JorgeA Posted September 17, 2013 Author Share Posted September 17, 2013 Jaclaz, the point I was adding and asking for comments on is that the proxy server is based in the USA (a fact not given in your underlined text, see below), where it is directly subject to all the tender mercies of various American three-letter agencies. If the company were located outside the U.S., they could not simply issue a "national security letter" and force them to let the spooks in, the spooks would have to figure out a way to break in on their own.Is it yet another Chrome spawn? Also see the EpicBrowser.com website.Not really hidden info:http://www.epicbrowser.com/FAQ.htmlEpic like my current browser (chrome, ie, firefox)?Yes, but better. Epic is private and probably even faster. Epic is built on Chromium which is the same base as the Google Chrome browser. Since Epic blocks a lot of tracking scripts and other requests, web pages usually load up faster in Epic. Epic is always in a private browsing or incognito mode, and has additional privacy protection to protect others from tracking your browsing and searches.How does Epic protect my privacy?Epic does several things to protect your privacy. Epic by default removes all Google services from Chromium so that your browsing does not go through Google’s servers. When you visit a search engine, Epic routes that request through a proxy server so that they can’t track you by your IP address. You can also manually turn on Epic’s built-in proxy anytime (it’s the icon at right in the address bar). Epic removes referer data from the http header of search sites that may leak your search terms. Epic blocks thousands of trackers and widgets from tracking your browsing and searching across the internet.Epic has an encrypted data preference so whenever possible, Epic connects you securely. This protects you from general surveillance and when you’re on a public WiFi network. Epic always blocks third-party cookies and sends a do-not-track me signal. Epic never collects any data about your browsing or searches. Epic services such as auto-fill in the address bar are local so that what you’re typing is never sent to any server. Epic is always in private browsing or incognito mode so that after you close Epic, all your browsing data and data stored on your system by websites are deleted.jaclazSo, I repeat my request for comments on the fact that Epic Privacy Browser's proxy servers are based in the U.S. rather than (for example) the Netherlands. My first reaction is similar to that of the guy whom I quoted from Epic's forum: I would prefer that the proxies were in a more privacy-respecting country.--JorgeA Link to comment Share on other sites More sharing options...
jaclaz Posted September 17, 2013 Share Posted September 17, 2013 (edited) Well, the point I was making was slightly different.I was pointing out how the use of *any* proxy, NO MATTER where it is located is in itself a "security risk", until you have some "serious" information on WHICH actual proxy is used, WHO manages it, and HOW the connection is established (if the route to the proxy, like some 2/3 of all world internet traffic "goes through" a US "hop" the use of the proxy is "pure moot").Consider what I would personally do if I were the NSA :since I cannot close the can of worms that was opened, I develop a "secure" browser channeling all traffic to a single proxy OR manage to get full control of the cable/optic fibre/whatever connected to that proxy, no matter where it is physically located. You might appreciate how in doing this I am having the not-so trifling effect of pre-filtering the users, it is obvious that out of all the people that will start using the "safe" browser there will be some legitimately trying to protect their personal data, but also a large part of those actually trying to "hide something":Since the issue I am seemingly having (as NSA ) is the sheer amount of data I collect and analyze/store/whatever such a kind of pre-filtering may actually make the operations easier/simpler.The equation being (in my perverted mind ) that if someone uses an (anonymous) proxy, there must be some reason for doing that, let's target these people with a "higher priority" than the "rest of the world".Could the Epic browser be a "covert operation" of any of the "three letters" US agencies?Could - even if not such - be a "preferred target" by the above mentioned agencies?The answers, my friend, are blowing in the wind....jaclaz Edited September 17, 2013 by jaclaz Link to comment Share on other sites More sharing options...
CharlotteTheHarlot Posted September 18, 2013 Share Posted September 18, 2013 Is it yet another Chrome spawn? Also see the EpicBrowser.com website.Not really hidden info: http://www.epicbrowser.com/FAQ.html Epic like my current browser (chrome, ie, firefox)? Yes, but better. Epic is private and probably even faster. Epic is built on Chromium ... I stopped reading at Chrome ... Link to comment Share on other sites More sharing options...
