which patched Proxomitron Interface do you like best?

i was thinking of patching proxomitron's GUI. i did it once before but for some reason didn't keep it very long. does one of them add something the others don't? is there a reason why you think one is better than the others?

http://mizzmona.com/proxomitron/gui/
http://mizzmona.com/proxomitron/gui/screenshots/

http://www.geocities.com/sidki3003/prox-gui.html
http://www.geocities.com/sidki3003/prox-control.html

this one has screenshots comparing the patched version with the unpatched down the page.
http://www.xs4all.nl/~vsetten/prox/

 

I never knew there were patched GUIs for Proxomitron.

Of those though, I like the one in the last link. I just think all the options/buttons are placed well.

 

the last link is the one most people use i think, but i like the look of the first one best. there are loads of screenshots of it on that page i linked to. i'm not sure how well they'll work with linux though because proxomitron unpatched has slightly odd charactor rendering, maybe the patches will be even worse

 

Never saw that first one, seems better. No1 reason: the icon seems unchanged, while on the 2nd i didn't like it. The 1st one is also not so shinny.

BTW Iceni, have you tried WebCleaner?
I tried it, but since installing Debian i never got around to install it here. I had a good 1st impression though.

 

i've never heard of web cleaner, i used web washer for a bit before i released proxomitron was still ok to use and i use privoxy too, i can't start using another one lol

 

I'm not familiar with different GUIs, but let me ask one question: Why do you use Proxomotron at all? I tried it some years ago for several months - and finally gave up. The reasons:

• I found it very difficult to have a ruleset that works satisfactorily for all sites or rather defining exceptions where necessary.
• If you attach importance on outbound control in your PFW, you must have rules that prevent applications (with the exception of your browser) to gain web access via localhost. (In the past not all PFWs were able to do this.)
• AFAIK Proxomitron doesn't work for SSL-encrypted sites - this is a major security risk, IMHO. (There is a lengthy thread here on Wilders started by Paranoid2000 about this issue.)

Since you also use Ubuntu (besides Windows), I guess that Firefox is your default browser. By combining several extensions you will get everything Proxomitron offers but much more comfortable/flexible and secure:

• With Noscript (in combination with Secure Login) I can control active content (Javascript, Java, plugins) on a per-site basis, and I have additonal protection against XSS.
• With CookieSafe I can control cookies on a per-site basis.
• With Refcontrol I can control Referrers on a per-site basis.
• With Adblock Plus and several subscriptions that are regularly updated I block ads very efficiently while it's very easy to define exceptions.

And they all work also for HTTPS-sites!

What does Proxomitron offer what these extensions don't?

 

i don't use ubuntu or firefox, i talk about ubuntu a lot and post in the firefox extensions thread, but i use suse with Opera. my version of opera is completely different from the default version i've added about 100 extra things and it's the best browser in the world. i might make a video showing all the hacks and extras i have

proxomitron does work with SSL connections whereas nothing else does, so i think you got it wrong. proxomitron is the most powerful http web filter there is that's why i use it.

here's some pictures of my browser, when i click on that heart button that extra toolbar appears

 

i don't use windows at all. opera can do all those things out-the-box without having to add extras, but with proxomitron too it's a great combination and far more powerful. maybe you should try out opera and proxomitron

 

No, I'm not. I've been using FF with these extensions for a long time also for many https-sites, of course, and it's very obvious if something is blocked or not. And as for Proxomitron and SSL: Yes, it can handle https-sites, indeed, by decrypting, filtering and re-encrypting the data but you will always get security alerts from your browser as Proxomitron uses its own certificate and not the domain-specific one. This is well explained by the late author of Proxomitron, Scott Lemmon. Thus, if you're not getting these alerts you obviously don't filter https-sites.

No offense, but that's a worthless assertion without any proof and no answer to my question what Proxomitron offers more than the solution I suggested.

 

So your signature is a little bit mislading, isn't it?

I tried Opera two or three years ago, and I liked FF better. Besides, I prefer open source, and that's why I will stick with it (even while Opera might well be improved, too).
As for Proxomitron, I don't see any reason why I should use it as explained in my other posts.

 

thanks for the help.

