Damaged Justice <frogfarm@yakko.cs.wmich.edu> writes:
From: jmccorm@galstar.com (Josh McCormick) Newsgroups: comp.infosystems.www.misc,alt.anonymous,comp.infosystems.www.brow Subject: NOT ALWAYS ANONYMOUS: "www.anonymizer.com" Date: 9 Feb 1997 19:25:46 GMT Lines: 43 Message-ID: <5dl8bq$6h3@mercury.galstar.com>
THE CLAIM:
Our "anonymizer" service allows you to surf the web without revealing any personal information.
THE PROBLEM:
If you access The Anonymizer through a proxy server, it may add a variable, such as "HTTP_FORWARDED", that The Anonymizer does not filter out, revealing your true identity.
THE DATA:
Below is a printout of the variables from an "anonymous" session done through The Anonymizer when accessed through the Squid proxy server.
REMOTE_HOST=darkmatter.infonex.com REMOTE_ADDR=206.170.114.24 HTTP_USER_AGENT=Mozilla/3.01 (via THE ANONYMIZER!) HTTP_HOST=sol.infonex.com:8080 HTTP_FORWARDED=by http://galaxy.galstar.com:3128/ (Squid/1.0.20) for 204.251. HTTP_PRAGMA=no-cache HTTP_PROXY_CONNECTION=Keep-Alive
THE RESULT:
A CGI script could see that you were using The Anonymizer to hide yourself, but your true IP address is revealed in the "HTTP_FORWARDED" string.
THE SUMMARY:
Beware using an anonymous browsing service if you are going through a proxy server. Until they remove the information provided by proxy servers, using their service isn't as anonymous as they say.
THE QUOTE:
(from The Anonymizer home page) "Many people surf the web under the illusion that their actions are private and anonymous. Unfortunately, it isn't so."
===================================================================== == Josh McCormick Galaxy Star Systems == == jmccorm@galstar.com Providing Quality Internet Access == == Systems Administrator WWW: http://www.galstar.com/~jmccorm == =====================================================================
-- http://yakko.cs.wmich.edu/~frogfarm/ ...for the best in unapproved informati "Would I had phrases that are not known, utterances that are strange, in new language that has not been used, free from repetition, not an utterance whic has grown stale, which men of old have spoken." - inscribed on Egyptian tom
Isn't this "anonymizer" run by Sameer Parekh and his C2Net? It figures... --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps