Just wondering who here uses a proxy, and if you do which one. Been using online-browser for a while but it seems to hamper the operation of certain aspects of sites. I'm assuming that a 'proper' one won't do that. Want to start a diary but I'm not happy about doing it unprotected.

Do you mean a web proxy ?

no

come and get me

Sorry, been away working. But yes, afaik with my limited understanding of these things, that's what I mean. Specifically a system whereby your internet use is less traceable. In Firefox prefs>advanced>network>connection-settings button.


Or am I worrying about nothing? From the lack of response (and dlt's reply) I take it I am.

I use a proxy, but it's one that's running on one of my boxes - I use BFilter which is great at stripping out ads and banners etc. from websites. It's great in that it allows you to have the functionality of Firefox's excellent AdBlock Plus addon but with any browser you want to use like Chrome/Chromium or Opera. You can import the AdBlock filter lists into it as well if you want.

As for using external web proxies - ¿how can you be sure that you can trust whoever's running it - how do you know that they can be trusted with all the usernames and passwords (which many people use the same ones for many things) which are sent often in cleartext?

Things like TOR can be good tools, used properly, for *anonymity* which isn't the same thing as *privacy*.

damn it, I'm already confused! I don't even get what BFilter does. In what way is different to just using the adblock Firefox filter.

When you say 'Things like TOR can be good tools, used properly, for *anonymity* which isn't the same thing as *privacy*' what do you mean by that (sorry if I'm being dense). Does that mean that it will stop a site being able to trace you, but not stop someone monitoring your internet connection from seeing what site you visit? So if a site like this was somehow compromised by LEO it would stop them being able to trace users, but it would not help if you are being specifically monitored by LEO at your point of access.

As you can probably tell, I know very little about how the internet actually works, even though I work in a relatively technical role using computers as an integral part of my job.

Basically I want to minimise the possibility of my activity on here coming back to bite me in the ass.

if you use a proxy, your isp sees you connecting to your proxy, but not where you go aftr that. but, if you're using a proxy to hide your browsing, you are not hiding it from whoever runs that proxy, or any agency that can get the proxies records with a warrant.

A web proxy will enable you to evade being monitored by websites you visit while using it, as any logs that the website keeps will have the proxy's IP address and not yours. It would not stop your ISP from seeing where you had been, however - unless it's connected via HTTPS, your ISP could just view the return traffic to your IP.

BFilter is a web proxy that runs on your PC - it basically acts as a 'filter' and filters out banners, ads and other rubbish even when you're not using Firefox and thus can't use Firefox's AdBlock Plus plugin - this means that you can use other browsers like Chrome/Chromium or Opera for example, and still have adblocking functionality. Using it with FF and AdBlock gives you another layer of protection as it will often catch ads and banners that AdBlock might miss.

Another good trick to employ to get a bit of 'defence in depth' is to use a good, updated HOSTS file to block nasty sites and ad servers - you can install a HOSTS blockfile manually, as described here, or you can use a program like the excellent HostsMan to automatically install it for you and also keep it updated as well as allowing you to use multiple HOSTS lists and it will take care of merging them for you and weeding out duplicates.

that's what I figured, but presumably if LEO is making your ISP divulge that kind of info you're already in shit.




Yeah not too bothered about that. I use Firefox and I don't seem to suffer with unwanted ads. I guess I don't visit any particularly bad sites. Same for 'nasty' sites, but then I am on a mac.

My only concern is getting myself into shit by attracting attention to myself with uploading pics etc. I want to start a diary, but I'd rather have a crop than a diary so I'm paranoid about putting that level of incriminating info up here without understanding the likelihood of LEO seeing and tracing it.

TOR kinda pushes my 'worry' buttons. Not about the anonymity, as much as if you do get busted and it's discovered that you're using TOR. Cos the TOR forums are a pretty dark place, there's DEFINITELY a lot of bad shit goes on using TOR. I dunno, maybe I'm being a bit too tinfoil hat, but if you are busted and found to be using TOR then does that give the bizzies the presumption that you're involved in something worse than just growing pot ? I dunno, I really don't know about this stuff, but I know that there's some pretty bad, for want of a better word, 'communities' using TOR.

i installed tor a while back, never really used it very often, it seemed to slow things down a lot. thought it would be a useful privacy tool, but i see what yu mean, the police probably just see it as evidence of having something to hide,

I suppose that TOR is used a lot by dodgy folk just because it's such a good tool at what it does - it's a bit like saying that body armour is used by a lot of dodgy people, but that doesn't make body armour intrinsically evil in and of itself, and you certainly shouldn't be busted for owning/wearing it.

