Tor/Privoxy; Privacy and The Internet

[Chrissy Cruiser]

I thought that a mini-review might be helpful

I have been using these two freewares for a couple of weeks now and
couldn't be more pleased. Well, maybe, more later.

Tor was often reviewed as unstable but I haven't had a drop that I know of
in that time. Privoxy matches up perfectly as a much easier Proximitron. I
am on W2K SP4, Firefox, DSL, IE where needed.

Two other programs, Stunnel and Squid, the latter is a caching program that
I understand really helps speed. The problem here is that these programs
are not executables, are dloaded as binaries that need compiling. That lost
me right there although I bet it's not that big an issue if one had a clue
about such things.

Speed is an issue but it is more like going from DSL to cable and it is
certainly "livable".

There are a few "glitches" in that your IP address changes rapidly but some
websites want a re login every time it does. All in all, I can surf 95% of
the 500 or so places I go every week with no real issues.

I found a Trojan dialing out my private info, got it on first log so no
harm down. This sucker compromised Kerio, was harder than hell to find, a
real masterpiece, with keylogging and port checking, vile sucker.

Folks, with rootkits and privacy gone to hell, don't be surprised if our
own governments aren't in the malware game. If you're on the Internet,
you're exposing yourself to identity fraud and serious consequences of
intrusion in your life. Don't be like me and wait until the last minute to
become anonymous on all services Internet.

 

[Antoine]

Thanks for your feedback. Just in case I missed something, you use
stunnel+privoxy+tor to access secured websites (online bank, etc)
too or do you use "direct (unproxied) stream" for such accesses?

 

[Helen]

I thought that a mini-review might be helpful

I have been using these two freewares for a couple of weeks now and
couldn't be more pleased. Well, maybe, more later.

Tor was often reviewed as unstable but I haven't had a drop that I know of
in that time. Privoxy matches up perfectly as a much easier Proximitron. I
am on W2K SP4, Firefox, DSL, IE where needed.

Two other programs, Stunnel and Squid, the latter is a caching program that
I understand really helps speed. The problem here is that these programs
are not executables, are dloaded as binaries that need compiling. That lost
me right there although I bet it's not that big an issue if one had a clue
about such things.

Speed is an issue but it is more like going from DSL to cable and it is
certainly "livable".

There are a few "glitches" in that your IP address changes rapidly but some
websites want a re login every time it does. All in all, I can surf 95% of
the 500 or so places I go every week with no real issues.

I found a Trojan dialing out my private info, got it on first log so no
harm down. This sucker compromised Kerio, was harder than hell to find, a
real masterpiece, with keylogging and port checking, vile sucker.

Folks, with rootkits and privacy gone to hell, don't be surprised if our
own governments aren't in the malware game. If you're on the Internet,
you're exposing yourself to identity fraud and serious consequences of
intrusion in your life. Don't be like me and wait until the last minute to
become anonymous on all services Internet.

Got active X turned off...what is this?

 

[elaich]

I found a Trojan dialing out my private info, got it on first log so
no harm down. This sucker compromised Kerio, was harder than hell to
find, a real masterpiece, with keylogging and port checking, vile
sucker.

Wondering how you got the Trojan. You seem to be pretty security savvy.

Folks, with rootkits and privacy gone to hell, don't be surprised if
our own governments aren't in the malware game. If you're on the
Internet, you're exposing yourself to identity fraud and serious
consequences of intrusion in your life. Don't be like me and wait
until the last minute to become anonymous on all services Internet.

Be careful, Chrissy. The scoffers will be telling you to put your tinfoil
cap on.

I remember those types ragging on me because I recommend not to use
Outlook Express. Well, guess who had the last laugh? Those very people
were soon begging for info on how to get rid of the Sasser worm they got
previewing infected emails in Outlook Express.

 

[Gordon Darling]

I thought that a mini-review might be helpful

"Tor 0.1.0.9-rc Testing - An anonymous Internet communication system.

About:
Tor is a network of virtual tunnels that allows people and groups to
improve their privacy and security on the Internet. It also enables
software developers to create new communication tools with built-in
privacy features. It provides the foundation for a range of applications
that allow organizations and individuals to share information over public
networks without compromising their privacy. Individuals can use it to
keep remote Websites from tracking them and their family members. They
can also use it to connect to resources such as news sites or instant
messaging services that are blocked by their local Internet service
providers (ISPs).

