Wrap Firefox in a Cocoon of privacy

[lotuseclat79]

Wrap Firefox in a Cocoon of privacy.

Has anyone tried the Cocoon Firefox add-on? If so, what do you think about it.

It is not free.

-- Tom

[SteveTX]

Looks like a standard https proxy service using a firefox plugin.

[J_L]

Too bad it's shareware.

[dw426]

Has anyone done any testing/have an opinion of "Stealthy"? https://addons.mozilla.org/en-US/fir...ddon/stealthy/

[Sadeghi85]

Quote:

Originally Posted by dw426

Has anyone done any testing/have an opinion of "Stealthy"? https://addons.mozilla.org/en-US/fir...ddon/stealthy/

It sends a request to -http://rcp.stealthy.co:8080/PollDealer/GetProxy?countryCode=XX, picks an IP:Port from response and sets Fx proxy settings to use that, your ISP can still see what you're doing. See what happened when I tried it: attachmentid=226273 a proxy shouldn't send that, which means the IP that Stealthy picked isn't actually a proxy -> -http://www.ip-adress.com/Proxy_Checker/208.43.138.195:80

Quote:

Originally Posted by lotuseclat79

It is not free.

What a pity ...

[teksquisite]

Quote:

Originally Posted by lotuseclat79

Wrap Firefox in a Cocoon of privacy.

Has anyone tried the Cocoon Firefox add-on? If so, what do you think about it.

It is not free.

-- Tom

I have! I was one of their original beta testers, (I have tested a lot of security\cloud apps.) It has come a very long way since then. They don't really advertise that Brian Fox (original author of the BASH shell) is one of the Dev's and co-founder or that Marvin Minsky (MIT/AI) sits on the advisory board.

I believe that they are working on a "Freemium" version. Cocoon is not standard at all. China has an eye on it too.

With all the malvertising that is going to be out there this year - it is a highly viable Internet security candidate that has the capability to halt malware from accessing the operating system.

Just observing Facebook friends and family - click-happy people that they are, I have cleaned up more malware messes than I care to mess with. I'd love to put them all on Cocoon - it would make my life a whole lot easier.

RE: "If so, what do you think about it."

I especially love the mailslots (decreased spam in a huge way) and also really like the ability to block Facebook tracking and online ad servers. I like the control that it gives me over cookies, the notes that I can take while doing Internet research, the bookmarks and the history options too. I like the fact that I can't be tracked.

I do have to agree about the pricing though. I would perhaps create a few different versions of the plug-in: Freemium, Pro, Business - and for censored countries like China, I would create a "Censored version" that was free.

Overall, I believe that we are losing ground to malware automated-toolkits - those of us involved in Internet security are always fighting from the bottom of a very high hill. The $$$$ stakes are HUGE.

Anyway it has been nice posting here - just wish I could find my way around the forums a bit easier



Cheers!
/Bev

[J_L]

@teksquisite: Good news you have there. What are the differences between these versions?

Nice name btw.

[teksquisite]

Quote:

Originally Posted by J_L

@teksquisite: Good news you have there. What are the differences between these versions?

Nice name btw.

Thanks for the nice name compliment!

The versions are my idea only! I will definitely contact them tomorrow and let them know about my "versions" idea

I think that with everything happening in the realm of automated toolkits that we really have to look at Internet security in a whole different light. With the addition of social networks as a popular attack vector - just look at Facebook and Twitter! Common Internet security anti-virus suites can't keep up with the newest strains. Anti-virus vendors can be testing and implementing updated patches while malware authors recompile the code within 24 hours or less. So current options are always a step-behind. It is a highly convoluted problem...

[teksquisite]

Quote:

Originally Posted by SteveTX

Never duplicated, frequently impersonated (on Usenet)

I once was Usenet too! The wild, wild west of the Internet!

[DasFox]

Quote:

Originally Posted by SteveTX

Looks like a standard https proxy service using a firefox plugin.

Where did you draw this conclusion from?

THANKS

Quote:

Originally Posted by Sadeghi85

It sends a request to -http://rcp.stealthy.co:8080/PollDealer/GetProxy?countryCode=XX, picks an IPort from response and sets Fx proxy settings to use that, your ISP can still see what you're doing. See what happened when I tried it: attachmentid=226273 a proxy shouldn't send that, which means the IP that Stealthy picked isn't actually a proxy -> -http://www.ip-adress.com/Proxy_Checker/208.43.138.195:80

A proxy shouldn't send what?

Javascript has nothing to do with any of this...

You still have to surf with your browser yes? If so and you have it disabled or you are using NoScript as an example then you are going to see this type of reply regarding Javascript no matter what...

I wrote them an email to explain how this service works, I'll be interested to hear what they have to say....

Quote:

Originally Posted by teksquisite

Thanks for the nice name compliment!