As for getting busted for something and the UK police finding that you'd been using TOR - I wouldn't worry about that, as their tech competence is piss poor, and getting a judge and/or jury to understand it would be an undertaking and a half.

Worryingly enough, though - there is a law in the UK that came in a couple of years back - I forget it's acronym at the moment, but it basically states that if you're found in possession of anything encrypted and you can't or won't divulge the key or other means of decrypting it, that they can jail you for up to 5 years (IIRC) and pound with some massive cash fine.

So, basically - using web proxies for activities like UK420 - no point really - it doesn't achieve anything other than keeping the IP address that you're currently using from Joolz, ¿and if you don't trust him then what the hell are you doing on here at all?

There are whole communities out there using 'darknets' which are invite-only and are based on 'webs of trust' with file sharing and websites, the lot - it's basically like a (private) mirror of the 'lightside' of the Internet.

¿As a matter of interest, Booj - ¿what 'darkness' have you been witness to in the

e2a: I remember what the law is - it's The Regulation of Investigatory Powers Act 2000 (RIPA)

Any opinions on hotpoint shield (anchor free)? how safe etc...
I mainly use it for hulu with no probs.

No idea who they are or what they/it do.

If it lets you pretend you're in the US (which is what I presume you're using it for Hulu for) and can cope with streaming video, then that's OK I guess.

I've never used TOR, but I've looked at TOR forums. There's a lot of the dark side of sex in there. Talk about rape porn, pedo stuff etc. LOT of pedo discussions.

Okay then. I'm going to get my camera out and start a diary! Thanks for the info.

Hunh - can't say I'm that surprised, although I'm surprised that it goes on in the TOR forums themselves and not in some seedy sex forum.

TOR was actually developed by and for the US Navy so that their intelligence agents would have another way of communicating anonymously over the 'net between ships at sea.

Someone (a very sound person, totally not into shit like that, just into watching people) told me about TOR forums, said they were very interesting for watching people talking about really out there stuff, so I looked at some. I dunno the forums I looked at now cos I was pissed as fuck when I found them and I deleted all my history & stuff yesterday cos it was taking up shit loads of my pitifully small 10 gig hard disk I got over 100 megs back from my windoze partition - probably all the pron I watch on tnaflix But there was some proper bad shit being discussed. Also some quite sad shit - pedos who know it's wrong, don't hurt kids, don't download the pedo shit cos they know it's wrong. But have the urge.

Sorry, gone well off topic. But it fascinates me, folks who know it's wrong, don't act on it, don't watch it, but have the urge. I dunno how I feel about them - to have the urge but control it. I can't ever understand that - I can't understand the urge full stop, but to have that urge and fight it. Should I hate them for having the urge, or should I respect them for knowing it's wrong and fighting it ? That goes beyond simple morality.

Did I go too far in trying to understand ?

Tricky subject.

Personally I think they deserve respect for fighting it. Like you say I find that fascinating, the idea that there are people who would generally be described as 'evil' if they acted on their impulses (rape, paedophilia, stuff like that) but who acknowledge that it's wrong and fight it. It's easy not to commit horrible crimes if you have no propensity towards them, but it must take a lot of effort not to act on those impulses if you do have them. I wonder what proportion of those kind of people do act on their urges. ie How many people we come into contact with every day who are secretly struggling with that kind of stuff. It's hardly the sort of thing they'd admit to, even to a doctor.

I don't think 'normal' people can understand what it must be like to have that kind of psychology, which is why I always find it kind of odd the hatred some people exhibit for people like Ian Huntley, Fred West etc unless the people who have that really violent reaction to those stories are people who have those urges themselves and repress them (kind of like the way that bullies often pick on those they perceive as weak because they remind them of their own weakness - if you'll excuse the pop psychology). Don't get me wrong, I can understand feeling disgusted/repulsed/sickened/frightened etc. by those kinds of people, but where that anger comes from I don't get.

That's the fascinating thing about some of the stuff I've read. Cos there are truly fucked up people who argue that pedo shit is beautiful and right. They really believe that shit. Then there are folks who feel the urges but know it's wrong, and do everything they can to fight it - that's gotta be hard, to feel urges (no matter how wrong) and fight them. On the one hand it's really disturbing to read that kinda stuff, but on the other hand the folks who have those urges but know they are wrong and do all they can to fight them, I can't really see them as bad people, you can't help how you feel, but if you know it's wrong and do all you can to not act on it. That's gotta take a strength of character.

