Do you try to keep anonymous when surfing the net?

[The Mechanic]

Well, my reason for the question had little to do with proxies or proxy sites, and more to do with being untrackable when surfing the net. It was my lack of understanding that led me to think using proxy sites was a way to keep you anonymous. Now I'm really confused

Don't be confused. I just thought it was a little confusing for people to read a topic in which people give answers to questions that haven't been asked. Changing the topic title was a good idea, it now states more clearly what the topic is about.

Or, if I run an open proxy or tor router at home, why would I put up with the slowing down of my internet connection due to people using my proxy or tor router? People I don't even know?

I totally agree with you that there are evil guys who setup proxies just to sniff the traffic , but thats rare if you know what you are looking for. But to answer your question , its simple , theses proxies are basicaly misconfigured.

Well, I don't agree with you here. I don't know if it's rare or not, and I think it cannot be known because those people keep their activities hidden. They wouldn't be openly telling they're secretly sniffing traffic. Also, how to know what your looking for?

 

[D69]

Well, I don't agree with you here. I don't know if it's rare or not, and I think it cannot be known because those people keep their activities hidden. They wouldn't be openly telling they're secretly sniffing traffic. Also, how to know what your looking for?

True that they are keeping their activities hidden , and I also agree that they will not tell that they are sniffing but when you know surrounding infrastructure and when you know which proxy with which software and its version is installed on a node , then you can easily say which one is a definite honey pot and which one is someones misconfigured proxy so it accepts data from outside network (internet) which in turn allows you to bounce to another node.
They are as good as we are , the only difference is that they have more toys ;)

How do you know what to look for ? Learn learn and one more time learn how it all works , same principle as with everything else. With time you will easily spot on which rock not to sit. I cannot answer that in one sentence since it took me years to gather enough knowledge and its only a small part of what remains to learn - and I am talking about IT only , not mentioning rest of classes that we have to attend to.
Of course that they could apply a BGP (border gateway protocol) attack for instance and reroute all traffic that goes from Brasil and then sniff it (maybe they are doing it right now) but like I said when you know where to hide and how to do it , it can be done.

Problem is that no matter how hard you try there is also a probability of 4D influence and I cannot tell and probably will never tell while in 3D what they know and what they are able to know. Thats why, IMO we as 3D creatures, can only fool other 3D creatures , that is that far as we can go at the moment. So as long as we are in 3D , we are able with little effort, do pretty much everything to counter those 3D guys that are on the other side of the bridge or at least make it very hard for them to get you.

If you need any good sources of IT stuff , let me know , I`ll point you to a right direction.
Also note that all above can be wrong if someone proves it , I am not infallible but thats just common sense plus experience that I gathered for past few years.

 

[Al Today]

I've been doing software over 30 years. My view is that there is no privacy. If someone/something wants to target you, you will have pretty much no protection.

It's like how do you stop someone from stealing a car? My answer is don't own a car.

 

[D69]

Yup , thats why I wrote to run bootable linux on usb stick from a wifi , get an info you need and shutdown a machine , that is pretty much like having a bike , cold and hard to run but it will get to your destination ;)

 

[anart]

I've been doing software over 30 years. My view is that there is no privacy.

Exactly. You have no net privacy - none - zilch. If you think you do, you just haven't looked deeply enough. With that said, it does make sense to make things a little more difficult for the small fish - have protection, run scans, use script blockers, all that common sense stuff.

No need to make it easy for the small guys to do damage to you and you can't stop the large guys if you tried.

 

[Ellipse]

I think, the most effective, would be, perhaps, to overflow the system with false data ie, for example, doing automatically semi-random requests into Google. Once, I saw an extension to do this but it seem dead.

However, a such solution seem STS to me due to resources waste.

 

[The Mechanic]

among other things i use
_http://www.optimizegoogle.com/
(addon for firefox)

it has the option to "anonymize the google cookie UID" which prevents google from building a cohesive profile of you.

and it has "don't send any cookies to google analytics" which is also something i find useful.

Thanks for the tip, I'll check it out.

 

[The Mechanic]

but when you know surrounding infrastructure and when you know which proxy with which software and its version is installed on a node , then you can easily say which one is a definite honey pot and which one is someones misconfigured proxy so it accepts data from outside network (internet)

And there lies the problem. Security on the net is all about trust. Do you trust the system when it tells you it's running proxy X, version Y? Seriously I can make my machine tell you anything I want you to hear... Think about that.

I've been doing software over 30 years. My view is that there is no privacy.

Exactly. You have no net privacy - none - zilch. If you think you do, you just haven't looked deeply enough. With that said, it does make sense to make things a little more difficult for the small fish - have protection, run scans, use script blockers, all that common sense stuff.

No need to make it easy for the small guys to do damage to you and you can't stop the large guys if you tried.

Exactly. Can't add anything to that.

 

[D69]

And there lies the problem. Security on the net is all about trust. Do you trust the system when it tells you it's running proxy X, version Y? Seriously I can make my machine tell you anything I want you to hear... Think about that.

