From: shamrock@netcom.com (Lucky Green)
Date: Mon, 6 May 1996 04:05:42 +0800
To: cypherpunks@toad.com>
Subject: Re: WWW proxies?
Message-ID: <v02120d03adb27fe340c9@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain


At 0:30 5/5/96, Lou Poppler wrote:
>On Fri, 26 Apr 1996 19:13:06 -0400 (EDT),
>Black Unicorn <unicorn@schloss.li> wrote:
>}
>} Has anyone developed such a beast yet?
>
>I know of two anonymizing web proxies.  See:
>http://hplyot.obspm.fr:6661/            and:
>http://anonymizer.cs.cmu.edu:8080/
>
>I think both sites offer source for what they are doing.
>I've used the Observatory de Paris site a few times as http_proxy.
>Last I checked, the Carnegie-Mellon site only serves requests from
>*.cmu.edu clients.

Of course these sites are in an ideal position to log their user's every
move. With so many users making all their http requests through a single
site, the commercial value of the information that could be gained by
logging traffic at the site is tremendous.

Only when a network of anonymizing sites is connected through something
like PipeNet and the users are either PipeNet nodes themselves, or at least
randomly use various PipeNet nodes for their http connections, does the
security of the user increase.

With only one hop, IMHO, the potential risk outweighs the potential
benefit. I'd advise against using such single-hop http anonymizers. YMMV.


Disclaimer: My opinions are my own, not those of my employer.

-- Lucky Green <mailto:shamrock@netcom.com>
   PGP encrypted mail preferred.