Author Topic: Proxies 101: How to protect your privacy  (Read 23753 times)

Offline Nero

  • Graduate
  • *******
  • Posts: 1,500
  • Merits 51
Re: Proxies 101: How to protect your privacy
« Reply #15 on: November 02, 2008, 04:51:41 PM »
I recommend GPass... :)

I had a look at it, and its Terms of Service say that it should not be used to access pornographic sites.  Also, they heavily imply that it is only free to use in countries where internet access is restricted, like China.

I'm a bit dubious about using a service based in the USA with those Terms of Service!  I would definitely think that UK users should look elsewhere.

Here is a quote from GPass:

"We feel certain totalitarian states have engaged in malicious suppression of their people's online activities, violating their right to information and freedom of speech. So we created GPass to help you reclaim these basic human rights that you are entitled to.  As a user, you should not use GPass to surf pornographic websites, share documents that are copyright protected, violate another person's rights, or otherwise engage in immoral activities."

Now, you may think that the UK is acting like a totalitarian state, but if you've ever read 1984 you may understand the concept of doublethink.  In this instance, the USA will never regard the UK as acting like a totalitarian state, no matter how much it denies liberties to UK residents, because the UK is an ally of the USA and is therefore part of the "Free World" according to the rules of doublethink.  Only the enemies of the USA can be totalitarian states that deny their citizens freedom, you see.   ::)

More importantly, if you use GPass from within the UK to access this site, or any site that contains "pornographic" content then I suggest that you will leave yourself open to prosecution.
« Last Edit: November 02, 2008, 05:00:20 PM by Nero »
Innocence passed me by

Offline RopeFiend

  • Dean
  • Masters Degree
  • ******
  • Posts: 4,512
  • Merits 236
  • only a Dean for tech help
Re: Proxies 101: How to protect your privacy
« Reply #16 on: November 02, 2008, 10:16:56 PM »
Yeah, but unless they're monitoring your USE of their program, it'd be hard for them to be upset what it's being used for.

Consensual ADULT porn should be legal.  The fact that the stinkin' Brit government is banning SOME of it because they feel it's unacceptable for ADULTS to view only proves that they're two-faced pricks.  In that case, I wouldn't feel at all bad about protecting my privacy with GPass, whether they want it used that way or not.  When they start blocking sites like this, then you can switch to one of the other options like Tor (which GPass also uses as an alternate route).

Offline Nero

  • Graduate
  • *******
  • Posts: 1,500
  • Merits 51
Re: Proxies 101: How to protect your privacy
« Reply #17 on: November 03, 2008, 01:25:30 AM »
Yeah, but unless they're monitoring your USE of their program, it'd be hard for them to be upset what it's being used for.

I'm just a bit concerned about how anonymous it actually is - and how quickly they'll start handing over information to the US or UK governments if requested.    They don't give any guarantees about privacy

Innocence passed me by

Offline RopeFiend

  • Dean
  • Masters Degree
  • ******
  • Posts: 4,512
  • Merits 236
  • only a Dean for tech help
Re: Proxies 101: How to protect your privacy
« Reply #18 on: November 03, 2008, 08:04:35 AM »
If they coughed up you info to ANY government for ANY reason, do you think anyone else (worldwide) would ever trust 'em?

They're part of the Internet Freedom Consortium, "Inform, connect, and empower the people in closed societies with information on a free Internet."

As far as I'm concerned, Britain just added themselves to the list.  They may not be AS BAD as China and the Middle East, but they're working on it.  That's what had me incensed about that law in the first place.  They're outlawing LEGAL ACTIONS between consenting adults.  They're as bad as the assholes here in Texass that (until recently) forbade gays, dildos and blowjobs / eatin' pussy.

If Britain throws up a monitoring firewall to block sites, then they're one step closer to China.

Offline pussycrusher
  • Freshman
  • **
  • Posts: 42
  • Merits 5
Re: Proxies 101: How to protect your privacy
« Reply #19 on: January 10, 2009, 11:06:49 PM »
HELP !!!

I am a total noob to this but i was just messing round with that roinsoft page and now i am able to log in here, the first few attempts came up with error and now i am here but my adress bar is red and one side of it says *certificate error* !

is this normal ?

