Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Anonymize internet access

from [Michael Painter] Network Security [Permanent Link]
Subject: Re: Anonymize internet access
Date: Tue, 27 Sep 2005 10:22:52 -1000
----- Original Message ----- From: "Jeffrey F. Bloss" Subject: Re: Anonymize internet access

On Thursday 22 September 2005 03:05 pm, Joshua Graham wrote: 
You might try checking out:

http://www.findnot.com

I would be interested in hearing from anyone else who has opinions
about,
or who has used, this company as well. Thanks!

There's some indication that they have made false claims in the past. A conversation in alt.privacy about a year ago brought to light the fact that at least some of their servers were located in Texas (I believe), while they play on potential customers' fear of "Big Brother" by claiming they're an off shore entity.

The truth of the matter is that many/most of these "anonymity" providers operate under the false premise that you can't be traced through their service. In reality, they're a single point of contact that can be compromised as easily as local laws allow. Generally that's pretty easily. It varies from country to country.

Their anonymity and privacy also hinge on the assertion that they do not keep logs. Any competent system administrator can tell you that maintaining a system for outside consumption is next to impossible without some level of logging. Also, most of these services use "rented" equipment. The machines that you connect to are not under their direct control, and they have no way of knowing one way or the other what's logged and what's not. In the case of servers located in more restrictive countries, it's almost a certain bet that much IS logged.

If you want casual anonymity, I suppose any of them are fine. but don't spend your hard earned money thinking that you're anything but superficially anonymous from the average net-loon. And most assuredly don't trust any of them with any mission critical, or even marginally illegal activity. To do so is pure folly. 


Since I'm a customer of findnot.com, I asked them for comments on the above.
They (quickly) replied with this:
~~~~~~~~~~~~~~~~~~~~~~~~~~
Most of your questions from this post can be answered here:

http://www.findnot.com/howitworks.html

We do not keep logs at all, and won't. Is it harder to keep servers up and 
running that
way? Sure it is, but it is possible we do it every day. Our server location are 
not some
big secret, you can check it out for yourself here:

http://www.findnot.com/servers.html

Our company IS an offshore entity, and we are not in a jurisdiction that would 
compromise
our privacy or yours. If we were forced to keep logs, we would move our server 
to another
location. We demand control of the servers to suit our needs, and if we can't 
get it we
move to another server provider.

Thanks,
Will
~~~~~~~~~~~~~~~~~~~~~~~~~
Will has expressed an interest in this list, so hopefully he'll join and answer 
any additional queries.

--Michael

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: New Job., Christian Moreland
Next by Date:  Re: Windows Vista current flaws, DMORROW5
Previous by Thread:  Re: Anonymize internet access, Jeffrey F. Bloss
Next by Thread:  Re: Anonymize internet access, Jeffrey F. Bloss
Indexes:  [Date] [Thread] [Top] [All Lists]