Fear Your Browser, Episode 3: Using Proxies

“Proxy” means several things in the networking world, unfortunately.

One meaning refers to the kind of network trickery mainland Chinese use to get around government restrictions: proxy servers. Basically, these serve as a relay for every request, making the origin look like themselves (usually in a different country), and not someone in a nation where information is “controlled.”

Another refers to proxy servers like Squid in the Unix world, and ISA in the Windows world. Both offer content caching, as well as logging and monitoring (think about that, since most enterprises use proxies) and content filtering. At one organization the image of a Big Red Hand greets your attempt to visit certain sites, for instance. While these machines are Big Brotherly, they actually offer some advantage in security, since they can indeed prevent certain content from reaching users. This is not, however, usually geared toward advertisers and other potentially abusive tracking organizations.

Yet another type of proxy is a local proxy, running right on your computer but providing some of the more clever content-filtering features of the Big Brother proxy servers. For browsing purposes, a good choice as of this writing is Privoxy (http://www.privoxy.org/), which is specifically geared toward eliminating third-party tracking. In their own words:

Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk.

It’s available for everything from Windows to BSD, with about as wide a variety of installation instructions as you could imagine. If you’re running BackTrack on your laptop, its as easy as

apt-get install privoxy

Dig into the documentation. There’s a world to know about Privoxy if you want to tinker with filtering actions. But also be clear: default settings are already way, way better than surfing “naked.”

There’s only one little problem.

Your traffic has a clear origin, and your browser has a unique fingerprint.

Oops, that’s two problems. And you wanna bet there are more? For next time …