Ask Slashdot: Choosing Anonymous Proxies? 211
bradley13 writes "There are lots of anonymous proxies out there, and anyone concerned about their privacy probably uses one for at least some of their web browsing. The Megaupload story highlights the fact that having servers in the USA is not a great idea. There are also other countries one may not want to trust. Oddly, very few proxy services mention where their equipment is located. What anonymous proxy services do you use? What criteria do you use to select them? How paranoid are you, and for what types of Internet usage?"
Botnets and Seven Chains (Score:5, Insightful)
Never trust anyone, and never expose to anyone who you are. That is the only way to stay secure on the internet.
Re:Botnets and Seven Chains (Score:5, Funny)
Re: (Score:2)
And Loving It!
Re: (Score:3, Funny)
No, he is Christopher B. Linn; but don't tell anyone, especially the internet! (he doesn't want to reveal who he is!
All jokes aside, this reminds me of an XKDC post... about anonymity
http://xkcd.com/834/
Re: (Score:2)
That's ok. We all use Christopher's machine for *our* anonymous proxies. Of course, he's probably unaware about those cites he surfed with our handy-dandy XSS routine that implanted the proxy on his machine in the first place. Chris, dude, don't you wonder about your cable bill-- at all?
Re: (Score:2)
Or maybe we can conclude that the one person he is not is Christopher B. Linn. You don't need software to masquerade as someone else, you know. ;-)
Re:Botnets and Seven Chains (Score:5, Informative)
Or Tor. Which is the same thing as a bot net proxy, but consensual. Make sure you don't send any personally identifiable traffic through the tunnel, because the exit nodes are monitored.
Re:Botnets and Seven Chains (Score:5, Informative)
An anti-MITM browser plugin like Perspectives or Convergence is a good thing to use when browsing via a proxy.
Re: (Score:2)
Now give me the address of a couple good proxies so I can get some more bootlegged Canadian TV shows or I'll turn you in!
Freenet (Score:2)
Solves both problems. And you don't have to trust any one company, or result to illegal tactics like bot nets.
Its really about time everyone moves over to it.
Re:Freenet (Score:5, Informative)
Tried it. Learned my lesson. The place is choked with CP. I'm talking actual rape here - not merely the kind of naked kiddie pictures that get you sent to a federal prison these days. This is stuff you NEVER see on the internet. The real, horrific, deal. There may be "safe" areas, but I couldn't find any, and I didn't exactly want to hang around to find out.
I want something like Freenet to exist. I believe we have the right to unregulated communication, individuals should just suck it up when they are offended rather then resorting to censorship and control. But Freenet appears to be used by criminals exclusively. I couldn't see any evidence of the kind of crypto-hippy idealism I expected.
I'm not going back anywhere near that cess-pit, and I'm not helping to enable it.
Re: (Score:2)
But if you have to look, then telling someone not to look at it is kind of an impossible proposition, right?
Re: (Score:3)
Not really. If you are using the main 'index' sites, they do their best to completely remove CP and other hard core offensive items, and categorize what is left. So it's quite easy to avoid viewing the "sites" you don't agree with.
Sure you might see that it exists, but you wont see the actual content that offends you. Not much different than real life.
Re:Botnets and Seven Chains (Score:5, Insightful)
Your proxy could be 100% dedicated to customer privacy, but can be unwittingly monitored and its users exposed as long as the proxy utilizes Cisco gear.
He did not slip or contradict himself - he is doing you all a favor, and speaks with authority.
Re:Botnets and Seven Chains (Score:4, Informative)
http://www.forbes.com/2010/02/03/hackers-networking-equipment-technology-security-cisco.html
http://www.networkworld.com/community/node/57070
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040407-username
Re: (Score:2)
Anonymouse (Score:5, Informative)
I use this thing [anonymouse.org].
Selection criteria:
1. First google hit for [anonymous proxy]
2. It's been around since forever and I remember its url (but when I don't, see #1)
Yeah, not that scientific.
The most venerable lineage in this space is probably The Anonymizer [anonymizer.com], which was once hosted by CMU researchers, but it seems to have been bought and turned into a commercial desktop application.
Re: (Score:2)
I use whatever from the list here:
http://www.samair.ru/proxy/type-01.htm [samair.ru]
Otherwise, it's TOR
cheers,
Obligatory TOR post (Score:1)
Not sure that I would want to do any banking or accessing sensitive data through that network, but it is a start.
