Anonymity vs. Speed

Anyone who wants to be really anonymous on the net either uses Tor or goes to a different open wireless hot spot every day.  I wanted to prevent the (other) bad guys from being able to easily track me back to my home PC.  But, so far at least, I don’t have the need for military grade protection.  Tor is great (yes, it has its limits, get over it) and that new darknet-over-http shows promise.  But Tor is sloooow for web browsing – in fact, I saw a talk at DefCon by one of its developers bout what they’re doing to fix it.

In the meantime, I decided to set up my own little quasi-anonymous system that would allow me to use the Web at reasonable speeds while still obfuscating where I’m coming from.  I know there are security issues with it – and there are probably more that I haven’t thought of – but it matches the risk, which is the decidign factor for security systems.  (Or should be!)

So I have root access on a server that, ahem, doesn’t have any paper trail to me.  You could do this all as non-root but root’s a plus.  C’mon, people, there’s a brand spanking new local exploit out there, get yourselves root on a linux box.  Anyway.  I set it up as a Tor node, and an exit node.  Then I set up a separate, simple web proxy (tinyproxy).  With some modification, my traffic proxied through tinyproxy is indistinguishable from traffic coming out of a Tor exit node – which the machines is registered as.  (Basically removing the Via http header.)  That gave me quick access, and my source IP shows as some domain no one’s ever heard of, in a location far from me.  To further obfuscate it, I set up webinject to quasi-randomly request various web pages, even as far as creating fake accounts and logging in to them.  This is to emulate Tor traffic; plus there’s the actual Tor traffic of course.  So basically if anyone tracks back my source IP, it will look like it’s exiting the Tor network – but it’s faster and won’t be blocked by sites like Google that blacklist Tor and open proxies.  Of course, with statistical analysis, the sites I use a lot could see that that one Tor node is the source of my traffic much more often than it should be, but I doubt anyone will care that much.

Finally, I created an ssh tunnel from my desktop to the server and redirected a port on localhost to the proxy.  That way my ISP (and by extension, the NSA and FBI) can’t snoop on my plaintext, but I don’t have to deal with certificate issues.

Now, this won’t defeat any major intelligence agencies or, I hope, law enforcement groups.  Even a savvy network engineer could at least find my source IP and contact it’s owner to get logs of my incoming (ssh) traffic.  But I thought it was a swell little piece of work.  Email me if you want more details – johnnycocaine at gawab dot com.


2 Responses to “Anonymity vs. Speed”

  1. johnnycocaine Says:

    Oh, if anyone wants to use this proxy, ya gotta trade me something good!

  2. Tnelson Says:

    There’s good info here. I did a search on the topic and found most people will agree with your blog. Keep up the good work mate!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: