[LINK] RFI: Practicalities of Open/ Anonymous Proxies

Roger Clarke Roger.Clarke at xamax.com.au
Sun Apr 22 08:54:02 AEST 2012


[This report has a nice summary of the importance of anon remailers.

[It also gives me the opportunity to ask again about the 
practicalities of open proxies for purposes beyond email.  I got very 
little back last time, whereas link is usually a valuable source of 
info.]

____________

Attack on Anonymous Speech
https://help.riseup.net/en/seizure-2012-april

[Report on FBI seizure of a device that runs an anonymous remailer]

...

The FBI purportedly seized the server because it was hosting an 
anonymous remailer called Mixmaster. Anonymous remailers are used to 
send email anonymously, or pseudonymously. Like other anonymizing 
services such as the Tor network, these remailers are widely used to 
protect the identity of human rights activists who place themselves 
and their families in grave danger by reporting information about 
abuses. Remailers are also important for corporate whistle blowers, 
democracy activists working under repressive regimes, and others to 
communicate vital information that would otherwise go un-reported.

The Mixmaster software is specifically designed to make it impossible 
for anyone to trace the emails. The system does not record logs of 
connections, details of who sent messages, or how they were routed. 
This is because the Mixmaster network is specifically designed to 
resist censorship, and support privacy and anonymity. Unfortunately, 
some people misuse the network. However, compared to the rate of 
legitimate use, the abuse rate is very low. There is therefore no 
legitimate purpose for the FBI to seize this server because they will 
not be able to obtain any information about the sender. This is 
plainly extra-judicial punishment and an attack on free speech and 
anonymity on the internet and serves as a chilling effect on others 
providers of anonymous remailers or other anonymous services.

____________


>Date: Wed, 18 Apr 2012 15:46:45 +1000
>I've always intended to test out open / anonymous proxies.
>
>(As a 20-year Internet player, and having been active in security and
>privacy rather longer than that, it's embarrassing that I've never
>got around to doing so).
>
>A malfunction in the internal network of my ADSL provider (TPG)
>blocked traffic from my IP-address to my mailbox (which is with a
>different ISP), for about 32 hours.
>
>So I had the motivation to find a proxy that would enable me to
>circumvent the malfunction.  (Almost all of my traffic was getting
>through, so in principle any proxy-server would be likely to get
>around the blockage).
>
>I tried a dozen proxies, but all failed.
>
>I was going to:  https://www.MYDOMAIN/webmail
>
>The reasons proxies failed appeared to be varied, and to include:
>-   SSL not supported
>-   forms not supported (i.e. HTTP POST method declined)
>-   payment needed using Paypal (I don't)
>-   payment required first, without the ability to test it, and hence
>      know in advance whether it was going to work or not
>-   invalid site cert (I've never bothered getting one, because I know
>      how worthless certs are, and it's my own site anyway)
>
>Reasons to use an open proxy include:
>-   to avoid disclosing one's network location to the target node
>-   to appear to the target node be in a particular network region
>      (or geographical region, if the target believes IP-based geo-loc)
>-   to circumvent a blockage based on IP-address
>
>There must be lots of reasons to want to use https, and to use forms
>(fetching webmail, logging into accounts, doing eCommerce, ...).
>
>Can anyone shed any light on why the first dozen I went to are
>useless for such a mainstream purpose?  Thanks for any leads!
>
>[I'm on Mac OSX 10.4.11, old Safari, old Firefox.  Are they unable or
>unwilling to support old browsers perhaps?]

-- 
Roger Clarke                                 http://www.rogerclarke.com/
			            
Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in the Faculty of Law               University of NSW
Visiting Professor in Computer Science    Australian National University



More information about the Link mailing list