 

if anyone decides to post about patching proxomitron's interface don't bother because i've lost interest in this thread. it was pretty clear with tlu's first sentence he doesn't care about proxomitron's interface either, i lost interest with his posts then.

it might sound strange i know but i'm happy with the programs i use and don't care what programs he uses. if i wanted to tell everyone why proxomitron is better then everything else i'd start a thread about it, but i really, really don't care about what anyone else is using. and i don't care for telling everyone to use what i'm using either.

anyway i can't take anyone seriously who says they'd rather use open source while posting using windows lol

 

If I was just getting started with Proxo, I'd probably choose Sidki's. I'm so used to the original layout, I'd probably have a hard time getting used to a different setup. I still use that obnoxious default color scheme.

There's no need to explain why you prefer Proxomitron. Anyone who's used it for a while and understands how the filters work already knows why you prefer it. I consider it an essential on my boxes.

Rick

 

Fair enough. On the other hand, we're here in Wilders Security Forums, and seen from this angle it seems more than legitimate to point to the fact that Proxomitron has problems filtering https-sites - and this is a serious security problem as shown in this thread.

You are free to use whatever you chose. I was just enumerating some security issues concerning Proxomitron (again, this is a security forum), and I haven't read a counter-argument from you.

Hm, where did I say that As a matter of fact, I have a dual-boot solution with Windows XP still installed but very rarely used, and my main OS is Kubuntu. Besides, even in Windows it makes sense to use open source software. I don't understand why you can't take anyone seriously doing this.

 

i like Sidki's too, but i think you're right i'll probably keep the default interface now lol

i don't think you'll get one either, i've no idea what you're going on about

 

Either i misinterpreted Paranoid2000, or you did. He's saying the Proxomitron is

 

That's exactly what I wrote in post #9 above - please read that! And since your're stumbling upon https-sites quite often (it's not only your bank's site, but also used, e.g., by Doubleclick - see the examples in the mentioned thread), you will get security alerts from your browser every time this happens. And this is the reason why most Proxomitron users who tried filtering SSL sites probably have disabled this feature as it's simply too annoying. But I guess the the very most users are not aware that Proxomitron doesn't filter https-sites by default, anyhow.

 

In this case I can only say: You post a lot in this forum, but it's quite obvious that you don't read what you respond to.

 

You mean the readme?

I think you really are misinterpreting the whole program. And yes, users will read what to install before using it (slleay32.dll and libeay32.dll).

 

One post of insulting and personal nature has been removed. No repeats please otherwise this thread will be closed.

Thanks you

Menorcaman

 

That's a great feature of proxomitron. However, ssl filtering is almost impossible to do since all of the information is ENCRYPTED. Proxo uses its own certificate to serve as a man in the middle, thereby decrypting the data before it reaches your browser, then filtering it, then giving it to the browser. Most proxies don't do this since you have to install a certificate and do all of the decrypting.

Also, I am glad it doesn't do it by default, since that would mean it is invading the privacy of the users by decrypting there secured data (like banking) and reading it before giving it back to them. Of course this shouldn't be enabled by default. However, if the user has read and understands the implications and what it does, then they should be given the option to do so (which they are).

Cheers,

Alphalutra1

 

i filter out the junk

 

Yes, I agree. That's the technical background I described - in slightly different words - in post #9. I used Proxo in that way some years ago. One reason why I stopped using it was that it crashed rather often while filtering https-sites. But that may have changed with newer filters and improved SSL libraries.

However, I stand corrected regarding the never-ending security alerts from the browser. I had simply forgotten that I, myself, presented a solution to turn this off in Firefox about two years ago. I'm sure this can be also done in IE and Opera.

This said, I still think that my other statements in post #6 are valid. I found it rather difficult to maintain a tight ruleset while easily defining exceptions for specific sites. This is a breeze with the solution I suggested. And on Windows systems you have to take care that your outbound control isn't undermined if you're using a Personal Firewall. Below the line, all I was trying to say was that configuration of Proxo is considerably more difficult and, well, even clumsy while filter results aren't better.

But of course, everybody is free to use whatever he/she prefers.

 

all the off topic posts are insulting too, they should be deleted as well.

 

This had me puzzled too. I presume that the intended meaning was that Proxomitron did not handle SSL natively but needed extra persuasion, with the downside of browser security alerts for every https site.

While it is true that Firefox extensions (notably GreaseMonkey) can filter https traffic, this isn't much help for those using other browsers - Proxomitron will work with any browser and can even be used with devices that have no filtering capability at all (e.g. handheld browsers) though for security reasons, this should be limited to within users' local networks only.

As for firewall rules, the best option is to use one which requires rules for incoming access from localhost - then you can limit Proxomitron access to programs running on the same computer (and optionally, trusted local network addresses).