Setting up Tor with Freecap and Proxomitron

[chrome_waves]

Also, check out this:
http://www.searchlores.org/athei_06.htm

[Ralph]

chrome_waves , you've convinced me ! I have Opera up and running . WOW ! What a difference . I need to play with it for a while to set up the pages and fonts before I start up Tor and FreeCap . We had 1 inch of snow yesterday and were without electricity for 24 hours here in rural Vermont . You can imagine what happens when we have a foot !

[chrome_waves]

Vermont huh? I live on the gulf coast, and i'd love to have a bit of snow. I'm 31, and hoping I wont see 41 here in this abysmally hot place. Anyways, did you actually read any on that? I mean it does seem kinda silly trying to anonymize yourself, when using internet explorer, which is notorious for security leaks of all sorts. But yeah, opera is highly customizable, its nothing like ie. Maybe now, your tor/freecap/proxomitron setup will work. This is a nice comfy forum lol. Cheers

[chrome_waves]

Envy my opera browser...



Has this gotten off topic a bit??

[Oddysey]

chrome_waves;

Quote:I mean it does seem kinda silly trying to anonymize yourself.....

Yes, that's correct. Even if you use a paid service to anonymize yourself, you'll still be trackable, it'll just take a bit more effort. If someone wants you badly enough, they'll get all the court orders needed to make it happen, you can take that to the bank.

Spoofing? Hah! Anonymizing? More hah! How do you think those spammers are getting caught? That's right, even with every trail-wiping trick in the book, they're still being traced, and tracked back to their source. It just takes a large enough desire to make it happen, that's all.

About the only way to do a real anonymizer is to have your ISP not log any transactions at all. Even if they wipe their log files after so many minutes, not hours, days, weeks or months - minutes, the log file still exists. If they keep track at all, then you can be found, pure and simple.

An anonymizer service claims to do this, but for some reason, larger scale pirate networks and spammers still keep getting found. You don't think that 100% of them are completely stupid, do you? Nope, even those services leave their logging functions enabled (after all, it is the default), and that's the end of any anonymity. Like I said, for some time now, it's been only a matter of how much effort is needed versus desire to find out, not a matter of technology.

Quote:..... when using internet explorer, which is notorious for security leaks of all sorts.

Hmmm, I keep hearing about this 'security leak' in some kinda vague, whiny way. I'd like you to do us all a favor, please. Prove to me that I am not secure in my fashion, as secure as you'd ever like to be (given the conditions above - my ISP won't even consider disabling it's logging function). This is not meant to be a "slap in your face" challenge, I'm merely starting a discussion of "what's acceptable" security. Your definition may be different than mine...... that's what we need to iron out here.


Oddysey

[Ralph]

chrome_waves , I skimmed most of the article since I was familiar with the topic . Oddysey , make a good point . Annomimity is relatively relative .

[chrome_waves]

Odyssey, are we talking anonymity as regards tor/freecap, or is this an ie versus opera browser thing? Im no security expert ( though I am planning to go for my comptia security + at some point). Tell me more specifically what you're asking and I can try and do some reasearch, it'd be good for my knowledge. Sorry about this image embedding stuff, just learned how to do it

[Oddysey]

chrome_waves;

Quote:Sorry about this image embedding stuff, just learned how to do it

Trying a little steganography, are we? Perhaps you'd like to run that by our Fearless Leader, hmmmm?

I had thought you were referring to the original argument that IE was allegedly leaking personal information onto the web, in allegely numerous ways. That's as opposed to impersonal security, where your IP can be determined from server logs, but that's all. In the latter case, it should be extremely obvious that it doesn't matter what browser was used, so I tend to start peeking behind the curtain when I see this kind of "discussion" going on.

My only point is this: Just so long as one is aware that if "They" want you, They will get you, then I don't mind or care what anyone does in regards to attempting to anonymize one's self. It simply won't be 100%, and that's that. For most, 99% is sufficient, and so it is for me.

I have a feeling that what most users want anonymizers for, though certainly not all of them, is to be free from jackasses coming back at them for alleged offenses. When they speak their minds (give their opinions) on a forum, they might upset the local Holy One, and get IP banned. Using a TOR-like setup will, most likely, circumvent such a banning, allowing the opinionated person to continue with his/her espousals.

Other uses are also obvious - confuse the RIAA in its anti-piracy attempts (which are laughable at best anyway), send spam from what appear to be various sources of origin, multiple logons to MMPOG's, etc. After that, there might be still other uses, but I'm not gonna bother trying to dream them up.

Now, why would anyone with your logged IP decide to use it against you? Simple: They perceive that they've been done wrong (by you), and want redress. From simple banning to full-blown lawsuits, the fun and games are boundless.