Offline RopeFiend

  • Dean
  • Masters Degree
  • ******
  • Posts: 4,512
  • Merits 236
  • only a Dean for tech help
Re: Proxies 101: How to protect your privacy
« Reply #20 on: January 10, 2009, 11:15:43 PM »
We don't use a server certificate... no 'https' login.  It shouldn't be complaining about that.  Any such certificate would be on the proxy, not us.  If you surf here directly, you shouldn't get that warning.  If you ARE still getting it, then you have a proxy misconfiguration (which can be either simple or ugly to figure out).  In fact, if you TRY to log in here using HTTPS then you'll get a Hosting 404 page, since we're not using the secured protocols.

The simplest application to use is Gpass, http://www.anonym.to/?http://gpass1.com/gpass/

I've tried it, and it's solid.  No dickin' around, it just works.  I've had problems with a lot of the proxies at Rosinstrument when I tried to register at different forums... and that reCAPTCHA we added gives another headache to our friends that want to use them.  It doesn't seem to like MOST of the proxies.


There's also a 'login certificate' on your computer if you're on wireless, based on the encryption method used at the access point.  If that fails, you generally won't get an IP address and you won't be surfing ANYWHERE.  That's buried in the wireless options somewhere, but it'd show up as a Windows error message (on top of everything else on your desktop) and not within a web page warning. 
See this: http://www.it.northwestern.edu/oncampus/wireless/wireless-connections/wireless-win.html
« Last Edit: January 10, 2009, 11:34:27 PM by RopeFiend »

Offline RopeFiend

  • Dean
  • Masters Degree
  • ******
  • Posts: 4,512
  • Merits 236
  • only a Dean for tech help
Re: Proxies 101: How to protect your privacy
« Reply #21 on: January 29, 2009, 06:41:34 PM »
Sorry about takin' so long to come up with a solid answer for you, Pussycrusher!

It looks like I need to expand on this a little more.  Internet Explorer is a piece of shit (keep repeating that mantra to yourself.)

EDIT: I've *heard* that if you list the proxy in the 'trusted zone' then IE won't shit all over itself.  Unconfirmed.


IE7 (and probably IE8 as well) has gotten PISSY about a site's 'security certificate', and won't encrypt the link if it thinks there's any issue with the certificate.  The problem is not with RavishU, it's with a number of proxies.  They don't bother to pay the high dollar for 'trusted certificates'... and we shouldn't care either.  For your bank, yes, for PayPal, yes, for a PROXY???  It's unimportant.  However, the security geniuses at Microsoft have decided for you that it IS important, so they refuse to encrypt the link.

That means those of you that are using IE7 or 8 may NOT encrypted even if you're proxied.  If you don't have the little LOCK icon either down at the bottom-right of the IE window or up next to the address bar, then you're surfing without the benefit of an encrypted proxy.  In that case, your ISP can see where you're surfing.

  IE 'lock' icon showing encrypted / SSL sessions

  Firefox 'lock' icon showing encrypted / SSL sessions

Since I don't have IE7 or IE8 on any of my computers here, I'll copy some info from another site with the same issues.  I can't verify whether it'll help you, though.



Please click on Continue to this website. You will be presented with the red Address Bar and certificate warning:



Click on the Certificate Error button to open the information window. Click on View Certificates.



Then click on Install Certificate. You'll see yet another warning. (Click on the image below.) Click on yes, and IE7 will recognize the certificate at future visits using that proxy.





People, DON'T USE IE.  Firefox doesn't have this issue... if it says HTTPS and you see the lock, you're good.  Firefox is your best choice for surfing the Internet, bar none.  If you're using that diseased old whore from Microsoft (IE) then you're asking for trouble.

This is particularly true with proxies, as a lot of them have expired or 'untrusted' security certificates.  It does NOT mean that they're bad sites, merely that they don't wanna mess with it.  They're providing a service for free, so you can't bitch.


