a strong (and historically, well-justified) distrust of government. They have a job to do, but they have to conform and find ways to do th

Re:

[GogglesPisano]

Why do people do things anonymously that they wouldn't do if their name was stamped on it? I think the world would be a lot better place if everyone took responsibility for what they said and what they did.

Okay, Mr. RecklessWanderer. Here's a quick example of why someone might want to remain anonymous online.

According to your posts in the thread, you're Canadian [slashdot.org].

A few seconds on Google brings up this post [mywildvacation.com] by a Canadian named "TheRecklessWanderer". The message board discusses experiences at an "adult

Re:Public Proxy != Anonymous

[Dare nMc]

So if you are doing something that you don't want people to know you are doing, my question is, what the hell is wrong with you?

Carlos mencia [wikipedia.org] said it better, if your going to the store to buy dog food, vaseline, and condoms, then you better pay cash. Otherwise why care who tracks your credit card purchases.

Just a credit card number is mostly useless, or just a password, or just a email address. Watch my surfing enough, I'll drop enough information to scam me good. If you can't tie my surfing to one person/business it's not so valuable. Tie all the web info from a company together you'll learn what paths their thinking of following, and you can take some of the profit for yourself for the idea.

Also sometimes you realize your actions may be legit, but may draw undo attention. Maybe you want to buy your wife flowers and choclates for a suprise, but she may assume your having a affair. Or maybe your writing a fiction story about someone who murders their wife, but it may never get finished. Or maybe your blowing the whistle on someone really powerfull...

Thier are lots of obvious times to not be tracked that are legit, writers/reporters are the most obvious, now everyone with internet access becomed a published writer in minutes.

Re:Public Proxy != Anonymous

[Zonk (troll)]

I don't know why people need to surf anonymously.

At home I rarely surf anonymously. However, when I'm at a hotel, coffee shop, on campus, etc I always browse anonymously. If I'm doing casual browsing I'm using either JAP [tu-dresden.de] or Tor+Privoxy. If I'm logging in to, say, Gmail or Slashdot I OpenVPN into my home network and browse from there.

You never know who's monitoring you, especially on an open wifi network.

Also, if you're using Tor or JAP it's a good idea to also run Adblock+ (use easylist [adblockplus.org] and add the tracking filter), Flashblock, and Noscript to make sure you keep your anonymity.

So if you are doing something that you don't want people to know you are doing, my question is, what the hell is wrong with you?

Please post your full name, address, pictures of yourself and your family, and a full log of everything you've done in the last month. Don't want to? What are you trying to hide?

Re:

[mrchaotica]

So if you are doing something that you don't want people to know you are doing, my question is, what the hell is wrong with you?

Have you ever typed in your PIN at an ATM? Do you want all the identity thieves to know what numbers you're typing? No? Then what the hell is wrong with you?

Re:

[bleh-of-the-huns]

Actually, I could care less about who knows what I am doing, I am not doing anything illegal, I am not looking at porn (it just does not have the same affect anymore after looking at it for 2 years on a daily basis for 8 or 9 hours a day as part of my job enforcing an ISP AUP). What I do have a problem with are entities using my information for profit, and I really do not need the gov or any other private entity knowing what I am doing. If they want to know, they can ask me.
Back to the proffit issue, if

Anonymousity

[falconwolf]

Why do people do things anonymously that they wouldn't do if their name was stamped on it? I think the world would be a lot better place if everyone took responsibility for what they said and what they did.

I don't know about you but I don't want any government tracking me or monitoring what I say or where I go, online or offline. If a person is concerned about who's taking note of what they say then they won't exercise political speech freely.

Falcon

Re:Public Proxy != Anonymous

[rilister]

...Says an "Anonymous Coward".
This is either Twain-level satire or the most self-defeating comment ever on Slashdot. And, heaven knows, there's some pretty stiff competition.

Re:Public Proxy != Anonymous

[darthnoodles]

If your married, and your wife doesn't want you looking at porn, then she should offer alternatives or shut up.

Nice slant.
Does this apply too?

