upcensors.net RSS feed

pickaproxy.com - geospoofing your cyber presence

Fri, 06 Jul 2007 23:21:00 -0500

upcensors.net is being developed as the first server-based proxy service that allows you to pick a proxy server in (nearly) any geographic location. Pick a country, region, city, ISP, Org, and Registrant and we will then give you a port number and domain name to configure your software with (browser, etc). If you know of any other public proxy service that gives you access to this information, and allows you to select your proxy based on it, then please let us know.

In order to protect the communication between your computer and our server, we will show you how to download, install and configure either stunnel or OpenVPN, both of which use the open source SSL encryption library. Both of these are optional, however.

We make use of the open source Tor network to keep your communications (mostly) anonymous.

After you have configured your software, we recommend going to http://www.showmyip.com/torstatus to confirm that things are working as you wish.

upcensors.net FAQ: why use the Tor network?

Thu, 12 Jul 2007 02:30:00 -0500

upcensors.net uses the Tor network because it consists of about 1,000 computers (as of July 2007) located around the world, running open source (BSD license) Tor software that is constantly being improved and advanced by a team of devoted developers. These computers (called "nodes" in Tor terminology) that run the Tor software are owned and operated by volunteers who have chosen to donate a portion of the computing power and Internet connection bandwidth of their web servers and/or desktop computers. They are running the Tor software in the background, either full-time or for portions of each day.

Some of these computers are simply forwarding traffic within the Tor network between "nodes" to assist with the anonymizing functionality of the Tor network as a whole. Other computers in the Tor network are configured by their owners as "exit nodes" to allow communications to exit the Tor network into the public Internet. Details about these "exit nodes" is publicly available, and is used as the basis for upcensors.net allowing you to pick which geographic location you wish to appear to be in - what we call "geospoofing".

We allow you to choose an "exit node" by country, city, etc. and our server will then setup a proxy connection through the Tor network that allows you to "exit" to the public Internet from that "exit node" server. The web sites you then visit will see that you have the IP Address of that "exit node" and, using their own geolocation technology, believe you to be a user in that geographic location.

upcensors.net FAQ: are you using any open proxies?

Thu, 12 Jul 2007 23:59:00 -0500

We expect that upcensors.net will eventually use some open proxies, but we are not at this time. The Tor network offers a more reliable, open source set of proxy servers that has the added benefit of providing a significant amount of anonymity to it's users.

There are plenty of web sites devoted to identifying open proxy IP addresses, port numbers, and types, but they (the open proxies) almost all suffer from problems of reliability, slowness, and privacy leakage. As well, an unknown number of them are honeypots, which means they are setup to do surveillance duty - and we are not ready to casually jump into the middle of some sting operations.

We have done feasibility testing of using open proxies, and we do expect to offer some advanced services with regards to identifying the best open proxies, but it is a backburner project at this point.

upcensors.net FAQ: could I setup Tor on my own computer?

Sun, 22 Jul 2007 13:19:00 -0800

Yes you can. You can find a download page at the Electronic Frontier Foundation's eff.org web site tor.eff.org/download.html. Installing Tor on your Windows, or Mac, or Linux/Debian/Ubuntu/Suse desktop is what most people have been doing until now. We think upcensors.net is a better way, however, for most people to use Tor. First off, because we give you access to Tor running on our server, then you do not have to download it, install it, configure it, or upgrade it when new versions are released. Second, we add our own geospoofing functionality to it, using multiple geolocation data sources that are not open source, and thus not available to the Tor development team, nor to you if you are not using upcensors.net.

There are other ways to protect your privacy and anonymity, and in our opinion the best (as of July 2007) of these - in addition to Tor - are the commercial service provided by Anonymizer, or the Incognito CD put together by Pat Double.

upcensors.net FAQ: how is upcensors.net different from Anonymizer?

Wed, 25 Jul 2007 16:52:00 -0800

In quite a few ways. An annual license for the proprietary Anonymizer software must be purchased, downloaded onto your Windows desktop, installed, and configured. The Anonymizer software, as best I understand it, takes control of your Internet communications and routes it through their proxy server(s) - ones which they own and operate. Your actual IP address, and thus your actual geographic location, are hidden from any and all web sites that you visit - each web site's geolocation technology will tell them that you are using an anonymous proxy.

We do not require you to purchase a license, nor do you have to download, install, or upgrade anything at any time. The Tor software we use is open source, so you can be assured of what it does and what it does not do - you can look at the source code any time, or hire someone else to do this for you. It is written in the C programming language.

The Tor network runs over a much larger number of proxy servers, owned and operated by a large number of individuals and organizations, and there is no central, controlling entity as there is with Anonymizer, that can theoretically monitor your Internet communications. We show you the ISP, owning Organization, and WHOIS registrant information for all the Tor exit nodes that are available for you to use, and we allow you to pick the one you want. Anonymizer does the picking for you. Standard Tor randomly picks new exit nodes for you every 10 minutes.

So in summary, here are the differences:

Since the Anonymizer software is proprietary, you are trusting Anonymizer the company with your online security, privacy, and anonymity. If I was paranoid, I would wonder if the CIA, DHS, FBI, or any other US government security organization owns or controls Anonymizer the company in any way. It has been reported on digitalopportunity.org, by The Boston Globe, and by Taipei Times that "... American military and intelligence services are major customers of Anonymizer." With so much at stake by the US government - assuming they have several thousand, or maybe hundreds of thousands, of their computers installed with Anonymizer software, and assuming that they are likely more paranoid than I might be - would they take the risk that their Anonymizer software installations were being controlled by some other security organization(s)? Like the Chinese or Russians? Or by some organized crime group? You do the math.

Since the Tor software is open source, anyone can see what it is doing and not doing, with respect to your online security, privacy, and anonymity. And any flaws or weaknesses - however theoretical - that are discovered in the Tor software, are publicly announced and publicly addressed by way of improvements and changes in the software. Anyone can subscribe to the Tor developers mailing list at or-dev@freehaven.net and keep track of all these discussions.

As for flaws or weaknesses found in Anonymizer, it is necessary to trust Anonymizer the company to do this on your behalf, and for them to somehow provide you with updates to your installed software. Trusting any software company to keep their software free of exploits, security risks, flaws, and such things is borderline acceptable in today's world, and in many cases necessary - but trusting a company with 30-40 employees to ensure your life and livelihood are not threatened by your Internet activity could be considered a bit of a stretch.

