|
Home > Archive > Anonymous Servers > March 2007 > secure tunnels
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Temporary Temp 2007-03-23, 7:13 am |
| Hi everybody,
I have been reading the posts about Privacy.Li and Cotse. I have used
both in the past and both seemed to work ok.
I do not want this thread to become a war of words please.
I want to use an encrypted tunnel and I am not sure about Cotse
because it is in the USA, and I have been waiting for two monthes for
money sent to Canada to get to Adminus, I fear that my money may be
lost.
So now that you all know where I am at the moment, my questions are,
1/ Are there any other secure tunnel company's around that are not in
the USA.
or
2/ Can somebody who is patient please help me to learn about how to
use Tor and the other programs to post anonimously? I have downloaded
freecap_setup_eng.exe
QS1.2.5.exe
QS1.2.6b2.exe
ufasoft_sockschain_3.11.151.exe
latest.exe (tor)
ctunnel.exe
I have not installed them yet as I do not know which ones to start
with. I do have putty5.8.exe and I know how to use this for a paid for
tunnel.
thanks for any help.
Temporary
| |
| Aunti Virus 2007-03-23, 7:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In article <pv970351gmvi4s3ihb4bjt3pd4kiobnpgc@4ax.com>
Temporary Temp <temp@temp.com> wrote:
> X-Hamster-Info: Score=99 ScoreLoad=99 ScoreSave=0 Received=20070323060713
> Xref: peculiar.homeip.net alt.privacy.anon-server:17721
> Path: peculiar.homeip.net!news.bananasplit.info!news.glorb.com!news-in-01.newsfeed.easynews.com!easynews.com!easynews!easynews-local!fe05.news.easynews.com.POSTED!not-for-mail
> From: Temporary Temp <temp@temp.com>
> Newsgroups: alt.privacy.anon-server
> Subject: secure tunnels
> Message-ID: <pv970351gmvi4s3ihb4bjt3pd4kiobnpgc@4ax.com>
> X-Newsreader: Forte Agent 4.2/32.1118
> MIME-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> Lines: 34
> X-Complaints-To: abuse@easynews.com
> Organization: EasyNews, UseNet made Easy!
> X-Complaints-Info: Please be sure to forward a copy of ALL headers otherwise we will be unable to process your complaint properly.
> Date: Fri, 23 Mar 2007 10:42:12 GMT
> X-Old-Xref: news.bananasplit.info alt.privacy.anon-server:64572
>
> Hi everybody,
>
> I have been reading the posts about Privacy.Li and Cotse. I have used
> both in the past and both seemed to work ok.
>
> I do not want this thread to become a war of words please.
>
> I want to use an encrypted tunnel and I am not sure about Cotse
> because it is in the USA, and I have been waiting for two monthes for
> money sent to Canada to get to Adminus, I fear that my money may be
> lost.
>
> So now that you all know where I am at the moment, my questions are,
>
> 1/ Are there any other secure tunnel company's around that are not in
> the USA.
> or
don't bother paying for anything. learn to use Stunnel and Tor.
you'll be better off.
> 2/ Can somebody who is patient please help me to learn about how to
> use Tor and the other programs to post anonimously? I have downloaded
> freecap_setup_eng.exe
> QS1.2.5.exe
> QS1.2.6b2.exe
> ufasoft_sockschain_3.11.151.exe
> latest.exe (tor)
> ctunnel.exe
>
> I have not installed them yet as I do not know which ones to start
> with. I do have putty5.8.exe and I know how to use this for a paid for
> tunnel.
>
> thanks for any help.
>
> Temporary
look on the panta website, find the link for the pantawiki, there's an
article there that goes into great detail how to use stunnel and tor with
quicksilver.
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQA/ AwUBRgQKewc1ZuHjbNh8EQLFDACgwbB3rM51JkMu
jllmUM4bJ5YA+jcAoMSO
J46XyUOjS0mrcKJA/kixCuKN
=QweJ
-----END PGP SIGNATURE-----
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
for abuse and hashcash info.
| |
| Fritz Wuehler 2007-03-23, 7:12 pm |
| Temporary Temp wrote:
> Hi everybody,
>
> I have been reading the posts about Privacy.Li and Cotse. I have used
> both in the past and both seemed to work ok.
>
> I do not want this thread to become a war of words please.
>
> I want to use an encrypted tunnel and I am not sure about Cotse
> because it is in the USA, and I have been waiting for two monthes for
> money sent to Canada to get to Adminus, I fear that my money may be
> lost.
All that nonsense aside, are you sure a "secure tunnel" is what you even
want? What is it specifically you think you might gain by routing your
traffic through a single hop proxy?
If your answer includes any variation on "hiding my identity or
activity from the law or any other legitimate entity", you're using the
wrong tool to begin with.
> So now that you all know where I am at the moment, my questions are,
>
> 1/ Are there any other secure tunnel company's around that are not in
> the USA.
Sure there are. Many of them in places that make the USA look like a
long day on a sunny beach with 2 topless virgins buying you beer when
it comes to their privacy laws and practices.
Were you aware that Hong Kong has more FBI agents stationed in it than
most US States, for example? And that in Hong Kong, US FBI agents don't
have to get warrants to raid and seize providers? That's why they keep
a large presence there. It's also why things like Echelon were mostly
US funded projects, carried out on mostly foreign soil.
