Wrap Firefox in a Cocoon of privacy

Discussion in 'privacy technology' started by lotuseclat79, Apr 6, 2011.

Thread Status:
Not open for further replies.
  1. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,096
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Looks like a standard https proxy service using a firefox plugin.
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Too bad it's shareware.
     
  4. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
  5. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    It sends a request to -http://rcp.stealthy.co:8080/PollDealer/GetProxy?countryCode=XX, picks an IP:port from response and sets Fx proxy settings to use that, your ISP can still see what you're doing. See what happened when I tried it: attachmentid=226273 a proxy shouldn't send that, which means the IP that Stealthy picked isn't actually a proxy -> -http://www.ip-adress.com/Proxy_Checker/208.43.138.195:80
     
  6. carat

    carat Guest

    What a pity ... :doubt:
     
  7. teksquisite

    teksquisite Registered Member

    Joined:
    Jun 2, 2008
    Posts:
    10
    Location:
    Oregon
    I have! I was one of their original beta testers, (I have tested a lot of security\cloud apps.) It has come a very long way since then. They don't really advertise that Brian Fox (original author of the BASH shell) is one of the Dev's and co-founder or that Marvin Minsky (MIT/AI) sits on the advisory board.

    I believe that they are working on a "Freemium" version. Cocoon is not standard at all. China has an eye on it too.

    With all the malvertising that is going to be out there this year - it is a highly viable Internet security candidate that has the capability to halt malware from accessing the operating system.

    Just observing Facebook friends and family - click-happy people that they are, I have cleaned up more malware messes than I care to mess with. I'd love to put them all on Cocoon - it would make my life a whole lot easier.

    RE: "If so, what do you think about it."

    I especially love the mailslots (decreased spam in a huge way) and also really like the ability to block Facebook tracking and online ad servers. I like the control that it gives me over cookies, the notes that I can take while doing Internet research, the bookmarks and the history options too. I like the fact that I can't be tracked.

    I do have to agree about the pricing though. I would perhaps create a few different versions of the plug-in: Freemium, Pro, Business - and for censored countries like China, I would create a "Censored version" that was free.

    Overall, I believe that we are losing ground to malware automated-toolkits - those of us involved in Internet security are always fighting from the bottom of a very high hill. The $$$$ stakes are HUGE.

    Anyway it has been nice posting here - just wish I could find my way around the forums a bit easier :)



    Cheers!
    /Bev
     
  8. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    @teksquisite: Good news you have there. What are the differences between these versions?

    Nice name btw.
     
  9. teksquisite

    teksquisite Registered Member

    Joined:
    Jun 2, 2008
    Posts:
    10
    Location:
    Oregon
    Thanks for the nice name compliment!

    The versions are my idea only! I will definitely contact them tomorrow and let them know about my "versions" idea :)

    I think that with everything happening in the realm of automated toolkits that we really have to look at Internet security in a whole different light. With the addition of social networks as a popular attack vector - just look at Facebook and Twitter! Common Internet security anti-virus suites can't keep up with the newest strains. Anti-virus vendors can be testing and implementing updated patches while malware authors recompile the code within 24 hours or less. So current options are always a step-behind. It is a highly convoluted problem...
     
  10. teksquisite

    teksquisite Registered Member

    Joined:
    Jun 2, 2008
    Posts:
    10
    Location:
    Oregon
    I once was Usenet too! The wild, wild west of the Internet!
     
  11. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Where did you draw this conclusion from?

    THANKS



    A proxy shouldn't send what?

    Javascript has nothing to do with any of this...

    You still have to surf with your browser yes? If so and you have it disabled or you are using NoScript as an example then you are going to see this type of reply regarding Javascript no matter what...

    I wrote them an email to explain how this service works, I'll be interested to hear what they have to say....



    Well if M$ would build a decent OS that works the way it really should, being run as a user, giving access to root when needed, then we wouldn't have as many problems.