Since the Anonymizer software is proprietary, you/we have no way of knowing if one or more "back doors" have been built into their service, or will ever be built into their service, as was done in 2003 by the German-based Java Anonymous Proxy (JAP) service. This was reported on securityfocus.com and by others. A back door allows monitoring of any targeted user(s) - usually so they can be identified and caught, along with evidence of whatever they were doing.

Since the Anonymizer software uses it's own servers, the potential for backdoor-ing exists on their hardware just as it does in their software. And if it was ever done, could it ever be known, and would it ever be made public?

The hardware/servers that make up the Tor network are mostly owned and operated by volunteers who believe in anonymity as an ideal, and wish to offer their assistance in making this ideal available to those who need it. The business incentive for some of them is to develop tools and services to work with the Tor software, and to potentially earn part of their living by doing so. Also, the Tor software is designed to not allow communication between "nodes" to be monitored in any meaningful way. Monitoring of communications streams ("traffic") at "exit nodes" is possible, and is a risk. However there is no way to know which users have initiated communication with any particular web site, nor to know who is receiving communication from the web site back to the user.

The Anonymizer service is generally faster than the Tor network, and more resilient to interruption. I have not seen any hard numbers on what these speed differences are, but from personal experience this difference is about 10-12 seconds when using a browser to access web sites. The slower speed of the Tor network is the result of there being 3 "nodes" (or "hops") that must be passed through, whereas Anonymizer is called a "single hop" proxy service. The lower resiliency of the Tor network is the result of it's design, which allows any nodes to be taken down at any time - even while serving existing connections, which can end up broken in this case, but it is self-healing much like a mesh network and automatically connects through another node when one node goes down.

The Anonymizer service has records of all it's licensed software users (since it has to re-bill everyone each year) and it has usage logs of all actual IP addresses making connections to it's servers. Their terms of use also specifically states that "To the maximum extent permitted by applicable law, Anonymizer may monitor your use of the Anonymizer service, e-mail, or other electronic communications and may disclose such information in the event it has a good faith reason to believe it is necessary..."

The Tor network has usage logs on traffic passing through (some of) it's exit nodes, but there are multiple hundreds of these, and so they are not centrally available for analysis. Tor nodes that are simply "middleman" nodes, meaning they do not allow users to exit from the Tor network into the public Internet, do not keep any usage logs, nor can I see of any way that they could keep usage logs.

In terms of popularity, the number of Tor nodes was 32 in May 2004 and has grown to about 1,000 as of July 2007. The Anonymizer service, on the other hand, appears to be waning in popularity, judging by it's Alexa.com relative popularity "ranking" of about 3,000 throughout 2002 and 2003 compared to it's ranking of about 45,000 in July 2007.

Having - and being - a single point of failure is arguably the greatest difference between Anonymizer and Tor. Anonymizer uses just a single proxy server between your computer and the public Internet. This means that hardware or software failure at that proxy, or a breach of security of that proxy is a significant theoretical risk. Failure of Anonymizer the company is also a significant theoretical risk, since who are you going to turn to if their service goes offline?

Tor is very well positioned in this respect as a choice of proxy provider - there is no single piece of running software or hardware or company that could bring down the entire service. upcensors.net will operate as a series of identical web servers running in parallel, much as google.com does, and with the help of sponsors it will evolve into a range of different domain names (such as hidemyip.com, ipwhatever.com, geospoofing.com, geoanonymizing.com, whistleprotection.com, etc) that each provide the same services.

Tor is designed to allow what are called "hidden services", which are in effect standard web sites that are only available to users of the Tor network, and which do not advertise their IP address - it is thus not possible to know where these web sites are actually located. It is planned to evolve upcensors.net to setup some of it's servers as hidden services. There is no such functionality available in the Anonymizer service.

Because the Anonymizer software requires payment of an annual license, it is unlikely to be used by children, unless their parents arrange for this on their behalf. In today's world, where children are generally more comfortable and knowledgeable about computers, it is likely that only a very small percentage of children use Anonymizer, or would consider using it.

Setup and use of the standard Tor software (with Vidalia as a graphical front-end) is fairly straight forward, and within reach of many children. Using Tor through upcensors.net is considerably simpler and within reach of anyone's capabilities.

Because the Anonymizer software requires payment of an annual license, it is also unlikely to be used by the poor, or by anyone who is limited in their payment options, due either to economic circumstances or to a hostile culture.

Anonymizer is only available for Microsoft Windows users. Tor is available for a wide range of operating systems: Windows, Linux, Mac OS X, and any handheld phone or device that connects over http or https to the Internet.

Anonymizer controls and keeps secure all communication between your local computer and their proxy server(s). Between their proxy server and the web site(s) that you are visiting and interacting with, they do not control and do not keep secure, unless you are using a secure https connection, in which case the TLS protocol is protecting those communications from external monitoring, tampering, and forgery.

Tor does the same thing, although upcensors.net introduces the potential for communication between your local computer and our upcensors.net server to be at risk, because users of upcensors.net do not enter the Tor network until they have connected to our upcensors.net server first. In other words, anything passing between your machine or device and our server is open to monitoring, tampering, and forgery - unless it is secured by an https connection. If you are using a secure https connection to connect to a web site, then this is not a concern, because https covers everything end-to-end. But https is not the usual way of connecting or communicating with web sites, so we will offer support for using an stunnel connection between your computer and our server. Stunnel takes a standard http protocol communications stream and stuffs it inside ("wraps" it or "tunnels" it inside) a secure https connection. Stunnel is a very popular and well used open source software that would need to be downloaded and installed on your computer. We will provide more details elsewhere about how to do this.

upcensors.net FAQ: how is upcensors.net different from Incognito Live CD?

Wed, 25 Jul 2007 17:37:00 -0800

Pat Double has gathered together an interesting mix of open source programs to create a bootable Live CD that can be taken with you on a CD or USB drive. Like upcensors.net it is based on Tor, but it comes preconfigured with the Firefox browser, Thunderbird email client, XChat IRC client, Truecrypt disk encryption, MAC changer network interface card address changer, and more. It does not include any Microsoft Windows - but rather uses Gentoo desktop Linux - so it will not be quite familiar to the 80% of the world using Windows.

upcensors.net does not force you into any particular desktop operating system - you can use Windows, Gentoo, Palm OS, Mac OS X or whatever your heart desires - or your work environment dictates.