To recap: if you don't see the LOCK icon, then all of your surfing is out in the clear.  Check occasionally.  The lock is only valid for the window or tab that you're using SSL (Secured Socket Layer) with... an HTTPS to a proxy.  If you open up a new tab or window, it's unsecure until you surf to a safe proxy / portal.  Using a web-based proxy (like the one at RosInstrument... http://tools.rosinstrument.com/cgi-proxy.htm) only protects THAT ONE WINDOW OR TAB.  Your ISP and nosy government can still track what you do in unsecured tabs or windows.

All you have to worry about is that the link between you and the proxy is secured (encrypted), and that the proxy is OUTSIDE OF YOUR COUNTRY.  Folks in the UK should probably use German (DE) or US proxies, as they'll be the quickest link between you and us.  If you're surfing to a site elsewhere around the planet, then I'd suggest a German proxy (DE - Deutschland).  Rapeboard's server is in Moscow for instance, so you'd surf there faster with a German proxy.



One good thing about using the web-based secured proxies: Both Firefox and IE (and likely all other browsers) will NOT cache the pages in memory.  That means when you're done, the cache history is automatically cleared.  That's a handy feature, and saves you having to delete the worthless cache files later.  I've found in the past that even when you tell IE to clear the cache AND IT SAYS IT DID, that it doesn't always clear it.  Fuckin' wonderful.  ANOTHER reason to use Firefox.

So, today's lesson is: USE FIREFOX if IE gives you any shit.  You don't need to take crap from a freakin' browser.
« Last Edit: February 01, 2009, 09:03:30 PM by RopeFiend »

Offline RopeFiend

  • Dean
  • Masters Degree
  • ******
  • Posts: 4,512
  • Merits 236
  • only a Dean for tech help
Re: Proxies 101: How to protect your privacy
« Reply #22 on: February 01, 2009, 09:02:03 PM »
I'm a tech-head and may be confusing some of you.  Here's an informative post that Emily from a post found on "Our Paradise Island" that may explain it better than I generally do:

Hide IP Next Generation
Most of the apps that hide you IP really only hide it from you. Even in the old days, you couldn't 'spoof' your IP address, no matter how great a hacker you were. Why? Because the server (which has pages that you load) has to send the packets (binary information) somewhere or you wont see the page loading or any pages at all. If you give a fake IP address, then nothing is going to load in your browser cause the server is sending its packets to the fake IP address and not your True IP address. So, how can you accomplish hiding you IP or what is known as anonymous web surfing? Well, it depends on who you are trying to fool.

Remember, the packets have to have somewhere to go, some browser to load. You can send the packets to your True IP or you can use what is called a Proxy Server, that is, a server that will go to the site instead of you, and relay the packets to your true IP address, so the pages will load. But there are different types of proxy servers. An understanding of what kind of proxy servers are available and what they do will better help you understand if you are truly surfing anonymous. There are 3 different classes of proxy servers in cyber space.

1) Transparant Proxy: In cyber space, shaking hands is done quite a bit. Especially when one server meets another. The first thing done is hand shaking. And a transparent proxy will shake hands with the server and say basically, "Hello, I'm a proxy server for WhiteKnight, his ISP is Metrocast and his IP address is 123.456.789.000." Plus other details are revealed, like what browser you are using (tells the server how to display the page) what operating system is being used, not everyone uses Windows, BTW. And other details are always given out. The advantage of an Invisible proxy server is that most of the time they are fast and wont slow down your surfing. The huge disadvantage is that you are hiding nothing and can fool really no one. A Transparent proxy tells all and shows all. Why would someone use one? Well they are fast and they probably don't know the difference between proxy servers

2) Next in the list is called Anonymous proxy servers. Like the others they shake hands with the server and merely say, "Hello, I'm a proxy server." and that is about it. An anonymous proxy wont tell the server who it is a proxy for or what the True IP address is (but SySAdmins have tools at their disposal to find out just about anything on your machine, depending on how ethical the SysAdmin is). Ever heard of web bugs and web worms? I will discuss what an Administrator can do later, but now, let us continue with the last class of Proxy servers.