JorgeA Posted September 18, 2013 Author Share Posted September 18, 2013 Is it yet another Chrome spawn? Also see the EpicBrowser.com website.Not really hidden info:http://www.epicbrowser.com/FAQ.html Epic like my current browser (chrome, ie, firefox)?Yes, but better. Epic is private and probably even faster. Epic is built on Chromium ...I stopped reading at Chrome ...What's wrong with the Epic folks basing their project on Chromium (not Chrome)?--JorgeAP.S. There was another DB problem yesterday. Couldn't get into MSFN for most of the night. I don't think we lost any posts this time, at least in this thread. Link to comment Share on other sites More sharing options...
JorgeA Posted September 18, 2013 Author Share Posted September 18, 2013 I was pointing out how the use of *any* proxy, NO MATTER where it is located is in itself a "security risk", until you have some "serious" information on WHICH actual proxy is used, WHO manages it, and HOW the connection is established (if the route to the proxy, like some 2/3 of all world internet traffic "goes through" a US "hop" the use of the proxy is "pure moot").How would you (or any user) go about determining this information? What would constitute sufficient evidence for you to decide that the proxy is safe to use?--JorgeA Link to comment Share on other sites More sharing options...
jaclaz Posted September 18, 2013 Share Posted September 18, 2013 What's wrong with the Epic folks basing their project on Chromium (not Chrome)?Chromium is the actual "engine" on which also Chrome is based.http://code.google.com/p/chromium/wiki/ChromiumBrowserVsGoogleChromeHow would you (or any user) go about determining this information? What would constitute sufficient evidence for you to decide that the proxy is safe to use?As said: The answers, my friend, are blowing in the wind.Let's see possible reasons to use a (non-local, and possibly anonymous) proxy:to have some speed advantage in the transfer of data (unlikely, but possible in certain parts of the world) to reach an address that your ISP, firewall, IT guy, etc. has blocked (for whatever reasons) to reach an address which the provider has linked access according to IP geo-localization to reach an address in particular emergencies of failed DNS/internet section/whatever to reach an address in such a way that the other end cannot have your IP address (or geo-localization) to reach an address whose site administrator has listed your IP in a non-allowed or "black" list to make a second or nth registration/subscription to a service that links IP to accounts to reach an address that allows not concurrent connections from the same IP, when needing to make multiple connections to trick NSA (or other three or more letters agencies) into believing you are the devil and do not exist As I see it, #1 to #8 are all possible uses, while #9, while entirely possible, may NOT give the results expected .If you prefer I believe that NO proxy is "safe" (for the scope of #9), if "they" are after you , "they" will get you. jaclaz Link to comment Share on other sites More sharing options...
JorgeA Posted September 18, 2013 Author Share Posted September 18, 2013 An update on something we read about last month:FBI admits what we all suspected: It compromised Freedom Hosting’s Tor serversAs Ars reported previously, security researchers found malicious JavaScript embedded in Freedom Hosting pages. The attack code sent the compromised information back to a server in Virginia.Here's the earlier, linked article with the details on the exploit:Attackers wield Firefox exploit to uncloak anonymous Tor users--JorgeA Link to comment Share on other sites More sharing options...
jaclaz Posted September 18, 2013 Share Posted September 18, 2013 Yep:http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/On August 4, all the sites hosted by Freedom Hosting — some with no connection to child porn — began serving an error message with hidden code embedded in the page. Security researchers dissected the code and found it exploited a security hole in Firefox to identify users of the Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia.The internet expert was will be right, after all :http://www.msfn.org/board/topic/157597-win-xp-past-apr-2014-was-will-xp-be-supported-until-2019/?p=1047341jaclaz Link to comment Share on other sites More sharing options...
JorgeA Posted September 18, 2013 Author Share Posted September 18, 2013 What's wrong with the Epic folks basing their project on Chromium (not Chrome)?Chromium is the actual "engine" on which also Chrome is based.http://code.google.com/p/chromium/wiki/ChromiumBrowserVsGoogleChromeOK, thanks. But what's the issue with basing this Epic browser on Chromium? --JorgeA Link to comment Share on other sites More sharing options...
jaclaz Posted September 19, 2013 Share Posted September 19, 2013 OK, thanks. But what's the issue with basing this Epic browser on Chromium? --JorgeAI think it's just Charlotte having some form of allergy to it. jaclaz Link to comment Share on other sites More sharing options...