The bottom line is, the US is a popular horse to kick but the facts say
it's little more complicated than "evil America", and even US law
enforcement knows that or they wouldn't be operating off shore
themselves. Indeed, for the "off shore" rhetoric to mean anything at
all you'd have to take into account the specific type of activity in
question, see what it means with respect to the laws of each specific
foreign jurisdiction, and then do a considerable amount of research to
make sure each jurisdiction's laws aren't made completely irrelevant by
some trade or legal agreement between that jurisdiction, and your own.
> or 2/ Can somebody who is patient please help me to learn about how
> to use Tor and the other programs to post anonimously? I have
> downloaded
Generally, you'll want to install and configure Tor first. Then get
other software to cooperate with it.
There's installation instructions for Tor at tor.eff.org.
http://tor.eff.org/docs/tor-doc-win32.html.en
I think there's a step by step QS howto on that site, or in its
documentation. Note that you can post to Usenet and send email
addresses with the best anonymity available, using QS without Tor.
And here's a link to the Torify Howto which should lead you through
setting up other software with Tor.
http://wiki.noreply.org/noreply/The...ter/TorifyHOWTO
No need to reinvent the wheel here, most of the above will lead you
through the process step by step. If you have any problems at all, or
don't understand things as you're going along, this is a good place to
ask. There's also an IRC channel for Tor at irc.oftc.net if you're into
that. /join #tor
> freecap_setup_eng.exe
> QS1.2.5.exe
> QS1.2.6b2.exe
> ufasoft_sockschain_3.11.151.exe
> latest.exe (tor)
> ctunnel.exe
>
> I have not installed them yet as I do not know which ones to start
> with. I do have putty5.8.exe and I know how to use this for a paid
> for tunnel.
Paid tunnels (tunnels of any type) and anonymous services like Tor and
the remailer network are two different things. They provide completely
different services. One is a privacy provider, the other an anonymity
provider. The two overlap in some areas, but they're separate and
distinct goals.
Again, what exactly is it that you're trying to hide, and from whom? If
you're a disgruntled employee ready to expose Microsoft's secret plans
for world domination through subliminal messages imbedded in Windows or
some government insider with proof Kennedy was killed by the CIA, then
you will want to stick with remailers and Tor. If you're an average Joe
just trying to protect himself from spammers and scammers out on the
net by obfuscation their name and origin, then a tunnel is probably the
right tool for the job, although Tor and remailers do a pretty good job
in that area too. They are, however, less reliable and harder to use.
| |
| George Orwell 2007-03-24, 1:14 am |
| Wrong on all counts, most of the offshore privacy providers keep NO
identifying information on any user on any secured server, even if a
server got compromised NO information is there on anyone. If they were to
try to make privacy.li log for example, they would shut down and move the
server. Some just don't log customers regardless, they only keep security
logs for system integrity against hackers etc not records on what users
do, get it
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
George Orwell <nobody@mixmaster.it> wrote in
news:479b2df462bf278451fe7ef3f15eec48@mi
xmaster.it:
> Wrong on all counts, most of the offshore privacy providers keep NO
> identifying information on any user on any secured server, even if a
> server got compromised NO information is there on anyone. If they
> were to try to make privacy.li log for example, they would shut down
> and move the server. Some just don't log customers regardless, they
> only keep security logs for system integrity against hackers etc not
> records on what users do, get it
How can any service operate the way you say and still be able to handle
customer billing and track/stop abuse?
Seems to me you HAVE to have a certain amount of logs to do this. If
this is not the case, please explain how these things are handled.
- --
http://blog.peculiarplace.com
http://offthecuff.lurasbookcase.com
http://peculiarplace.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32) - GPGshell v3.52
iQEVAwUBRgSbi3V+YnyE1GYEAQje/Af/ef66wc6bRzCSUG9hFOkVGPqBZJaW3AjU
LqaiqNUQm9WN365CjIkDIrgEGw8nfi2QHYHVlukK
q+FRsJ1BIobK3yMXbU7ypbBD
BkkwcfqjekxtYUJXYmr2O7twtGMUlkfgtK1dR0kQ
t5TfqMfD4zzm4MNt8cw+5pNj
GWNJ+HaQImzfWMNXFMZTNuR5LDJCLfR2mxzivs3H
ldfA9eqXqokRK/e2qgHNiTi+
BoFjWw7ue+x1T1oT45iWrWHqNdBulVH8yWyaDvyq
o2ct7aZksjT4x+rsg3DlFbZm
VjuIq/ EVzjbUJPpODqbwv44cJIAlr5VNyx5C01jGu+pfyX
HSt2TTQA==
=GBOO
-----END PGP SIGNATURE-----
| |
| Nomen Nescio 2007-03-24, 1:14 am |
| In article < 479b2df462bf278451fe7ef3f15eec48@mixmast
er.it>
George Orwell <nobody@mixmaster.it> wrote:
>
> Wrong on all counts, most of the offshore privacy providers keep NO
> identifying information on any user on any secured server,
So,which offshore providers DO keep identifying information ?
| |
| Anonyma 2007-03-24, 1:14 am |
| George Orwell wrote:
> Wrong on all counts, most of the offshore privacy providers keep NO
> identifying information on any user on any secured server, even if a
> server got compromised NO information is there on anyone. If they were to
> try to make privacy.li log for example, they would shut down and move the
> server. Some just don't log customers regardless, they only keep security
> logs for system integrity against hackers etc not records on what users
> do, get it
>
You know any of this exactly... how?
| |
| Temporary Temp 2007-03-24, 1:14 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 23 Mar 2007 19:22:13 -0000, Aunti Virus <"auntivyrus
ATnym.panta-rhei.eu.org"@remailer-debian.panta-rhei.eu.org> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>In article <pv970351gmvi4s3ihb4bjt3pd4kiobnpgc@4ax.com>
>Temporary Temp <temp@temp.com> wrote:
>
>don't bother paying for anything. learn to use Stunnel and Tor.
