How not to be seen (Re: RIAA Safeweb Proxy ID)

Trei, Peter ptrei at rsasecurity.com
Mon Oct 15 08:10:16 PDT 2001


> Morlock Elloi[SMTP:morlockelloi at yahoo.com] wrote:
> 
> 
> > This is totally off-topic, but consider this: the way that a Proxy 
> > cache works (not just Squid, any cache) is that it stores all of the 
> > requested objects (web pages and files, in this case) on a series of 
> > local servers. Then, when a user requests them, it serves them off of 
> 
> It boggles one's mind - the idea that data will _not_ be collected just
> because
> someone says so. Using any concentration point to "anonymize" http access
> is
> like frequenting the facility marked "SAFE PLACE FOR DRUG DEALING" in huge
> red
> letters to cater for one's need for untaxed molecules.
> 
> At best it can shield from naive end users - unless they get pissed like
> JYA.
> 
The implied asumption above, of course, is that Safeweb narcs to their
investor, the
CIA, and so on to the US Government.

Actually, depending on your threat model, Safeweb can provide a very useful
service.

One of the things a Safeweb proxy does is SSL all your traffic between your
browser
and Safeweb. Even URLs are encrypted. The upshot of this is that if your
worry is not
a TLA, but rather, a snoopy employer watching the firewall to see who visits

monster.com, safeweb provides a good shield. If you're asked why you use it,
you 
can point out that it allows you to research competitors without tipping
them off. 

[For those curious, I've just survived the current round of layoffs at RSA.
I'm curious
as to whether other RSA employees on the list have (you know who you are).

Peter Trei





More information about the cypherpunks-legacy mailing list