If your married, and your wife doesn't want you porking her sister/best friend/random woman, then she should offer alternatives or shut up.

Let's slant it the other way:
- If your married, and your wife doesn't want you looking at porn, then be happy with what you have (your wife) or shut up, or leave her.
- If your married, and your wife doesn't want you porking her sister/best friend/random woman, then be happy with what you have (your wife) or shut up, or leave her.
Why is the responsibility on her to stop you from looking at something she doesn't want you to look at?
Now let's try being neutral:
If your married, and your wife doesn't want you looking at porn, then talk to her about it and work out a mutually beneficial understanding.

Re:

[cayenne8]

- If your married, and your wife doesn't want you looking at porn, then be happy with what you have (your wife) or shut up, or leave her.

- If your married, and your wife doesn't want you porking her sister/best friend/random woman, then be happy with what you have (your wife) or shut up, or leave her.

Now let's try being neutral:

If your married, and your wife doesn't want you looking at porn, then talk to her about it and work out a mutually beneficial understanding.

How about one more option?

NEVER ge

Re:Public Proxy != Anonymous

[caluml]

If my married what?

Re:

[Kadin2048]

If you own the proxy yourself, you can still be anonymous - by making it public. Then there is no way to tell if you are the one who used it or anyone else.

They actually make this point in most of the setup guides for the Tor software; you gain an additional level of anonymity (or at least plausible deniability) if you make your node public and let other people use it as part of the greater Tor network.

However, this increase in protection has to be balanced against the necessarily increased risk that as a r

What if you're already behind a proxy server

[Marxist Hacker 42]

That doesn't allow you to see ComputerWorld sites?

What I need is a meta-surfer, a free port 80 VPN with a built in browser on the client side....maybe one day I'll build one myself.

Re:

[nahdude812]

How's this? [whitefyre.com]. Put it on your external server under a UN/PW and on https, and you have yourself a free dedicated locally anonymizing proxy that will work through existing filtering proxies, and not permit them to sniff any of your traffic or even know what you're doing thanks to the https. The admins of the filtering proxy won't even be able to tell that it IS a proxy since they won't have your UN/PW. All they'll know is that you're doing a certain amount of https traffic to this external IP.

Starting at the desktop

[Nom du Keyboard]

The question is, how does one surf anonymously at work when you're forced to use your employer's proxy to get through the firewall. Tried configuring Tor to encrypt and hide my queries before the ISA proxy ever saw them, but never could figure out how to get FireFox to work with it, nor find any Tor help sites or discussion groups for what should be a simple enough question.

Re:Starting at the desktop

[EllisDees]

Here's how: google for 'nph-proxy.cgi' and then find one that uses https. Your employer will only see an ssl connection being made to the same server over and over.

Re:

[Zonk (troll)]

Check Peacefire [peacefire.org]. Every week or so on the mailing list they announce a new web-based proxy. The current one is StupidCensorship.com [stupidcensorship.com]. The code is available so you can run your own "proxy."

Still, your employer probably keeps logs. If you really must visit sites that you don't want your employer to know about (ie, jobsearch), do it sparingly or just wait until you get home. You could also set up OpenVPN and run that over a proxy server and browse from your home network.

Re:Starting at the desktop

[Hatta]

The question is, how does one surf anonymously at work when you're forced to use your employer's proxy to get through the firewall.

Ssh into your box at home and use freenx (or regular x-forwarding if your latency is low enough). Then just use it as if you were browsing at home.

Re:

[Kjella]

The question is, how does one surf anonymously at work

You don't. It's even more fundamentally impossible as DRM, because you're de/encrypting it on the machine you're trying to hide it from. Certainly you can encrypt past a proxy, but if they see encrypted traffic coming from your machine, they have every right to capture it locally. Their computer, their network, their sensitive data on it.

Re:

[westlake]

The question is, how does one surf anonymously at work when you're forced to use your employer's proxy to get through the firewall.

if you are attempting to surf anonymously at work - outside the scope of your employment - then you are an idiot. your employer will assume - probably quite rightly - that whatever it is you are after, it is not good news.