>you'll be better off.
>
>
>look on the panta website, find the link for the pantawiki, there's
>an article there that goes into great detail how to use stunnel and
>tor with quicksilver.
>
>-----BEGIN PGP SIGNATURE-----
>Version: N/A
>
>iQA/ AwUBRgQKewc1ZuHjbNh8EQLFDACgwbB3rM51JkMu
jllmUM4bJ5YA+jcAoMSO
>J46XyUOjS0mrcKJA/kixCuKN
>=QweJ
>-----END PGP SIGNATURE-----
>
>~~~~~~~~~~~~~~~~~~~~~
>This message was posted via one or more anonymous remailing
>services. The original sender is unknown. Any address shown in the
>From header is unverified. You need a valid hashcash token to post
>to groups other than alt.test and alt.anonymous.messages. Visit
>www.panta-rhei.eu.org for abuse and hashcash info.
>
>
>
>
Hi Aunti Virus
Ok, thanks for that link. I am downloading a few pages from
panta-rhei and I am copy pasting some things into notepad now. I saw
the "HelpForBeginners" link and that sounds like really good for me,
have not opened that link yet.
Thanks heaps :-)
Temp
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3 - not licensed for commercial use: www.pgp.com
iQA/AwUBRgSm7DVCR6UjrQC6EQLOCQCeI+Jy/1LZO7+vwt1eQt7Lmrm/t44An0ko
ZvGxjTdD8nXGdJBCEQgjNotR
=2cRm
-----END PGP SIGNATURE-----
| |
| Temporary Temp 2007-03-24, 1:14 am |
| On Fri, 23 Mar 2007 23:37:25 +0100, Fritz Wuehler
<fritz@spamexpire-200703.rodent.frell.theremailer.net> wrote:
>Temporary Temp wrote:
>
>
>All that nonsense aside, are you sure a "secure tunnel" is what you even
>want? What is it specifically you think you might gain by routing your
>traffic through a single hop proxy?
>
>If your answer includes any variation on "hiding my identity or
>activity from the law or any other legitimate entity", you're using the
>wrong tool to begin with.
I have been downloading music and I would like to share because i have
so much now I find that i have some that others are requesting, I am
to scared to post but. I have seen on the news about people being
taken to court for copy write and they cop heaps.
>
>
>Sure there are. Many of them in places that make the USA look like a
>long day on a sunny beach with 2 topless virgins buying you beer when
>it comes to their privacy laws and practices.
YUK
>
>Were you aware that Hong Kong has more FBI agents stationed in it than
>most US States, for example? And that in Hong Kong, US FBI agents don't
>have to get warrants to raid and seize providers? That's why they keep
>a large presence there. It's also why things like Echelon were mostly
>US funded projects, carried out on mostly foreign soil.
I always thought that Hong Kong was the best
>
>The bottom line is, the US is a popular horse to kick but the facts say
>it's little more complicated than "evil America", and even US law
>enforcement knows that or they wouldn't be operating off shore
>themselves. Indeed, for the "off shore" rhetoric to mean anything at
>all you'd have to take into account the specific type of activity in
>question, see what it means with respect to the laws of each specific
>foreign jurisdiction, and then do a considerable amount of research to
>make sure each jurisdiction's laws aren't made completely irrelevant by
>some trade or legal agreement between that jurisdiction, and your own.
>
>
>Generally, you'll want to install and configure Tor first. Then get
>other software to cooperate with it.
>
>There's installation instructions for Tor at tor.eff.org.
>
>http://tor.eff.org/docs/tor-doc-win32.html.en
>
Thanks
>I think there's a step by step QS howto on that site, or in its
>documentation. Note that you can post to Usenet and send email
>addresses with the best anonymity available, using QS without Tor.
>
>And here's a link to the Torify Howto which should lead you through
>setting up other software with Tor.
>
>http://wiki.noreply.org/noreply/The...ter/TorifyHOWTO
>
>No need to reinvent the wheel here, most of the above will lead you
>through the process step by step. If you have any problems at all, or
>don't understand things as you're going along, this is a good place to
>ask. There's also an IRC channel for Tor at irc.oftc.net if you're into
>that. /join #tor
>
>
>Paid tunnels (tunnels of any type) and anonymous services like Tor and
>the remailer network are two different things. They provide completely
>different services. One is a privacy provider, the other an anonymity
>provider. The two overlap in some areas, but they're separate and
>distinct goals.
>
>Again, what exactly is it that you're trying to hide, and from whom? If
>you're a disgruntled employee ready to expose Microsoft's secret plans
>for world domination through subliminal messages imbedded in Windows or
>some government insider with proof Kennedy was killed by the CIA, then
>you will want to stick with remailers and Tor. If you're an average Joe
>just trying to protect himself from spammers and scammers out on the
>net by obfuscation their name and origin, then a tunnel is probably the
>right tool for the job, although Tor and remailers do a pretty good job
>in that area too. They are, however, less reliable and harder to use.
