CGIProxy for Anonymous Surfing and Privacy?

Discussion in 'privacy technology' started by mark.eleven, Jul 16, 2008.

Thread Status:
Not open for further replies.
  1. mark.eleven

    mark.eleven Registered Member

    Joined:
    Oct 27, 2006
    Posts:
    81
    Location:
    Island of Sodor
    I surf the Net regularly for info and news and don't touch P2P nor porn. I have nothing to hide, just that I value my privacy and do not like the idea of someone snooping into my personal details.

    With the recent regulated "snooping" by the government and companies, I was wondering about the feasibility and effectiveness of using a private webserver which is SSL enabled, and installed with CGIProxy. ( eg. get a webhosting account so that I can installed CGIProxy on a password protected directory, for my own personal use)

    Products like xB browser, TOR, Anonymizer, etc may be good, but then we need to put our trust on third parties - people whom I do not know and hence need to trust them that they will not bow to pressure and give out our data in future.

    Hence, is it effective to use CGIProxy on a personal webserver with SSL installed for the purpose of privacy and surfing anonymously?

    What's your opinion?
     
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Using a simple proxy, especially one you set up yourself, you will only be protecting the content (privacy), not the context (anonymity) of your traffic, and only from a very weak attacker. You have stated that the government is your theoretical adversary, and that you are a low-level target. I am assuming that you are in the US. The government is not a weak attacker, actively or even passively. If your proxy box is in the US, you have already circumvented any privacy you might have created through encryption, because the government can just monitor the data going out of the box. So 1) you will need to put it on a server outside your country of monitoring. If you are browsing from the US, and the box is outside the country, and the website you are visiting are in the US, it will break your privacy because you are the only user. So 2) You need to have lots of other people constantly using the box, otherwise the government can just see any traffic coming from that box is automatically yours. Doing #1 and #2 by yourself can be a daunting task, and if you don't use it correctly, or don't implement it correctly from both directions, you will be shooting yourself in the foot.

    There is no 1-man anonymity or privacy network. Your traffic has to mix with the traffic of others, otherwise when the unencrypted data goes to the web, your adversary merely needs to monitor that traffic, and ignore whatever encrypted traffic is between you and the proxy, because they know it is you already. So if you do set up a proxy, you'll need to share it with a few hundred people at any one time. And if the box is yours, it will automatically attract attention to you personally. And if the traffic of your closest two hundred friends is of interest/illegal, it will also attract more attention to you. It's a difficult situation, but the fact is you can't do it alone and have either privacy if your traffic isn't end-to-end encrypted all the way to the websites you are visiting, and you definitely won't have anonymity. And if the traffic was already end-to-end encrypted and you don't have anonymity, there is no point in setting up a proxy because you could have just done that in the first place. In the end, you do have to trust someone, unless you have a closed group VPN that is only used to contact your friends and their computers.
     
  3. fuzzylogic

    fuzzylogic Registered Member

    Joined:
    Mar 12, 2008
    Posts:
    149
    you can do your own cgi-proxy on a web account, it will provide a small cover of privacy, through not anonymously (remember your webhost knows whom your are). for just doing some simple surfing it should protect against snooping from websites and isp. however this has some obvious flaws. one; it isn't going to stop the government knowing what your doing; two; you can become known to that ip address and its no better than a standard isp ip.

    i far better idea is to find a webhost that allows an SSH tunnel, the push a TOR connection through it. that way you have the knowledge of information passing through something you control, then having that anonymity that you crave as well. otherwise look at a third party commerical privacy service outside your country and go with that. Also its not that hard to setup either, if you can upload a script via ftp and follow basic instructions, cgiproxies aren't that hard to setup and maintain. Its a good tool to have on hand if you need some privacy, but for higher levels you'll need something like TOR/JAP for anonymity and a commerical tool for privacy. (you can always conbime the two if you wish but it can make it less private depending on the service)
     
Loading...
Thread Status:
Not open for further replies.