Re: Anonymize internet access

["Michael Painter" <tvhawaii () shaka com>]

----- Original Message ----- 
From: "Jeffrey F. Bloss" <jbloss () tampabay rr com>
Subject: Re: Anonymize internet access

> On Wednesday 28 September 2005 02:42 am, Michael Painter wrote:
>
> > I was unable to find that thread and I'd really like to read it.  What do I
> > do with: Message-ID: <9f464ef2.0409060652.7b0113ee () posting google com> (?)
>
> http://tinyurl.com/7po7f

Interesting read...(I think I might have been putting in the less/greater-than characters so didn't get a hit on the 
search..duh).

Thanks for the 'no-bs allowed' critiques of these services...I've learned a lot which I wouldn't have without your knowledge and 
'put-up-or-shut-up' replies to the owners/advocates/shills of the services who commit these 'sins of omission'.  As you said, some 
providers, such as Stephen at Costse, are at least up front about what they provide.

Seems like maybe ZK Freedom was launched too early...wonder why there hasn't been someone to step in with a similar 
offering today?

> > My suggestion would be to start here...
http://tor.eff.org/
Read. Read again. Read a third time. ;) <<

Thanks.  I've also been looking at these:
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ
http://tor.freehaven.net/cvs/doc/design-paper/tor-design.html

After a little reading, I'm thinking that running a node might be even better...comments?

> > When you get comfortable with tor and its SOCKS proxy interface, you might
want to get all serious about it and try tunneling an SSL encrypted session
through tor, and bounce it off an SSH port forwarding account... and be so
anonymous even YOU won't know who you are. <grin> <<

Uhh, don't go too far away...I might have some questions.<bg>

--Michael



> > Some years back, I tested a beta program from Zero Knowledge Freedom which
> > (I think) chained together their servers such that it was supposedly
> > impossible to trace from the endpoint, even with logs.  For whatever
> > reasons, they folded up but I've always wondered if it was it was really
> > true or if a hole was discovered.
>
> It's true. The philosophy is that you transfer data inside nested "packages".
> The outer package is encrypted to the first node in the chain. Inside that
> package, the first node finds another package that's encrypted to the second
> node in the chain, and that nodes address. It strips off its own layer of
> encryption and sends the package on to node two. Node two opens its package
> to find another one, encrypted to node three (and node three's address). The
> minimum is three.
>
> If you visualize this, you might begin to see that the first node can only
> know two things... where the original package came from, and the address of
> the second node.  But not the ultimate contents of the packages.
>
> The second node can only know that an encrypted package came from the first
> node, and another one was sent to the third node. But not the origin,
> ultimate destination, or the package contents.
>
> The third node can only see an encrypted package coming from the second, the
> final destination., and of course the package contents, but not the origin.
>
> That's mix and onion routing protocols in a nutshell. :)
>
> > I'm all ears...can you point me to how/where to get started?
>
> My suggestion would be to start here...
>
> http://tor.eff.org/
>
> Read. Read again. Read a third time. ;)
>
> Download tor and Privoxy, set them up per the instructions you've read three
> times now (it's really not all that tough), and once you think you have all
> the software configured properly, point your browser here...
>
> http://www.geobytes.com/IpLocator.htm
>
> If an IP address other than your own shows up, you should be in business.
> Browser wise anyway.  You should still visit this site though...
>
> http://www.stilllistener.com/checkpoint1/
>
> It should point out any leaks you might have in your setup. If you pass all
> these tests, you're definitely in business for anonymous surfing.
>
> There's other options out there too, like JAP, but the fact that tor is a
> SOCKS proxy makes it useful for a lot of other things. Most IRC and IM
> clients for instance, can be configured to use tor natively an give you
> anonymous chat and messaging. Most file sharing software can be anonymized
> too, as well as the Azerus (sic) bit torrent client.
>
> When you get comfortable with tor and its SOCKS proxy interface, you might
> want to get all serious about it and try tunneling an SSL encrypted session
> through tor, and bounce it off an SSH port forwarding account... and be so
> anonymous even YOU won't know who you are. <grin>
>
> That's a bit of an exaggeration of course, but in my and a lot of other
> people's opinions, this is the best privacy/anonymity available today, and
> the price is definitely right.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (GNU/Linux)
>
> iD8DBQFDOkqMRHqalLqKnCkRAsLJAJ401WX2whJarNAvjZjHYzx3fFUTjQCdGaJ5
> +LU17yvEFF32iSXA/JUp6AQ=
> =AdHQ
> -----END PGP SIGNATURE-----