>
>
Gosh, I had to like read this a few times to understand it all. I
think I would be best with both, I think it would be good if I am both
private and anonymity. I am going to install Tor first and will finish
reading the panta-riegh site then go to the tor.eff.org site. I have
heard of onionrouter (and something about banana as well), some of
these names sure sound funny.
Thanks heaps for all that.
Temporary
| |
| Anonyma 2007-03-24, 1:14 am |
| George Orwell wrote:
> Wrong on all counts, most of the offshore privacy providers keep NO
> identifying information on any user on any secured server, even if a
> server got compromised NO information is there on anyone. If they
> were to try to make privacy.li log for example, they would shut down
> and move the server. Some just don't log customers regardless, they
> only keep security logs for system integrity against hackers etc not
> records on what users do, get it
There's no way you'd know any of this without owning "most off shore
privacy providers".
Thanks for kicking your own XXX. 
| |
| Nomen Nescio 2007-03-24, 1:14 am |
| In article < 479b2df462bf278451fe7ef3f15eec48@mixmast
er.it>
George Orwell <nobody@mixmaster.it> wrote:
>
> Wrong on all counts, most of the offshore privacy providers keep NO
> identifying information on any user on any secured server,
>So,which offshore providers DO keep identifying information ?
There are numerous privacy services out there. Some are suspect, while
others, IMHO are excellent. They usually provide several levels of
service Secure Tunnels being less expensive and are application
specific, while VPN offers higher speeds and less chance if
disconnects, and anonymizes ALL your traffic at one stroke.. Pretty
slick.
Regarding logging, that's hard to say, isn't it? I mean no one's going
to to admit it if they do. Several privacy services assign a common ID
making it very difficult, if not impossible to trace. The fact that
they are off-shore in many cases puts them beyond the reach of
subpoenas and the US Courts. Several privacy services state they do no
logging whatsoever. Look, you'll find them. Lots of mud-slinging also
from one service to another. Read, read.. there are some good ones out
there..
Lastly, keep in mind that many privacy services offer one the ability
to create an anonymous account by means of anonymous payments. So even
if they do log, who cares as your account is totally anonymized and
can't be traced..
| |
| Borked Pseudo Mailed 2007-03-24, 1:14 am |
| George Orwell <nobody@mixmaster.it> wrote:
> Wrong on all counts, most of the offshore privacy providers keep NO
Bullshit. You have no CLUE what most offshore providers do.
> identifying information on any user on any secured server, even if a
> server got compromised NO information is there on anyone. If they were to
> try to make privacy.li log for example, they would shut down and move the
> server. Some just don't log customers regardless, they only keep security
> logs for system integrity against hackers etc not records on what users
> do, get it
>
| |
| Temporary Temp 2007-03-24, 7:13 am |
| On Sat, 24 Mar 2007 06:50:27 +0100 (CET), Nomen Nescio
<nobody@dizum.com> wrote:
>In article < 479b2df462bf278451fe7ef3f15eec48@mixmast
er.it>
>George Orwell <nobody@mixmaster.it> wrote:
>
>
>There are numerous privacy services out there. Some are suspect, while
>others, IMHO are excellent. They usually provide several levels of
>service Secure Tunnels being less expensive and are application
>specific, while VPN offers higher speeds and less chance if
>disconnects, and anonymizes ALL your traffic at one stroke.. Pretty
>slick.
>
>Regarding logging, that's hard to say, isn't it? I mean no one's going
>to to admit it if they do. Several privacy services assign a common ID
>making it very difficult, if not impossible to trace. The fact that
>they are off-shore in many cases puts them beyond the reach of
>subpoenas and the US Courts. Several privacy services state they do no
>logging whatsoever. Look, you'll find them. Lots of mud-slinging also
>from one service to another. Read, read.. there are some good ones out
>there..
>
>Lastly, keep in mind that many privacy services offer one the ability
>to create an anonymous account by means of anonymous payments. So even
>if they do log, who cares as your account is totally anonymized and
>can't be traced..
Hi Nomen,
I would like to get a paid service, but trying to understand the
mudslinging is like really hard, there is even some mudslinging here
which upsets me a bit, I would have thought that everybody here are
about privacy/anonymity and so should respect whatever everyone else
wants to use.
How can I possibly know which service to choose? And if I can only
find three?
My search in google for "privacy tunnel" only brought up Privacy.Li,
and Secure-Tunnel, even Cotse was not mentioned. I have used Cotse and
Privacy.Li, and I do not know if they kept logs, I never had any
trouble with them and I suppose I would have to say I was happy about
their service. I now do not know what to think after reading some of
the posts here, kind of confusing me.
I think I want to learn about Tor and all the other stuff anyway, it
can only help me if I understand what they do and how to use them.
I see your using mixmaster/dizum yes? So you use remailers and all
that stuff, I want to be able to do the same. It seems like a bit of
an adventure to me.
Banana splits, hash cash, onions, some really weird names :-)
temp
| |
| Nomen Nescio 2007-03-24, 1:11 pm |
| temp@temp.com wrote:
> Hi Nomen,
>
> I would like to get a paid service, but trying to understand the
> mudslinging is like really hard, there is even some mudslinging here
> which upsets me a bit, I would have thought that everybody here are
> about privacy/anonymity and so should respect whatever everyone else
> wants to use.