3) 3ed is called High Anonymous (and sometimes called elite anonymous, but be careful here, sometime an elite could be a cross between a High Anon and an Anonymous. Using the examples above, all a High Anon will do with a server is shake hands. It won't tell the server that it is a proxy and it wont reveal to the server your True IP address. Just shaking hands is all your browser does when it tries to load a page on a server. So, in effect, a High Anonymous server acts more like a regular IE or Firefox browser than a proxy. It is a true attempt at fooling the serve about the IP address and who is loading the pages on that server.

Enter stage left: Software like Hide IP Next Generation. The most important thing that piece of software can do is find proxy servers for you and test them to see if 1) if they are still active and 2) how fast they are. A transparent proxy will zip, quick like a bunny, from site to site, cause it isn't trying to hide anything from the server. Anonymous servers are slower, cause most servers have security protocol in place that will question an Anonymous server on things like, well, if you are proxy, then who are your serving? In the Knights opinion, I haven't found a Hide IP program that is worth its salt.

Sure they can find proxy's for you, but they have a hard time testing them. Most Anonymous Surfing software can rarely find High Anon proxy's that aren't slower than granny going upstairs with a broken legs. The ones that they do find is put into the rotation, and there is no way of testing them, if they die and are no longer working (so you could be waiting for a week and a half (over stated, but most will know what I mean) for a page to load). When you do find a good working High Anon proxy, you will find that just about everyone else has found it as well. The Knight can't tell you the number of time he has found a simi-fast High Anon proxy and went to RapidShare to download a file (trying to get by the time limitations) only to have RapidShare say that the IP address is already in use.

With the years that the Knight has had in computer security, he can tell you that there is absolutely nothing you can do on a computer that can't be traced right back to the chair you are sitting in while you do it. All servers keep logs, even the proxy servers. Some bend to government demands while other wont. But in the end, it is he surfer who is taking the chance. Just ask Peter Townsend of The Who about Kiddie Porn and how they busted him.

Now, let us talk about who is fooling who, when it comes to proxy servers. In the old days, they didn't have codes like JAVA. JAVA is a sweet code and it has advanced the web, web deployment and web interaction farther than any other codes. Most SysAdmins use JAVA and they wont let you load their pages unless you have JAVA enabled. Why? Cause they wont have to take your IP address from some stinking proxy, they can take it right off your machine, so proxy away, if you think it will make any difference. Web bugs and web worms are products of JAVA script and can be employed and deployed in a variety of ways. Most are used for security reason, but whose security are we talking about, hmm? All of use have seen what is known as 'mouse traps' on web pages, yes?

A 'mouse trap' is where the page makers disable functions of your mouse, like right click will be disabled, or there is no 'back button' on the page. But all this can be filtered away, if you know how. If you want to surf as anonymous as you can these days. Plus, if you want to filter out all the codes that disable you from doing and using all the functions of your mouse,and fool a webmaster the best you can now-a-day, then get and learn how to use Proxomitron
Code:

http://homepage.usask.ca/~ijm451/prox/

It is the best web filter the Knight has found out in cyber space. It has a feature that will allow you to test proxy servers not only to see how fast they are, but if they are truly high anon.

But just remember what has already been said: there's nothing you can do on the net that can't be traced back to you. A lot of it will depend on how hard they want to try and trace you. Mostly, law enforcement will gather low hanging fruit before they go after someone savvy enough to employ a web filter that will send the investigators all over hell and half the known world.

Offline beth84

  • Senior
  • *****
  • Posts: 448
  • Merits 28
Re: Proxies 101: How to protect your privacy
« Reply #23 on: February 05, 2009, 02:28:39 PM »
ok, I have a question.

I've kinda been wondering about what this harsh UK law about extreme porn and tighter restrictions means for little old me   ::):

I did ask advice about a proxy server but I was reading over this post and I noticed that AOL users don't have to worry as much.  I just wanted to check if this is true cos I do all my surfing through AOL, don't use Internet Explorer so should I be ok?

Offline RopeFiend

  • Dean
  • Masters Degree
  • ******
  • Posts: 4,512
  • Merits 236
  • only a Dean for tech help
Re: Proxies 101: How to protect your privacy
« Reply #24 on: February 05, 2009, 09:52:31 PM »
EVERYONE on AOL is running behind a proxy... websites cannot see your real IP address if you're coming in via AOL. 