Nor does upcensors.net need you to regularly update any software as newer versions become available. Perhaps this is the most significant difference, given that Tor and Firefox are regularly being updated and patched, and this requires the Incognito Live CD to be regularly updated - likely every few weeks.

Incognito is targeted mainly at users who move between computers, such as in Internet cafes, or in libraries, and is complementary to the proxy service that upcensors.net will be providing.

News: Tor software critical security vulnerability

Mon, 13 Aug 2007 18:45:00 -0800

An updated version of the Tor software was released on August 1, 2007 to address a critical security vulnerability. All users of the Tor software should take steps to upgrade, though users of upcensors.net would not have to do anything because we have already done that with the version of Tor running on our server(s). A few interesting things came to light as a result of this.

First, the JanusVM software was highlighted in a post to Google Groups by Kyle Williams (who appears to be one of it's developers) as being the only way to use Tor safely without being vulnerable to this recent exploit/attack. JanusVM is a software "virtual machine" based on VMWare Player, and like upcensors.net it uses Tor to connect into and through the public Internet. JanusVM includes a bundle of other software to assist in maintaining anonymity while using the Internet.

Roger Dingledine, who heads up the Tor project, said that there are several hundred thousand people who are vulnerable to this exploit, and so details of exactly how it works are being kept quiet for the short term, so as not to put any more Tor users at risk. I am not sure how existing users are being notified, other than by way of the or-talk mailing list, which seems less than adequate in these circumstances.

News: Tor network snapshots

Wed, 15 Aug 2007 21:45:00 -0800

We added 4 different snapshots of the Tor network yesterday to upcensors.net to give a quick idea of the number of Exit and Middleman servers available and out-of-service. These snapshots are as follows:

"Country Snapshot", showing available (running) exit nodes by country code, and separated by whether or not they are classified as "fast" and "stable". Fast and Stable are terms used by and defined by the Tor network itself. I will have to track down exactly what the specifications are for these terms.

"Summary Snapshot", showing the same thing without the breakdown by country. This is quite interesting, showing, among other things, how many Fast and Stable Exit nodes are currently available for the entire Tor network to use. When I last checked this was 146.

"Summary Snapshot" of Middleman nodes, which indicates how many servers are part of the Tor network, but are not available as Exit nodes. This is currently showing 341 as both Fast and Stable.

"Summary Snapshot" of Out-of-Services nodes, which indicates how many servers are not currently up and running - currently 733 in total!

One thing missing at this time is whether or not any of the servers are "hibernating". We will add that information later, along with lots of other useful data. A hibernating server is one that has reached it's maximum throughput, usually for a given day, as defined by the person running the server. At the start of the next day (or whatever period) the server will automatically wake up and become available again.

These snapshots are currently updated every 15 minutes.

We also have started a new upcensors.net blog, so you can add your comments if you would like.

News: Tor network Middleman and Guard nodes

Fri, 17 Aug 2007 09:00:00 -0800

We have tweaked the Tor network snapshots we added to upcensors.net a couple days ago. We discovered that we could show a snapshot of "Guard" nodes, and so added this as a 5th snapshot. However, we realized that we did not really understand the distinction between Guard nodes and "Middleman" nodes, so had to do some digging and found the Tor "Path Specification" dated July 28, 2007.

Reading through this we came to the conclusion that Guard nodes are a special type of Middleman node, neither of which are Exit nodes. So an Exit node is neither a Guard node nor a Middleman node; a Middleman node can be a Guard node or not; and a Guard node is a Middleman node.

We decided the best way to make our snapshots understandable to the most number of people was to remove references to "Middleman", and refer to them as either Exit nodes, non-Exit nodes or Guard nodes. If anyone begs to differ please let us know on our blog

News: Tor snapshot update

Mon, 20 Aug 2007 18:30:00 -0800

As of this morning, I see there were 174 Fast, Stable Exit Nodes in the Tor network. There were only 146 when we put up our first snapshot on August 15. There were also 351 Fast, Stable non-Exit Nodes, versus 341 on August 15. There were only (!) 652 nodes now out-of-service, versus 733 on August 15. I think we will have to automatically build up and display a graph of these numbers so we can all watch them change over time...

News: Tor usability analysis

Mon, 20 Aug 2007 21:45:00 -0800

Great article mentioned by Roger Dingledine on or-talk last week. An analysis was done by Jeremy Clark (University of Ottawa), P.C. van Oorschot (Carleton University) and Carlisle Adams (University of Ottawa) and is available as a PDF entitled "Usability of Anonymous Web Browsing: An Examination of Tor Interfaces and Deployability". They do an excellent job of describing anonymity, in terms of what it is, what it does, and what it does not do for web users/browsers on the Internet. And they do a thorough analysis of the steps required by users to get, install, configure and use Tor from their desktop.

What their analysis does not touch on is how this compares to using Tor via a server-based proxy service like upcensors.net. It seems painfully clear to me while reading their analysis that for typical users trying to start out using Tor the road is bumpy. It seems equally clear that upcensors.net will be a great painkiller for this. Why and how?

The installation, configuration and regular monitoring of Tor as a workstation-installed bundle of software (Tor, Vidalia, Privoxy) is completely eliminated from the user's list of things to do.

The need to update this software bundle is completely eliminated.

The need to poke around with proxy settings in Internet Explorer, Firefox, Opera, or Safari (or whatever browser you use) either manually, or with extensions such as IP Changer from iPrivacyTools.com or the Torbutton extension to Firefox, etc. is almost completely eliminated, since we will be enabling use of Proxy Auto-Configuration (proxy.pac) files hosted on our server, and dynamically generated from a web interface for each user. This means users will have to poke around just once and then forget about it. We will followup with more details on how this is done, and what it means with respect to privacy, sometime soon.

News: Tor exit nodes by Continent

Sat, 25 Aug 2007 22:12:00 -0800

We added a "Continent Snapshot" this evening of available Tor exit nodes. This shows how many running exit nodes there are by Continent, which initially shows there are only 5 Fast, Stable Exit nodes in Asia, 79 in Europe, 2 in the Middle East, 2 in Europe and Asia (which I think means Russia), 53 in North America, and 4 in SouthEast Asia.

