I am confused. JAP's website seems to indicate that its use will prevent your ISP from seeing where you are surfing. I only thought that was possible with tunneling software (like f-secure, putty, stunnel, etc). Can ISP's log your surfing (except to the JAP servers)? If not, how is that possible without tunneling software? Thanks!!!!!

Large thread for you.

http://www.wilderssecurity.com/showthread.php?t=44764

Thanks ron, I read that thread all the way through earlier, but it doesn't answer my question about JAP somehow shielding your surfing from your ISP. I thought only tunneling software prrevented that, but JAP seems to somehow do this. My question - is that true? and if so, how?

Paranoid2k is the man for that question. He seems to have good knowledge on Jap.
He makes rounds through here often.

Here's a link that should be helpful. http://anon.inf.tu-dresden.de/desc/encr_jap_en.html

Do NOT use Jap!

http://www.deny.de/phpbb2/viewtopic.php?t=9480&sid=2fe01595f75ab1229b32af5bcb4cf618

{QUOTE-> I am confused. JAP's website seems to indicate that its use will prevent your ISP from seeing where you are surfing. I only thought that was possible with tunneling software (like f-secure, putty, stunnel, etc). Can ISP's log your surfing (except to the JAP servers)? If not, how is that possible without tunneling software? Thanks!!!!! <-QUOTE}

From reading the description of JAP , apparantly connections between your browser and JAP and various mixes are encrypted (though the connection from the last mix to final destination is not). All the ISP can see is your connection to JAP.

Do not use 'the Stealther' either.

Both Jap and Stealther sell your IP address to 3'rd party web sites. A packet sniffer test will prove this.

Would you trust them with your info? I certainly wouldn't! I can suggest much better alternatives, if you're interested?

Check out Tor:

www.freehaven.net
^ /tor

Works great with SocksCap and Proxomitron/Privoxy

I would like to see some free alternatives to JAP that will also hide your activities from your ISP and other snoops as effectively as JAP.

Jack Black, the program I mentioned in the post right above yours called Tor uses very simular encryption that JAP uses and has the same affect. For me Tor has been much faster than JAP and uses way less resources. They have an installer that will set it up for you. You will need to either use Privoxy or Proxomitron(+SocksCap) with it.

{QUOTE-> Thanks ron, I read that thread all the way through earlier, but it doesn't answer my question about JAP somehow shielding your surfing from your ISP. I thought only tunneling software prrevented that, but JAP seems to somehow do this. My question - is that true? and if so, how? <-QUOTE}JAP acts as a tunnel, encrypting your connecting between your PC and the mix servers. Only at the last mix server is the traffic decrypted and passed on to the destination website (it has to be in the clear at this stage). There is more detail on the Architecture of the Anonymization Service (http://anon.inf.tu-dresden.de/desc/desc_anon_en.html) page.

It should be noted at this stage that all JAP's available mixes consist of just 2 servers except the default (Dresden-Dresden) mix which is one only. This will still hide your traffic from your ISP and obscure your address from websites you visit, but will not protect from any agencies that can observe all traffic coming to and from the JAP mixes (traffic analysis can then be used to match your encrypted incoming request with the decrypted outgoing one).{QUOTE-> Do NOT use Jap! <-QUOTE}That thread is rather dated - see this post (http://www.wilderssecurity.com/showthread.php?p=169889#post169889) for more current links.{QUOTE-> Both Jap and Stealther sell your IP address to 3'rd party web sites. A packet sniffer test will prove this. <-QUOTE}A packet sniffer will show nothing of the sort - it would simply show encrypted packets going to the first server in the JAP mix. If a proxy server administrator wished to log (and sell on) usage details, there is no way you could tell from the traffic coming from your PC. However with systems like JAP (and Tor), the server administrator does not know this information - they only see data going to another mix server. Only the last mix will see what websites are accessed, and they would only know the previous mix server - not your own IP address. So to track your web activities, every mix owner would have to cooperate.

This was why JAP could only implement monitoring (and this logged access to a specific IP address only) by modifying their client - and since the client was open source this was quickly discovered (indeed, the JAP project made it pretty obvious). Apparently the function is still present but disabled (since if they receive another court order, they have to comply with it immediately and appeal later).{QUOTE-> For me Tor has been much faster than JAP and uses way less resources. They have an installer that will set it up for you. You will need to either use Privoxy or Proxomitron(+SocksCap) with it. <-QUOTE}I would say that Tor appears to be about twice as fast and has more servers available. The downside is that the client is a little less user-friendly and setting up is a little more tricky (the key is to use SocksCap to run Proxomitron and to disable remote proxy access on Proxomitron). It would be nice also to know how many servers your request was being sent through.

However it does seem likely that the JAP client will be able to access the Tor network in the near future giving the best of both worlds. :)

{QUOTE-> However it does seem likely that the JAP client will be able to access the Tor network in the near future giving the best of both worlds. <-QUOTE}

Yeah I have been looking forward to that :)

The only problem I have with these software solutions is the lack of speed. I have used Metropipe Tunneler, Primedius and FindNot.com and find the commercial services are much speedier. There's also no public servers that might be honey pots. All of the commercial services I have used have been around for quite awhile and get pretty good reviews. FindNot.com is a straight VPN and is really fast. Tor seems slow to me too. I just don't quite trust the plethora of public servers many of these pass thru. I know that the mixes aren't actually true public servers, but they just as well be with no strict rules and oversight. I just like speed, that's the biggest problem with these software based proxies.

{QUOTE-> Yeah I have been looking forward to that :) <-QUOTE}The development release of JAP does now offer Tor as an option, with some caveats. Please see Using JAP to access Tor (http://www.wilderssecurity.com/showthread.php?t=57411) for more details.