Log in

View Full Version : Using proxies and all that


WaxfordSqueers
January 12th, 2005, 09:46
I haven't been doing much reversing the past couple of years and am slowly getting back into it...as a hobby. A lot has changed, and I'm putting myself in the newbie category because I'm rusty, and I never was that far removed from being a rookie. With respect to reversing, I'm kind of a jack of all trades and a master of none.

I was digging through the RCE archives, trying to familiarize myself with recent trends. I came across an article, I think by JMI, talking about masking one's IP, using a proxy. I've never bothered with that in the past but I'm wondering if it's wise to be discussing our trade on a forum with my IP so readily obtainable.

Like I said, I'm a hobbyist. I don't reverse anything and post it on the net. I'd appreciate a few comments from people on how to approach this. At the same time, I don't want to put anyone on the spot, especially the owners of the forum. Am I the only one not using a proxy?

BTW...I've read through the archives under 'anonymity' to see if more was posted about this.

dELTA
January 12th, 2005, 11:44
Who are you referring to as the ones who see your IP address? Only board admins/mods should be able to do this?

Rackmount
January 12th, 2005, 11:54
Seems it's too late for you...my suggestion is that you head down to the nearest FBI office and turn yourself in. They are probably waiting for your arrival and have a file that is stuffed full of all kinds of incriminating evidence alluding to your subversive actions here and other places on the net.

No....wait ...on second thought, perhaps you should flee the country....yes...that's it. I am sure that some of the gracious people here would be willing to hide you in one of the forum's secret safe houses...there you can hang out with the likes of Trinity and Morpheous...I hear Neo may stop by on occasion...

In reality though, and apart from the above, while it is highly likely that sites like this are monitored from time to time by governmental agencies from various countries (and they would be stupid not too IMHO, as this site frequently has advanced discussions on many security related topics of interest) it is highly unlikely that you yourself are a target of interest to "them". Still, it is always wise to maintain some control over what traces of yourself that you leave behind when surfing the net. I personally feel that using proxies is something that we all should be capable of, so by all means, look further into this subject and become familiar with the tools. Then once you have an understanding of what good a proxy may serve in your undertakings, you can make an informed decision as to whether or not to use one for your regular surfing activities.

JMI
January 12th, 2005, 12:03
I just rechecked WaxfordSqueers' "file" and there really wasn't anything very interesting in it. WaxfordSqueers, time to do something "interesting."

Regards,

TBone
January 12th, 2005, 16:07
Quote:
[Originally Posted by dELTA]Who are you referring to as the ones who see your IP address? Only board admins/mods should be able to do this?
That's just what THEY want you to believe...you know...THEM.

Seriously, though, I don't think the MIBs are particularly interested in tracking the people on this board down, or in shutting the board down. For one thing, they would have done it already by now. But really it doesn't make sense for them to do it. What would they have to gain? No cracks are posted here, and no targets are ever identified. Just talking about reversing a target without saying what it is would be darn near impossible to prosecute. And the goverment itself doesn't have much of a vested interest in whether or not someone privately cracks a commercial target anyway - that's the company's problem, not theirs.

I think the government's only concern is the wholesale cracking and distribution of software, and they know that's not what goes on here. The hub of "the scene" is elsewhere. This is just a place to discuss theory about reversing, which makes it a far more valuable to them as a source of information than whatever minor gains they might get from taking a heavy-handed approach. It's better for them to quitely listen in and try to stay ahead of the security game (or should I say, less behind ) than to shut it down and scatter everyone to the night.

WaxfordSqueers
January 12th, 2005, 18:01
Quote:
[Originally Posted by dELTA]Who are you referring to as the ones who see your IP address? Only board admins/mods should be able to do this?


Seeing we're using THEM in this thread as the vernacular for the law, your point is valid so long as THEY don't raid the board.

I'm wondering if we shouldn't investigate the legalities a little farther. I live in Canada, and the cops need probable cause to investigate. If I post on this forum asking a question about softice, and THEY wanted to check me out, THEY could obtain my IP address through the board with a warrant. Now, I'm not so paranoid as to stay up nights worrying about that. If it happened, THEY could get my home address from the IP and check with Nu Mega to see if I had a registered copy. Depending on my wording on the forum, they might then have probable cause to investigate.

That's a very amateurish legal opinion, obviously. If THEY were going to raid the board, they wouldn't do it for one name, I wouldn't think. If THEY did, however, what would THEY be looking for? Probably, it would be direct inferences. If I post a question about softice, for example, and I infer that I have it, through the wording of my question, that would seem to give them probable cause to investigate further. Now, they can go to Nu Mega, with my address garnered from my IP, and see if I have a legitimate copy.

I haven't read enough in the archives to see if posters take any precautions to that effect. I'm not paranoid about it because I really don't give a s**t. But I've been around long enough in life to realize it's not all that smart to be too naive.

WaxfordSqueers
January 12th, 2005, 18:21
Quote:
[Originally Posted by Rackmount]

In reality though, and apart from the above, while it is highly likely that sites like this are monitored from time to time by governmental agencies from various countries (and they would be stupid not too IMHO, as this site frequently has advanced discussions on many security related topics of interest) it is highly unlikely that you yourself are a target of interest to "them".


I don't know what country you live in but I would not underestimate THEM so much. I don't know if you're aware of the Joseph McCarthy reign in the United States during the '50's. Essentially, people were branded as communists for any convenient reason, and called in front of tribunals to defend themselves. They were encouraged to turn others in, and if they refused, they were prosecuted and/or harrassed.