Changes:
This release fixes some memory bloating, disables threads on Solaris, and
includes some important security fixes for Win32.

Release focus: Minor security fixes
License: BSD License (revised)
Project URL: http://freshmeat.net/projects/tor/

Homepage: http://tor.eff.org"

Regards
Gordon

 

[elaich]

"Tor 0.1.0.9-rc Testing - An anonymous Internet communication system.

I tried it. I can't see using it for everyday browsing. It REALLY slows
down your browsing on dialup. Might be OK for broadband.

After firing it up along with Privoxy, my IP appeared to be in Japan. I can
see uses for it, but the browsing I do doesn't require any such masking.

 

[Chrissy Cruiser]

Thanks for your feedback. Just in case I missed something, you use
stunnel+privoxy+tor to access secured websites (online bank, etc)
too or do you use "direct (unproxied) stream" for such accesses?

I have yet to implement Stunnel because even though I have dloaded the
binaries, I haven't a clue what to do with them LOL. WTS, I have seen
Tor/Privoxy/Stunnel accessing https sites on other machines with no
problems.

 

[Chrissy Cruiser]

http://www.no2id.net/content/flash02.html

Got active X turned off...what is this?

Say No To National ID Cards

 

[Ben Wylie]

I tried it. I can't see using it for everyday browsing. It REALLY
slows down your browsing on dialup. Might be OK for broadband.

After firing it up along with Privoxy, my IP appeared to be in Japan.
I can see uses for it, but the browsing I do doesn't require any such
masking.

It's quite funny, as if you have your home page as http://www.google.com, it
redirects you to your local google determined by your ip address. So one
minute you have google.co.uk then the italian version, then Japanese, Polish
....

 

[Chrissy Cruiser]

Wondering how you got the Trojan. You seem to be pretty security savvy.

I don't know elaich, as you know, I had Kerio running, Avast watching all
mail, WinPatrol, I have sent to Trojan off and am waiting to see what it's
name is.

I installed a Sony DVD drive and I'm thinking it was opened and put back
on shelf and the install CD was infected.

Be careful, Chrissy. The scoffers will be telling you to put your tinfoil
cap on.

I could care less, elaich, they can live in the clouds if they want.

I remember those types ragging on me because I recommend not to use
Outlook Express. Well, guess who had the last laugh? Those very people
were soon begging for info on how to get rid of the Sasser worm they got
previewing infected emails in Outlook Express.

In the next five years, 2 out of 5 people will have their identities
frauded, think of that. This huge increase will most certainly be due to
infected machines that spill their info back to malware developers.

If you have the computer savvies and ignore the obvious, you will have no
one to blame but yourself.

 

[Chrissy Cruiser]

I tried it. I can't see using it for everyday browsing. It REALLY slows
down your browsing on dialup. Might be OK for broadband.

After firing it up along with Privoxy, my IP appeared to be in Japan. I can
see uses for it, but the browsing I do doesn't require any such masking.

It's definitely a broadband app and Squid's caching out to help.

 

[Chrissy Cruiser]

It's quite funny, as if you have your home page as http://www.google.com, it
redirects you to your local google determined by your ip address. So one
minute you have google.co.uk then the italian version, then Japanese, Polish

Yes, and if you don't allow cookies, you get filtering, 10 per page and a
bunch of other crap. The workaround is to save an English version of Google
or Google Groups as a bookmark and go from there.

There a few other glitches, have to weigh the tradeoffs, worth it to me.

 

[elaich]

The workaround is to save an English version of Google
or Google Groups as a bookmark and go from there.

I've been using www.google.dk (Denmark.) No beta there yet.

 

[elaich]

I don't know elaich, as you know, I had Kerio running, Avast watching
all mail, WinPatrol, I have sent to Trojan off and am waiting to see
what it's name is.

Are you using Internet Explorer?

I installed a Sony DVD drive and I'm thinking it was opened and put
back
on shelf and the install CD was infected.

Hmmm. I think install CDs are sealed so nothing else can be written to
them. Might be wrong. I know music CDs are.