    In the meantime, instead of continuing to support the stupidity of the Windows model, it's time for people to start embracing more of OSX and Linux, to kiss your malware goodbye! ;)
     
  12. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747

    That JavaScript message came from the server that was supposed to be a proxy, not the website I was trying to visit, a proxy shouldn't care if I have JavaScript enabled or not. In this case that server wasn't a proxy at all, it was wrongly set as proxy by Stealthy.
     
  13. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825

    Wrongly set by Stealthy, you running a test for Cocoon with Stealthy?

    Stealthy gives you a proxy to surf on, so why would you be throwing Stealthy into this with Cocoon?
     
  14. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    #4

    123
     
  15. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825

    I know what Stealthy is, no need to point a link to it...

    So what are we saying Cocoon is sending a request to Stealthy from what I read above?
     
  16. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    Considering that proxy autoconfiguration in browsers is being done via javascript, I think you might want to reconsider. :p
     
  17. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    Considering that the JavaScript code in PAC executes even with JavaScript disabled, you might want to reconsider. :p

    Point is, normally a proxy shouldn't send its own content back to client, it just happened to be a message about JavaScript being disabled, could be whatever else...
     
  18. clayieee

    clayieee Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    261
    you dont need cocoon when you have a good AV, besides its not free.
     
  19. enemyofarsenic

    enemyofarsenic Registered Member

    Joined:
    Jun 18, 2011
    Posts:
    63
  20. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825

    This goes beyond just AV protection...

    This will be interesting to see how this goes...

    Hey Spooony here's our free legitimate proxy service now...

    Where's that Spoony at...

    Proxies Proxies... LOL...
     
  21. Snoop3

    Snoop3 Registered Member

    Joined:
    Jan 2, 2011
    Posts:
    474
    what's in it for the company that builds this "cocoon" software? how would they make money and if everything is filtered thru their servers are they trustworthy?
     
  22. Doraemon

    Doraemon Registered Member

    Joined:
    Aug 5, 2009
    Posts:
    202
    Is the NoScript bug resolved? o_O o_O o_O
     
  23. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    ssh -D localhost:12000 user@ipaddress

    Edit -> Preferences -> Advanced -> Network -> Settings

    Connection Settings screen, select Manual proxy configuration and type localhost into SOCKS Host: and 12000 into Port:. Also make sure that SOCKS v5 is selected. Hit OK and Firefox should now use the SSH tunnel instead of the standard port 80.

    about:config--->network.proxy.socks_remote_dns---->true

    autossh -M 20000 -D localhost:12000 user@ipaddress

    done

    Any questions
     
  24. jesusjesus

    jesusjesus Registered Member

    Joined:
    Jul 21, 2009
    Posts:
    61
    You are prohibited from using the Software and Service if you are a citizen, national, or resident of, or are under control of, the government of Cuba, Iran, Sudan, Libya, North Korea, Syria, or any other country to which the United States has prohibited export. You agree not to download or otherwise export or re-export the Software, directly or indirectly, to the above mentioned countries nor to citizens, nationals or residents of those countries.

    That sounds very American government friendly. TOO friendly. Most of these types of software try and help the citizens of the countries this software prohibits use in.

    edit: I install it, I clicked on something in the toolbar & it blue screen of death'd my computer. Windows says to be suspicious of recently installed drivers.... hmm like the driver this Cocoon piece of crap just installed 2 mins earlier.
     
    Last edited: Jul 17, 2011
  25. crapbag

    crapbag Registered Member

    Joined:
    Mar 14, 2011
    Posts:
    144
    According to their T&C's etc it will be paid for software at some point. Think they'll limit the free version.

    FWIW I'm using v1.15d with Firefox 5, NoScript 2.1.2.3., and AdBlock Plus. Working fine.

    It seems easy enough to navigate and does change your location. It doesn't seem to like PrivateBrowsing in Firefox, but I'm using something else for cookies and stuff.

    I doubt I'd pay for it based on what I've seen so far but I'll give it time.

    What's the main difference between this and something free like Tor?
     
Loading...
Thread Status:
Not open for further replies.