Don't Fear Internet Anonymity Tools

Yes. I have given JAP TRUSTED ZONE server rights from IP 127.0.0.1 to MY COMPUTER. And these rights are for JAVAW.EXE and not JAP.EXE, but you explained this above.

 

I've disabled all of the privacy and mobile code settings within ZA, and things do seem to be a little better. But one thing stands out. On this form into which I'm currently typing (Reply to Thread), there are a number of icons in the Message dialog box. These icons are for some reason VERY slow to paint. All text paints very quicly, but the page never completely loads, and opening additional tabs (pages) really slows things down.

 

P2K - Hello once again.

Am I correct in saying that the fewer users will result in a faster browsing experience, but lower anononimity?

 

Correct - although your encrypted traffic is no easier to decipher, it is easier for someone able to observe traffic coming in and out of the mix servers to determine which unencrypted traffic is yours...

The problem you report with web graphics sounds very much like a network connection limitation on your system (your browser will open a new connection for each page element). Have you installed XP SP2? If so, you may be encountering its limits on concurrent network connections - if you look at your Event Log (via Start/Settings/Control Panel/Administrative Tools/Event Log) and see Event 4226 reported, then this is definitely the cause (as detailed in Changes to Functionality in Microsoft Windows XP Service Pack 2).

If this is the case, you can get a patcher from http://www.lvllord.de/ which will allow you to adjust this limit (although I would always suggest caution about applying third party patches, this site has been up for a while and the patch widely disseminated so any hidden surprises should have been found out fairly quickly).

 

No SP2 yet, P2K. I'm too chicken.

 

Then I'd suggest one of those other security utilities - heh, heh, this is where girding your PC up to the gills with all that software has a downside! ZoneAlarm on its own shouldn't have a problem with multiple network connections but there could be an interaction with one of the other programs that's causing the trouble. Possibilities include NOD32 (have you set it to exclude ZoneAlarm? - if not, try it and also try disabling any HTTP filtering by IMON), WormGuard (a network connection limiter would seem logical here, but I'm not familiar enough with it to be certain) and possibly some features of TDS-3. I'd suggest disabling each one for a short period just to see if it helps...

 

Nice work there, P2K! You are an example of what makes this forum so different from many others. Answering questions and having the patience to talk someone through something. Very impressive!

 

Thanks, P2k. I'll try this. By the way, what are the security implications of disabling IMON's scanning of ZA traffic?

 

Agreed luv2besecure. He's one fine member.

 

Sorry for the delay in replying - I've been away from the Internet (gasp! horror!) for an evening, but have managed to get back on-line before my hands started shaking too badly.

www.nod32.ie/download/betainfo.htm has a good description of IMON's HTTP scanning functionality. If this is disabled, your browser could download a webpage infected with a virus - however, such a download should also be detected by background scanners the instant the virus was written to the browser cache so you should still be protected (and disabling web page active content/mobile code is a far more effective protection in most cases also).

If disabling IMON's HTTP filter does not help matters, then check that NOD32 is not scanning your ZA logfiles. These logfiles will be written to constantly so a background scanner (which is triggered by file reads and writes) will continuously scan and rescan them if they are not excluded. Since these scans are done by hooking into standard Windows file read/write routines, they tend to affect the parent program (ZA's vsmon in this case) and will increase its CPU utilisation in Task Manager rather than being attributed to NOD32 itself.

The ZA log files should contain no code and should never be treated as an executable file, so even if a virus was added to them it would never get the chance to infect your system. However, if you do not know which files to exclude (someone with more knowledge of ZA than I should be able to advise) then try excluding the ZA program files folder. This does create some risk (the ZA program files could then be infected), but this is just a temporary change for troubleshooting purposes. Also try the same (excluding ZA logs) for any other background scanners/file monitors you are running (e.g. TDS-3 possibly).

I'm assuming (presuming?) that your network traffic is limited to browser/email usage. If you run other applications that use lots of network bandwidth (P2P programs for example) then the cause could be with these (though they should affect non-JAP usage also in this case) so please do say if this is the case.

Thanks for the feedback though I feel it's a little premature - let's see if this problem can be resolved first.

 

Thanks again, P2K. I've disabled the ZA security privacy features and it's quite a bit faster. I can live with the way it is. And I'm afraid to disable too many security features, but I would like to disable scanning of the ZA log file. Not sure how to do it. The name of the file is zalog.txt, and I know the directory. But from looking through NOD, I can't see any way of disabling anything but files with a certain extension.

What I can't understand is why it's so much faster when my browser is NOT using the proxy (port 4001).

Edit: I just realized this dialog box is for specifying what types of files TO scan.

 

It needs to be excluded in AMON - the NOD32 Help should give information on how to do this.

I believe it is the extra number of network connections created when you use a local proxy. If you get the same symptoms when installing Proxomitron (or any other web-filtering proxy) then this would confirm it - if however they had no effect, then other causes would need to be investigated.

 

I found it. I've excluded ZA logs and PG logs. I knew these apps were creating logs as I surfed / opened applications, but I never stopped to think that every time something was written to these logs that AMON would scan it and that would slow my PC down. Excellent insight. Thanks! Now I'm going through other running apps to see what else I might want to exclude that are harmless.