The versions are my idea only! I will definitely contact them tomorrow and let them know about my "versions" idea

I think that with everything happening in the realm of automated toolkits that we really have to look at Internet security in a whole different light. With the addition of social networks as a popular attack vector - just look at Facebook and Twitter! Common Internet security anti-virus suites can't keep up with the newest strains. Anti-virus vendors can be testing and implementing updated patches while malware authors recompile the code within 24 hours or less. So current options are always a step-behind. It is a highly convoluted problem...

Well if M$ would build a decent OS that works the way it really should, being run as a user, giving access to root when needed, then we wouldn't have as many problems.

In the meantime, instead of continuing to support the stupidity of the Windows model, it's time for people to start embracing more of OSX and Linux, to kiss your malware goodbye!

[Sadeghi85]

Quote:

Originally Posted by DasFox

A proxy shouldn't send what?

Javascript has nothing to do with any of this...

You still have to surf with your browser yes? If so and you have it disabled or you are using NoScript as an example then you are going to see this type of reply regarding Javascript no matter what...

That JavaScript message came from the server that was supposed to be a proxy, not the website I was trying to visit, a proxy shouldn't care if I have JavaScript enabled or not. In this case that server wasn't a proxy at all, it was wrongly set as proxy by Stealthy.

[DasFox]

Quote:

Originally Posted by Sadeghi85

That JavaScript message came from the server that was supposed to be a proxy, not the website I was trying to visit, a proxy shouldn't care if I have JavaScript enabled or not. In this case that server wasn't a proxy at all, it was wrongly set as proxy by Stealthy.

Wrongly set by Stealthy, you running a test for Cocoon with Stealthy?

Stealthy gives you a proxy to surf on, so why would you be throwing Stealthy into this with Cocoon?

[Sadeghi85]

Quote:

Originally Posted by DasFox

Wrongly set by Stealthy, you running a test for Cocoon with Stealthy?

Stealthy gives you a proxy to surf on, so why would you be throwing Stealthy into this with Cocoon?

#4

123

[DasFox]

Quote:

Originally Posted by Sadeghi85

#4

123

I know what Stealthy is, no need to point a link to it...

So what are we saying Cocoon is sending a request to Stealthy from what I read above?

[doktornotor]

Quote:

Originally Posted by Sadeghi85

a proxy shouldn't care if I have JavaScript enabled or not.

Considering that proxy autoconfiguration in browsers is being done via javascript, I think you might want to reconsider.

[Sadeghi85]

Quote:

Originally Posted by doktornotor

Considering that proxy autoconfiguration in browsers is being done via javascript, I think you might want to reconsider.

Considering that the JavaScript code in PAC executes even with JavaScript disabled, you might want to reconsider.

Point is, normally a proxy shouldn't send its own content back to client, it just happened to be a message about JavaScript being disabled, could be whatever else...

[clayieee]

you dont need cocoon when you have a good AV, besides its not free.

[enemyofarsenic]

Cocoon is free now http://download.cnet.com/8301-2007_4...oon-goes-free/

[DasFox]

Quote:

Originally Posted by clayieee

you dont need cocoon when you have a good AV, besides its not free.

This goes beyond just AV protection...

This will be interesting to see how this goes...

Hey Spooony here's our free legitimate proxy service now...

Where's that Spoony at...

Proxies Proxies... LOL...

[Snoop3]

what's in it for the company that builds this "cocoon" software? how would they make money and if everything is filtered thru their servers are they trustworthy?

[Doraemon]

Is the NoScript bug resolved?

[Spooony]

ssh -D localhost:12000 user@ipaddress

Edit -> Preferences -> Advanced -> Network -> Settings

Connection Settings screen, select Manual proxy configuration and type localhost into SOCKS Host: and 12000 into Port:. Also make sure that SOCKS v5 is selected. Hit OK and Firefox should now use the SSH tunnel instead of the standard port 80.

about:config--->network.proxy.socks_remote_dns---->true

autossh -M 20000 -D localhost:12000 user@ipaddress

done

Any questions

[jesusjesus]

You are prohibited from using the Software and Service if you are a citizen, national, or resident of, or are under control of, the government of Cuba, Iran, Sudan, Libya, North Korea, Syria, or any other country to which the United States has prohibited export. You agree not to download or otherwise export or re-export the Software, directly or indirectly, to the above mentioned countries nor to citizens, nationals or residents of those countries.

That sounds very American government friendly. TOO friendly. Most of these types of software try and help the citizens of the countries this software prohibits use in.

edit: I install it, I clicked on something in the toolbar & it blue screen of death'd my computer. Windows says to be suspicious of recently installed drivers.... hmm like the driver this Cocoon piece of crap just installed 2 mins earlier.

[crapbag]

According to their T&C's etc it will be paid for software at some point. Think they'll limit the free version.

FWIW I'm using v1.15d with Firefox 5, NoScript 2.1.2.3., and AdBlock Plus. Working fine.

It seems easy enough to navigate and does change your location. It doesn't seem to like PrivateBrowsing in Firefox, but I'm using something else for cookies and stuff.

I doubt I'd pay for it based on what I've seen so far but I'll give it time.

What's the main difference between this and something free like Tor?