I'm not saying they're good. But can you really call them bad if they know it's wrong and use all their willpower not to act on it ?

That's why in threads about pedo shit I can't be in there with the 'hang them' folks, cos it's far more complicated than a lot of folks think.

Shit, sorry, I've taken this thread WAY off topic. Again

My urge is to drink too much, and I lack the willpower to fight it

Naww - I know what you mean about 'people watching' - I find it fascinating, too - especially when it's people gone/going 'wonky' for some reason - the myriad ways that the human brain can misfire are a constant source of fascination to me.

As for the unfortunate people who 'have the urge', but know it's wrong and actively fight it - I think that they are to be admired if that's the case. I firmly believe that no-one 'wants' to be that way - it's just some unfortunate artefact of either the way their brain's wired, or of their upbringing etc., and if they can recognise and fight that, then more power to 'em.

Wow, I didn't know all that stuff about the Tor forums. I think I'll steer clear... guys like that tend to get me riled up and I don't need the high blood pressure.

But I've used Tor for awhile. Not because it think it will make a whole lot of difference if the law really wants to get me, but I figure the idea isn't to be the fastest antelope when the lions attack... it's to not be the slowest.

If they're gonna get me, they're gonna have to work for it. Typically the police are very stingy with their budget for cyber stuff. They usually won't even try to decrypt files or recover deleted data. It costs too much and if they've got access to your computer they probably have enough to put you away already.


Tor does slow things down, but a little patience is not much to pay for a little extra slice of peace of mind.

TBH mate the people 'who know you visit this site' and grow a bit of percy do not give a fuck about your plants in your closet.
Your small fry to them

There is a small risk though... For instance your neighbourhood nosey hacker might get a sniff of your growing activity, easily done if you know how, rare though, or is it

Touch wood, I've not had any shitback from browsing weed sites and uploading pics of my plants... Though for peace of mind (not the security of this site, cause I know this site is safe as fuck) but if I had the effort, I would try and be anonymous on any internet activity, afterall it is a personal thing, I have expressed many things online that I wouldn't like my family or anyone else who knew me to discover my inner thoughts and feelings etc, like a shrink, you trust this person when you open up, I find on the internet i can open up, but as we dwelve more into this liftstyle, I think we should be more wary of it now...

just my 2p

Like I've just posted in another thread - if you're *serious* about it - sod anonymous proxies that who the hell knows who's running them (probably some Chinese or East European hacker who's hosting it to use as a type of honeypot to snarf credentials and data) - use a commercial hosted encrypted VPN service like the Swedish Relakks for example.

It's only 45 Euros for 12 months - signing up to that, and also a nice fast Usenet provider, and you're golden - all for less than the price of a few cups of Starbucks per week.

I have been wondering this also. In fact its my main concern about uploading pictures to this site, i imagine it is very rare though. In the real hustle the time when they saw EVERYTHING that the guy was looking at online, where he was going on holiday etc. But then if that did happen they would know i'd been visiting this site and would be able to read all my posts anyway whether i had uploaded pictures or not? I'd love to upload some pics and start a diary but if someone was snooping they'd know where to look and it could be easy pickings.

yes proxy without a doubt on everything I do on the tinterweb, I don't want anyone using what I do on the internet for marketing or statistical usage eg: Phorm

dunno about TOR. The way I do it is SSH to a remote machine and then tunnel the connection from localhost --> Remote SSH Host

I think that's well worth 45 euros, cheers scribbs for the link
Might just do that, set up dual-boot on my pc with ubuntu and xp, use the linux with this site and other private sites

Minted, cheers

I notice they only offer a Windoze download, anyone wishing to use Linux with it can probably get it working with vpnc but I haven't personally tried this option.

¿Downloads? We don't need no steenking downloads :




That was a completely exaggerated blag on the part of The Real Hustle - it wasn't real.

Also, if you are using wireless, so long as you're using WPA/WPA2 and a decent passphrase or are wired, then there's no way that anyone can 'snoop on your connection'.


Which is a nice way to do it - ¿whose is the other machine that you're SSHing into?

The machine is mine but registered under a .NL name Hosted in France and the hostname points to Hugh Heffner @ the Playboy Mansion.. hehe..