 

AMON should only be doing this if you have it set up to scan all files - there may be an option to tell it to scan executable files only or to exclude certain filetypes (using these should be easier than tracking down every logfile on your system). However did it make a noticeable difference with using JAP?

On a related note, you may find SysInternals' FileMon utility of some interest. It shows programs' file usage and can be a bit of an eye-opener (I use various eye-candy programs like WindowBlinds and WindowFX and their file usage is significant - which in turn was triggering background AV checks).

Finally, I did re-read the start of this thread (ah, nostalgia ) and I noticed your interest in JAP started when I mentioned that public proxies left your online activity visible to your ISP. Perhaps I should point out that while Anonymizer's free service does not appear to encrypt traffic, the pay-for services do apparently use SSL encryption which should provide protection against ISP snooping.

 

It did make a noticeable difference. And I do have NOD set to scan all files.

I do use Anonymizer's paid-for service. It is at times slow, too. But usually at peak-traffic times.

 

Everyone does have things to hide. These include what your relatives died of (insurance companies would love to know this), how your children are doing at school (do you really want this information available to every molesting loonie around?), what your views on the government are (take it from me - the Bush administration won't hesitate to send the police round on the slightest hint of 'Un-American Activities'), and loads of other information.

 

This thread could be considered a short book... good read though and I have chosen to use JAP, but am curious about the privacy of the servers it uses. It seems that JAP would be great if there were servers that could be trusted, maybe ones in countries without good governing. Also, it is a fact that the Dresden-Dresden server only has two mixs and they have the same operator and it is a fact that it has goverment spyware installed and was both installed and activated in the past. It is not known whether the goverment spyware is currently activated, but I do not see why it wouldn't be since it seems that the goverment has the rights to do so. If the spyware is installed on the actual servers then I do not see how JAP being open source will affect it.

Does anyone have any information on the Regensburg server? It is a good think I do not have anything illegal to hide since I am testing JAP.

 

It is only one server I believe, so would not count as a true "mix".

If someone is using multiple mix servers, they cannot be tracked without the cooperation of the admins at every mix. As such, the "spyware" (it reported attempts to access one specific IP address) was placed in the JAP client.

Both the client and server code are open source so you can check them or you could set up your own JAP server if you wished.

A previous post in this thread did provide links to websites for other groups involved with JAP including AN.ON (Babelfish translation)

 

"Nice work there, P2K! You are an example of what makes this forum so different from many others. Answering questions and having the patience to talk someone through something. Very impressive!"

Completely agree. Also obviously very knowledgable in this area which is very impressive.

I considered using jap but since my connection is so slow anyway I decided not to go for it now. You mentioned it slows down the internet quite considerably especially if many people are using it.

 

Tor has been working very well on my computer with Proxomitron and SocksCap.. it seems to be way faster than Jap was on the three servers I tried.

 

Thanks for the feedback - I was curious about Tor's speed so will probably give it a try later on.

Thanks also Burns.

 

Ha. As usual most of this thread passes above my head at speed.
(see signature )

Was checking out Anonymizer web site after ringing endorsement noted.
I cant get the Privacy test page up on Foxfire and refuse to use IE ever again.
Cant even tell if the software supports FF
Any advice?
Anonymiser web page seems only to allow contact from subscribers.

Thanks.

 

If Anonymiser's test page does not work for you, there are number of others to use:

Network-Tools Analyze My Connection - A good general test of your Internet connection and browser details.
Leader Network Tools - A more advanced test that checks for proxy usage (appears to be down at the moment though).
BrowserSpy - Numerous options to find out everything your browser (and plugins) may reveal.

Note that it is necessary to use a web filter like Proxomitron or Privoxy to ensure that your browser does not reveal your real address when using a proxy.

 

Hello again, P2K!

These are some excellent sites. I use Anonymizer in addition to JAP, which you turned me onto. At times JAP can be slow, but it's easy to use.

Regarding Anonymizer - their 2004 version requires you to load software onto your PC. I believe it's a proxy of sorts, if my terminology is correct. In any case, to use it one simply clicks the icon in the system tray and all internet traffic is routed via thier server through a SSL connection, and "secure tunneling" (that's their terminology, whatever that means).

Unfortunately, I can see no way of verifying if the connection is SSL. The lock icon I'm used to seeing is not displayed in the browser status bar. But the folks at Anonymizer claim it's not supposed to be displayed, but it is a secure connection.

Do you know of a way of testing a connection to see if it is really SSL?

 

Yes, D&C, it is an SSL connection. Think of Anonymizer as a VPN, which it is of sorts, with a wrapper that makes it totally encrypted. It's not your browser connection that is encrypted (which is when you see the lock). Your entire session, when connected to Anonymizer, is encrypted. You have connected your computer to Anonymizer's servers in a direct "encrypted secure tunnel." Everything between your computer and anonymizer is encrypted and hidden from your ISP and everyone else along the way to Anonymizer. Good service.

edit: Daisey, Do you have Anonymizer 2004, Private Surfing, or Total Net Shield? I thought Total Net Shield was the new product with the tunneling. Doesn't A-2004 only hide your IP? Which product is listed in the "about" dialog box?

Gerard