Javascript and anonymity

Discussion in 'Javascript' started by retyop@techemail.com, Nov 8, 2006.

  1. Guest

    Does javascript install any sort of "cookies" that allows a site to
    uniquely identify you every time you visit, regardless of wether or not
    you disable normal web browser cookies?

    An anonymous web browsing utility I use states that you are not truly
    anonymous unless you turn off things such as java, javascript, and some
    other applications. This being because they somehow have the ability to
    find their way back to the originating site without using your web
    browser and thus can reveal to the originating site the real IP of your
    browser that requested the page, bypassing the hops through my fellow
    servers that helped me request the page without revealing my IP
    address. Any truth to this? Links? FAQs?
    , Nov 8, 2006
    #1
    1. Advertising

  2. Dr. Doktur Guest

    <> wrote in message
    news:...
    > Does javascript install any sort of "cookies" that allows a site to
    > uniquely identify you every time you visit, regardless of wether or not
    > you disable normal web browser cookies?
    >
    > An anonymous web browsing utility I use states that you are not truly
    > anonymous unless you turn off things such as java, javascript, and some
    > other applications. This being because they somehow have the ability to
    > find their way back to the originating site without using your web
    > browser and thus can reveal to the originating site the real IP of your
    > browser that requested the page, bypassing the hops through my fellow
    > servers that helped me request the page without revealing my IP
    > address. Any truth to this? Links? FAQs?
    >


    true, it is out there, keep a googling
    Dr. Doktur, Nov 9, 2006
    #2
    1. Advertising

  3. amadeus Guest

    <> wrote in message
    news:...
    > Does javascript install any sort of "cookies" that allows a site to
    > uniquely identify you every time you visit, regardless of wether or not
    > you disable normal web browser cookies?
    >
    > An anonymous web browsing utility I use states that you are not truly
    > anonymous unless you turn off things such as java, javascript, and some
    > other applications. This being because they somehow have the ability to
    > find their way back to the originating site without using your web
    > browser and thus can reveal to the originating site the real IP of your
    > browser that requested the page, bypassing the hops through my fellow
    > servers that helped me request the page without revealing my IP
    > address. Any truth to this? Links? FAQs?


    They're right, use a search engine and find out all about it



    --
    Posted via a free Usenet account from http://www.teranews.com
    amadeus, Nov 9, 2006
    #3
  4. VK Guest

    wrote:
    > Does javascript install any sort of "cookies" that allows a site to
    > uniquely identify you every time you visit, regardless of wether or not
    > you disable normal web browser cookies?
    >
    > An anonymous web browsing utility I use states that you are not truly
    > anonymous unless you turn off things such as java, javascript, and some
    > other applications. This being because they somehow have the ability to
    > find their way back to the originating site without using your web
    > browser and thus can reveal to the originating site the real IP of your
    > browser that requested the page, bypassing the hops through my fellow
    > servers that helped me request the page without revealing my IP
    > address. Any truth to this?


    Yeah... we are living in the terrible world. Did you hear about the
    last javascript program: it makes the content invisibly blink with the
    frequency affecting alpha-rhythms of user's brain. In less then a few
    minutes the affected person has an internal voice telling her to buy a
    Microsoft product - and she cannot fight with this voice.

    :)

    :-|
    JavaScript can set/read cookies over document.cookie : but it is
    exactly the same as any server can do. Whatever your cookie policies
    are on the browser: they are applicable to either case. For Internet
    Explorer for instance check Tools > Internet Options > Privacy.

    > my fellow servers that helped me request the page
    > without revealing my IP address


    You mean services like
    <http://www.anonymizer.com/consumer/products/anonymous_surfing/> ?
    (just naming the oldest one of this kind).
    JavaScript is not allowed to read IP of the client machine.
    I am using an IP anonymizer regularly while posting here, so my post IP
    originating sometimes from London sometimes from Moscow (in case if let
    them jump on Od' Lady Europe first or die surrounded by snow and bears
    :))

    As a conclusion: you are one of many seeking an easy solution for a
    complicated problem. "Just press one button and my security/privacy is
    set". Alas neither JavaScript nor cookie is not that magic button - and
    this button doesn't exist at all.