I mean if I was doing anything dodgy then I am 99% sure they would be able to find me anyway but I just like the ability to be anonymous here in the U.K if you know what I mean. I think this country is the worst for them watching

Hi Scribble, how do you know that that scam wasnt real? The fake hustle

After watching that series for quite some time i do alot of reading on google, isnt there a device called airpcap or similar i cant rember now that you can use on WPA to gain access?

Because, (even if I do say so myself) I am quite an expert at network security including wireless penetration techniques (aircrack-ng, BackTrack, airpcap, ettercap, MetaSploit, arpspoof, etc. etc.).

If they had have accessed that guy's router because it was unsecured or cracked the weak WEP encryption on it then they could have snarfed any packets passing from that guy's PC to the 'net and back again and then reconstructed the data afterwards to analyse it, but IIRC they were showing in the back of the van exactly what was on his screen - realtime - and were watching what he was doing on his desktop, live. This looked a lot more like van Eck phreaking than any realistic kind of wirless hack.

It could also conceivably have been done using a MitM attack, or by ARP poisoning, but neither of those would have given a realtime depiction of what was going on on the desktop live - just a load of captured packets that would have to be analysed later on.

A way to do what they showed (apart from van Eck phreaking) would have been to somehow 'infect' the other guy's PC with some kind of remote desktop application like PCAnywhere (a la Gary Mckinnon), but they definitely didn't do that on the show, either.

If they had shown a realistic depiction of a real wireless penetration - it would have made for a really *boring* piece of TV - so they spiced it up and as a result made it completely fantasy-ville.

Trust me on this- use an Ethernet cable, or if wireless use WPA/WPA2 and a strong passphrase and you're safe as houses - you really are.

What about the other type of internet perverts? The packet sniffers!

'Snarfers', I called 'em.

Yes but isn't that cracking a wireless connection you meant? I mean people who actually track folk online, via MAC or IP address or whatever? Isn't it true to say that, unless you are using some form of encryption, once something leaves your computer it is basically public domain and anyone can read it between your computer and its final destination, including passwords for sites that don't have encrypted login as it's just plain text? Or that a connection can be hijacked and all traffic fed through the man in the middle's computer? And it popped into my head earlier so meant to ask, but doesn't the UK only allow encryption to a certain level like 128 bit or 256 or something? Or is my tinfoil hat too tight?

Yes - a lot of data especially on the WWW does get sent in the clear, but to monitor someone's connection and what they're doing and looking at would involve you putting yourself in the pipe inbetween their connection and the 'net - this is not as easy as you think. You would have to work at, or have access to that person's ISP to get that kind of a view, or somehow hack their router and use ARP poisoning - something like that.

A much simpler way of doing it would be to get that person to install some kind of backdoor or malware controlled by you on their PC.

PROTIP: If you find a USB stick on the floor in the works car-park or near your car at home - for god's sake remember to be using a decent OS like Linux/BSD or make sure that you turn Autorun off if you insist on using a toy OS like Win to examine it's contents.

Quite a few security pentesters have gained access to secure company networks by using that trick.


e2a: The UK has no laws limiting or specifying the type or strength of encryption that an individual or a company can use. The RIPA act, however, allows you to be fined a huge amount and to be sentenced to up to 2-5 years in jail for refusing, or being unable, to hand over the passphrase/passkey to any encrypted data that you own if ordered to do so in the course of a criminal investigation.

Oh right, thanks for clearing that up Scribb|e.

¿Feel a bit better now?

yea thanks - my paranoia has dropped 0.1% which may enable me to get some sleep tonight. But then how do I know they aren't tracking me in my sleep?

The comms bus from your CPU gets shut down during Sleep Mode, so you should be OK on that score.

haha scribble you know everything!, i have researched a million and one things since i lost my job 9 months ago, and ive learnt soo much, overclocking laptops graphic cards, how wifi antennas work, wifi hacking, obfuscation, creating wow private servers, then went on to creating websites using adobe cs4, creating my own webserver(arghhhh i hated it), creating special effects in films(great fun), then electronics, rc helicopters(what a nightmare!), and more recently since joining this site ive learnt how to create collided silver, negative ion generators, carbon filters, creating co2, how long a cat takes to have kittens() and all these things ive been learning ive always had a basic understanding of and always wanted to learn about how they worked, ha ill be fountain of knowledge like you soon!!

Cheers Scribb|e, Glad you cleared that up. Good advise and has been taken on board. Might start a diary later