This shows that there is not much significant use of Tor yet around the world, at least in terms of fast and stable exit node servers. My guess is that it is still a lot of trouble - and potential trouble - in choosing to become an exit node. I know we decided against it after getting an email from an irate web site owner who claimed that we had spammed his site, when in fact it was a Tor user who had used our exit node to do his unpleasant business. This actually was the impetus for us creating our Real-Time Tor Detection service for web site owners, and which still runs as part of the data we provide to showmyip.com and ippages.com IP Address Lookup users.

More details as to which Countries are included in each "Continent" will follow sometime soon...

News: Tor now more Fast and Stable

Mon, 27 Aug 2007 20:25:00 -0800

Wow. Big jump in the number of "Fast" and "Stable" Tor nodes overnight. Shows 368 Fast, Stable Exit nodes now vs. 174 yesterday, and just 146 when we first put up our pickaproxy.com snapshots on August 15. Shows 489 Fast, Stable non-Exit nodes too vs. just 351 yesterday, and 341 back on August 15.

This is no doubt due to a change in the way Tor defines "Fast" and "Stable" in their latest software release that came out last night. The release notes did say that three "load balancing" patches included in the new release "could raise effective network capacity by a factor of four", which is a big boost in horsepower. But I am very surprised it so quickly changes these snapshot numbers, which come directly from the Tor network itself, via a Tor "controller" connection we make into the network from our server.

upcensors.net FAQ: can other programs like Skype use pickaproxy?

Wed, 29 Aug 2007 20:15:00 -0800

In general, yes. Most programs have some way of setting "proxy settings", usually under Advanced Connection settings or something similar.

Skype on Windows uses Internet Explorer proxy settings by default. You can also go to Tools | Options | Advanced | Connection to change the proxy settings to anything else.

ICQ proxy settings are under Preferences | Connections | Firewall.

Trillian proxy settings are under Trillian Preferences | Advanced Preferences | Proxy Server. Trillian can also be setup to use the same proxy settings as ICQ or AIM (AOL Instant Messenger) or MSN Messenger or Yahoo Messenger.

Windows Messenger proxy settings are under Tools | Options | Connection.

Comments welcome on our blog.

News: Tor "version" snapshot

Sun, 02 Sep 2007 11:35:00 -0800

We added a new "Version Summary Snapshot" to pickaproxy.com yesterday after reading a post by Mike Perry on the or-talk mailing list where he said:

"Want a faster Tor? Upgrade, inform others. For those of you who are not subscribed to or-announce and/or have friends who use Tor, the latest Tor stable should provide significant performance/capacity increase once most clients upgrade. According to my measurements with TorFlow, there should be roughly four times as much capacity once the network rebalances. In addition, many users should experience noticable improvement in performance just based on the fact that we are choosing guards in proportion to their bandwidth and expiring guards that were selected with the buggy uniform algorithm. Also, once the network is balanced, we can begin to investigate both reliability scanning options and Johannes Renner can finish his Master's Thesis on performance enhanced path selection. :) archives.seul.org/or/announce/Aug-2007/msg00001.html"

It seemed there was an obvious need to show how current each of the running nodes were, in terms of the version of the Tor software they were running. This latest Tor version 0.1.2.17 (stable) and 0.2.0.6-alpha (development) is a significant change that Mike has done a lot of work to get released - he has been posting a lot of his findings to the or-dev mailing list from his work on TorFlow, which is a set of python scripts written to scan the Tor network for misbehaving, misconfigured, and overloaded Tor nodes.

Also, as part of our pickaproxy.com service, we will be making sure that our users know which Tor version is being used at their selected exit node, and when there are significant security risks with a specific version, either letting them know, or automatically NOT allowing connections through them.

Maybe we should even send out email notices to node operators who are running insecure versions? Each node operator has the option to identify an email contact address. Without them opting in this would likely be bad form. But in the interests of security I wonder if someone should take this on, or should we?

Comments and ideas welcome on our blog.

News: Tor and wikipedia

Tue, 11 Sep 2007 17:45:00 -0800

wikimedia.org (the Wikimedia Foundation operates Wikipedia and other projects) has an interesting analysis of Tor users at meta.wikimedia.org/wiki/Editing_with_Tor that also gives an excellent description of how Tor works. Basically they are explaining that Tor users will find that they are not able to edit wikipedia and wikimedia pages in some instances - usually when another Tor user on the same exit node as you has caused the wiki sysops to take notice of their vandalism and then attempt to stop it by blocking all access from that exit node (also known as IP Blocking since it is targeted against a specific IP Address).

News: Tor "platform" snapshots

Mon, 17 Sep 2007 21:12:00 -0800

We have now simplified our "version" snapshot to remove "Guard" and "non-Guard" identification, keying only on whether a node is an "Exit" or "non-Exit" node, to keep the list shorter.

And we have now added a new "platform" snapshot showing which operating system is being used by each Exit and non-Exit node.

These are only currently "running" nodes, so any nodes out-of-service are not included in these snapshots.

I see there are 26 nodes running "Darwin" (which I believe is Apple Mac running OS/X), 56 nodes running FreeBSD, 607 running Linux, 3 running NetBSD, 19 running OpenBSD, 2 running SunOS, 28 running Windows 2000, 30 running Windows "Longhorn" (now officially called Vista), 56 running Windows 2003, 307 running Windows XP, and 1 running Windows ME.

If my math is right, that adds up to 412 running some flavour of Windows and 713 running some flavour of Unix.

News: Pick a Continent or Country

Thu, 15 Nov 2007 21:26:00 -0800

Last night we put up our first buttons on http://www.pickaproxy.com/ to allow selecting and filtering Tor network proxies by Continent and by Country. This will be your starting point when picking a proxy you can use. We will add more functionality over the next couple weeks, so that you can get more information about each proxy, and so that you can actually connect to a proxy and use it. But you might want to check out what we have and let us know what you think...

Oh, we have also done a few other additions over the past while:

We now have a Google Translate "Gadget" so you can translate the pickaproxy.com web site from English into your choice of 13 other languages.

We now do automatic refreshs every 30 minutes.