    1) Make sure you have all updates for your OS recommended by producer.
    2) Use the latest version of your preferred browser. Firefox 2.0 has
    times lesser security exploits than Internet Explorer 7.0: so if you
    are using IE, you may consider try Firefox 2.0.
    3) Have reputable anti-virus software installed with paid subscription
    (so it updates virus database regularly).
    4) Take more fresh air and physical exercises so nightmares of a
    worldwide conspiracy against your privacy would leave you. :)
    VK, Nov 9, 2006
    #4
  5. Guest

    VK wrote:
    > wrote:
    > > Does javascript install any sort of "cookies" that allows a site to
    > > uniquely identify you every time you visit, regardless of wether or not
    > > you disable normal web browser cookies?
    > >
    > > An anonymous web browsing utility I use states that you are not truly
    > > anonymous unless you turn off things such as java, javascript, and some
    > > other applications. This being because they somehow have the ability to
    > > find their way back to the originating site without using your web
    > > browser and thus can reveal to the originating site the real IP of your
    > > browser that requested the page, bypassing the hops through my fellow
    > > servers that helped me request the page without revealing my IP
    > > address. Any truth to this?

    >
    > JavaScript can set/read cookies over document.cookie : but it is
    > exactly the same as any server can do. Whatever your cookie policies
    > are on the browser: they are applicable to either case. For Internet
    > Explorer for instance check Tools > Internet Options > Privacy.
    >


    Is this in a different folder than the typical folder for cookies
    [c:\documents and settings\user name\cookies\*.*] ? In the case of
    Firefox, do you know where to check for cookies? It clearly doesn't
    store them in the default folder I noted above.

    > > my fellow servers that helped me request the page
    > > without revealing my IP address

    >
    > You mean services like
    > <http://www.anonymizer.com/consumer/products/anonymous_surfing/> ?
    > (just naming the oldest one of this kind).
    > JavaScript is not allowed to read IP of the client machine.


    That's great news. But I think the problem noted by the sites I read is
    that the javascript routine may try to "phone home", thus indirectly
    revealing the origin of the real requester of the web page. Can you
    tell me about this?
    , Nov 9, 2006
    #5
  6. VK Guest

    wrote:
    > Is this in a different folder than the typical folder for cookies
    > [c:\documents and settings\user name\cookies\*.*] ? In the case of
    > Firefox, do you know where to check for cookies? It clearly doesn't
    > store them in the default folder I noted above.


    Tools > Options > Privacy > Cookies > Clear Cookies Now
    Tools > Options > Privacy > Cookies > Settings > Clear private data
    when closing Firefox

    TweakUI for Windows XP:
    <http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx>
    TweakUI for older Windows:
    <http://www.microsoft.com/ntworkstation/downloads/PowerToys/Networking/NTTweakUI.asp>

    Install, go to Control Panel
    Tweak UI > Paranoia tab > raise all checkboxes; restart Windows.

    Your Web browsing will be a real torture now, but you are well prepared
    for a surprise FBI visit. :)

    > But I think the problem noted by the sites I read is
    > that the javascript routine may try to "phone home", thus indirectly
    > revealing the origin of the real requester of the web page. Can you
    > tell me about this?


    Most of the sites stating that you are all unsecure "until install X
    software" are spyware destributors. Go to your OS producer site and
    read what *they* have to say. Also go to your browser producer site and
    read what *they* have to say.

    And no: JavaScript programs exists only on the page where loaded and
    disappear when you leave the page. They don't reside in the memory.
    That is why it may be good idea before going to check you bank account:
    simply close all open browser windows, then open one and go right to
    the back page.
    VK, Nov 9, 2006
    #6
  7. Goldy Guest

    I would recommend JanusVM.
    http://janusvm.peertech.org

    It uses Tor to hide your IP. Privoxy and Squid to filter web crap
    (ads, cookies, etc.) and spoofs your web browsers UserAgent.
    Now about the JavaScript/Java/Flash issue of getting your real
    IP...don't worry about it. JanusVM routes ALL TCP traffic through Tor,
    so the proxy bypass tricks in Java and Flash don't work (which is good
    for you). As for Cookies, just have firefox clean them every time you
    close your browser. UDP and ICMP traffic are not passed through when
    you use JanusVM, because those can leak your REAL IP address.

    I would recommend you check out JanusVM. At least 50,000 people are
    using it now.
    It works well with just about every application I use.



    wrote:
    > Does javascript install any sort of "cookies" that allows a site to
    > uniquely identify you every time you visit, regardless of wether or not
    > you disable normal web browser cookies?
    >
    > An anonymous web browsing utility I use states that you are not truly
    > anonymous unless you turn off things such as java, javascript, and some
    > other applications. This being because they somehow have the ability to
    > find their way back to the originating site without using your web
    > browser and thus can reveal to the originating site the real IP of your
    > browser that requested the page, bypassing the hops through my fellow
    > servers that helped me request the page without revealing my IP
    > address. Any truth to this? Links? FAQs?
    Goldy, Nov 10, 2006
    #7
  8. Guest

    Goldy wrote:

    > I would recommend JanusVM.
    > http://janusvm.peertech.org
    >
    > It uses Tor to hide your IP. Privoxy and Squid to filter web crap
    > (ads, cookies, etc.) and spoofs your web browsers UserAgent.
    > Now about the JavaScript/Java/Flash issue of getting your real
    > IP...don't worry about it. JanusVM routes ALL TCP traffic through Tor,
    > so the proxy bypass tricks in Java and Flash don't work (which is good
    > for you). As for Cookies, just have firefox clean them every time you
    > close your browser. UDP and ICMP traffic are not passed through when
    > you use JanusVM, because those can leak your REAL IP address.
    >
    > I would recommend you check out JanusVM. At least 50,000 people are
    > using it now.
    > It works well with just about every application I use.
    >


    At last. Whew, thanks Goldy, I was going crazy with all these wise
    crack remarks about paranoia, FBI, etc. I wonder which of the
    newsgroups the previous jerk off posters come from.

    You addressed my issue directly, by pointing out that there exists a
    "proxy bypass trick in Java and Flash". Thank you very much. That was
    my basic concern. I'm going to check out all that stuff. Thanks! :)
    , Nov 10, 2006
    #8
  9. VK Guest

    wrote:
    > I was going crazy with all these wise
    > crack remarks about paranoia, FBI, etc. I wonder which of the
    > newsgroups the previous jerk off posters come from.


    "Paranoia" is not my term - it is official name of the tab in Tweak UI
    interface officially distributed by Microsoft, Inc (see the links I
    provided). If you feel yourself offended: please address it to
    Microsoft.

    If you felt some humor behind my post - it is presented, but only in
    the style. All technical details are strictly correct and serious.

    A bit humorist style of my posts - and sorry if seemed offensive - is
    because it is really funny to read such vague questions as "I'm going
    to the Internet. THEY told me that I can be recognized there. Is it
    true?"

    What exactly do you want to hide? The fact of visiting
    "CrackesSerials.foo" or "HotBabes.bar"? Then IP forging and cookie
    clean up helps to some extend. If you did something so bad that the
    government went on you then the exact traffic is kept for the law
    defined time on your provider's server and can be requested at any time
    (USA. EU, Russia, China)

    If you want to hide the fact of buying online "How to make a bomb in 15
    minutes: Definitibe guide" than it is even more funny because
    everything is attached to your credit card/ PenPal account etc and it
    gets known to all credit companies around the world in 15sec after the
    fact of buying.

    For sake of it look at your wallet (unless your are from a 3rd word
    country): 99% is discount cards and credit cards. Your preferred store
    is Safeway? Well, some news for you: Albertson's knows exactly the
    amount of beer you drunk last year, your preferred mark of chewing gum
    (don't want to use cigarettes as the sample) and Target knows the
    preferred color of clothes you want to wear.

    In the Internet the only thing one may hide (up to some extent) is the
    fact of reading something or saying something at the given moment of
    time. The rest of your a** remains uncovered.

