From: dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM)
To: cypherpunks@toad.com
Message Hash: 0e23b39e9d21059cd410bb1732d44f8a7700220f1d2e124fe8ebaf044b072a75
Message ID: <uq6V2D8w165w@bwalk.dm.com>
Reply To: <199702092015.PAA30654@yakko.cs.wmich.edu>
UTC Datetime: 1997-02-10 04:00:17 UTC
Raw Date: Sun, 9 Feb 1997 20:00:17 -0800 (PST)
From: dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM)
Date: Sun, 9 Feb 1997 20:00:17 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: ANON: anonymizer.com thru proxy server is bad news
In-Reply-To: <199702092015.PAA30654@yakko.cs.wmich.edu>
Message-ID: <uq6V2D8w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain
Damaged Justice <frogfarm@yakko.cs.wmich.edu> writes:
>
> >From: jmccorm@galstar.com (Josh McCormick)
> Newsgroups: comp.infosystems.www.misc,alt.anonymous,comp.infosystems.www.brow
> Subject: NOT ALWAYS ANONYMOUS: "www.anonymizer.com"
> Date: 9 Feb 1997 19:25:46 GMT
> Lines: 43
> Message-ID: <5dl8bq$6h3@mercury.galstar.com>
>
> THE CLAIM:
> > Our "anonymizer" service allows you to surf the web without
> > revealing any personal information.
>
> THE PROBLEM:
> > If you access The Anonymizer through a proxy server, it may add a
> > variable, such as "HTTP_FORWARDED", that The Anonymizer does not filter
> > out, revealing your true identity.
>
> THE DATA:
> > Below is a printout of the variables from an "anonymous" session done
> > through The Anonymizer when accessed through the Squid proxy server.
>
> REMOTE_HOST=darkmatter.infonex.com
> REMOTE_ADDR=206.170.114.24
> HTTP_USER_AGENT=Mozilla/3.01 (via THE ANONYMIZER!)
> HTTP_HOST=sol.infonex.com:8080
> HTTP_FORWARDED=by http://galaxy.galstar.com:3128/ (Squid/1.0.20) for 204.251.
> HTTP_PRAGMA=no-cache
> HTTP_PROXY_CONNECTION=Keep-Alive
>
> THE RESULT:
> > A CGI script could see that you were using The Anonymizer to hide
> > yourself, but your true IP address is revealed in the "HTTP_FORWARDED"
> > string.
>
> THE SUMMARY:
> > Beware using an anonymous browsing service if you are going through a
> > proxy server. Until they remove the information provided by proxy
> > servers, using their service isn't as anonymous as they say.
>
> THE QUOTE:
> > (from The Anonymizer home page) "Many people surf the web under the
> > illusion that their actions are private and anonymous. Unfortunately, it
> > isn't so."
>
> =====================================================================
> == Josh McCormick Galaxy Star Systems ==
> == jmccorm@galstar.com Providing Quality Internet Access ==
> == Systems Administrator WWW: http://www.galstar.com/~jmccorm ==
> =====================================================================
>
> --
> http://yakko.cs.wmich.edu/~frogfarm/ ...for the best in unapproved informati
> "Would I had phrases that are not known, utterances that are strange, in new
> language that has not been used, free from repetition, not an utterance whic
> has grown stale, which men of old have spoken." - inscribed on Egyptian tom
Isn't this "anonymizer" run by Sameer Parekh and his C2Net? It figures...
---
Dr.Dimitri Vulis KOTM
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
Return to February 1997
Return to “dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM)”