Believe me I know that very well , I do not have to think about it again , seriously , and please do not take it as an offense , I just know what I am saying , problem is that its hard for me to explain , both in English and technical terms
I think we should name the problem - privacy , actually this word does not make sense since we are a community and since its like you said , it is all about trust , without trust there would be no network in a first place. This forum is a perfect example of some sort of trust. But this does not mean that single person cannot hide in a network traffic IF that person knows how to. IMO all of us in 3D we are limited equally , so is the other side of the bridge.
So we are not talking about privacy , we are talking about staying anonymous to some extent - and this is achievable, hard but achievable.
Computers and network is not some sort of voodoo , if you know how it works , there is no magic in it.

 

[tridean]

Thanks all.

I learned a couple of things.

There is no privacy on the internet.

That most important part of the work is work on oneself, and worry less of the outside world (which included the internet)

:)

 

[Guardian]

There is no privacy on the internet.

Unfortunately, I don't think we have much left in the way of privacy off the internet either :(

 

[doublea1535]

There are degrees to privacy and security. That's what Network Security comes down to, implementing the level of security required by the organization. The only secure computer is one that is not connected to a network and that no one uses. But then you have 100% security and 0% accessibility. So the goal of IT security departments is to implement the happy medium between "secure enough" and "accessible enough". There is some point at which further security measures provide little to no benefit, although this can be hard to quantify. I agree that you could never be completely private or completely secure, even a highly-trained IT security specialist with a very paranoid bent would not be able to make his network or computer 100% hacker-proof. And even if he could, if 4D STS is the worry, then they would just find another avenue to attack you on. His "perfect" security would be completely useless if 4D STS decided to attack him through another computer or network beyond his control (say his bank for example) or if they decided on a non-computer related attack.

For privacy concerns, I do take some measures to protect myself.

• Don't use Facebook, MySpace, or other sites where you real name and/or picture are involved.
• Don't put your picture online, and certainly not attached to your name in any way.
• Use different account names for different sites.
• Be careful what petitions you sign online, and don't leave comments using your real name.
• Use Scroogle (https://ssl.scroogle.org) instead of Google
• Don't use external email systems for anything important. Hard for many people to do, but I would definitely avoid Gmail

Others had good tips on blocking Google statistics and cookies. The big concern I have is protecting myself from some random Internet troll who I may happen to piss off. Those are just my thoughts, as someone who works in computer networking.

 

[rognaill]

Interesting replies on this thread and I thought I would add one.

One thing to keep in mind but didn't see mentioned is the carrier layer. All Internet access is via a carrier that regardless of how your host (computer) is configured for proxy access your packets still run through thier equipment before leaving thier network. If you do searches on the NSA/ATT (and just about every other carrier) headlines from a year or two ago, you might see what the fuss was about, as carrier level access to snooping agencies renders all privacy measures useless. Your IP for you home modem is certainly tracked back to you or whomever is paying the bill, and there is no such thing as 'free' IP's in the world. Your traffic still has to go through their gear to get to your proxy, and it is very readable to them. The most secure network config I can think of for home users is to run your traffic through VPN's to the servers you are wanting access to, but also the least practical.

If you use your neighbors connection, that is a very STS thing to do as anything that you may do that triggers 'interesting traffic' only brings consternation to someone else at thier expense for your actions.

But being that China and other countries still classify the Internet as a weapons platform, it is worth noting that there are no rules and special relationships exist with all carries and worri-some agencies.

Stepping up the layers however, security measures against garden variety hackers and malware is very sensible. Some things I have taken notice of is the 'mesh' concept of 'social networks' which mostly hinges on cookies. Websites are starting to scan and read other site's cookies (either with permission or without permission) which thus makes it a good idea to have few of them on your machine as possible. Clearing after browsing is a good simple measure that thwarts your site browsing history from being shared.

Malwarebytes is a good suggestion Scott, I have used it in commercial environments (which are running network wide anti-virus) for a while now with great success. And the free version gets off what the paid version does, for how much longer though who knows. Lots of anti-virus solutions exist, I recommend TrendMicro's commercial solutions (not free though but not expensive either for a couple of machines) for the AV layer.

Having a router with firewall is now so cheap that it doesn't make any sense for home users to not have one. I cringe when I see/hear someone having thier machines plugged directly into the modem, as this makes no packet level deterrance for even the simplest of attacks. My advice to those that wish to learn more about the Internet and how it works, would be to buy some used Cisco hardware locally or off auction sites or if a spare PC is available, try your hand at Vyatta which is a very Cisco like operating system that can run on very minimal hardware.

I am surprised at the amount of automated attacks aimed at IP blocks for residential carriers but then again, it is these machines that are the least protected and plenty of them plus the IP ranges are easy found out. For techies that like to play, there are a alot of os Intrusion Detection/Prevention Systems projects out there that again, an old spare box can be used with minimal hardware requirements (other than multiple NIC's).

There is a long list of things that one can do of course, just depends on how deep the rabbit hole you wish to venture. Do take others mentioning that there is no such thing as privacy on a network, it wasn't designed that way.

And a side note to those that are interested in these things and take the time to learn them, you will aquire working knowledge of a very in demand and decently paid career.

Cheers!