 

[tom.cervenka]

check out Anonycat, it's a much better solution for browsing with
dialup, because you can convert all images and multimedia to text. You
can either surf at the main site (http://anonycat.com) or download the
proxy and run it off your own machine. it's open source.

 

[Frank]

I thought that a mini-review might be helpful

Hello,

If you look at the system you are using there is a big problem with it that
i can see. The people at the end of the chain that connect to your
destination site are in danger of being tracked. If they connect to a site
on a command issued by you, even if they go via a proxy server it could
still possibly send the "X-FORWARDED-FOR" header showing the IP number. So
you might in effect get caught for connecting to and/or downloading illegal
material and get yourself into trouble. If you said you were running a
router and it wasn't you, you wouldn't be able to say who it was as everyone
else would be protected!
See what I mean ?
It's a good system in theory, but has major security risks in my opinion,
it's fairly obvious what they are. It's the end user at most risk. Also,
how do you know you're not connecting to sites and having traffic routed for
others? You would be putting yourself at serious risk as it's YOUR IP
number being logged. Try connecting to www.grc.com through your system and
see which IP number it puts up, then use something like traceroute. You
will see the IP number is directly related toa PC and not a proxy in most
cases.
Oh if only people knew!
It's always best to look at a system in a logical way, think about risks and
then try it.

 

[Frank]

Wondering how you got the Trojan. You seem to be pretty security savvy.



Be careful, Chrissy. The scoffers will be telling you to put your tinfoil
cap on.

I remember those types ragging on me because I recommend not to use
Outlook Express. Well, guess who had the last laugh? Those very people
were soon begging for info on how to get rid of the Sasser worm they got
previewing infected emails in Outlook Express.

Hello,

Possibly from allowing a download from a website. Some people will click on
anything in return for free music/porn or whatever else is claimed to be
available. Greed can get the better of them and they will install various
plugins or lower security settings. That's what some of the sites are
designed to do and people are so thick they constantly fall for it.

 

[Aaron]

Hello,

If you look at the system you are using there is a big problem with it
that i can see. The people at the end of the chain that connect to
your destination site are in danger of being tracked. If they connect
to a site on a command issued by you, even if they go via a proxy
server it could still possibly send the "X-FORWARDED-FOR" header
showing the IP number.

Tor certainly doesn't do that. And if the proxy you use has a x-forwarded
for, it certainly isn't an annoymous proxy.

So you might in effect get caught for
connecting to and/or downloading illegal material and get yourself
into trouble. If you said you were running a router and it wasn't
you, you wouldn't be able to say who it was as everyone else would be
protected! See what I mean ?

Not really.

It's a good system in theory, but has major security risks in my
opinion, it's fairly obvious what they are. It's the end user at most
risk. Also, how do you know you're not connecting to sites and having
traffic routed for others? You would be putting yourself at serious
risk as it's YOUR IP number being logged.

Are we taking of running a Tor server? Or using Tor as merely a client? If
the latter there is no such risk.

Try connecting to
www.grc.com through your system and see which IP number it puts up,
.

GRC uses https connection, most? annoymous services proxies drop connection
for such connections for good reasons (you don't want proxies getting info
from your bank connections right?).

Still, a combination of proxomitron (with the right settings to filter
HTTPS connections) + Tor easily fools GRC.

then use something like traceroute. You will see the IP number is
directly related toa PC and not a proxy in most cases

Well I'm not sure if it's possible to run tracert (pinging with decreasing
TTL) over Tor , but if you don't do anything obviously it won't work.

 

[Tomguy]

I tried it. I can't see using it for everyday browsing. It REALLY slows
down your browsing on dialup. Might be OK for broadband.

It can be somewhat slow even on broadband. I use it with Firefox for
surfing the net. I have another tabbed IE based browser (Fastbrowser) I
use for much of my bookmarked webbing.

I have Firefox configured to go through the Tor/Privoxy and Fastbrowser
configured to bypass the proxy.

 

[Chrissy Cruiser]

Are you using Internet Explorer?
FFox.


Hmmm. I think install CDs are sealed so nothing else can be written to
them. Might be wrong. I know music CDs are.

This one was in a paper carrier and was not sealed.