Re:

[why-is-it]

The question is, how does one surf anonymously at work when you're forced to use your employer's proxy to get through the firewall.

Let's see:

• your employer owns the workstation/laptop
• your employer owns the LAN
• your employer owns the firewall
• your employer pays for the WAN connection to the internet
• Your employer pays you to do something other than surf the net for your own amusement

It seems to me that there is a simple and obvious solution to your problem: do your recreational surfing at home, and do w

You got proxy, kid

[Reason58]

Seems to me like proxy servers just replace Big Brother knowing everything you do with some tiny "anonymous browsing" site. And you are willfully giving them all this information to boot, so if they decide to turn over all their logs there isn't a thing you could do.

Single point of failure.

[Kadin2048]

Seems to me like proxy servers just replace Big Brother knowing everything you do with some tiny "anonymous browsing" site. And you are willfully giving them all this information to boot, so if they decide to turn over all their logs there isn't a thing you could do.

Hence why the folks behind Tor developed onion routing systems in the first place. They're not foolproof, but they don't place all your trust on the administrator of one server. They spread the trust out among a bunch of servers, such that your

It is illegal to ...

[boxlight]

It is illegal for a library to keep a record of the books you have checked out after they're returned.
It should also be illegal for your ISP to record your browsing history.
It's about privacy and freedom.

cite please

[way2trivial]

you claim It is illegal for a library to keep a record of the books you have checked out after they're returned

I say, you should be right, but you are completely wrong.
try this http://www.google.com/search?hl=en&q=fbi+library+r ecords [google.com]

so, if you have a citation to back up your assertion, please, supply the citation.
I say, you are flat out wrong.

Re:

[tiltowait]

Here ya go [ala.org], 48 State Privacy Laws Regarding Library Records. Since the USA PATRIOT Act (and in the 1970s during the FBI's "Library Awareness" investigations), however, federal law (NSA letters, for example) can trump these statutes. So the OP is partially right.

Librarians learned in the 60s not to keep patron records like this. It turns us in to sleeper agents for a snooping government. Pre-9/11 this was the widespread sentiment [webjunction.org] too.

I guess that the 9/11 hijackers used library computers [firstmonday.org] doesn't help, nor do

Re:

[shess]

I guess that the 9/11 hijackers used library computers doesn't help, nor does the current "Library 2.0" movement to offer customized services.

This doesn't sound right, but ... why _shouldn't_ the 9/11 hijackers have used library computers? I mean, it's terrible that library computers were used, but it's not like that made them complicit. The hijackers probably also travelled on public roads, and drank water from municipal water supplies, and benefitted from living in a safe neighborhood due to local law e

Re:

[be951]

It is possible that some state laws preclude the state's public libraries from retaining records of materials checked out by patrons. More likely, though, individual libraries (or cooperatives/whatever, e.g. at the county level) would set the policy on record retention. I've been told that my local public library does not keep a record of who has previously checked out an item once it has been returned (in usable condition) and checked back in (unless there is an overdue fine, in which case the details re

Re:It is illegal to ...

[voice_of_all_reason]

Libraries are run by the government, which you are in a relationship with by fiat.

Private enterprises (an ISP) are free to impose any demands they like (as long as the government agrees)

Re:

[jpetts]

At best, misleading; at worst bullshit. Libraries are typically run by local governments (most often city, but sometimes county). Also, there are plenty of private libraries.

Re:

[voice_of_all_reason]

You're right, private libraries do exist. But what magical rules prevent them from making lists of what you read? Certainly my college did - I would get late fees added to my account without any of the fuss public libraries had to go through. Again, I was free to tell them to stuff it and leave the college.

Re:It is illegal to ...