    This way: what exactly did you want to hide from us? ;-)
    VK, Nov 10, 2006
    #9
  10. Re: help sought for : e-mail to newsgoup

    Klingsor wrote:
    > >Sirs, apologies as this may not be the appropiate group
    > >for my questionning ; could you direct me to an URL or FAQ
    > >or message group detailing how to convert a regular e-mail
    > >into a message to a usenet news-group such as
    > >this alt.privacy.anon-server ?
    > >( not necessarily anonymous though , hence my apologies :)

    >
    > You add a Newsgroups header like this to your email:
    >
    > Newsgroups: alt.privacy.anon-server
    >
    > Then you post it to one of the mail2news gateways, e.g.:
    >
    >
    >
    >
    >
    > (You must have an email client that lets you add your own custom
    > headers, though.)
    >


    Do you know a decent email client that allows the addition of custom
    headers?

    I can telnet to the SMTP server and type the headers in manually but
    that gets really old after a while.
    Debra Lee Logan, Nov 10, 2006
    #10
  11. Tim Slattery Guest

    Re: help sought for : e-mail to newsgoup

    "Debra Lee Logan" <> wrote:

    >Do you know a decent email client that allows the addition of custom
    >headers?


    Pegasus Mail (www.pmail.com). Very full featured, Bayesian filtering,
    custom headers, on and on and on. And free.

    --
    Tim Slattery
    Tim Slattery, Nov 13, 2006
    #11
  12. Macarro Guest

    Macarro, Nov 16, 2006
    #12
  13. asdf Guest

    I tried to create stats from google groups, pulling their former dejavu info
    and post numbers.

    After 5 or so queries ( while they contact my server several times during a
    day),
    they disconnected me for a month and sent me a cease and resist note.

    -------------------------------------------------------

    Then I switched to an anonymizer, using queries only every few seconds or
    so.
    I never finished the project. After a month google restored searched for my
    ip.


    I am glad I did not 'mess up' the anonymizer account.

    ------------------.

    Google belongs to the evil doers. basta.

    We are just to stupid to realize.

    A $ market evaluation in the thousands of millions for a search utility that
    can be created by anyone. ARE WE STUPID ?

    Most of us are.












    "Macarro" <> wrote in message
    news:eek:p.tiscilnmeih28w@localhost...
    >
    >>
    >> true, it is out there, keep a googling

    >
    >
    > Alternatively, http://www.blackboxsearch.com
    >
    >
    > --
    >
    > Mapping the Internet 24/7: http://www.netdimes.org
    asdf, Feb 14, 2007
    #13
  14. Anon Guest

    Google is the world's biggest enemy of privacy

    I use scroogle.org whenever possible

    idiots think that google is a cool bunch of hippies, because they
    have "bring your pet to work" and other cosmetic claptrap

    the masses are idiots who say "google it"

    On Wed, 14 Feb 2007 05:25:01 -0500
    "asdf" <> wrote:

    > Google belongs to the evil doers. basta.
    >
    > We are just to stupid to realize.
    >
    > A $ market evaluation in the thousands of millions for a search

    utility that
    > can be created by anyone. ARE WE STUPID ?
    >
    > Most of us are.
    Anon, Feb 14, 2007
    #14
  15. Randy Webb Guest

    Randy Webb, Feb 14, 2007
    #15
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. mcdeveloper
    Replies:
    1
    Views:
    4,166
    mcdeveloper
    Jun 13, 2006
  2. CRON
    Replies:
    24
    Views:
    200,410
    Adrienne Boswell
    Jun 20, 2006
  3. Franck Pommereau

    The problem of anonymity with decorators

    Franck Pommereau, Feb 7, 2006, in forum: Python
    Replies:
    4
    Views:
    285
    Franck Pommereau
    Feb 8, 2006
  4. parez
    Replies:
    0
    Views:
    119
    parez
    Sep 11, 2007
  5. porter

    Javascript and IE? Javascript and C#?

    porter, Oct 5, 2007, in forum: Javascript
    Replies:
    6
    Views:
    267
    Thomas 'PointedEars' Lahn
    Oct 6, 2007
Loading...

Share This Page