We now have a link to allow you to "Share on Facebook", besides the del.icio.us and Digg links we already had.

News: tryout.pickaproxy.com:8123 now available

Fri, 18 Apr 2008 12:36:00 -0800

We have made available a proxy on a tryout basis to allow anyone to get first hand experience with what the Tor network really does, without having to install any of the Tor software. Details are on http://www.pickaproxy.com/ but essentially anyone can set their proxy to point to tryout.pickaproxy.com and specify port 8123 to make this work. We ask that use be kept under 1 hour, since we do not have unlimited server capacity.

News: US, UK and France proxies now available

Mon, 28 Apr 2008 21:42:00 -0800

We now have 4 ways you can try out our pickaproxy.com service:

To get a random selection of proxies that changes roughly every 10 minutes, change your "proxy" settings to point to tryout.pickaproxy.com and specify port 8123.

To get a selection of proxies that are only in the USA, change your "proxy" settings to point to us.pickaproxy.com and specify port 8125.

For the UK, use uk.pickaproxy.com and port 8126.

For France, use fr.pickaproxy.com and port 8129.

We ask that you limit your use to 1 hour per day at most. These tryouts use the Tor software running on our server as a Tor "client", and they make use of either the open source polipo or squid caching web proxy running on our server, to make them work faster. This means that web site pages and images that you visit may end up being saved in our polipo or squid proxy cache for up to 90 days, although in most cases this cache will be cleared every 30 days. We also may keep some logs of your activity for up to 90 days so we can learn from the use of our services and improve upon them, but for your long-term safety and privacy we do not make backup copies of any of our log files or cache files.

News: Russia, China and Canada proxies now available

Tue, 29 Apr 2008 13:52:00 -0800

Ok, we decided to add 3 more:

For Russia, use ru.pickaproxy.com and port 8130.

For China, use cn.pickaproxy.com and port 8131.

For Canada, use ca.pickaproxy.com and port 8132.

You are welcome :)

News: SSL secure access to pickaproxy.com now available

Thu, 1 May 2008 12:30:00 -0800

One of the concerns with using pickaproxy.com as your proxy server is that the information you see in your browser, and that you send to web sites, can be monitored more easily than if you did not use a proxy server. The connection between your computer and our server is a single point of access, and if we were so inclined we could watch the content coming and going. This is true for much of the internet in general, and for any proxy server, and especially true in some countries such as those singled out by Reporters Without Borders (Reporters sans fronti�res) in their November 2005 article The 15 Enemies of the Internet.

We are not doing any such monitoring, first off, and have no plans to do so. But we are now offering a way for you to secure this data flowing between you and our server. This can be done by installing and configuring the open source "stunnel" software on your computer. stunnel has been available for many year, and works by using OpenSSL to encrypt all communication between your computer and our server. You then configure your "proxy" settings and your "stunnel" settings as follows:

rather than "tryout.pickaproxy.com" and port "8123" you configure your proxy settings to be "localhost" and port "8100", and your stunnel settings to be "accept = 8100" and "connect = tryout.pickaproxy.com:7123"

rather than "us.pickaproxy.com" and port "8125" you configure your proxy settings to be "localhost" and port "8100", and your stunnel settings to be "accept = 8100" and "connect = us.pickaproxy.com:7125"

rather than "uk.pickaproxy.com" and port "8126" you configure your proxy as localhost port 8100, and your stunnel as accept = 8100 and connect = uk.pickaproxy.com:7126

rather than "fr.pickaproxy.com" and port "8129" you configure your proxy as localhost port 8100, and your stunnel as accept = 8100 and connect = fr.pickaproxy.com:7129

rather than "ru.pickaproxy.com" and port "8130" you configure your proxy as localhost port 8100, and your stunnel as accept = 8100 and connect = ru.pickaproxy.com:7130

rather than "cn.pickaproxy.com" and port "8131" you configure your proxy as localhost port 8100, and your stunnel as accept = 8100 and connect = cn.pickaproxy.com:7131

rather than "ca.pickaproxy.com" and port "8132" you configure your proxy as localhost port 8100, and your stunnel as accept = 8100 and connect = ca.pickaproxy.com:7132

stunnel is available for download from http://www.stunnel.org/download/binaries.html and at this time we are not providing support or assistance with installing or configuring stunnel, but we will eventually offer this service. I will say that stunnel configuration is not that difficult, and is done by making changes to the stunnel.conf file.

News: faster US proxy settings, and more stable streaming

Tue, 6 May 2008 11:20:00 -0800

The US has a fairly large number of faster proxies, so we have increased the minimum speed of the proxies we offer from the United States from 23 KBs to 32 KBs, so that you should see an increase in speed of about 35%. We have also now setup port 80 to be a "long lived" port on all our proxies, which means that in most cases when you are browsing the internet, we will not change your IP address while you are in the middle of using a particular web site. If you have been trying to stream video content and had problems, you might want to try again now.

If anyone is interested in trying out German proxies, please let us know. We have found that there are lots to pick from in Germany.

"Tor speak"

Tue, 6 May 2008 16:25:00 -0800

We recently realized that there are 2 distincts groups of users of our pickaproxy.com site, and we needed to cater to each of these groups. In one corner, are the existing Tor users and Tor developers, while in the other is everyone else.

We initially setup pickaproxy.com with a smattering of Tor-specific terminology such as "exit nodes", "relay nodes", "guard nodes", etc. but then changed tack and replaced "exit nodes" with the more generic term "proxy servers" and hid most of the rest because it was only meaningful to the Tor-ians. Now we are offering a "Tor speak" version of the site to allow the Tor-ians to better understand what we are talking about. There is a new link on the site to use Tor terminology, or you can manually add the ?speak=tor parameter yourself.

The "Tor speak" version also includes some additional information that only a Tor-ian could appreciate, such as how many users of the Tor network are using each software version, how many of each different "platform" (ie. operating system) are in use, how many guard nodes and relays nodes are in use, etc.

News: non-US, non-China, and non-Germany proxies now available

Sat, 10 May 2008 16:24:00 -0800

Ever wanted (or needed) to appear to NOT be somewhere while using the Internet? Whatever your reasons, we can now help you if it is the USA, China, or Germany that you do not want to appear to be in. Try setting your proxy to:

nonUS.pickaproxy.com port 18225 to avoid being in the USA

nonCN.pickaproxy.com port 18231 to avoid being in China

nonDE.pickaproxy.com port 18233 to avoid being in Germany

In "Tor" speak, we make sure in all 3 of these cases that you neither use Exit nodes nor Entry nodes that are in the specific countries.