>
> How can I possibly know which service to choose? And if I can only
> find three?
That is up to you. Ignore the trolls, I think their main purpose is to
cause confusion and I actually suspect some of it is government. The
FBI has in the past used disinformation and attempted to cause fighting
between groups as a way of undermining them (see Black Panthers). I
suspect they still do and what better way to confuse people than a bunch
of anonymous posts trashing everything and making it look like
infighting: Tor, remailer wars, privacy services wars, Quicksilver/JBN
wars, and insulting anyone who asks about any.
>
> My search in google for "privacy tunnel" only brought up Privacy.Li,
> and Secure-Tunnel, even Cotse was not mentioned. I have used Cotse and
> Privacy.Li, and I do not know if they kept logs, I never had any
> trouble with them and I suppose I would have to say I was happy about
> their service. I now do not know what to think after reading some of
> the posts here, kind of confusing me.
I've used cotse for years and have been happy. Throughput is good on
their tunnels, but their main strength lies in their other services, the
e-mail is the best I have found and the web hosting is quite nice as
well because it has saved me a hosting fee elsewhere. They are also the
only one I've found that details what logs are kept and why:
http://www.cotse.net/logging.html
I've also used privacy.li and was happy with them as well. But I used
them just for the tunnels as they don't have the service breadth of
coverage that cotse has. Their tunnels did work as advertised. They
claim to have no logs, but I think they are just talking about the
tunnels and data stream, which even cotse doesn't log. I have seen
their owner post about tracing users to their web site, so they do have
some logs if he did that, which makes sense as you have to have some.
I've also used findnot.com. The VPN was useful. It also worked as
advertised but they went from claiming to not have any logs to claiming
logs kept for five days but they don't detail what it is they keep.
Obviously they need logs, but it would be nice if they told you what was
kept. They also had an outage they did not explain, that threw me a bit
and I stopped using them.
>
> I think I want to learn about Tor and all the other stuff anyway, it
> can only help me if I understand what they do and how to use them.
Tor is the best for anonymity, although even it is subject to traffic
analysis. It's fairly impossible to get anonymity with a real time
traffic stream. The downfall is that it must be near real time to be
useable and that makes it subject to traffic analysis. Tor is also
slower than the paid services and probably always will be. If you run a
server you'll get more speed from it.
>
> I see your using mixmaster/dizum yes? So you use remailers and all
> that stuff, I want to be able to do the same. It seems like a bit of
> an adventure to me.
>
> Banana splits, hash cash, onions, some really weird names :-)
I've used quicksilver and JBN in the past, both work well. Right now
I'm using cotse's news2remail. Sometimes I use their web interface.
Either are easy to use, but the news2remail is nice because I use my
regular newsreader with it (XNews) and don't even think about it. I
just read and reply as normal and news2remail sends the reply through
the remailers. They run a gateway and also have a downloadable version.
You don't have to be a customer to use either, but you do have to be
one to use their web interface. Most of their tools Steve released to
the public and you can even download their web interface and install it
if you want, but I had difficulty with that, I think my host didn't have
some things it needed.
In the end it is your decision. All of the services provide what they
claim from my experience. Use the one you like best and ignore all the
noise.
| |
| Anonyma 2007-03-24, 1:11 pm |
| nobody wrote:
> Wrong on all counts, most of the offshore privacy providers keep NO
> identifying information on any user on any secured server, even if a
> server got compromised NO information is there on anyone.
Even if true what do you say when the person who compromised it sets up
logging?
> If they were to
> try to make privacy.li log for example, they would shut down and move the
> server. Some just don't log customers regardless, they only keep security
> logs for system integrity against hackers etc not records on what users
> do, get it
>
Besides the fact that you have no idea what they actually do, even if
all they did was keep "security logs" those logs are not magic. Meaning
that "security logs" by their very nature keep track of what happens on
a system. People using said system are doing things on it and therefore
would have to be part of those "security logs". This is becuase if
"security logs" did not track what happened on the system and what
people did on it then this would leave a huge gap in security. Security
is no good and can be declared nonexistent if it ignores the inside job.
In addition to this a service must handle abuse. Abuse is not just
spam, it is hacking, fraud, death threats, web abuse, and much more. A
service that does not handle abuse does not stay active. At best it
ends up blocked by most of the Internet rendering it useless. But more
likely it gets shut down by it's provider or has it's servers seized by
LE. I'd also consider it highly suspect that a service claims not to
have any logs but does claim to have security logs. It makes no sense
to say "We have no logs, we have security logs". You have no logs but
you have logs?
| |
| Aunti Virus 2007-03-24, 7:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In article <ch7903dajt2ddkcvee9nu7filialvivhgg@4ax.com>
Temporary Temp <temp@temp.com> wrote:
snip
> Hi Aunti Virus
>
> Ok, thanks for that link. I am downloading a few pages from
> panta-rhei and I am copy pasting some things into notepad now. I saw
> the "HelpForBeginners" link and that sounds like really good for me,
> have not opened that link yet.
>
> Thanks heaps :-)
>
> Temp
Your welcome child. I'm glad I could help.
Gee, I sure hope that sad little man worried about newbies and rude answers
sees this.
