Free2Surf Proxy Blog

If you’re one of those people that is paranoid about who has access to your information, you may already be familiar with CIPAV (The Computer and Internet Protocol Address Verifier). If not, it’s basically spyware that was developed by the FBI. It captures sensitive information such as a user’s IP address, MAC address, open ports, running programs, operating system, last visited URL, and more.

You may wonder how the FBI could get away with developing and deploying such a program. It was ruled that the information gathered by CIPAV is “the legal equivalent of dialed phone numbers”, and therefore the government can obtain this information without needing to show probable cause or obtain a wiretap warrant. Shocking, isn’t it?

While most of us may not have a whole lot to hide from the FBI, we all deserve privacy. This article will explain to you how to “detect and deter” CIPAV and other similiar programs. If the FBI can develop and deploy garbage like this without us knowing, we should be able to protect ourselves from it.

Share This

AT&T has recently announced that it will develop technology that will attempt to keep pirated matrial off of it’s network… From the looks of this article, though, that will entail deep packet inspection and monitoring.

Users who are not comfortable with this type of surveillance can just get a new ISP, right? Not necessarily:

“In addition to running a massive network of its own, AT&T runs a good chunk of the backbone infrastructure in the US. It’s a rare bit of traffic that can make it to its destination without passing on to an AT&T-owned network. If the company deploys its anti-piracy technology to all data passing through its networks, AT&T’s “solution” could affect most US Internet users.”

Scary stuff.

Share This

Today is the official deadline for compliance with the FCC’s new interpretation of the Communications Assistance for Law Enforcement Act (CALEA). So what does that mean?

Cable modem companies, DSL providers, satellite internet companies, and even some universities all have until the end of today to ensure “the ability of law enforcement agencies to conduct electronic surveillance by requiring that telecommunications carriers and manufacturers of telecommunications equipment modify and design their equipment, facilities, and services to ensure that they have the necessary surveillance capabilities.”

So in a nutshell, it is now much easier for the FBI to more-or-less ‘wiretap’ your internet connection. Internet service providers, as well as providers of VoIP services, must integrate into their networks and software the abaility for law enforcement to snoop on users of those services. Scary stuff. You can read more here.

My advice to you? Start using TOR, the onion router. And be a little more careful what you do and say online - Remember, things can easily be misinterpreted…

Share This

Next time you’re on MySpace, terrible pop music and 200 YouTube videos playing at the same time might not be your biggest concern. According to The Mercury News, three men were stabbed at a party that they had heard about on the popular social networking site.

The party took place at a home in Soquel Hills, California, and originally only about 20 people were expected to show up. But more and more people began to show up, and soon enough there were over 200 people there, most of whom had found out about the party on MySpace.

Just after midnight, three San Lorenzo Valley men were stabbed and taken to Dominican Hospital in Santa Cruz.

Clive Boustred, who was throwing the party for his roommates birthday, said that he and his friend, who was turning 25, had posted party announcements on their MySpace pages.

Sheriff’s investigators say the use of cell phones and the Internet can cause parties like Boustred’s friends-only bash to balloon out of control.

Popular social networking sites like MySpace and Facebook can be great, but when the wrong people end up on there, problems like this can arise. How about from now on people stop showing up to random parties?

You can read the full story here.

Share This

With all the controversy surrounding airport security over the past few years, you’d think that stuff like this wouldn’t continue to happen:

The U.S. agency responsible for securing the nation’s airports says it can’t find an external hard drive packed with the personal records of about 100,000 current and former employees. Authorities at the Transportation Security Administration noticed the drive missing late last week. “It is unclear at this stage whether the device is still within headquarters or was stolen,” the agency said. Assuming that the drive was in fact stolen — it went missing from what was called a “controlled area” at TSA headquarters in Washington D.C. — officials have asked the FBI and the U.S. Secret Service to investigate. Records of workers employed by the TSA from January 2002 until August 2005 were on the drive. The data included names, Social Security numbers, dates of birth, payroll information, bank account numbers, and routing information for direct deposit of paychecks.

Talk about compromised security… It may be nothing more than a matter of someone ‘misplacing’ the drive, but in this day and age, you can never be too careful. You can read the full story here: TSA Hard Drive Missing

Share This

Tor (The Onion Router) is free software that implements second-generation onion routing. What the heck is that, you ask? I know, a vegetable with wires coming out of it comes to mind.

According to Wikipedia, onion routing is a technique for anonymous communication over a computer network. It is based on David Chaum’s mix networks, though it includes a number of advances and modifications. Among these modifications is the concept of “routing onions”, which encode routing information in a set of encrypted layers.

So in a nutshell, Tor enables its users to communicate anonymously on the Internet. You can find a more detailed description of what it does here.

You shouldn’t have to compromise your security online everytime you want to view a website. Download Tor here, and start dodging traffic analysis today! The most practical application of Tor, in my opinion, is the Torbutton extension for Firefox.

As a side note, I find it interesting (and also a bit ironic) that Tor’s development was originally sponsored by the US Naval Research Laboratory.

Share This

A new version of Surrogafier was released yesterday. Surrogafier version 1.0-rc2 comes with a long list of changes, including overall speed improvements and javascript parsing fixes. For those of you that don’t know, Surrogafier is an easy to install three tier web proxy written in PHP. Get the new version here.

Share This

Do you have an old PC lying around? Don’t let it gather dust, put it to use! I came across a blog titled simply ‘Recycle Your Computer‘, and it offers various methods of doing just that. Some of the more interesting guides on the site were:

How To Creating a Reverse Proxy
How To Create a Linux Firewall
How To Create a Linux Router
and
How To Create a CUPS Printing System.

Now you have no reason to kick that old PC to the curb!

Share This

Have you heard of “evil twin” WiFi networks? While this may be a silly name, it’s beginning to be a serious problem.

Open wireless networks are rapidly becoming an important part of urban culture as modern digital nomads increasingly eschew offices in favor of coffee shops. With the rise in popularity of WiFi-enabled mobile computing devices and publicly accessible access points, a new kind of WiFi security threat is beginning to emerge. Security researchers are beginning to note increasing instances of so-called “evil twin” attacks, in which a malicious user sets up an open WiFi network and monitors traffic in order to intercept private data.

These evil twin wifi networks are very easy to setup. Anyone who wants to intercept sensitive data needs only a bit of programming know-how, a laptop, and a USB wifi adapter that acts as an access point. These evil twin wifi networks are hard to trace, because the laptops can be shut off at any time. So how can you protect yourself? Be wary of free wireless hotspots.

This is something that can potentially put anyone at risk, especially those of us with laptops or other wifi-capable devices. Check out the full article: Attack of the “evil twin” WiFi networks

Share This