I wasn't aware that AOL had a presence in the UK... ya learn something every day!  Beth, your IP resolves to cache-yyy-xxxx.proxy.aol.com   The yyy was 3 letters, maybe a city or area code, and the xxxx was a mix of letters and numbers, which MAY identify you to AOL... those 4 digits alone could describe up to 1.67 million different people; the 3 digit 'city' or 'location' part can describe 17,000 areas, with 1.67million unique people per area.  It's a random number to us folks here out on the 'net, but I'm certain it means something to AOL.

AOL may very well cough up any access logs to the government.  Here in the US, it takes a court order, and can ONLY be on the 'person of interest'.  The cops / government / thought police here in the US can't ask for 'every access for this day' or 'every access to THIS set of websites... they're not allowed to go hunting for potential wrong-doers.  I know privacy laws are different in other countries, and I don't know at all how it works there in the UK.  I *do* know that Finland has very lax privacy laws, and will cough up EVERYTHING that the government asks for (check the wiki on the anon.penet.fi remailer debacle 15 years ago.)

I'm not sure how secure you are if you're doing chat or e-mail, however.  E-mail almost always includes the sender's IP address, unless you're careful and only use a web-based client (which AOL's proxy would spoof).  Chat or IM is a whole different protocol, and don't know zip about whether it also runs through their NAT / proxy.  I would automatically assume not, but that's 'cos I'm paranoid.  If you have a friend that's NOT on AOL that you know well, try the trick to see if you can make your IM / chat client puke up the IP address (send a picture or file and look at the connection log).

Until it's settled one way or the other, I'd suggest adding another SECURE proxy in Germany... it can't hurt.  It'll only slow you down a small amount, and will hide everything that AOL is seeing now (where you surf, how long you're there and what you look at.)  Due to the number of customers, I don't know how long (or IF) they keep the access logs.  With such a high volume of traffic, they may only turn the logs on WHEN ORDERED TO BY THE COURTS / GOVERNMENT.  It's a shitload of data to keep around... it'd cost them literally tens to hundreds of thousands of dollars per day to add another day's worth of logs.

Here's an open call if we have any members that are lawyers there in the UK: what are UK privacy laws like?  Does this new 'anti-violence' law compromise existing privacy laws?

Offline Nero

  • Graduate
  • *******
  • Posts: 1,500
  • Merits 51
Re: Proxies 101: How to protect your privacy
« Reply #25 on: February 06, 2009, 05:14:55 PM »
Here's an open call if we have any members that are lawyers there in the UK: what are UK privacy laws like?  Does this new 'anti-violence' law compromise existing privacy laws?

Not a lawyer, but do know my stuff.   The UK has NO privacy laws.  None at all.  However, the European Union does have such laws and they do apply to the UK.   Various UK citizens have already successfully won lawsuits regarding privacy breaches - see this story as it does directly relate to BDSM: 

http://www.guardian.co.uk/media/2008/jul/24/mosley.newsoftheworld

The UK has similar principles to the US when it comes to requesting access to privately held information (or private property).  A warrant would need to be obtained, and this warrant would have to specify a particular person (a "person of interest", as you put it) as the subject of the warrant.  The police couldn't just go on a "fishing expedition" and trawl through server logs looking for access to "violent" websites.   The only exception to this would be when the server logs belong to the website itself.   If the cops found a website that contained kiddy porn (for example) than they would undoubtedly look at the server logs for that site to see who had been accessing the site.   They could do this on the grounds that there was prima facie evidence that a crime had been committed and that anyone who had accessed the site was potentially a suspect.

As far as ISPs are concerned, from what I can see from the European privacy laws, if all the access logs were requested then any information identifying individuals would have to be erased.   In any case, ISPs are NOT required to keep access logs for ever.

However, when Pete Townshend was busted, wasn't he traced through his credit card details rather than his IP address?   It's much easier to prove intent when someone has paid for a service, as opposed to just accessing a site.  Site accesses might not prove much, unless you could show that the person had downloaded and kept offending material.   Under UK law, the authorities would have to prove not only that you had accessed ravishu.com but that you had also downloaded and possessed violent material.  I don't think that just visiting this site would be an offense.