Formfiller Posted September 19, 2013 Share Posted September 19, 2013 (edited) Well, Google is one of the prime NSA darlings. Chromium is a huge codebase, - it's not impossible that there is nasty stuff hidden in it, given its origin. OK, it's open source, but so what? Apart from the Google devs, has anyone really traversed through the whole source code? And seriously, even if someone would find some backdoors in it, so what? All the NSA revelations of the past months were much bigger than this. Most people will just shrug it off as just another NSA story. So it's not like there's some huge PR risk for Google here.These browsers based on Chromium act basically just as GUI frontends for the Chromium core, their vendors usually don't have the manpower and the expertise to check the sourcecode of Chromium itself for nasties.I am well aware the same can be said for IE, Firefox, pre-chrome (classic) Opera etc., but they don't claim to be some sort of anti-spy weapon in the first place.Also, on a general note, I would be cautious about these "anti-spy" services in the first place. In the past, they had often ties to intelligence services. I wouldn't be surprised if some of them serve as honey-pots.http://news.cnet.com/2110-1017-252525.htmlFebruary 13, 2001 11:25 AM PSTThe Central Intelligence Agency has made an investment in SafeWeb, an Oakland, Calif.-based start-up that developed technology that cloaks a customer's identity and movements as they scan the Web, SafeWeb executives said Tuesday. The CIA made the investment through In-Q-Tel, a venture capital group founded by the agency two years ago to invest in technology that could aid it in the spy game.https://en.wikipedia.org/wiki/Anonymizer_(company)Anonymizer, Inc. is an Internet privacy company, founded in 1995 by Lance Cottrell, author of the Mixmaster anonymous remailer. Anonymizer was originally named Infonex Internet. The name was changed to Anonymizer in 1997 when the company acquired a web based privacy proxy of the same name developed by Justin Boyan at Carnegie Mellon University School of Computer Science. Boyan licensed the software to C2Net for public beta testing before selling it to Infonex.In May 2008, Abraxas Corporation acquired Anonymizer.[3] Abraxas owns TrapWire, a secret global surveillance system, founded in 2004 and run by ex-CIA chiefs, with clients all over the world.[4][5]And that's only the stuff that has been publicized.Oh and by the way, using products from "neutral" countries is no safeguard either. Here's the story of Crypto from Switzerland (the first country one thinks about if you hear "neutral"):http://en.wikipedia.org/wiki/Crypto_AGCrypto AG is a Swiss company specialising in communications and information security.Crypto AG has been accused of rigging its machines in collusion with intelligence agencies such as the German Bundesnachrichtendienst (BND) and the United States National Security Agency (NSA), enabling such organisations to read the encrypted traffic produced by the machines.On September 5, 2013 the New York Times, using documents leaked by Edward Snowden, reported that "NSA apparently rigged Crypto's machines so U.S. eavesdroppers could effortlessly decipher the most sensitive political and military messages of many countries" Edited September 19, 2013 by Formfiller Link to comment Share on other sites More sharing options...
ROTS Posted September 19, 2013 Share Posted September 19, 2013 (edited) This whole thing, with the "blah blah porn is getting stupider, and stupider. Apparently they are abusing the court systems on that subject to make milluicious code. Why can't the law just be, if you do the crime, then you do the time. Not if you view media related to it, you should be considered Al Capone. That is just stupid. If somebody wented to court and struck down all the laws that was associated with invasion of internet privacy, nobody would really care at all. It takes one scared hen to burn down the farm, and the farm is the nation. Why is it mostly the US, that have this problem? Why not every other nation have this problem? The way I see it, if you let people live in their imagination, they are less likely to harm anybody at all. What color would the river would look like if we had no imagination? I will tell you red, that is how outside would look like. Let the baby have their bottle, so we can move foward into a brighter future. But maybe that is the game plan? To generate a bunch of damaged and distorted confused people.WHat is stupider is how these laws are just pushing, so they could pass an even higher law that hurts indivisuals freedoms. Edited September 19, 2013 by ROTS Link to comment Share on other sites More sharing options...
