1997-02-09 - ANON: anonymizer.com thru proxy server is bad news
Header Data
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
To: cypherpunks@toad.com
Message Hash: a07a26b490c4386c4f94ede24f33857e9d952b3c6874104f4d8516ed8adeef6b
Message ID: <199702092015.PAA30654@yakko.cs.wmich.edu>
Reply To: N/A
UTC Datetime: 1997-02-09 20:12:53 UTC
Raw Date: Sun, 9 Feb 1997 12:12:53 -0800 (PST)
Raw message
From: Damaged Justice <frogfarm@yakko.cs.wmich.edu>
Date: Sun, 9 Feb 1997 12:12:53 -0800 (PST)
To: cypherpunks@toad.com
Subject: ANON: anonymizer.com thru proxy server is bad news
Message-ID: <199702092015.PAA30654@yakko.cs.wmich.edu>
MIME-Version: 1.0
Content-Type: text
>From: jmccorm@galstar.com (Josh McCormick)
Newsgroups: comp.infosystems.www.misc,alt.anonymous,comp.infosystems.www.browsers.misc,alt.2600,ok.general
Subject: NOT ALWAYS ANONYMOUS: "www.anonymizer.com"
Date: 9 Feb 1997 19:25:46 GMT
Lines: 43
Message-ID: <5dl8bq$6h3@mercury.galstar.com>
THE CLAIM:
> Our "anonymizer" service allows you to surf the web without
> revealing any personal information.
THE PROBLEM:
> If you access The Anonymizer through a proxy server, it may add a
> variable, such as "HTTP_FORWARDED", that The Anonymizer does not filter
> out, revealing your true identity.
THE DATA:
> Below is a printout of the variables from an "anonymous" session done
> through The Anonymizer when accessed through the Squid proxy server.
REMOTE_HOST=darkmatter.infonex.com
REMOTE_ADDR=206.170.114.24
HTTP_USER_AGENT=Mozilla/3.01 (via THE ANONYMIZER!)
HTTP_HOST=sol.infonex.com:8080
HTTP_FORWARDED=by http://galaxy.galstar.com:3128/ (Squid/1.0.20) for 204.251.83.41
HTTP_PRAGMA=no-cache
HTTP_PROXY_CONNECTION=Keep-Alive
THE RESULT:
> A CGI script could see that you were using The Anonymizer to hide
> yourself, but your true IP address is revealed in the "HTTP_FORWARDED"
> string.
THE SUMMARY:
> Beware using an anonymous browsing service if you are going through a
> proxy server. Until they remove the information provided by proxy
> servers, using their service isn't as anonymous as they say.
THE QUOTE:
> (from The Anonymizer home page) "Many people surf the web under the
> illusion that their actions are private and anonymous. Unfortunately, it
> isn't so."
=====================================================================
== Josh McCormick Galaxy Star Systems ==
== jmccorm@galstar.com Providing Quality Internet Access ==
== Systems Administrator WWW: http://www.galstar.com/~jmccorm ==
=====================================================================
--
http://yakko.cs.wmich.edu/~frogfarm/ ...for the best in unapproved information
"Would I had phrases that are not known, utterances that are strange, in new
language that has not been used, free from repetition, not an utterance which
has grown stale, which men of old have spoken." - inscribed on Egyptian tomb
Thread
Return to February 1997
- Return to “Damaged Justice <frogfarm@yakko.cs.wmich.edu>”
Return to “dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM)”
- 1997-02-09 (Sun, 9 Feb 1997 12:12:53 -0800 (PST)) - ANON: anonymizer.com thru proxy server is bad news - Damaged Justice <frogfarm@yakko.cs.wmich.edu>
- 1997-02-10 (Sun, 9 Feb 1997 20:00:17 -0800 (PST)) - Re: ANON: anonymizer.com thru proxy server is bad news - dlv@bwalk.dm.com (Dr.Dimitri Vulis KOTM)