[geoffspear]

Most libraries in the US make it a point to get rid of any data linking a book to a patron once the book's returned, especially since the passage of the USA PATRIOT Act (which requires them to turn over such data to the government if they're asked for it, but doesn't require them to actually keep the data in the first place). However, I'm not aware of any state that actually makes it illegal to keep such data. I've got tens of thousands of old books with cards listing everyone who checked them out within a certain time period, before there were computers to track such things, and it's certainly not illegal to have these. The law in my state does make it illegal to turn over these records to anyone who doesn't have a court order to see them, but just keeping them isn't illegal. In fact, I'd say the Justice Department would probably like it very much if it was actually required to keep the records forever. Or, you know, turn them over to be put in a federal database every time a book is checked out, so they could do some datamining to find potential terrorists.

public proxies?

[N3wsByt3]

Meh. There are enough good alternatives: TOR, I2P Freenet (if they ever make a useful thing out of it, because after more then 5 years development, they fall kinda short. Maybe things will get better with their Openet, though - but when will that happen?).

Anyway, public proxies are only haphazard and temporary solutions, and not very good ones at that. First of all, they're often unreachable, unusable or slow. Secondly, you never know WHICH proxy you actually use; I mean; who owns the damn thing? What does he log?

Ofcourse, with enough proxies to choose from, and trying out at randomn, it may be a small chance that you end up with someone that actually makes your privacy more in danger, but still... The systems mentionned above (include JAP to that) are much safer for anonymous browsing.

Useless for "normal" users

[gatorflux]

Anyone who has ever needed this capability already knew how to do it. The article will undoubtedly lead to many "normal" users trying it out and inevitably deciding it is a waste of time. The majority of proxy servers are as slow as molasses since the adult site crackers are running all their scripts through them. You have to be pretty dedicated to actually use these servers on a regular basis.

That's it?

[omeomi]

That's it? Use a proxy? Who here didn't already know that?

Re:

[alienmole]

Zonk?

Re:

[crabpeople]

Well you know in all those hacker movies that are like "hes routing through russia" and they trace the "hops" down till they localize it to a house? Bunch of proxies my friend.

A good resource for anonymizers

[__aailob1448]

It's tough to find good anonymizing proxies, especially all-purpose socks proxies. However, for your browsing needs, there is a decent list of webproxies at this website [freeproxy.ru] as well as some lists of socks but I can't really vouch for those.

I personally have used anonymouse. It has an annoying popup and can be fairly slow and has sketchy cookies support (which can be a drag for messageboard use) but it's reliable enough for the occasional session.

Carnivore lives

[wiredlogic]

It doesn't take too much paranoia to realize that some percentage of the public proxies are undoubtably controlled by spooks running some carnivore type software. The only surefire way to access the internet anonymously is through open WiFi APs.

Anonymity is somewhat overrated.

[RyanFenton]

Yes, defending your own brand of craziness from the craziness of others is sometimes important, and for that reason and many others, anonymity can be very important in a civilized society. But I think it is somewhat overused on the internet.

The other half of the anonymity consideration though is that when everyone gets used to only having 'full' freedom when cloaked from the sight of others, they begin to accept a greater lack of freedom in their 'real' lives. That's why I don't choose anonymity whenever I can - I want my mistakes to be my own, and when I discuss, for instance, digital freedoms, I don't want to hide behind the ubiquitous pseudonyms we've all grown so used to while doing so.

I don't want to 'get away' with looking into for 'bad things' - I want REAL people to be free to do what they want. Of course, I, like everyone else, have some things I'm not going to disclose, and would like to have anonymity available - but I'd much rather push for less need to hide things, rather than disappear behind a fake name most of my online life.

Ryan Fenton

Re:

[inviolet]

The other half of the anonymity consideration though is that when everyone gets used to only having 'full' freedom when cloaked from the sight of others, they begin to accept a greater lack of freedom in their 'real' lives. That's why I don't choose anonymity whenever I can - I want my mistakes to be my own, and when I discuss, for instance, digital freedoms, I don't want to hide behind the ubiquitous pseudonyms we've all grown so used to while doing so.

I don't want to 'get away' with looking into for 'ba

Do it with Google

[SpaghettiCoder]

OK, use a laptop. Connect to an open AP. Then log on to someone else's server with open telnet port. From there use a script with elinks/lynx/wget so that all requests for web content are made to Google's cache. I think this is reasonably safe.

