At 0:30 5/5/96, Lou Poppler wrote:
On Fri, 26 Apr 1996 19:13:06 -0400 (EDT), Black Unicorn <unicorn@schloss.li> wrote: } } Has anyone developed such a beast yet?
I know of two anonymizing web proxies. See: http://hplyot.obspm.fr:6661/ and: http://anonymizer.cs.cmu.edu:8080/
I think both sites offer source for what they are doing. I've used the Observatory de Paris site a few times as http_proxy. Last I checked, the Carnegie-Mellon site only serves requests from *.cmu.edu clients.
Of course these sites are in an ideal position to log their user's every move. With so many users making all their http requests through a single site, the commercial value of the information that could be gained by logging traffic at the site is tremendous. Only when a network of anonymizing sites is connected through something like PipeNet and the users are either PipeNet nodes themselves, or at least randomly use various PipeNet nodes for their http connections, does the security of the user increase. With only one hop, IMHO, the potential risk outweighs the potential benefit. I'd advise against using such single-hop http anonymizers. YMMV. Disclaimer: My opinions are my own, not those of my employer. -- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred.
-----BEGIN PGP SIGNED MESSAGE----- On Sun, 5 May 1996, Lucky Green wrote:
Of course these sites are in an ideal position to log their user's every move. With so many users making all their http requests through a single site, the commercial value of the information that could be gained by logging traffic at the site is tremendous.
Only when a network of anonymizing sites is connected through something like PipeNet and the users are either PipeNet nodes themselves, or at least randomly use various PipeNet nodes for their http connections, does the security of the user increase.
With only one hop, IMHO, the potential risk outweighs the potential benefit. I'd advise against using such single-hop http anonymizers. YMMV.
The same is also true for cpunk and penet-style remailers that do not use encryption. You always have to trust remailer operators regardless of whether encryption is used or not. The situation will become much better when there is some way to chain proxies and encrypt to each individual proxy. If the operator of a proxy is more trustworthy than the operators of any sites you visit using the proxy, then you have nothing to lose. - -- Mark =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= markm@voicenet.com | finger -l for PGP key 0xf9b22ba5 http://www.voicenet.com/~markm/ | bd24d08e3cbb53472054fa56002258d5 "The concept of normalcy is just a conspiracy of the majority" -me -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQCVAwUBMYz1ZLZc+sv5siulAQEgXgQAhuCV9a++OqPl/eyjlF2oPusD8284meQw tnoBp5sNZBISxjeqS1IXSyJjXmkFavwGTBzvKIoLVEirgU+wMtvpLXHQQxTsy9GA vjRE2Zu11U0dhiOhHKCQ6mLIv54Rxm6lm7o7zgBvj/cMEJ5FdCoLmmayqPAfBmbg XfTuNc+VhHM= =Ru/5 -----END PGP SIGNATURE-----
On Sun, 5 May 1996, Lucky Green wrote:
At 0:30 5/5/96, Lou Poppler wrote:
On Fri, 26 Apr 1996 19:13:06 -0400 (EDT), Black Unicorn <unicorn@schloss.li> wrote: } } Has anyone developed such a beast yet?
Here's a simple one in 3 lines of perl. It only supports HTTP GET, and it ignores all of the MIME headers on the original request. It requires the LWP perl module, but the RSA code requires dc, so I guess it's fair :) #!/usr/bin/perl5 --# HTTP proxy, GET/http only; usage: 'lwp-proxy <port>' use LWP::Simple;sub w{wait;}$SIG{'CHLD'}='w';$SIG{'CLD'}='w';socket(S,2,1,6); bind(S,pack(Sna4x8,2,$ARGV[0]));listen(S,5);while(1){accept(N,S);if(!fork){ open(STDERR,">&N");chop($r=<N>);$r=~s/^GET //i;select(N);getprint($r);exit;}}
site, the commercial value of the information that could be gained by logging traffic at the site is tremendous.
The commercial value of being honest is greater. -- Sameer Parekh Voice: 510-601-9777x3 Community ConneXion, Inc. FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.net/ (or login as "guest") sameer@c2.net
participants (4)
-
Dan McGuirk -
Mark M. -
sameer -
shamrock@netcom.com