LOL
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQA/ AwUBRgWNpwc1ZuHjbNh8EQLC9gCgwRp40C0d1VKk
Arb4zhx0pxHIFyQAoIyH
TV2fUW2QEFqisc+xJ/h/74vG
=Qlgo
-----END PGP SIGNATURE-----
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
for abuse and hashcash info.
| |
| Nomen Nescio 2007-03-24, 7:12 pm |
| nobody@dizum.com wrote:
> The fact that
> they are off-shore in many cases puts them beyond the reach of
> subpoenas and the US Courts.
>
Outdated thinking. Twenty years ago this may have been true, today with
MLATs and other intercountry LE cooperation it means nothing and in many
cases makes it easier to get information. Also remember that a vast
number of of these touted "offshore" countries require by law that logs
be kept and easy access to such, not even so much as a subpoena
required. Even the US government moves "offshore" so they can get
information easier and unhampered by US law (see echelon). The news has
been full of US LE arresting people who used offshore servers.
ShadowCrew was in Switzerland, busted by US authorities. Recent stock
scammers were in Hong Kong, busted by US authorities. A virus writer in
the Netherlands, busted by US authorities. The list goes on and on. In
the distant past it might have been valid to say offshore hinders US
authorities, today it's more valid to say offshore helps US authorities
because it removes the need for subpoenas. The US government has even
maintained that it can snoop without warrants on data leaving or
entering the country, and unlike the snooping inside the country that
they tried to allow with PATRIOT, the courts have not stepped in to stop
it. They have stepped in to gut PATRIOT because of internal snooping.
If hiding from law enforcement is your goal, regardless of what those
with interests say (read those who own the services and want your
money), there isn't a single pay service on the planet that can help
you. Your best bet is Tor, although I hate to be saying "Use Tor for
all your illegal needs", but the truth is that it is the closest thing
to anonymity with a real time data stream that you'll find.
| |
| Anonymous 2007-03-24, 7:12 pm |
| Temporary Temp <temp@temp.com> wrote:
> I always thought that Hong Kong was the best
Why would you think that? Because you read it on the web site of some
privacy service who has servers there? ;-)
Hong Kong is one of the worst. In short, they have no privacy laws. Any
provider of any service is subject to random scrutiny by an appointed
official, who is bound by law to investigate any complaint. And US
officials need no warrants at all to set this process in motion. In
fact you don't even have to BE law enforcement. There's a single page
form that needs to be filled out in triplicate, and signed by an
attorney.
>
> Gosh, I had to like read this a few times to understand it all. I
> think I would be best with both, I think it would be good if I am both
> private and anonymity.
Then you have no use for any privacy service, or any single hop proxy
of any type. None of them offer any anonymity at all. It's simply and
demonstrably impossible for them to do any such thing. If you use them,
they know you by IP address at the very least. This is by definition
not anonymous. They know who you are, and all you're really doing is
trusting them to keep that information *private*.
> I am going to install Tor first and will finish
Tor is the best case scenario for general anonymity at the moment.
Remailers are generally considered somewhat more secure for
mail/usenet, but the key for both is that they are distributed networks
using layers of protection to make it impossible for anyone inside or
outside the network to know who you are, and what you are doing, at the
same time. That is true anonymity, and it's something no privacy
service can ever give you.
But again for emphasis.... are you sure you really need that level of
protection? It doesn't come without a penalty. If your activity is of a
nature that your "opponents" are very weak or unmotivated, a privacy
service might be enough. IOW, if you're hiding from your average net
kook, you don't necessarily need to use strong measures.
| |
| traveller 66 2007-03-25, 1:15 am |
| On Sat, 24 Mar 2007 11:27:34 -0400 (EDT), Anonyma wrote:
> nobody wrote:
>
> Even if true what do you say when the person who compromised it sets up
> logging?
>
>
> Besides the fact that you have no idea what they actually do, even if
> all they did was keep "security logs" those logs are not magic. Meaning
> that "security logs" by their very nature keep track of what happens on
> a system. People using said system are doing things on it and therefore
> would have to be part of those "security logs". This is becuase if
> "security logs" did not track what happened on the system and what
> people did on it then this would leave a huge gap in security. Security
> is no good and can be declared nonexistent if it ignores the inside job.
>
> In addition to this a service must handle abuse. Abuse is not just
> spam, it is hacking, fraud, death threats, web abuse, and much more. A
> service that does not handle abuse does not stay active. At best it
> ends up blocked by most of the Internet rendering it useless. But more
> likely it gets shut down by it's provider or has it's servers seized by
> LE. I'd also consider it highly suspect that a service claims not to
> have any logs but does claim to have security logs. It makes no sense
> to say "We have no logs, we have security logs". You have no logs but
> you have logs?
It looks like your thinking about something that may be along the lines
that the no logs usenet providers have. They don't log their customers and
have logging turned off. They need valid paperwork to do otherwise.
Examples, titan news, newshosting.com, meganetnews, etc.
| |
| George Orwell 2007-03-25, 1:15 am |
| The main focus of discussion regarding the use of logs by services
that claim not to use logs revolves around several themes:
1. You can't "know" that they aren't.
2. They might be curious, dirty minded, or otherwise peeping toms.
3. They could be MIB, NSA, CIA, or any of a number of organizations
that started an anonymity service solely to catch people.