Re:

[Vexorian]

The cache? I've seen people using google translator for that.. but then you still have to trust google.

MiM attack.

[s31523]

Seems like a great front for a Man in The Middle attack, except that rather then setting up tons of fake ARP packets you get people to come to your site. Brilliant! Why not just use the coffee shop in the town next to you, and reprogram your MAC address to.

A Guide For Windows

[muhgcee]

I wrote up a very simple set of step-by-step instructions entitled "How to be Anonymous on the World Wide Web Using Windows" [fourmajor.com]

It's not anonymous unless it's encrypted...

[J'raxis]

Telling people "anonymous proxies" are useful to protect themselves is dangerously misleading. It'll prevent the destination website from finding out what your IP address is (maybe -- if you're not leaking that information some other way), but it'll do absolutely nothing to undermine the extensive network-level snooping going on nowadays. Your packets are still in the clear, readable, and sniffable at any point on the network; they're just taking a little detour through someone else's server so the destinat

How difficult is this...

[Kjella]

Proxies I learned about oh... 1995? Today if you want anonymous surfing, use Torpark or setup your own Tor+Privoxy+Firefox with a tiiiny amount more effort. Solved problem.

Re:

[Kelz]

Now I can safely surf my porn!

You mispelled "Now I can safely brute force my porn websites"

Re:honestly... I was thinking about this

[gurps_npc]

Ah, the classic fascist question (What do you have to hide, my slave.). Despite the obvious fact that you don't own me, and have no right to even ask the question, I will reply, in 4 parts:

1st: Throughout history, there have been wonderfull governments, but also some horrible governments. And even the Wonderfull Governments often keep records, that get passed on to their replacement, horrible governments when the evil SOB's have revolution. Governments have in the past killed people for: Being Jewish. Being Gay. Belonging to a political party that objected to that government. Asking if the government had killed other people. Being a family member of any of the above people. Looking at Pornography. While I trust (just barely) the current government, I do not trust the unknown government that will take power in 4 years, because I don't know who they are yet.

2nd: If you have nothing to hide, then that quite literally means you are willing to let me photograph you naked? And I get full rights to that photograph - so I can show it to your neighbors?

Because THAT is what you are saying. You DO have things you do not want people to see. So do I. Yours might be your pretty body. Mine might be the fact that I am gay. And a member of the legalize marijuana political action group. And a member of the "Send the Africans back to Africa" Charity. Also, I routinely travel 56 mph in a 55 mph zone. And get drunk 1/month in my closet. And I once masturbated while looking at pictures of dead dogs. And I collect my own snot and eat it. I still wet my bed. I won't do business with those dirty, thieving Jews. And I am a card carrying member of the ACLU. And I despise children. All of these things are legal (or at least not serious crimes worthy of being investigated). Now, assuming I was not being sarcastic, do you think I would have a job tomorrow if my boss knew them?

3rd consider this: I have a right to privacy, not because I have things to hide, but because trust is a two way street. Think about a parent. What would you think of a father that says "My honor student has never done anything wrong. But just to be 'sure', I hired a private investigator to follow them around all the time, sneak into his bedroom at night and check his computer, diary, underwear draw" It takes WAY too much effort and cost for the government to actually fairly investigate everyone. So we tell them that if they want to investigate people, they must prove it to a judge that they are worth investigating. If the cop can't do that, then THE COPS ARE THE SICKO PERVERTS. Just like the dad/mom that treated their honor student like a gangbanger, if the government does the same to us, THEY demonstrate that they are A) poor government, B) can't be trusted themselves and C) have serious emotional problems.

4th: The last, best argument is simple. Every test has a false positive rate as well as a false negative rate. If you test too many people, you end up convicting the innocent more than the guilty. I.E. if you have a test that 5% of the time falsely says "drug user" even if they are not, and use it on a population where only 1% of the people use drugs, than you arrest, charge and try 5 innocent people for every 1 guilty. Those innocent had nothing to hide. Hackers break into your computer, zombifie it and use it to store child porn. You don't know about this, till the police track down your computer as the server for a child porn ring, break down your door and arrest you. (Several cases like this exist).