All of that is different from your browser (any browser) "leaking" your personal info to nefarious persons on the 'net. I presume you've seen Norton's attempt at keeping your personal data from leaking, haven't you? You must first enter on a special form all the stuff that you want Norton to search for in each outgoing communication. Then, supposedly, Norton will scan everything for those entries you just made, and alert you if it finds one (or more). Great. All the personal info that you don't want shared, right there in one place, just waiting to be hijacked by other programs that are smarter than Norton. Sheesh.

And just how does a browser leak personal data, anyway? I've asked myself that, and the only thing I can come up with is that the browser actually goes through all the files on your hard drive, intelligently derives your personal data, and indiscriminately disseminates it out onto the 'net. And I'm not only supposed to believe this, but further believe that only IE does it, and no other browser?? It boggles my mind that no other browser author has ever revealed this behavior on Microsft's part. Well, either that, or this isn't what's happening.

So what else can happen? Scripting? Maybe. ActiveX controls? Again, maybe. Flash animations? For sure, though probably more rare. BHO's? More likely. But note that in each case, the actual perpetrator was not the browser, but the deviousness of a 3rd party. The "fact" that the browser "allowed" it doesn't enter into the equation. I'll tell you right now, if you or anyone else thinks that if the brower is "secure" then your personal data is safe, then you're ripe pickings for the big boys. Take it to the bank, there is no 100% security. If "they" want your info badly enough, they'll get it, browser or otherwise, pure and simple.

Whew! That was quite a rant. I'd better go take my meds, and then a nap. Hope all this helped. Oh, and good luck your certification exams.


Oddysey

[Kye-U]

[Offtopic]

Like my Opera?

[chrome_waves]

your opera rules! hey, this is your forum isnt it? it rules too!!

[chrome_waves]

happy halloween ralph!!!, happy halloween oddessey!, happy hallowen key-u !!!!

[Ralph]

Same to you Chrome_waves ; although I wish the holiday were banned . It's just a G_D marketing gimmick . I 've seen too many bad things happen to kids at this time to justify a nonsensical celebration as this . BTW , Opera is up and running ; very , very nice . I haven't started playing with Tor and FreeCap yet . I need to get used to Opera first .

[chrome_waves]

Ralph, you know it's pretty easy to customize opera once you get used to how to do it. Right click up top and choose "customize", and tick "show hidden toolbars" then its easy to have which buttons or controls you want by just dragging and dropping -if you want a space between certain buttons etc drag a spacer between them. Good luck with it

[laighleas]

Ralph Wrote:chrome_waves wrote :

Quote:
ralph whats your configuration? what works for one should work for another

I am on Win98 se with all the latest updates using Sidke's latest config . Motorola modem>Netgear router > IBM pc . I use IE 6 or Maxthon to browse . No software firewall . F-Prot is my viral scanner . Tor works with Privoxy although very slow . I followed Kye-U 's and your guidance verbatim and I can't get " Torified " . No activity in Tor with FreeCap . Thanks for your help .

I've got Proxomitron and Freecap working quite happily with Tor, using SOCKS 5, with IE6 as a browser, XP sp2, .NET, and Zonealarm, with broadband.

I know this probably sounds dim, but doublecheck the connection in IE6, namely that it's pointed at Proxomitron on 8080 and that the 'use a proxy' box is set. Then check the settings in Freecap are pointed at 9050 (Tor) and that it's set to resolve names remotely. If you're using TorCP doublecheck that it's connected - there's a disconnect option. If you're using TorCP you can also display the bandwidth graph - any activity here means that you're connected. If something is then getting your IP, it's using something scripts or SSL to do it.

As I said, I know doublechecking the connections sounds dim, but I had a similar problem the other day. Anything more complicated than a browser goes right over the wife's head (well, it's not that she can't know - she's just not interested in knowing) so I'm likely to find, after she's been surfing, that she's disconnected Proxomitron right back at the browser before she started. Which is exactly what she did a day or two ago - and of course the browser won't talk to the net via Tor in that case. :-(

OTOH, if you have two things trying to use the same port at once, you'll get nowhere equally fast.

Having doublechecked the connections, make certain that you haven't got the remote proxy set in Proxomitron - you need it off, because Freecap is handling that. You don't want Proxomitron thinking that it is using a remote proxy, otherwise you'll get nowhere - well, you may get a warning that Tor is not an HTTP proxy. OTOH, make sure that Proxomitron is actually running socksified - there's a setting in Freecap to run a program when Freecap starts. The chain won't work if Proxomitron isn't socksified.

That's the best I can think of for now. Just back to old-fashioned tracing things through from the start and tugging on leads. If that doesn't sort it, then the problem lies elsewhere.

Kevin

[Ralph]

Thanks , laighleas for your help with Tor and FreeCap but still no joy . Chrome_waves was walking me through this last week with IE 6.0 . Now I'm trying to do this with Opera and not finding any success . I 've followed every letter to a T ; works fine with Privoxy but not with FreeCap . I wonder if it's in one of Sidke's filters which I'm using . BTW , welcome to the forums ; it's a great place to visit .