4. They do, because they can [analogous to why dogs lick themselves]
Little has been written or discussed regarding disincentives. I think,
on balance, that disincentives are at least as important, and while they
don't negate the possibility of some nefarious conspiracy, they do
return the discussion to practical matters rather than mere rumor
mongering.
Some disincentives include:
1. A business founded on a promise not to log would fail miserably if
even one case revealed that logs are kept on subscribers activities.
2. Keeping logs on subscribers activities when promises are made NOT to do
so violates the privacy of the subscriber, and may be prosecutable.
3. Keeping logs in this situation subjects one to criminal charges of
fraud and civil liability for fraud as well.
4. Logs may be used to show that the owner/manager of the service
knew, or "should have known", how his/her service was being used, and
if that included criminal acts that were not reported, the owner might
be held responsible for the crimes, or for obstruction of justice, or
aiding and abetting a criminal. Currently, an ISP or other intermediary
is not held liable for their customers actions because they can claim
ignorance - unless there are logs.
5. Although many are accustomed to people acting in the worst possible
way in every circumstance, the *least* amount of honesty and integrity
binds a man to his promises - particularly when those promises are central
to his business.
Assistance requests for LE under treaties have to go through official
channels and can take weeks or months. There isn't any I can to whatever
I want anywhere.
| |
| Borked Pseudo Mailed 2007-03-25, 7:15 am |
| traveller 66 <noreply@nym.alias.net> wrote:
> It looks like your thinking about something that may be along the lines
The proper contraction for "you are" is "you're".
> that the no logs usenet providers have. They don't log their customers and
> have logging turned off. They need valid paperwork to do otherwise.
> Examples, titan news, newshosting.com, meganetnews, etc.
NewsHosting and Meganetnews have byte for byte identical privacy
policies, and they both say they log connection information because
it's necessary to maintain any useful standard of service. Exactly what
people have been saying here. A direct contradiction to your own worn
out "no logs" spew, so thanks for pointing them out anyway.
Titan makes the same obviously ridiculous claims you do about being
"100% anonymous", and their spelling and grammar are every bit as bad.
According to them their anonymity is "perfect everyone". Whatever the
hell that means.
What is it about lying and illiteracy that just seem to go hand in
hand anyway?
In any case, one of the most amusing things about you bringing Titan to
the fray is Titan doesn't actually deny logging uploads. They state "no
logs", but in the fine print they say "...of your downloads are kept.
All posts are completely anonymous." Notice how they dance around the
fact that they may log your UPloads.
Another obvious lie... "no one can see what you are doing - not even
us!". Baloney. There's no possible way you can connect to their servers
without them being able to see what you're doing. It's a physical
impossibility. If they couldn't see it, their servers couldn't serve
article one. How would they negotiate and carry on an NNTP session,
where you essentially tell the server the number of the last article
you downloaded in each group you subscribe to, it tells you the highest
numbered article it has, and you request the difference?
Nope! Not possible. In fact unless they offer NNTPS (which isn't stated
on their site as far as I could stand to read it), all that's done in
the clear so your ISP and everyone else can *still* see everything
you're doing.
Honestly, the more you read, the more Titan looks like a total sham, or
maybe some not so clever LE sting operation trying to weed out the
dumbest of the dumb.
And here's yet another obvious lie... "99% of news-server - except
TITANnews.com - log your activities by default!"
They have no way of knowing what 99% of news servers do, but most of
them quite plainly state they don't log activity. They log connection
information and keep track of general system load and bandwidth usage
by default. Then take whatever steps they deem necessary with respect
to dealing with abuse or the law. It's only logical that this would be
the way it's done.
How does a Usenet server deal with abuse and avoid having their
accounts yanked, or prevent users from buying one account and sharing
it with 10,000 people without watching and logging connections at the
very least? And logging activity when complaints are made so they can
verify abuse?
They can't, and you know it. Meganetnews and Newshosting know it to
because they say so. The only people who deny it are you, and people
just like you. And they're so easy to pick apart it wouldn't be worth
the effort if it weren't for the fact that your type needs exposed so
innocent people looking for legitimate privacy and anonymity don't get
suckered out of their money, or worse.
| |
| Nomen Nescio 2007-03-25, 1:13 pm |
| nobody@mixmaster.it wrote:
> The main focus of discussion regarding the use of logs by services
> that claim not to use logs revolves around several themes:
>
> 1. You can't "know" that they aren't.
>
> 2. They might be curious, dirty minded, or otherwise peeping toms.
>
> 3. They could be MIB, NSA, CIA, or any of a number of organizations
> that started an anonymity service solely to catch people.
>
> 4. They do, because they can [analogous to why dogs lick themselves]
5. They need them to handle abuse or their provider would shut them
down, they'd be blocked by most of the net, or servers confiscated by LE.
6. They need them for security, without security someone may compromise
them and set up logging.
>
> Little has been written or discussed regarding disincentives. I think,
> on balance, that disincentives are at least as important, and while they
> don't negate the possibility of some nefarious conspiracy, they do
> return the discussion to practical matters rather than mere rumor
> mongering.
>
> Some disincentives include:
>
> 1. A business founded on a promise not to log would fail miserably if
> even one case revealed that logs are kept on subscribers activities.
Wrong. Findnot.com used to insist they had no logs and would argue in
here about how they didn't. Then they turned around and admitted that
they do and they are still in business. Privacy.li swears no logs and
yet their admin posted about tracing visitors to their web site, which
you need logs to do after the fact, and they are still in business.