Anonymous != secure (Score:4, Informative)
They're all the same. (Score:5, Funny)
See: http://xkcd.com/908/ [xkcd.com]
Except it's all pointing to one gnarly Tor endpoint
The Onion Router (Score:2, Insightful)
Some options (Score:2, Insightful)
I use Giganews' 'VyperVPN service. They have servers all over the world and you can select which country you want to use.
I've also used privatetunnels.com which is based in the Ukraine and that was a great service as well.
I do not trust Anonymous proxies. (Score:5, Funny)
I do not trust Anonymous proxies. So I always host my own "anonymous" proxies myself. That is what I call secure!
Re: (Score:1, Redundant)
I do not trust Anonymous proxies. So I always host my own "anonymous" proxies myself. That is what I call secure!
How do you figure that's "anonymous"? You are paying for the Internet connection so SOMEBODY knows who you are. If you are using a machine at work to do same, then still, SOMEBODY knows who you are. The bottom line is, there is no truly anonymous proxies anymore...not that there really were any to begin with. Somebody always knows unless you are IP spoofing on top of a proxy, but even that is becoming less secure as governments and law enforcement get more capable.
Re:I do not trust Anonymous proxies. (Score:5, Interesting)
I think that falls under the "I'm behind seven proxies, good luck!" meme. Granted, you get more and more latency each hop, but if you can give someone enough busywork trying to follow the breadcrumbs, you're likely to either (A) make them decide it's not worth the effort to get a 5th, 6th, and 7th court order, or by the time they get to the last proxy they have wiped your session data and simply have nothing to give anyone with a badge on their letterhead.
Good proxy providers make a point to not retain session data for any longer than is absolutely necessary. Or if they don't, you've made a bad selection of providers. I know if I were working in Anonymous, I sure as hell would be using a proxy chain paid for using prepaid visa cards.
Re: (Score:2)
Re: (Score:2)
The reason warrantless wiretapping works so efficiently in the USA is that every major phone exchange has a small room in the building with more alarms than you can shake a stick at, that's run remotely by DHS, and that's their siphon point for any traffic that runs through the building. (not making this up, I actually know someone that is cleared to work on the computers i
Re:I do not trust Anonymous proxies. (Score:4, Funny)
I finally understand the "Woosh" idiom! Thank you multimediavt!
Re: (Score:3)
huh?
Re: (Score:3)
Re: (Score:2, Troll)
Darn. I was going to guess sarcasm, but changed my mind!
Re:I do not trust Anonymous proxies. (Score:5, Funny)
Pfft, amateur. I use a WGET to have my web pages e-mailed to me. That way anyone who's watching my activity thinks it's Richard Stallman.
Re: (Score:2)
and double whooosh !
Re: (Score:2)
and double ROT13 whooosh !
FTFY.
Overplay (Score:5, Informative)
I use Overplay for region-restricted web content. Very useful when watching British TV shows on the BBC iPlayer and Irish Gaelic sports like hurling [youtube.com] and Gaelic football [youtube.com] which saves me the trouble of having to go to a pub and pay $20 per game.
Bitcoin, yes, seriously (Score:3, Interesting)
Google for "vpn services accepting bitcoin". Done. We learned from the spectacular failure of HideMyAss that you cannot pay for you proxy with credit card when the FBI comes looking.
Re: (Score:2)
Pay cash for a visa gift card. Pay for proxy service with said gift card. When time comes to renew, repeat.
Re:Bitcoin, yes, seriously (Score:4, Interesting)
That's not very hard. Plenty of people travel a lot. If I had been so inclined, I could have collected cards from multiple locations in about 12 states. Since you can buy them in most gas stations, you can get them anywhere, regardless of if it's on your route or not. If you're really dedicated, a nice 4 hour drive away can put you in another state to make the purchase.
From what I have seen of the prepaid credit cards is, you are expected to provide personal information, and have the card with your name on it sent via USPS.
Use of the temporary card is limited. You'll get funny looks using it at a point of sale. You'll have a hard time using it online if they ask for *any* identifiable information. You don't have even a name and zip code, which are the bare minimum that most ask for. Depending on the merchant account, they may let it slide, but it's a big risk for the vendor.
Getting something less traceable, like a Starbucks gift card, isn't quite as usable for this purpose.
