| reply to ke4pym
Re: "Torpark causes the IP address seen by the website " Governmental watching is an understandable concern, and the proxy server concept is sound, but the ability to be stealt on the computer itself(i.e History) Really doesn't do much to circumvent this, unless the government actually comes and seizes your actual equipment.
I also wasn't saying that I wold want to be doing anything unscrupulus at work/school, or for that matter that it was the ONLY reason. This is probably the most common reason that it will be used for anyway.
My primary point was that this is NOT a miraculus fix all cure. Although it makes it more difficult to track you, it doesn't make it impossible. If an opperssive government, or anyone w/ enough skill, wants to know something They will find out. |
|
 peter_mPremium
join:2005-07-13
Canada, QC | said by j0nnyb1aze:If an oppressive government, or anyone w/ enough skill, wants to know something They will find out. I always assumed TOR was a bunch of random relay servers that didn't keep any logs... How can they trace?
Peter |
|
| even on the homepage for tor, they make it clear that there are certain scenarios under which privacy can fail.I don't think there is any system or software available that could really promise you with certainty that privacy will be 100% absolute.
The thing is though that most or all of those possibilities for privacy failing would only occur if some entity was already attempting to see what you were doing online. In other words, you are already being tracked for some reason. If that's not the case, and you are just attempting to prevent the collection of information by the gov't. for some 'mystery' use that they now tell you is necessary, then this system should be fine. BY THE WAY, FOR ANY OF THESE PROXY SOFTWARES TO WORK PROPERLY YOU MUST HAVE JAVA TURNED OFF ON YOUR COMPUTER. IF JAVA IS ON, THEY WILL BE ABLE TO GET YOUR IP, PROXY OR NOT.
--
The best things in life are free...(after rebate and free shipping!) |
|
peter_mPremium
join:2005-07-13
Canada, QC | said by robie88:FOR ANY OF THESE PROXY SOFTWARES TO WORK PROPERLY YOU MUST HAVE JAVA TURNED OFF ON YOUR COMPUTER. IF JAVA IS ON, THEY WILL BE ABLE TO GET YOUR IP, PROXY OR NOT. I'm guessing not Sun Java but rather javascript? |
|
|
|
 tcp1Premium
join:2000-04-17
Herndon, VA
 ·Verizon FiOS
| No, he means Sun Java, but he's being a bit vague.
Java (as in an applet) runs in its own VM, which means it's really running as it's own program locally on your machine - it's just enclosed in the browser at the interface level. Yes, Java applets running in a web browser do have stricter security restrictions than Java stand-alone applications outside the browser, however it's rather trivial for the Java applet to make its own HTTP connection and then send your local IP address to any server.
Javascript, on the other hand (which, by the way, has absolutely NOTHING to do with Java, and is related only by name), runs strictly in "browserspace", and is limited to the facilities given to it by the browser. |
|
peter_mPremium
join:2005-07-13
Canada, QC
1 edit | I haven't written a line of code in over 10 years but I know the difference between the two. Just needed to know which...
You probably would argue that if I really did know the difference, then I should know that javascript is not what he was talking about. Well to this I have to answer that a few week ago someone talked about javascript's ability to scan private IPs behind a router and reporting them. I think it was in a recent "security now" pod-cast but I'm not 100% sure. Not remembering the exact details, javascript still sounds suspicious to me. Anyone know what I'm talking about? (I'm not sure I do  ) |
|
| reply to peter_m
apologies if I wasn't clear. You should really disable both. If you are using firefox you will find it in "options"/ "content"--- just uncheck both boxes.
If you want to test what I'm talking about, just go to the whois page on this website (in the tools area). Try going there through a proxy server with java on, and you will see that it may or may not immediately pick up your real ip address. If it picks up the ip of the proxy, you can then do a second test on that page where it invites you to use the "java applet" to check. If the first test showed your proxy ip, and you still have java on, the second test with the java applet should should show your real ip immediately. If you turn off java in firefox and then try that java applet again, nothing is going to happen, the whois test will be unable to catch your real ip. Simply put, without a zillion dollar tracking setup that the likes of the CIA probably has available, the only thing left to track you when you are using a proxy, is through these small java programs. If java is off, no one will know your ip through a proxy, unless the owner of the proxy server winds up handing it out to a third party.
Finally, in terms of unchecking both java and javascript, you may find that just unchecking one or the other will still protect you on the whois test on this site, however programs can be constructed through either and you should really have both off to be safe. What I do, is I keep one browser on my computer that is specifically for anonymous browsing. No add-ons with that browser, no java, just the absolute basics going through a proxy configuration that I set up and just leave alone so that there are no mistakes made.
hope that helps.
--
The best things in life are free...(after rebate and free shipping!) |
|
peter_mPremium
join:2005-07-13
Canada, QC
1 edit | said by robie88:No add-ons with that browser, no java, just the absolute basics going through a proxy configuration that I set up and just leave alone so that there are no mistakes made. No flash player as well I guess... Sound advice, thanx.
EDIT: TorPak has both Java (sun) and Javascript enabled in the browser options.... weird! |
|