In any case, I suspect that unless the UK authorities know about ravishu.com then there is no way that they can know that UK citizens are visiting this site.   

Finally, to answer Ropefiend's question - the new anti-violence laws don't allow UK authorities to bypass existing laws.    I suspect that prosecutions under this law will most likely occur when someone sends in their computer for service and violent porn is discovered on the hard drive.  This is not necessarily a breach of privacy - if the service department were only doing their job.   
« Last Edit: February 06, 2009, 05:22:08 PM by Nero »
Innocence passed me by

Offline RopeFiend

  • Dean
  • Masters Degree
  • ******
  • Posts: 4,512
  • Merits 236
  • only a Dean for tech help
Re: Proxies 101: How to protect your privacy
« Reply #26 on: February 06, 2009, 07:59:52 PM »
If anyone cares, OUR server is in the US, under US privacy laws.  If you're outside of the US, we will cheerfully ignore any fishing expeditions OR subpoenas for access details for our foreign members.   :angel:  Push come to shove, we back up the forum database every evening, and I'll wipe the server before I'll hand the access details out to ANY foreign power, 'friendly' or not.

Offline Lois

  • Dean
  • Masters Degree
  • ******
  • Posts: 13,438
  • Merits 364
Re: Proxies 101: How to protect your privacy
« Reply #27 on: February 07, 2009, 02:50:58 AM »
I'll back RF 100%.  We can police our own here.
So much oppression in our culture is based on shame about sex: the oppression of women, of cultural minorities, oppression in the name of the (presumably asexual) family, oppression of sexual minorities. We are all oppressed. We have all been taught, one way or another, that our desires, our bodies, our sexualities, are shameful. What better way to defeat oppression than to get together in communities and celebrate the wonders of sex?
The Ethical Slut: A Guide to Infinite Sexual Possibilities

Offline Nero

  • Graduate
  • *******
  • Posts: 1,500
  • Merits 51
Re: Proxies 101: How to protect your privacy
« Reply #28 on: February 07, 2009, 05:07:13 AM »
Well, yeah.  That's what I was thinking.   :D

I knew you guys wouldn't play ball with those UK cops

 :emot_101010.gif:
Innocence passed me by

Offline RopeFiend

  • Dean
  • Masters Degree
  • ******
  • Posts: 4,512
  • Merits 236
  • only a Dean for tech help
Re: Proxies 101: How to protect your privacy
« Reply #29 on: February 07, 2009, 08:12:55 PM »
Info-share with the repressive Brit government?  HELL no!  As far as I'm concerned, NO government has the right to regulate what you do in the bedroom between consenting adults OR what you fantasize about.  If I were in the UK at the moment, I'd be seriously thinking about violent overthrow of the government.  Fuckin' tools telling me *I* shouldn't get off on InquisitionLive would get a refresher lesson on how they got their ass handed to 'em 200 years ago.

And since we're housed in Texas at the moment, that local attitude of "Fuck y'all!" comes into play.  They're a real strange bunch out here, and don't play well with others.  The cops here would tell the Brit government the same thing that WE at RavishU would... go piss up a rope!  Texas is a rowdier bunch than normal Americans; hangin' ain't outta line for our public SERVANTS if they get all uppity.

Parliament should NEVER have come down on law-abiding citizens AND their legal fantasies merely because of ONE FUCKING NUT.  You put the nut in jail or a straight-jacket, and get on with life.  That whole attitude that ONE LOONIE means the whole damned BDSM community is on the verge of running out and turning violent DUE TO FANTASIES purely boggles my mind.  And it flies ass-backwards in the face of established trends: easier access to 'rough porn' has resulted in FEWER violent assaults.  By restricting it, they'll be CAUSING the very thing they're trying to limit.  America tried that (briefly) with Prohibition, and look how well we did with THAT debacle: we *created* the need for a Mafia / organized crime to supply what the 'decent' people wanted.  90 years later, Prohibition is a dim memory, but we STILL have the organized crime.