The best anonymouse proxy is an open wifi (Score:5, Insightful)
I personally use open wifi connections, they are about as anonymous as you can get. I picked up a 10" google pad with GPS, installed the software and took a drive. They are all over the place, that is assuming you dont use the open one at the local bar, Denny's, McDonalds, Cigar club, Starbucks, etc, etc, etc.
If you look, you will find that open and available wifi connections are easy to find, completely anonymous, and fun. Fun because it is amazing what people will share on there local network with an open wifi connection ;)
Re:The best anonymouse proxy is an open wifi (Score:5, Funny)
I personally use open wifi connections, they are about as anonymous as you can get. I picked up a 10" google pad with GPS, installed the software and took a drive. They are all over the place, that is assuming you dont use the open one at the local bar, Denny's, McDonalds, Cigar club, Starbucks, etc, etc, etc.
Hmm... so "Anon-Admin" likes cigars, lattes, Big Macs and Grand Slam Breakfasts - that narrows things down considerably... I've almost got him!
Re: (Score:2)
Ok, that is funny...
Cigars, yes
The rest, well they showed up on the wifi scan and most surprised me. Heck, all the Whataburgers now have open wifi's. I never would have thought that a chain like Wataburger would have open wifi.
Re: (Score:2)
Or at one time visited or lived in the region that Whataburger is in.
Doesn't narrow it down much, hell he could have even googled that information.
Re: (Score:2)
Shhhh, stop telling them my secret. I work hard to through them off the scent and you go and give it away.
Re: (Score:2)
They have them in LA too....
Re:The best anonymouse proxy is an open wifi (Score:5, Informative)
Be sure to alter the MAC address of your wireless adapter, or the log files on the open wifi router could be used to identify your computer.
Re: (Score:3)
Re: (Score:2)
Yes, but, if you're in the habit of doing illegal things using open access points, you might not want to leave a trail that can be followed. Randomly assigning a mac address before connecting to an open wifi is a good way to prevent that kind of trail from ever getting started.
Re: (Score:2)
In reality, the defense lawyer will argue that, while the prosecuter will then rebut with "realistically, would someone actually do this?"
A jury of /.-ers would acquit, or nullify. However, even though we wish that we would get a jury of our peers in cluefulness, most likely the jurors picked will have almost zero clue what a MAC address is, so a good prosecutor setting up a case can say something like it is impossible to forge with almost no real life cases. With this in mind, plus a "ignore the defense'
Re: (Score:2)
Don't forget your computer's hostname gets logged as well...
Re: (Score:2)
Re: (Score:2)
How does one do with with a windows machine?
Re: (Score:3)
It's driver-dependent. All the consumer Linksys stuff I've run across has it, and some other vendors, too.
Re:The best anonymouse proxy is an open wifi (Score:5, Interesting)
Go for something like 01:23:45:67:89:AB. That way even if the logs get nabbed it'll save a lot of headache for both the open network admin and others involved. It makes it obvious that further tracking is pointless (good for you) and does a nice turn for anyone kind enough to leave open bandwidth for public use by (presumably) ending their harassment by investigators.
The other way to do it is to leave your home router's wireless open to the public (regulating bandwidth as you see fit), control the logs yourself, and then make any connection to a proxy via (registry/OS footprint free) utilities on a hidden volume or usb drive. Thus even if all of the proxies, anonymizers, and etc. are compromised you'll still have enough reasonable doubt. Of course reasonable doubt is only good in some locations. The places or circumstances these tools are often invented for (i.e. Arab Spring) may not care enough about western due process in the middle of a civil revolution.
Re: (Score:2)
Unless you happen to be the only person using that fake MAC address.
Re: (Score:2)
Well don't leave your nic setup that way! What's the point of spoofing (in this case) if you stick around long enough to be photographed, triangulated, or otherwise caught with proof on the equipment seized?
Rules of MAC cloning: 1) leave it cloned if you're using a router with your ISP, 2) wipe the clone if you expect the inquisition to drop by for a late over a pendulum session.
Re: (Score:3)
Sadly, nobody ever expects the Inquisition until its too late.
Re: (Score:2)
No thanks. I prefer to change the mac address randomly EVERY time the dhcp lease is up. Trivial to do on any powerful OS.
Re: (Score:2)
Re: (Score:2)
What software did you install on the google pad?
Re: (Score:2)
That would be this one.
https://market.android.com/details?id=de.carknue.gmon2&feature=search_result#?t=W251bGwsMSwyLDEsImRlLmNhcmtudWUuZ21vbjIiXQ [android.com]..