That reminds me about something that we have not mentioned before, with respect to all the other country-specific proxy settings: we always use "strict" Entry nodes that are NOT in the same CONTINENT as the "strict" Exit nodes we select for you in that country, in order to increase your chances of staying anonymous. One of the acknowledged risks of using the Tor network is exposure to greater surveillance by entities that believe it is their right and responsibility to do so. By setting strict entry nodes that are geographically dispersed from the strict exit nodes you use, we give you greater protection from this potential threat to your privacy. There is more information on the Tor project web site about this.

Tuesday stuff

Tue, 13 May 2008 11:05:00 -0800

A few items to report today:

(1) The Tor Project announced a fix this morning to a major security vulnerability in Debian's OpenSSL packages. We have now upgraded all the Tor software on our pickaproxy.com servers so you do not have to do anything yourself.

(2) When I first checked the number of Tor proxy servers running the new version this morning I found only 3 of them. (You can check this yourself anytime by going to http://www.pickaproxy.com/?speak=tor. Look for the "Recommended Version Summary" drop-down list on the left.) After upgrading our own servers I see there are now 8 running the new version as of 13:10 pm EDT, leaving about 160 others needing to be upgraded. This is pretty cool information to have at your fingertips, eh?

(3) The stunnel settings for the non-China proxies are "accept = 8100" and "connect = nonCN.pickaproxy.com:17231". Your proxy settings would be "localhost port 8100" as it would be for any stunnel users, to indicate stunnel was running on your computer in the background waiting for connections to port 8100 from your browser or whatever other program you may be using. (Yes, you could configure your stunnel to run on a different port than 8100 - it is your choice. Check our May 1 blog for more details on stunnel.)

(4) The stunnel settings for the non-Germany proxies are "accept = 8100" and "connect = nonDE.pickaproxy.com:17233".

(5) The stunnel settings for the non-US proxies are "accept = 8100" and "connect = nonUS.pickaproxy.com:17225"

(6) I see that lots of people have been using our pickaproxy.com geospoofing service over the past 25 days since we launched it on a tryout basis. There have been over 15,000 different web sites accessed through it so far. We are still working on improving it, providing more control and more information to our users, and figuring out how best to define and distinguish our free services from subscription services. We are also currently working on a way to let iPhone and iPod Touch users connect to us, we are working on having proxy auto-configuration PAC files for you to simplify changing your proxy settings, and we are designing an Internet Explorer and Firefox toolbar/addon to let you easily control and monitor your pickaproxy.com settings.

Paranoia part 1

Thu, 22 May 2008 11:15:00 -0800

There are 5 very fast proxy servers operated by Performance Systems Inc. (PSI) in Washington, DC that scare me.

They are all exit nodes on the Tor network, providing proxy support for DNS (port 53), POP3 email (port 110), IMAP email (port 143), MSN Messenger (port 1863), ICQ (port 5190), Jabber and/or Google Talk and/or possibly a Tor Hidden Service (port 5222), MMCC (port 5050), Virtual Places (port 1533), and IRC (ports 6660-6667). One of the 5 also provides proxy support for telnet (port 23). None of them provide proxy support for http (port 80) or https (port 443), but there is a good chance if you are using the Tor network your traffic will run through 1 of these servers as a relay or guard/entry node.

None of them have any records in the DNS domain name system that I can find, they all have IP Addresses starting with 149.9.0, these are the only proxy servers on the Tor network operated by PSI, and they all seem to be configured identically, even to the point of using the same out-of-date version of the Tor software.

I would say it is likely they are operated by, or on behalf of, some branch of the US government.

As a result, in order to limit your exposure to the potential of your internet activity being monitored by or through these servers, we have now configured our pickaproxy.com tryout services to always exclude these 5 proxy servers. This will slow down our proxy service to some degree, but we consider the trade-off to be worth it. Eventually we will allow our users to decide for themselves if they want to exclude these or any other proxy servers.

Comments are certainly welcome on our blog...

Paranoia part 2

Thu, 22 May 2008 13:55:00 -0800

Last Monday, Memorial Day in the US, and Victoria Day in Canada, I discovered a potentially troubling anomaly in the Tor network. Between about 10am and 3pm EST the number of computers running the Tor software as a relay or exit dropped to about 400 from the usual range of about 2,000.

This could be nothing serious, but also could be very serious in terms of increased exposure of Tor network traffic to possible monitoring. It is generally acknowledged that the more computers running the Tor software as relays and exits the greater anonymity of it's users. With 80% of the usual Tor servers flagged as out-of-service for 5 hours, this would mean all the normal Tor network traffic would be forced to travel through just 20% of the available servers. In other words, if an imaginary adversary controlled 4 Tor servers, then instead of having access to just 0.2% of the total Tor network traffic (4 of 2,000), they could have access to 10% of the total Tor network traffic (4 of 400), as long as their 4 were part of the ones that remained in service.

How could all these servers have been flagged as out of service? Was it an accidental anomaly in the Tor software? Was someone maliciously manipulating the Tor "running" status flag for this time period, hoping that no one would notice?

We have no answers at this time, although we are convinced that this anomaly was not simply a problem with our own software which monitors the composition and state of the Tor network. In response to this, we have started development of an alert system to be added to our pickaproxy.com service, so that when (if?) these conditions come up again, our users will be told, so they can make their own choices as to whether to continue using our service (and the Tor network in general) or disconnect until we issue a "Code Green" when more normal conditions return...

Tor network status now available

Thu, 29 May 2008 11:30:00 -0800

Further to our last post on May 22, we have now made available an initial step to identify and advise people about the status of the overall Tor network. This information is now displayed at the top of our pickaproxy.com web site, showing the "current Tor network status" as either Ok, Use With Caution, or Not Considered Safe. These 3 conditions are initially defined as follows:

"Ok" means there are at least 525 exit nodes ("proxy servers" for the non-Tor-speaking set), 500 relays, 300 guards, 6 version 3 directories, 500 version 2 directories, 32 KB/s mean and average exit bandwidth, and 40 KB/s mean and average relay bandwidth. Any nodes hibernating, marked as "bad", not "valid", or not "running" are excluded from these numbers.

