Open Proxy Servers

Open Proxy Servers, which allow any internet user to connect to them, typically for web browsing or for sending emails, are sometimes deliberate, and sometimes the result of mistakes or incompetence by systems administrators and software programmers.

There is a further sub-division, namely those which forward on your client PC's real IP address, and those which do not.

Typically the real IP address of your computer's internet connection is revealed by your web browser through the REMOTE_ADDR environment variable, to each and every web server you connect to.

If you are connecting via a proxy server, then it may very well reveal this IP address in the HTTP_X_FORWARDED_FOR or the HTTP_VIA environment variables.

If you visit a website, via a Proxy server, it will be the IP address of the proxy server which appears in the standard web server logfiles, however,it is often easy for a website to check and log the HTTP_VIA and HTTP_X_FORWARDED environment variables, especially if , for example, you are filling in a form with a server side script for email or account registration, for e-commerce, or to post a blog comment or discussion forum article.

Where such proxy servers have been configured not to forward the original IP address information through such environment variables, they are said to be Anonymous Proxy servers.

Although some proxy connections can be chained together, manually, many cannot, and so their use is much more error prone and more likely to betray your real IP address than using a commercial VPN service or the free Tor onion routing technique.

Various websites, e.g. http://www.freeproxy.ru, and even some commercial "anonymity" services, list or make use of any Open Proxy which they can find,often as a result of scanning lots of IP address ranges, to probe for such potential security weaknesses. Such lists of open proxies are constantly changing.
Some very badly configured proxy servers may actually allow access into supposedly private corporate or government intranet networks via the internet.

Some open proxies are created by privacy activists, and some are created by criminals e.g. open email proxies can be set up illegally by computer viruses to help with commercial email spam.

Many open proxies end up getting blocked by , say, the Great Firewall of China, or potentially, by the United Kingdom's British Telecom Cleanfeed system , which currently targets alleged child porn websites, at the behest of the Government, but which could, after a simple target list update, also be used for political censorship.

Other content blocking censorware systems e.g. Websense, typically installed on corporate or educational personal computers, may also block access to some open proxy servers, commercial privacy or anonymity services, and Tor exit nodes.

Tor exit nodes,which are also a form of more sophisticated open proxy, and other reported open proxies, are currently blocked by Wikipedia, not for reading, but for user registration and for editing or submission of articles - see the a href="http://en.wikipedia.org/wiki/Wikipedia:WikiProject_on_open_proxies" target="_wpopp" title="Wikipedia:WikiProject on open proxies -new window">Wikipedia:WikiProject on open proxies

Given the massive amount of web traffic, trying to keep logfiles of proxy usage is a big, and often uneconomical task.

However, the European Union has been bounced into passing an EU Data Retention directive, which comes into force in the United Kingdom, after an 18 month delay, on 6th April 2009, after which the major upstream internet service providers will be forced to keep such lgfiles, even though they have no use for them, for at least a year, for the benefit of law enforcement and intelligence agencies, and potentially also for use in civil copyright or libel lawsuits as well.

Open proxies are a technique which can help preserve the anonymity of whistleblower sources, when communicating with investigative journalists, bloggers, and political activists, but there are risks, which you need to evaluate.

A few tips:

  1. http://www.freeproxy.ru explains the various kinds of open proxy server, and publishes lists of open proxies, which are forever changing. Make your own mind up about how trustworthy any particular proxy is. Some of them on these lists are undoubtedly honeypots, designed to snoop on the possibly illegal traffic and to try to identify the users. Foreign computer crime fighters may very well not be interested in UK whistleblowers, but you cannot tell for sure.

  2. You should avoid searching for open proxy servers, if you are on a corporate or government intranet, as this may flag you up as a potential whistleblower.