I have servers in the USA (Score:2)
Re: (Score:3, Interesting)
1. People want to do illegal stuff and not get caught; and/or
2. People are overly paranoid.
Modern life is complicated enough without trying to get into trouble. Why bother? (Answer: people have a raging sense of entitlement. "Whine, I don't want to pay for stuff.")
Re: (Score:3)
It's not always about not paying for things. Some people have fetishes for... well, let us just say illegal things. In some places frontal nudity would count. Other places you're talking pictures featuring pyrohomonecropedobestiality.
Re: (Score:3)
pyrohomonecropedobestiality.
I'm trying to figure out how this would work... fucking a fertilized-egg omelet with a strap-on...?
Re: (Score:3)
Alright, you watch "48 Hours" or "Criminal minds" on TV and something you see about terrorism or murder piques your interest so gawd forbid you Google it. Whether it the "Anarchists Cookbook" or "How to hide murder by using succinylcholine", you have just made yourself a potential target of a law enforcement agency, and if gawd forbid again, anything bad happens in your household or neighborhood in the next 24 months, your browsing habits have just planted a smoking gun in your hand.
You don't even have to b
Coffee shop? (Score:5, Interesting)
How about a coffee shop's free Wifi using a spoofed MAC address while I'm sitting at the restaurant next door?
Re:Coffee shop? (Score:4, Insightful)
Re:Coffee shop? (Score:4)
And more important than all of that, use a totally clean browser with geolocation and any other privacy-destroying features disabled, and locked down tightly to put scripts, flash, cookies (including flash cookies and HTML5 storage) and off-site requests on a whielist system.
Re: (Score:2)
"And more important than all of that, use a totally clean browser with geolocation and any other privacy-destroying features disabled,"
Again why? a good "haxor" would be running a script that is changing the data at random or delivering known false data. It's better to hide in a sea of noise than it is to stand out by delivering NOTHING at all.
Re: (Score:2)
True dat.
LiveCD is your friend.
Re: (Score:2)
Pawn Shop laptop at a McDonalds. Only way to go.
Re: (Score:2)
Why?
Your laptop running a Live linux distro and USB drive. Untraceable, or do you think that Mac addresses can not be changed.
It is perfectly safe to use the same laptop for good and evil.
Re: (Score:3)
Why?
Your laptop running a Live linux distro and USB drive. Untraceable, or do you think that Mac addresses can not be changed.
It is perfectly safe to use the same laptop for good and evil.
Topping that, why even bother spoofing your mac address when you can get a "disposable" usb wifi adapter for less than 10 $.
Because unless you dispose of it regularly, if the cops confiscate it and find that it matches the MAC address linked with questionable activity at a coffee shop, then you're screwed. If you set your MAC address to some randomly generated number on each visit, then they can't easily link your hardware to the coffee shop logs. (i'm ignoring other fingerprinting [techworld.com] that they could be doing to identify your hardware since if someone is interested in you enough to do advanced network analysis to find you, they're
Re: (Score:2)
How about a coffee shop's free Wifi using a spoofed MAC address while I'm sitting at the restaurant next door?
Just make sure the restaurant doesn't have any security cameras. And make doubly sure you don't walk past that coffee shop going to the restaurant as their security cameras might pick you up through the window. And don't park anywhere nearby. And make sure no security cameras catch you walking from the restaurant to your car, etc.
panopticlick (Score:5, Insightful)
What degree of anonymity are you looking for? Exactly which of the HTTP request headers do you wish to be anonymized? Okay so your proxy is not passing on your IP address. So It's not passing on common proxy behaviours (like HTTP 1.0 requests). And there's no 'proxy' anywhere in the request. You're not even using TOR. Well done. Now check Panopticlick [eff.org]. You're not anonymous. Now exactly what kind of proxy where you looking for and what kind of anonymity were you looking for?
Re: (Score:3)
Re: (Score:2)
Your browser being unique means that, in theory, your behavior on various sites could be correlated, even if you have proxies hiding your IP. On the other hand, identifying who those fingerprints belong to might be a bit hard to do, except perhaps for various three letter agencies.
The moral is clearly that if one wants to do Secret Stuff online, one should use both many proxies (paid for with prepaid cards as mentioned above), and a browser/OS that is not your normal one. Don't post torrents on the same ma
Get Coccon (Score:2)
"Inside Cocoon we do not track where you go or what you do online... Only operational information, such as processing speed or what features are under greatest demand, may be used to ensure Cocoon provides the best possible performance and experience to our users."
