Do You Need to Surf Anonymously?

An anonymous reader writes "Computerworld has up an article entitled 'How to Surf Anonymously without a Trace'. It purports to offer tips on how to avoid detection by anyone attempting to monitor your internet access. 'If you don't like the limitations imposed on you by [proxy] sites like the Cloak or would simply prefer to configure anonymous surfing yourself, you can easily set up your browser to use an anonymous proxy server to sit between you and the sites you visit. To use an anonymous proxy server with your browser, first find an anonymous proxy server. Hundreds of free, public proxy servers are available, but many frequently go offline or are very slow. Many sites compile lists of these proxy servers, including Public Proxy Servers and the Atom InterSoft proxy server list.'"

What if you're already behind a proxy server

[Marxist Hacker 42]

That doesn't allow you to see ComputerWorld sites?

What I need is a meta-surfer, a free port 80 VPN with a built in browser on the client side....maybe one day I'll build one myself.

Do it with Google

[SpaghettiCoder]

OK, use a laptop. Connect to an open AP. Then log on to someone else's server with open telnet port. From there use a script with elinks/lynx/wget so that all requests for web content are made to Google's cache. I think this is reasonably safe.

Re:Public Proxy != Anonymous

[Saint Fnordius]

Have you considered that there might be political reasons? Let's say I work for a rabid Bush supporter, do I want him to know that I'm a regular on the Daily Kos even though it's not forbidden to go there on my lunch break? Do I want my ISP to know what sort of games I like to play at home? Do I want you to see all of my browsing habits so that you can harass me based on what you know?

How about a battered wife looking for a way out of her marriage, and a husband who clams to be able to read whatever she writes? (for the record, this really happened to someone I know, but luckily she's free of him now)

There will always be cases where you don't want people to know what you're doing. Many of these cases are legitimate interests in preserving mere privacy, and some are because there really is avoiding oppression.

Re:Public Proxy != Anonymous

[bleh-of-the-huns]

Actually, I could care less about who knows what I am doing, I am not doing anything illegal, I am not looking at porn (it just does not have the same affect anymore after looking at it for 2 years on a daily basis for 8 or 9 hours a day as part of my job enforcing an ISP AUP). What I do have a problem with are entities using my information for profit, and I really do not need the gov or any other private entity knowing what I am doing. If they want to know, they can ask me.
Back to the proffit issue, if anyone is going to make money selling my viewing/buying habbits (which many sites do), its going to be me. I do not need those damn statistics sites that almost every damn web page has selling my info....

Change MAC when renewing DHCP?

[Kadin2048]

I wonder if anyone has a script that would automatically change your reported MAC address to a random (but valid) value, every 24 hours or so, or when the DHCP releases and renews.

Doesn't seem like it would really be all that hard on a Linux/BSD system, no idea what it requires on Windows to script that sort of thing.

Re:Public Proxy != Anonymous

[Rei]

Also useful, besides anonymous proxies, are distorting proxies. They announce that you're surfing through a proxy, but they still mask your IP. I made good use of both a while back. Colbert Report fans probably remember his contest to get a bridge named after him. I was one of the people who wrote scripts to help him win (I think I was the only one with a Jon Stewart script, too, and got Jon up to second place). You had to vote with a unique email address and confirm the link that they send, so I wrote a script that automated the process (thank you, sendmail and wget!). Proxies were necessary because when they figured out that emails from a given domain were sending an unusual amount of registrations/votes, they'd block the domain and the IP address its connections were coming from.

The experience makes me definitely second what the OP said about proxies being unreliable. I ended up having to not only have a system that would detect when my domain name was blocked and re-register domains (using a bit of wget magic), but also have a script that would constantly check to see if my proxies were alive. Whichever ones died, the script had to go back to a proxy list site, and (using a bit of trickier wget magic, since the listed IPs were images to discourage scripts like mine) grab new ones. I initially tried running without this, but I quickly discovered that 90% of the time, when a connection that was working fine wouldn't work any more, it wasn't that the voting site blocked me: it was that the proxy was down. The average proxy probably worked for perhaps ten hours, and of the proxies on the list (narrowed down by ones that supported POST -- which was, sadly, perhaps only 10% of them), only about one in four worked at all.

Re:cite please

[shess]

I guess that the 9/11 hijackers used library computers doesn't help, nor does the current "Library 2.0" movement to offer customized services.