  3. Not every open proxy server allows, encrypted SSL/TLS sessions,but those that do usually simply pass the encrypted session through unchanged (except where there is a sneaky man-in-the-middle attack in place). Therefore many open proxies do not provide any anonymity for https:// connections. Snoopers may not be able to read what content your are viewing or uploading, but they will still be able to log which websites you have visited, at what times and dates, and how much data you have uploaded or downloaded. If that amount of data is approximately the same as the size of the whistleblower document posted to a blog or forum, or sent via web email etc., then that may be sufficient circumstantial evidence to betray the identity of a whistleblower source.

  4. Tor exit nodes do not always allow SSL/TLS encrypted sessions either, but since these are vital for e-commerce, many do, even behind otherwise restrictive firewalls and censorware. The Tor system will, after a short delay, find a reasonably randomly chosen exit node, which does accept SSL/TLS connection, statistically, this will usually be located outside of the United Kingdom.

  5. Remember that using any SSL/TLS https:// encrypted proxy server session, or the mostly encrypted Tor proxy cloud, may protect the contents of your traffic from local snoopers, but if you have to login or otherwise authenticate to a web server or email system etc., then those details (including your real IP address) will still probably be logged by the target server, regardless of the link or session encryption, and so your whistleblower details may still be exposed, if that server is physically seized as evidence by the police or is sneakily compromised by intelligence agencies etc., either through technical hacking or bugging or by putting pressure on the systems administrators.

  6. You may actually get more anonymity when using the Tor cloud by not using the https:// version of a web page (if there is an alternative, unencrypted version available), since all the Tor traffic is encrypted anyway between your PC and the final exit node in the Tor cloud, which will probably not be physically in the United Kingdom.

  7. This applies especially to websites like the reasonably anonymous whistleblowing website wikileaks.org (based in Sweden) , which offer both http://, https:/and Tor Hidden Service methods of uploading whistleblower leak documents, but who tend to, mistakenly, insist on using https:// encryption for when someone comments on their wiki discussion pages. IWhen (not if) the wikileaks.org servers, or a blog or a discussion forum like the activist news site Indymedia UK are physically seized (this happened to IndyMedia UK at least 3 times now) , this may, in some circumstances, betray the real IP addresses of commentators with inside knowledge of a whistleblower leak i.e. suspects for a leak investigation. N.B. both wikileaks.org and IndyMedia UK claim not to log IP addresses to files, but ,inevitably, some of the recent IP address information will be available in the working memory of the machines, and their co-location hosts and upstream ISPs, will probably have some logfiles.

  8. Once you have identified,or been told about, a few open web proxies, it is often fiddly and inconvenient to change your web browser settings manually. This task can be automated through the use of Firefox browser add ons such as FoxyProxy or, Torbutton

  9. You can check if your open proxy server configuration is actually hiding your real IP address, via websites like Network-Tools.com

1 Comments

Ahaa, its pleasant discussion concerning this paragraph
at this place at this weblog, I have read all that,
so at this time me also commenting at this place.
All across the globe, Online searchers seek out methods to continue to be
private to your Websites they will stop by. The same customers happen to be in search
of tips on how to access common Web pages which can be
obstructed via entire teams of customers.

Many Internet users include used a anonymizer or even Web proxies solutions to live secret or even access to on line Television, Xbox 360 Dwell,
Hulu, and also other significant content web
sites from around the world. The most popular Ruskies
anonymizer service provider HideME.ru offers last but not least
intended the British Internet site for services referred to
as InCloak.org. “Our services let consumers to modify their own authentic Ip to some furnished unknown IP that allows these phones browse the web
securely devoid of leaving behind a history in addition to achieve
100-percent usage of formerly blocked Internet websites,” said the InCloak.
com consultant. The actual InCloak.web anonymizer
permits you setting the web server nation of starting point, decide on any available IP address, filtration system detrimental screenplays, lower ads plus bring favorite and sometimes seen Websites
on the program’s plugin. Even though the anonymizer is employed by a certain picked software, this provider offers a electronic Personal Community (VPN) referred to as OpenVPN.