There is the question of how enforceable this promise is, since Cocoon is ad-supported. It's in their
Depends on why .. (Score:2)
TOR works well, but is neither anonymous or private (meaning TOR traffic is easy to identify at entry, so the ISP will know you're doing it). At exit, the traffic is the same as it entered
Paid proxies are good for casual "don't want the boss seeing it", and many of these are plain HTTPS so they're harder to spot. Teathering your personal phon
VTunnel has a proven track record (Score:5, Insightful)
How do you know they're anonymous? (Score:2)
How do you verify the anonymity?
Re: (Score:2)
Load a website you control and look for "X-Forwarded-For" in the HTTP headers?
Re: (Score:2)
Re: (Score:2)
It doesn't. There's no way to find out who won't rat on you later on.
Re: (Score:2)
Re: (Score:3)
How do you verify the anonymity?
Because they haven't been caught yet. Duh.
It's either that, or face up to the fact that nobody's actually looking for you/you're not really all that terribly interesting.
but why so much? (Score:2)
HideIPVPN (Score:2)
http://www.hideipvpn.com/ [hideipvpn.com] has servers in the US & UK; I use them once in a while if I want to access region specific content. Pretty cheap and fast enough for my needs so I'm happy.
Free VPN (Score:2)
Many people will post suggestions for incredibly difficult to implement solutions. I work with groups of people (journalists, mostly) which need something NOW, that they can run themselves without getting a degree in network engineering.
For them, I send them to AnchorFree Hotspot Shield.
Free, ad supported (you can run AdBlockPlus) and allegedly does not log for non-paying accounts (I wouldn't want to know either). It gives you a random IP address terminating in Northern California, which is very helpful for
Never trusted them either (Score:5, Interesting)
Recommended by Anonymous (Score:3, Interesting)
IPpredator.se and anonine.se. Both from the freedom loving land of Sweden. You get SSL and PPTP with 2048kb or 128kb encryption (IPredator supports PPTP only IIRC).
PRQ (Score:5, Interesting)
http://prq.se/?p=tunnel&intl=1 [prq.se]
PRQ is based in Sweden, and has their own ASN (read: they are their own network, connected to multiple upstream backbones)
They offer all types of services in addition to VPNs: colo, dedicated hosting, and shared hosting.
Their tunnels offer a static IP and no ports blocked (for running servers if that's your thing), so you'll want to provide your own firewalling. They use straight OpenVPN too.
They have a strict privacy policy and appear to follow it.
This is the same ISP that hosts the pirate bay too, which should give you an idea how they handle requests from certain other countries due to the whining of certain media cartels...
I've been a customer for awhile now and quite happy.
I am even planning to colo with them in the next couple of months if all goes well. (Previous data center I've been with has changed company names like three times now in the past six months, and now plans to jack their pricing up)
Test them (Score:2)
1) Log on using someone else's credentials (someone you don't like).
2) Generate a file of random bytes.
3) Post it to a file sharing site through the proxy with an annotation that these are the final plans for World Jihad. Append "Allahu Akbar" for good measure.
4) See if the person who'd credentials you borrowed is dragged off to Gitmo.
Never underestimate traffic analysis... (Score:2)
FYI (Score:2)
Just so you know, some of these file sharing services block IPs coming from well known (often commercial) proxies. There are, of course, other sites that block IPs from proxies too which may or may not adversely affect your Internet experience while using said proxy.
The main reason to use a proxy when doing things like file sharing is to avoid detection by your ISP. Some ISPs are quite nosy and will block you from file sharing sites especially if they notice you are consuming "too much" bandwidth transfer
If you want to be truly "anonomous" (Score:3)
Pay for a proxy, but use a prepaid visa that is not registered in your name (hard to od but not impossible) then NEVER connect to that proxy from the same starbucks, mcdonalds, etc...
Yes this means you have to use hacker tactics for not getting caught. That is the price for living in a oppressive country.
Torrentfreak has a nice list of private VPNs (Score:3)
Comment removed (Score:3)
Re: (Score:2)
The condos I used to live in came with free cable and Internet. When I called TWC to ask how to connect to the Internet, they told me to use the cable modem that was installed. When I said there was none, and after two weeks screwing around on the phone, I went into the local office, and asked there. She went through the billing, and found the old modem, and called someone and told them the old numbers, and gave me a new one. When I asked if they were using that modem to get free Internet at a different