Cotse lists what logs they have and seems to be thriving. Anonymizer
went from claiming no logs to admitting to having them and is still
going strong.
>
> 2. Keeping logs on subscribers activities when promises are made NOT to do
> so violates the privacy of the subscriber, and may be prosecutable.
Possibly, but the end user and service would need to be in a
jurisdiction with the ability for people to easily sue for something
like this. If the end user gets arrested for criminal activity, such a
suit isn't likely to be won anyway.
>
> 3. Keeping logs in this situation subjects one to criminal charges of
> fraud and civil liability for fraud as well.
ISPs are not legally responsible for the actions of their users, it's
the user who gets charged or sued, not the ISP. In fact if they do not
have any logs they subject themselves to more liability in the risk of
lost servers and having the entire service shut down. The service is
responsible for stopping abuse or they risk being shut off, ignorance is
not an accepted excuse.
> 4. Logs may be used to show that the owner/manager of the service
> knew, or "should have known", how his/her service was being used, and
> if that included criminal acts that were not reported, the owner might
> be held responsible for the crimes, or for obstruction of justice, or
> aiding and abetting a criminal. Currently, an ISP or other intermediary
> is not held liable for their customers actions because they can claim
> ignorance - unless there are logs.
Untrue. Plenty of supporting cases where this was tried and failed, see
findlaw. Again, they must stop abuse and ignorance is no excuse.
> 5. Although many are accustomed to people acting in the worst possible
> way in every circumstance, the *least* amount of honesty and integrity
> binds a man to his promises - particularly when those promises are
> central to his business.
We've seen this disproved time and time again. In fact some of the
services that argued the most about having no logs either changed their
tune or got caught in having them.
>
> Assistance requests for LE under treaties have to go through official
> channels and can take weeks or months. There isn't any I can to
> whatever I want anywhere.
Outdated thinking. This may have been true twenty years ago but is no
longer the case. The world has moved towards a global economy since
then with far more cooperation in pursuing those who use the Internet to
break laws. The one thing every country has whined about over the last
twenty years, the time it takes to pursue criminals on the net, has made
them all move to change it.
| |
| Cyberiade.it Anonymous Remailer 2007-03-25, 1:13 pm |
| George Orwell <nobody@mixmaster.it> wrote:
> The main focus of discussion regarding the use of logs by services
> that claim not to use logs revolves around several themes:
You obviously haven't been paying attention. The "main focus of
discussion" is that without some level of logs none of these liars
could deal with complaints or run secure services, and that not one
provider has avoided either having to admit they keep logs, or getting
busted actually USING then.
| |
| Anonyma 2007-03-25, 1:13 pm |
| nobody wrote:
>
> Wrong. Findnot.com used to insist they had no logs and would argue in
> here about how they didn't. Then they turned around and admitted that
> they do and they are still in business. Privacy.li swears no logs and
> yet their admin posted about tracing visitors to their web site, which
> you need logs to do after the fact, and they are still in business.
> Cotse lists what logs they have and seems to be thriving. Anonymizer
> went from claiming no logs to admitting to having them and is still
> going strong.
>
I've been active in this group for somewhere around fifteen years now
and I must say that this has been one of the more impactful changes I
have seen. "No logs" and "completely anonymous" used to be the mantra
spewed by all of the pay for anonymity services. They all claimed 100%
anonymity as one of their selling points.
IMHO Cotse was the catalyst that changed this, it and showed that a
service could still be successful without making claims that were
impossible. It brought to bear the term privacy service instead of
anonymous service and demonstrated why a pay service cannot be
anonymous. Since then, most of the services have changed their claims
and more people are aware of the difference between privacy and
anonymity. This is a very good thing.
If you want anonymity you will not get it from a pay service. Single
hop servers cannot be anonymous, you need a mix. Freedom.net was the
closest pay service to this design, it is unfortunate that they
faltered. Today Tor is the closest thing to anonymity you can get with
a live data stream.
| |
| macarro 2007-03-28, 7:12 am |
| > 1/ Are there any other secure tunnel company's around that are not in
> the USA.
Steganos is based in Germany http://www.steganos.com and Relakks
http://www.relakks.com (.org?) is based in Sweden. They are both VPN
services, it only works in Windows.
But privacy laws tend to be quite similar in most countries I personally
do not believe it is better outside, maybe because I do not live in US.
> or
> 2/ Can somebody who is patient please help me to learn about how to
> use Tor and the other programs to post anonimously? I have downloaded
> freecap_setup_eng.exe
> QS1.2.5.exe
> QS1.2.6b2.exe
> ufasoft_sockschain_3.11.151.exe
> latest.exe (tor)
> ctunnel.exe
In my experience JanusVM will make Tor much easier to set up
http://janusvm.peertech.org but only for web browsing. You can use
googlegroups and Tor to post thought.
Remember that a proxy is not all you need for your total privacy, it is
only a part of it, if it fails you better have parachute.
I recommend you learn to use VMWare Server http://wwww.vmware.com which
is free since last year. Then create a VMWare container (.vmx) inside a
Truecrypt container, and only do internet activities from inside it.
You will need at least 1GB RAM for this otherwise your computer will use
the page file. I would recommend you read Truecrypt manual where it
tells you how to disable the page file and the dump file, and why you
should do it.
|
|
|
|
|