Your VPN customer service offers utmost privacy as well
as to protect all of purposes in which use the World wide
web from your subscriber’s pc. “The primary VPN edge on any kind of proxy or anonymizer may be the means it gives you privacy
as well as to safeguard all the laptop or computer instantly,” stated the
particular specialist. InCloak.org offers Web-site gear like Web proxies, proxy collection, Checker and much more as few
as $0.04 each day and also VPN entry at as little as $0.
11 daily along with one-year subscribers. Further options contain daily,
per month in addition to two-year subscriptions.
The actual high grade access plan provides entire access to the anonymizer (and also VPN, when
the rule is actually purchased on this solution) with no limits upon
make use of. Quite a few additional features
can also be integrated.

About this blog

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Some of these people will, in the public interest, act as whistleblowers, and may try to leak documents or information to the mainstream media, or to political blog websites etc.

Here are some Spy Blog "Hints and Tips", giving some basic preecautions, and some more obscure technical tips, which both whistleblowers, journalists, and bloggers need to be aware of, in order to help preserve the anonymity of whisteleblowing or other journalistic sources, especially in the United Kingdom, but applicable in other countries as well.

Whistleblower anonymity may not always be possible, or even necessary, forever into the future, but it is usuially crucial during at least the early stages of a "leak", whilst it is being evaluated by others, to see if it merits wider publication and publicity.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.

blog@spy[dot]org[dot]uk

Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

Current PGP Key ID: 0xA165A29480CFAA4C which will expire on 6th September 2014

pgp-now.gif
You can download a free copy of the PGP encryption software from www.pgpi.org
(available for most of the common computer operating systems, and also in various Open Source versions like GPG).

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.

Pages

Tag Cloud

Recent Comments

  • Proxy List: Ahaa, its pleasant discussion concerning this paragraph at this place read more

Syndicate this site (XML):

Categories

Tor Hidden Service

In order to make censorship a little more difficult, a copy of this Hints and Tips for Whistleblowers guide is also being published as a Tor Hidden Service.

You will need to have installed the Tor software and established a working Tor connection, and then you will be able access this copy via end to end encryption and a high degree of anonymity through the Tor cloud:

http://r3lb3r3an7uj7bos.onion/

If you do not have Tor installed, you can still access this Hidden Service via the tor2web.org proxy: https://r3lb3r3an7uj7bos.tor2web.org/ still with encryption, but without as much anonymity.

Convention on Modern Liberty - 28th Feb 2009

Convention on Modern Liberty - 28th Feb 2009
Convention on Modern Liberty - 28th Feb 2009

The Convention is being held in the Logan Hall and adjoining rooms at the Institute of Education in Bloomsbury, central London.

Address:

The Institute of Education
20 Bedford Way
London
WC1H 0AL

There are video linked screenings or other parallel meetings being held across the UK in Belfast. Bristol, Cambridge, Cardiff and Manchester.

Convention on Modern Liberty blog

Campaign Button Links

Watching Them, Watching Us, UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg
FreeFarid.com- - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution Petition to the European Commission and European Parliament against their vague Data Retention plans.

Open_Rights_Group.png
Open Rights Group

renew for freedom - renew your passport in 2006
Renew For Freedom - renew your Passport in the Summer Autumn of 2006.

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

irrepressible_banner_03.gif
Amnesty International's irrepressible.info campaign

anoniblog_150.png
BlogSafer - wiki with multilingual guides to anonymous blogging

ngoiab_150.png
NGO in a box - Security Edition privacy and security software tools

homeofficewatch_150.jpg
Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

rsf_logo_150.gif
Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

committee_to_protect_bloggers_150.gif
Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

wikileaks_logo_low.jpg
Wikileaks.org - the controversial "uncensorable, anonymous whistleblowing" website based currently in Sweden.

public_concern_at_work.gif
Public Concern at Work - "(PCaW) is the independent authority on public interest whistleblowing. Established as a charity in 1993 following a series of scandals and disasters, PCaW has played a leading role in putting whistleblowing on the governance agenda and in developing legislation in the UK and abroad. All our work is informed by the free advice we offer to people with whistleblowing dilemmas and the professional support we provide to enlightened organisations."