[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: WWW proxies?

To: [email protected]
Subject: Re: WWW proxies?
From: Bill Stewart <[email protected]>
Date: Sat, 27 Apr 1996 02:37:06 -0700
Cc: [email protected]
Sender: [email protected]
At 07:13 PM 4/26/96 -0400, Black Unicorn <[email protected]> wrote:
>Has anyone developed such a beast yet?

Good timing for the question!  As Perry pointed out, the CERN
httpd provides basic proxy functions, but it doesn't do the
anonymizing job of deleting/replacing information your
browser may output to a CGI script, so it's only a partial solution.

The pre-beta-test anonymizer proxy Sameer mentioned does the main
protocols, though doesn't anonymize https: yet; doing the job
right is difficult or impossible without support in the browser
for features such as double-encrypted SSL sessions (one layer
of encryption between the browser and proxy, and an end-to-end
connection between the browser and the destination server.)
        [Jeff - any chance of this unlikely feature being supported?]
I tried doing an https: connection to the proxy, but something
wasn't in the directory it expected; that's what betas are for :-)
Alternatively, maybe an SSH connection could work?

>Will we have as extensive a WWW proxy network as remailer network?

That's partly a technical question, and partly a social/economic one.
The technical parts are whether it's easy to install an anonymizer
on your web server (at least for Unix and maybe NT users),
and whether there's a big drawback if you do, like performance hit
or extra charges from your ISP.  There's also a technical issue
of whether anon-proxies will be quiet underground things,
or whether there'll be some convenient coordination mechanism,
such as random.anonymizer.com being a DNS hack that picks a
random anonymous server that can be temporarily registered
by just starting an anonymizer application.

The social parts of the question are how we get people to _want_
to install it, and how we get them to keep running it once
it gets annoying.  A good PR job can help, especially if
installation+registration is a one-or-two-button thing;
using one anonymizer nags you to install your own.

Perhaps somebody will find a convenient way to add
only-mildly-annoying advertising to the anonymizers,
or to collect digicash without discouraging users,
giving some tradeoff between social responsibiity and
crass profit motives, and allowing a spectrum of 
anonymizers to operate.  Of course, especially with
some profit-making services (e.g. the Anonymous Porn Proxy
or the Hemp Buyers' Privacy Connection)
the server may have trouble convincing customers that
the anonymity is really being preserved, whether from
government subpoenas, junkmail and credit card fraud,
or future resale to Blacknet.

The other side of the propagation problem is keeping
proxy providers willing to run their services after they
have problems because of how their service is used.
One problem is spammers and other abusers.
Suppose somebody uses your anonymizer to connect to
a web-posting page or mailto: and spams a big mailing list
or newsgroup with objectionable material, like the
<perjorative deleted> spammer who sent hate mail from my
remailer to the various gay newsgroups signed with
some innocent bystander's name.  At best you get flamed;
at worst your ISP drops your service.  Or the spammer
signs the guestbook at whitehouse.gov in an interesting manner.

Another problem is users whose behaviour attracts attention.  
Maybe it's the highly legitimate user who checks out the 
tax forms on irs.gov for taxable activities the IRS didn't know 
were involved in, like overseas banking and stocks when
_your_ tax returns all said "broke college student" (just _try_
explaining anonymizers to the compuer-illiterate IRS clerk.)
Maybe it's the user who wants to avoid junk email when she
checks out the Make.Money.Fast.multilevel.religious.technology
stockbroker service.  Guess who's now on Their lists.
Maybe they used the anonymizer to view child pornography from
kidporn.sting.postalinspector.memphis.usps.gov, and the 
Post Office Police come kick your door down.   Or maybe
they were checking out the schedule at the Cannabis Buyer's Club
using your anonymizer just in case the FBI wiretappers wanted to
enforce laws that the S.F. Police don't bother people about.

Some of these problems can be helped by things like transient
proxy servers, if we build a convenient way for them to hook in
for a while and drop back out.  On the other hand, if you're waiting
for me to write all this code I'm suggesting we need, you'd
be better off hacking some more easy partial solutions that can
be deployed, tested, and replaced with the next edition :-)



#					Thanks;  Bill
# Bill Stewart, [email protected], +1-415-442-2215
Prev by Date: Re: trusting the processor chip
Next by Date: Re: Click here to become an International Arms Trafficker
Prev by thread: Re: WWW proxies?
Next by thread: Re: WWW proxies?
Index(es):
- Date
- Thread