Re:

[Rooked_One]

So you don't want your ISP knowing that you are posting on an 'odd' forum or something to the effect that you are eating your snot?

I completely understand the right to privacy, however, if you are talking about being 'private' so that your ISP does not give your searching behaviors to the government, then that is a completely different story.

And forgive my misunderstanding of your 4th example, but I fail to see how it pertains to browsing the internet anonymously.

Here is one reason

[an.echte.trilingue]

Amazon has admitted to experimenting with "targeted" pricing, that is they track their customers, and raise or lower the price to what they think that person will pay. Based on browsing history, you can make pretty good guesses as to what a person really wants and what their income is. When we loose our anonymity, this kind of scenario becomes possible. Thus, any service that helps maintain internet anonymity is a good thing (tm)

However, more fundamentally, the answer is: it does not matter. I am innoce

Re:

[End Program]

the only time the average user would need to surf anonymous is when he/she knows he is doing something wrong.

What about someone doing a search about a medical problem or depression?

What about political dissent?

What about searching for a new job?

What about a whistleblower going to a Gov website to report abuse of gov contracts?

etc...

Re:

[nine-times]

the only time the average user would need to surf anonymous is when he/she knows he is doing something wrong...Obviously we have 'pr0n viewing' at work, and stalking ex's and whathave you...

It's all shades of grey, though. Ok, so you bring up "'pr0n viewing' at work", but what about "'pr0n viewing' at home"? I think this distinction is where the question begins: let's say you sometimes downloaded porn that wasn't illegal or even particularly awful (relative to... you know, porn in general), but you just

Re:

[sckeener]

the only time the average user would need to surf anonymous is when he/she knows he is doing something wrong. I mean, i'm not trying to start anything here, but rather understand WHY you would need to do this. Obviously we have 'pr0n viewing' at work, and stalking ex's and whathave you...

I can think of a few...Maybe the Fedex clerk wants to work for UPS. Or maybe you want to read up about Democrats at your mostly Republican company. Or maybe you or your girlfriend are up the duft and want to find out more

Re:

[falconwolf]

and the only time the average user would need to surf anonymous is when he/she knows he is doing something wrong. I mean, i'm not trying to start anything here, but rather understand WHY you would need to do this.

BS! Something does not need to be bad to a reason to remain anonymous. Politics and political speech are very good reasons to be anonymous. If someone can't remain anonymous then they can't enjoy free political speech.

Falcon

Anonymous != illegal behavior

[kiddailey]

The real question is why do so many individuals automatically think that if you need to be anonymous, you're doing something illegal? I can think of a handful of perfectly legal uses for anonymity on the net (though some might require you to put your tin-foil hat on for a moment) without even working to hard:

• You want to do research about a specific health disorder, but don't want your family, work or your insurance company to know
• You want to do educate yourself on details, before forming an opinion on a t

Would you wear a shirt with your address on it?

[Catbeller]

For illustration, imagine yourself going through life with your name, address, and phone number, along with a map to your home with careful directions as to how to get there, printed on a t-shirt you must wear for all to see. And to top it off, anyone who looks at the shirt can access records about where you've been, what you've read, who you talk to, along with careful timestamps on all these items.

Would you be confortable with that? Are you so free of enemies or sure of the people who watch you that you'd

Re:

[jjsavage]

I'm not sure what the FBI would do with all of my private e-mail, but if being reminded to pick up milk on the way home from work is a crime, I should be on death row by now.

Re:

[tsotha]

Sure, but if they sniff your traffic what they'll see is you going to the anonymous server over and over. It doesn't really tell them anything beyond the fact that you're browsing, since the proxy server buffers the http requests.

Re:

[Anon-Admin]

Funny, When I ran an anonymous server I received calls like this all the time. I gave them the address to my attorney. It was her job to respond to them.