"Use With Caution" means there are less than 1 or more of these thresholds, but at least 375 exit nodes ("proxy servers"), 350 relays, 150 guards, 5 version 3 directories, 250 version 2 directories, 22 KB/s mean and average exit bandwidth, and 30 KB/s mean and average relay bandwidth.

Anything less than any of these Use With Caution thresholds will result in a "Not Considered Safe" status.

Our next step will be to allow people to subscribe to this information, and to define these thresholds for themselves. Our checks to update this status are currently done every 1-2 hours.

Webdvdr and desync now excluded

Mon, 09 Jun 2008 10:50:00 -0800

We have now excluded 2 more proxies from our service: Webdvdr and desync.

Webdvdr is currently the fastest computer in the entire Tor network by a considerable margin, and the operator of this computer continues to regularly change their "exit policy", indicating some sort of experimentation and possibly analysis of traffic flowing through it. Located geographically in Paris, France at dedibox.fr, the operator has also not identified themself with a Tor Contact name, the IP address 88.191.79.196 does not have a DNS host name, is listed on spamhaus.org's XBL composite block list, and is listed on uceprotect.net Level 1 spam list. We think all this warrants protecting our users from this proxy, and so are adding it to our "ExcludeNodes" list effective immediately until further notice. The operator of this proxy is certainly welcome to contact us at any time.

Desync is currently the second fastest in the Tor network, geographically located in Placentia, California, USA, with Contact name Ben Wilber, and the only computer in the Tor network using ISP Neucom and owned by Reliable Web Services. It's IP address 66.230.230.230 likewise does not have a DNS host name, and although it is not an obvious candidate for our ExcludeNodes list, we are being cautious in doing this, and in addition we will be attempting email contact with the operator to learn more about him and his intentions with this proxy.

Further to our May 22 blog posting, Paranoia part 1, the names of the 5 proxy servers owned and operated by PSI in Washington, DC, USA are bettyboop, croeso, jalopy, myrnaloy, and nixnix.

Desync ok

Wed, 11 Jun 2008 12:50:00 -0800

So I sent an email to the contact Ben Wilber for the Tor network proxy named "desync", getting the IP Address wrong in the process: "I wonder if you would mind giving me some information about your intentions with the Desync Tor exit node you ostensibly operate at 63.230.230.230? I run the pickaproxy.com site and noticed that you are the 2nd fastest node in the Tor network http://www.pickaproxy.com/?speak=tor and the only one owned by Reliable Web Services and using ISP Neucom. I am generally suspicious of fast nodes, so please do not take offence if your intentions are worthy :)"

And I got a reply: "Our node is intended to support the Tor project's efforts to preserve anonymity on the Internet. No transmitted information or logs concerning circuit construction are monitored or recorded within our scope of control, both for clients' privacy and our own legal protection. The node is physically located in Tampa, FL and is operated by desync.com out of Desync's network, AS30217."

I replied: "Thanks, Ben. I would be glad to remove this node from our pickaproxy.com ExcludeNodes list based on this information. Would you mind if we posted your email reply on our pickaproxy.com blog?"

And he said: "Sure, go ahead."

So desync is in, and as of today it is the fastest of all computers in the Tor network with a throughput measured to be consistently around 6 GB per second for at least the last week. Considering that the average proxy server ("exit node") in the Tor network has a throughput of about 243 KB per second, and the mean throughput is only about 50 KB per second, Ben is to be thanked for adding so much horsepower for all to use!

Proxy Auto Configuration "PAC" files now available

Thu, 12 Jun 2008 12:32:00 -0800

You can now use our pre-set "PAC" files to specify your proxy settings, which simplifies things a bit. Instead of setting your proxy to tryout.pickaproxy.com and port 8123, you can now specify the "Use automatic configuration script" option (if using Internet Explorer) or the "Automatic proxy configuration URL" option (if using Firefox) or the "Use automatic proxy configuration" option (if using Opera) and use https://www.pickaproxy.com/tryout.proxy.pac as the Address and name and location of the script file.

us.proxy.pac is equivalent to us.pickaproxy.com and port 8125

uk.proxy.pac is equivalent to uk.pickaproxy.com and port 8126

fr.proxy.pac is equivalent to fr.pickaproxy.com and port 8129

ru.proxy.pac is equivalent to ru.pickaproxy.com and port 8130

cn.proxy.pac is equivalent to cn.pickaproxy.com and port 8131

ca.proxy.pac is equivalent to ca.pickaproxy.com and port 8132

de.proxy.pac is equivalent to de.pickaproxy.com and port 8133

nonCN.proxy.pac is equivalent to nonCN.pickaproxy.com and port 18231

nonDE.proxy.pac is equivalent to nonDE.pickaproxy.com and port 18233

nonUS.proxy.pac is equivalent to nonUS.pickaproxy.com and port 18225

We will add more functionality and flexibility to our PAC file support at a later time. The plan is for subscribers to be able to define multiple proxy options within a single PAC file for their own use, and to allow PAC files to be updated from our https://www.pickaproxy.com web site so that you do not have to muck about with proxy settings on your computer, other than to do the initial, one-time change to use your PAC file.

Proxy Auto Configuration now skips 127.0.0.1

Thu, 19 Jun 2008 12:32:00 -0800

If you are using our PAC files, and Google Desktop Search, you will notice you no longer get an error message, because we no longer try to proxy anything using "127.0.0.1" or "localhost" as the domain name. The PAC file now looks like this (for the us.proxy.pac file), which is just a bit of Javascript:

function FindProxyForURL(url, host) {
if ((host == '127.0.0.1') || (host == 'localhost'))
return "DIRECT";
else
return "PROXY us.pickaproxy.com:8125";
}

"DIRECT" in this context means do not use the proxy, but rather make a direct connection.

On another note, we also are now showing a list of all Tor proxy servers ("exit nodes") that we never use, for reasons of security and/or reliability. You will have to be looking at the "Tor speak" version of our site (at http://www.pickaproxy.com/?speak=tor) to see this list, but it is shown below the "Top 10 Fastest (Running)" list. And you will notice that we have added "AoF" to this list because of reliability problems we have noticed in the last few days. Any changes to our "ExcludeList" will now be shown automatically in this way, so we will not be announcing each and every change on this blog or in our RSS feed.