jaclaz Posted September 19, 2013 Share Posted September 19, 2013 (edited) @ROTSThe actual issue in most Western countries is only with child pornography (good ol' p0rn between consenting adults is not a problem at all AFAIK). Of course there have been (and there will be) exceptions, like this known case:http://web.archive.org/web/20111225024328/http://www.opposingviews.com/i/porn-star-lupe-fuentes-saves-man-from-bogus-child-porn-charges (but that was a mistake and the guy was proclaimed innocent)Before I forget:https://windowssecrets.com/top-story/touring-through-the-final-windows-8-1/Before going through Windows 8.1, I’ll cut directly to the 30-second summary: if you have Windows 8, you’re going to want to upgrade to Windows 8.1. There are a few gotchas (see below), but by and large Win 8.1 is an improvement.On the other hand, if you’re still using Windows 7 and you’re on the fence about migrating to Windows 8, nothing in Win8.1 will sway your decision to upgrade. For traditional Windows users who are perfectly happy with a mouse, a nice screen, and a comfortable keyboard — and who prefer to not poke at big, blinking boxes — Win8.1 brings nothing new to the table.Some Windows 8.1 ‘features’ best avoidedWindows 8′s search charm is a bit funky — it doesn’t work the way most people would expect, but at least it isn’t a stoolie for Microsoft. In Windows 8.1, that changes drastically. By default, when you enter search terms into the Charms bar search box, Win8.1 uses the new “Smart Search” feature to search Everywhere — not just your local system but the Internet, too. If you don’t remember to change the drop-down filter box to something else (such as Files), Smart Search sends every search string you enter to Microsoft. Search your files for “pregnant” or “Aryan nation” or “Anonymous” or “HIV,” and those search terms are passed along — with your Microsoft account information — to the company.jaclaz Edited September 19, 2013 by jaclaz Link to comment Share on other sites More sharing options...
JorgeA Posted September 19, 2013 Author Share Posted September 19, 2013 Oh and by the way, using products from "neutral" countries is no safeguard either. Here's the story of Crypto from Switzerland (the first country one thinks about if you hear "neutral"):http://en.wikipedia.org/wiki/Crypto_AGCrypto AG is a Swiss company specialising in communications and information security.Crypto AG has been accused of rigging its machines in collusion with intelligence agencies such as the German Bundesnachrichtendienst (BND) and the United States National Security Agency (NSA), enabling such organisations to read the encrypted traffic produced by the machines.On September 5, 2013 the New York Times, using documents leaked by Edward Snowden, reported that "NSA apparently rigged Crypto's machines so U.S. eavesdroppers could effortlessly decipher the most sensitive political and military messages of many countries"This is all very depressing. What are we to do -- just surrender and "love the Party," like Winston Smith?OTOH, in a corner of my mind I have to wonder how much FUD there is out there, designed to discourage us from even trying to keep those prying eyes off our backs. Since we've been speculating about devious scenarios in the last couple of days, suppose that Edward Snowden was actually commissioned by the NSA to make all these disclosures in order to create an impression of irresistible omniscience, far beyond their real capabilities... Thanks for the rundown on Chromium. The Epic Browser people say they've modified the browser code to remove its privacy holes. (Also see here, they seem to take privacy-related criticism seriously.)--JorgeA Link to comment Share on other sites More sharing options...
JorgeA Posted September 19, 2013 Author Share Posted September 19, 2013 Monday's edition of The Wall Street Journal took a look at Microsoft from an investor's viewpoint. Some highlights:Investor angst springs partly from Mr. Ballmer's efforts to take Microsoft in a new direction. He wants to shift the company from a focus purely on software that is downloaded onto personal computers or on corporate computing networks, into something of a hybrid of rivals Apple Inc. and Google Inc.[...]The hardware foray isn't popular among all investors. Some of them say Microsoft hasn't made a good case for why making computing devices -- which tends to squeeze Microsoft's traditionally plump profit margins -- is good for the company or its stock price.[...]Investors are more encouraged about Microsoft's efforts to turn more of its software into online variants for which the company can charge recurring subscription fees.[...]Some analysis say, however, that they want Microsoft to outline on Thursday how much money it will spend on computers, buildings and other infrastructure to run such Web-focused software.--JorgeA Link to comment Share on other sites More sharing options...
Recommended Posts