Introducing DeAnonymizer

Discussion in 'privacy technology' started by SteveTX, Jul 29, 2009.

Thread Status:
Not open for further replies.
  1. Genady Prishnikov

    Genady Prishnikov Registered Member

    Joined:
    Mar 9, 2006
    Posts:
    350
    This DeAnonymizer tool was supposed to show the world that providers who don't use VPN solutions are worthless. Steve first mentioned DeAnonymizer on this forum in December of 2008 -- "In January we'll be posting a public tool that does just that. Defeats vidalia, tunnels, http, and everything short of a vpn connection, and it doesn't rely on flash at all."

    January became August and it doesn't do what Steve claimed it would. Not even close.

    Another comment from Steve -- "My guys now recommend that everyone go to vpn for their proxy implementation because everything else can be defeated. And in january we'll prove it, just like before."

    Steve, I have used your DeAnonymizer using five different privacy providers that do not use VPN and I passed them all.

    More from Steve -- "Not laughing, I just can't disclose the whole trick. If you're running tor, and a modern browser, that is all it takes."

    Newsflash -- I have used the Tor bundle with Vidalia from the Tor Project itself and it passed. I used OperaTor and it passed as well.

    While I was looking at Steve's posts, I came across this beauty after someone asked about ShadowVPN -- "In response to ShadowVPN question - This is still going strong. It is one of the 9 brands we are releasing in the next few weeks. We actually have 2 USA brands coming, but they do different things." That was in March of 2009. Where are these services that were due out "in the next few weeks" back in March? I throw this in because this whole DeAnonymizer BS is just like so much of what Steve writes here.

    Remember the old song, Promises Promises by Naked Eyes?

    You made me promises, promises
    You knew you'd never keep
    Promises, promises
    Why do I believe
    All of your promises
    You knew you'd never keep
    Promises, promises
    Why do I believe

    Promises
    Promises
    Promises
    Promises
    Promises
     
  2. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    SteveTX, as a suggestion for you to consider, please reassess the priority of development efforts for XeroBank. While deAnonymizer is interesting, it seems to be a diversion that delivers little benefit to existing XeroBank customers and detracts from the enhancement of the core services of the company. Xero Networks (like every company) has limited resources, and they need to be deployed very thoughtfully with the goal of maximizing value for the customer.

    I hope you read this comment as a helpful suggestion (which is my intention) and not as a criticism. :)
     
  3. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    DeAnonymizer's lead dev is Kyle, and we are happy to support it and work on it with him. However, this also means it is developed and updated as often and in the order that Kyle wants to (if it was up to me, I would have had the DNS buster be the first thing, and the noscript buster the second!). I really like it, as he comes up with new attacks all the time so it is a creative outlet. If he is not ready to implement the VPN DNS buster test, i'm fine with that (and it is an older trick and he focuses on what has never been done before, but we both agree it should be added). Infact I think he may have found a vulnerability in SSL implementation last week if I remember correctly. Anyway, you got 15 0-day attacks against privacy with the deanonymizer, enjoy it, more are coming. Infact... what i've heard is that he has a user-agent buster... even if you fake your user-agent string, he says he has the ability to discover your OS and browser and what OS packages you have installed, I still don't know how he can work that into the test system but we'll see.
     
  4. MakePB

    MakePB Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    85
    Location:
    Find-IP-Address.org
    Only what count by any deanonymizing test is discovering visitor real IP address behind proxy or socks servers. All others test to discover browsers, OS or whatever are trivial.

    Without discovering visitor real IP address other side have nothing.
     
    Last edited: Aug 10, 2009
  5. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,363
    Location:
    Oz
    I'm looking forward to it.
     
  6. jesusjesus

    jesusjesus Registered Member

    Joined:
    Jul 21, 2009
    Posts:
    61
    I tried using the VLC media firefox plugins for streamed video/audio. The 3rd test detects my real IP via anonymous web proxies. That was pretty cool.
     
  7. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    Weell, I passed with Vidalia and _without_ :p
     
  8. MakePB

    MakePB Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    85
    Location:
    Find-IP-Address.org
    Here is eveidence that even non anonymous proxy server from Pakistan (which do not exist at all according to Steve) has passed DeAnonymizer without disabling Java, JAvascript or plugins and without Firewall (see PC tools firewall disabled).
    I'm wonder why is my IP address not displayed!?

    IP Address lookup from Find-ip-address.org show it well that i'm behind non anonymous proxy server with showing my real IP.
    It is easy to catch with simple checking variables.
     

    Attached Files:

    Last edited: Aug 12, 2009
  9. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    the most test on this site try to exploit some 3rd party software form apple adobe or the WMP & outlook form MS.

    it seams quite useless to me.
     
  10. MakePB

    MakePB Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    85
    Location:
    Find-IP-Address.org
    It is useless and as Genady Prishnikov said
    "This DeAnonymizer tool was supposed to show the world that providers who don't use VPN solutions are worthless".
    And "My guys now recommend that everyone go to vpn for their proxy implementation because everything else can be defeated. And in january we'll prove it, just like before."

    And probably that XB technology only count and nothing else. That anonymous proxy servers never existed (the people were crazy when they mentioned anonymous proxy servers as servers that retrieves Web pages for you, providing only its own identity to the sites it visits)... that proxy chaining is trivial..
    With other words anything what you can imagine can be defeated except technology based on XB and maybe a 2-3 exceptions.

    Only we missed here as usually evidence that it is really so. Even transparent proxy server pass all test.
     
  11. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    "YOU PASSED" does not mean you are anonymous, it only means the test didn't have any brand-new automated test that succeeded against your browser/os/network combo. The test is inclusive, not exhaustive. The tests are not universally applicable, nor is the testing framework. Because it didn't work for you does not mean you are safe nor that it doesn't work, it just didn't work with the current tests, for you, for your specific browser/os/network combination. If you switched browsers, browser versions, OS, or network, it would be an entirely different test environment.

    Perhaps we should take off "You Passed" and instead put "Test Unsuccessful" or "Negative Result", as people are seeming to think that "Passed" means they were successful. There is no success, only failure to force a leak.
     
  12. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Awesome. I had not seen this one in effect before. What is your browser / OS combination?
     
  13. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    Well I passed with using a frest XP vm with Firefox 3.5 and vidalia, once tith tor throu th etor botton on,
    and the secund the torr button off, not even cookies blocked or so....
    this should be a quite common set.

    what is a test good for if it dont even success on the above setup.
     
  14. veta

    veta Registered Member

    Joined:
    Aug 15, 2009
    Posts:
    4
    passed XP/Firefox 3.0.13 with the Tor bundle media player, quicktime no adobe.

    also

    passed ubuntu 9.02/Tor/prvioxy/firefox


    I'm all for this type of application, trying to test all the various privacy options out there is great in my book. I understand its beta, and will check my various setups as updates are made.


    My only criticism is the way this way built up. Claiming it was going to "shred" the Tor bundle is a big claim. It is a good way to get noticed, but if you don't produce, it makes you sound a little like chicken little....you know "The sky is falling!" Maybe, a slightly less sensational approach? Probably a personal taste thing. I just prefer the strong silent approach.

    -V
     
  15. Bensec

    Bensec Registered Member

    Joined:
    Aug 4, 2008
    Posts:
    177
    Location:
    China Changsha
    without proxy :"The connection was reset"

    with proxy: "you pass"

    Code:
    Your IP Address: 77.222.131.40
    Spoofed IP Address: 77.222.131.40
    Network Name: Tor Network
    If you know the user is using tor, and failed to detect her IP, then the "Your IP Address" seems pointless.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.