Too many open files

Wed, 09 Jul 2008 14:04:00 -0800

If you are trying out our proxies and get an error indicating there are "Too many open files" we apologize, but this is an indication that our server is running at maximum capacity. Best to retry or come back later when things will be less busy. Our web accelerator cache is also hitting capacity at times, and we are currently working on a better design to address this. Eventually we expect to have much greater capacity - perhaps even unlimited capacity - as we move to a "cloud computing" infrastructure.

Major recent DNS Vulnerability - but not here

Thu, 7 Aug 2008 10:37:10 -0500

There has been lots of recent coverage about the major DNS vulnerability found by researcher Dan Kaminsky earlier this year: see doxpara.com, news.oreilly.com, and CERT for examples.

We wanted to let you know that one of the very few DNS servers/services that has NOT been vulnerable to this "DNS cache poisoning" exploit is OpenDNS, which has been the DNS server/service we use at pickaproxy.com and our other privacy-ecosystem.com sites for quite some time.

Change your proxy settings (how to...)

Thu, 28 Aug 2008 13:21:30 -0800

Lots of questions lately on how to change your proxy settings...

If using Microsoft Internet Explorer, go to Tools | Internet Options | Connections | LAN Settings and select the "Use automatic configuration script" option, with "http://www.pickaproxy.com/nonCN.proxy.pac" as one example of the PAC files we currently support for tryouts.

As an alternative, you could select the "Use a proxy server for your LAN" option, along with the "Bypass proxy server for local addresses" option, de-select the "Automatically detect settings" option, click the Advanced button, enter "tryout.pickaproxy.com" in the "Proxy address to use" fields for HTTP, Secure and Socks, and enter 8123 in the "Ports" fields.

If using Firefox, go to Tools | Options | Advanced | Network | Connection Settings and select the "Automatic proxy configuration URL" option, with "http://www.pickaproxy.com/tryout.proxy.pac" as one example of the PAC files we currently support for tryouts.

After this, use your browser to go to https://check.torproject.org or http://www.whatismyipaddress.com or https://www.showmyip.com to confirm that your new proxy settings are geospoofing you!

Other browsers and other programs will have similar ways to change their proxy settings. If you come across something that is giving you grief, let us know and we will find out what you need to do.

Tor Network "code green" criteria

Sat, 13 Sep 2008 14:26:45 -0500

We have updated our criteria for showing the Tor Network as "Code Green", which is how we define it as operating "normally". Our criteria was bound to change, since the Tor Network itself is in many ways a work in progress. And I doubt this will be the last change we make to it. In order to make it more clear what our criteria is going forward, we have now included a new listbox called Tor Network Status "Code Green" Levels, which can be seen at pickaproxy.com?speak=tor.

I should clarify that our criteria is not endorsed by the Tor Project, but rather something we embarked on ourselves to identify and communicate to our users when something does not seem to be right with the Tor Network in aggregate. This is one of the added values of using our service. What we changed yesterday was the minimum number of "Guard" nodes, which was reduced from 300 to 200, and a minimum number of "Hidden Service" Directory Servers was established at 15.

"Guard" nodes are an important part of the Tor Network design, but pretty much irrelevant for our users at this time. We handle that part for you as part of the connection we give our users into the Tor Network. If you are interested in the details about guard nodes, I suggest you start with reading http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#head-9927a2f6d044e4c5b1fc610d92175b7c8d4f49d9

The reason we changed our criteria yesterday from 300 to 200 Guard nodes is because there have been a significant number of times recently when the total number of Guard nodes has been less than 300. In fact about 30% of the time in September so far this has been true, compared with about 5% in August, and only about 2% of the time for July. We figure the normal state of the Tor Network must have changed, and 200 Guard nodes is still a reasonably high number.

"Hidden Services" are another important part of the Tor Network, but also irrelevant for the majority of our users at this time. Hidden Services are web servers (and web services) running on the Tor Network that do not expose their IP Address to their users. If you are interested in the details about Hidden Services, I suggest you start with reading https://www.torproject.org/docs/tor-hidden-service.html. The number of Hidden Service Directories is important because the more there are, the greater the protection they offer to Hidden Service users.

Let us know if you have any questions or concerns about these changes.

LogMeIn Hamachi - a better VPN?

Tue, 23 Sep 2008 21:19:30 -0800

We have provided support for stunnel secure communications between our users' computers and our pickaproxy.com server(s) since May 1, 2008. Today we have added support for LogMeIn Hamachi which may be a better way of doing the same thing.

Initially we are only setting up 3 Hamachi VPN "networks" while we try this out. You can connect to our cavpn.pickaproxy.com "network" from your LogMeIn Hamachi software using password ca487_nx. Then, once you are connected, you can change your proxy settings to cavpn.pickaproxy.com and port 8132 to get access to Canada-only IP Addresses.

Alternatively you can connect to our usvpn.pickaproxy.com "network" using password us92XAM5, then change your proxy settings to usvpn.pickaproxy.com and port 8125 to get access to USA-only IP Addresses.

Or you can connect to our devpn.pickaproxy.com "network" using password deX3Bc_, then change your proxy settings to devpn.pickaproxy.com and port 8133 to get access to Germany-only IP Addresses.

The LogMeIn Hamachi software encrypts all communications between your computer and our server, so that no one can snoop on it. Not us, your ISP, or anyone else.

Tor network status update

Wed, 10 Mar 2010 06:29:12 +0100

current Tor network status: Ok!. 702 Proxy Servers (average this month 782, least 641, most 901). last month: average 812 Proxy Servers, least 681, most 969. 2010-01: average 771 Proxy Servers, least 497, most 926. 2009-12: average 794 Proxy Servers, least 651, most 966. 2009-11: average 762 Proxy Servers, least 631, most 910. 2009-10: average 785 Proxy Servers, least 667, most 915. 2009-09: average 843 Proxy Servers, least 714, most 997. 2009-08: average 872 Proxy Servers, least 738, most 1,024. 311.8 KB/s average Proxy Server bandwidth. 66.8 KB/s median Proxy Server bandwidth