This doesn't sound right, but ... why _shouldn't_ the 9/11 hijackers have used library computers? I mean, it's terrible that library computers were used, but it's not like that made them complicit. The hijackers probably also travelled on public roads, and drank water from municipal water supplies, and benefitted from living in a safe neighborhood due to local law enforcement, and used dozens or hundreds of other public services. That's what public services _are_, after, all. Beyond that, they probably bought food in a grocery store, etc, etc. If we start cracking down on libraries because of this - where do we stop?

[I'm not suggesting that you agree that the above is a good reason to crack down on libraries in any way, I'm just being annoyed that people seem to think we should "crack down" in this kind of thing. I suppose most such people don't even know where their local library is located :-).]

-scott

Re:Starting at the desktop

[Kjella]

The question is, how does one surf anonymously at work

You don't. It's even more fundamentally impossible as DRM, because you're de/encrypting it on the machine you're trying to hide it from. Certainly you can encrypt past a proxy, but if they see encrypted traffic coming from your machine, they have every right to capture it locally. Their computer, their network, their sensitive data on it.

Re:honestly... I was thinking about this

[falconwolf]

and the only time the average user would need to surf anonymous is when he/she knows he is doing something wrong. I mean, i'm not trying to start anything here, but rather understand WHY you would need to do this.

BS! Something does not need to be bad to a reason to remain anonymous. Politics and political speech are very good reasons to be anonymous. If someone can't remain anonymous then they can't enjoy free political speech.

Falcon

Re:Pot, meet kettle; kettle, pot.

[TheRecklessWanderer]

TRW is a pseudo I have used for best part of 25 years. To many people it identifies me pretty well.

I'm surprised nobody has brought up the identity theft argument yet, but there we go.

I think that there is a difference between privacy to the average internet user, and to police/government agencies.

Sure, I don't want average joe idiot getting hold of my name here on /. and having him start calling my house. I don't give out my home phone number for that exact reason.

But privacy against the police or government can (in most cases) only be for less than virtuous reasons. Now buddy up above in China who claimed to be studying democratic groups is an exception, I suppose although, if he is acting against his government, how is that different than somebody else acting against their government. An issue for another day, I suppose.

I know that freedom is important, but it has to be weighed against "the common good". For instance, school is a right. If someone has a mono, they should not be allowed their right to education until they are no longer infectious. It is just better for everybody, it seems to me.

Re:Public Proxy != Anonymous

[db32]

If you are clever you proxy with SSL :). The only thing people inbetween will see is encrypted traffic. Either way its still not a terribly efficient way to hide your identity. You are still correct in that they will still know that you are doing it, just not specifically what you are doing with it.

Would you wear a shirt with your address on it?

[Catbeller]

For illustration, imagine yourself going through life with your name, address, and phone number, along with a map to your home with careful directions as to how to get there, printed on a t-shirt you must wear for all to see. And to top it off, anyone who looks at the shirt can access records about where you've been, what you've read, who you talk to, along with careful timestamps on all these items.

Would you be confortable with that? Are you so free of enemies or sure of the people who watch you that you'd wear that shirt? Or would you rather just walk around without that highly informative piece of clothing, as free men have always done?

Re:Pot, meet kettle; kettle, pot.

[GogglesPisano]

Why do people do things anonymously that they wouldn't do if their name was stamped on it? I think the world would be a lot better place if everyone took responsibility for what they said and what they did.

Okay, Mr. RecklessWanderer. Here's a quick example of why someone might want to remain anonymous online.

According to your posts in the thread, you're Canadian [slashdot.org].

A few seconds on Google brings up this post [mywildvacation.com] by a Canadian named "TheRecklessWanderer". The message board discusses experiences at an "adult-oriented resort" where paying customers get to "mingle" with women of indeterminate age and questionable virtue.

Now, I'm not implying that you and the poster on the message board are the same person; in fact the huge popularity of the internet makes it unlikely. But for many people, being mistakenly associated with questionable activities could be awkward or embarrassing at best, devastating at worst. Luckily, the anonymous nature of the internet prevents future employers or current spouses from jumping to such hasty conclusions.

Re:Pot, meet kettle; kettle, pot.

[neomunk]

*whistles*

That was one of the most impressive proof of concepts I've seen in a slashdot post for a long time. Hell, if I were him/her I'm pretty sure that would send a shiver down my spine.

All that and you're just a slahdotter who knows the magic word for getting information, google.com.