Guess what, Heeeeee's back. If you look at the recent laws in the States aimed at music piracy, you should be concerned. Even the musical equipment manufacturers are concerned. The Bush administration is about as right wing as you'd want to get in a democracy and a lot of them are plain paranoid. And if you live in another country, don't underestimate the reach of the US government and it's corporate sponsors.

I'm not as much of a newbie as your opening, patronizing remark might imply. I was on Fravia's site regularly a few years ago and I know he took steps to cover his ass. There was more paranoia back then, and I'm wondering if perhaps the lack of response from the law has made us a little too slack with the way we discuss things. I'm just asking.


Quote:
[Originally Posted by Rackmount]
Still, it is always wise to maintain some control over what traces of yourself that you leave behind when surfing the net. I personally feel that using proxies is something that we all should be capable of, so by all means, look further into this subject and become familiar with the tools. Then once you have an understanding of what good a proxy may serve in your undertakings, you can make an informed decision as to whether or not to use one for your regular surfing activities.


I can definitely see the need of a proxy for posting to newsgroups, or whatever. Still, what's to stop THEM from setting up their own proxies and leaving them out there for you to post through? If I can think of that, do you not think THEY have? Whereas I'm in agreement that the law is probably not interested in small fry, I would not stand pat on that assumption. It's a chance you take, and I started this thread in the hopes that someone might enlighten me as to how much of a chance.

Proxies are not all that secure anyway. A few years ago there was a famous anonymous remailer in Norway that was shut down by the Norwegian government. I read articles on that at the time, and it became apparent that any government can track down an IP to a neighbourhood, even through a so-called anonymous proxy. A lot of them are required to keep logs, especially if they are under a court order to do so.

We make a lot of assumptions about what is anonymous and what is not. But how do we know? We have no idea who is running a proxy and what they do with the information we send such as IP addresses. If THEY want your IP address, THEY'll get it, anonymous or not.

WaxfordSqueers
January 12th, 2005, 18:35
Quote:
[Originally Posted by JMI]I just rechecked WaxfordSqueers' "file" and there really wasn't anything very interesting in it. WaxfordSqueers, time to do something "interesting."

Regards,


Now that's what I call anonymous!!


I'm just getting wound up JMI. I got away from reversing because I have interests in music as well. I still do and I find time is at a premium. Sometimes I get the urge to immerse myself in the software/programming end of things, but life is about much more, wouldn't you say?

WaxfordSqueers
January 12th, 2005, 18:50
Quote:
[Originally Posted by TBone]That's just what THEY want you to believe...you know...THEM.

Seriously, though, I don't think the MIBs are particularly interested in tracking the people on this board down, or in shutting the board down. For one thing, they would have done it already by now.


I appreciate your comments and they seem reasonable. They're along the lines of what I was thinking myself. Still, it's a chance you take. At my age, I really don't give a s**t anyway. But the way THEY proceed is to scoop your computer, and good luck getting it and your software back. From what I've seen, all the software companies want is a promise not to do it again. That is, if you have something illegally stored on your computer.

Then again, how many hundreds of thousand, if not millions of people in the States alone have software on their machines that isn't theirs? Even Microsoft doesn't seem to be concerned about that. If you have XP on your system with a legitimate licence, they don't seem concerned if you lend a copy to a family member or a friend (in case you're reading this thread Bill Gates, my licence for XP is legit).

If the authorities decide to do something about it, however, you can bet the members of forums like ours will be on the front lines. I am concerned about the recent Draconian law passed in the States with regard to music piracy. Granted, it is a much bigger issue, but it's the zeal with which these lawmakers have proceeded that concerns me. How close are we to a crackdown on software piracy in general? And if it comes, how broad will the sweep be? Will it include forums like ours, most of whom are probably just hobbyists like me? Law enforcement officials are not quick to differentiate, many of them just wanting a bust, or to harrass.

TBone
January 12th, 2005, 21:41
For what it's worth, I don't think you're paranoid, even if I don't think there's much cause for concern. I really ought to be taking better precautions about my privacy than I am right now. I used to be a little bit more paranoid. As in, keeping everything on a PGP disk inside of another PGP disk paranoid . Maybe I've just gotten lax with age. Or maybe it's just that I'm a newbie and the feds would have to be really desparate to come after me

I guess the deciding factor for me is that we're talking about the government. And no matter what you do, governments tend to behave like a bureaucracy (damn, I can never spell that without looking it up!). Even law enforcement does, if to a lesser extent. In that kind of environment, there's not a lot to gain by sticking your neck out. It's better to just "meet expectations" and coast through without doing anything that might make you a scapegoat. Prosecutors won't try cases that they don't think they have a good chance of winning, because it's less damaging to your career to let someone slide than to bungle a case in court.

The RIAA/MPAA suits are overzealous and they engage in practices which would be entirely illegal if anyone else did them, but nevertheless their ire seems to be aimed elsewhere. They get their panties in a wad about P2P networks and the big, well-known crack/warez/porn-o-rama sites catering to Joe Q. User, since that's what's costing them money on a wholesale level. So as a government employee, you've got to be asking yourself, "if they don't care, why should I?" It's easier and more pleasing to the stuffed suits to go bust the torrent tracker du jour. Sort of the "nobody has even been fired for buying IBM" mentality.

WaxfordSqueers
January 12th, 2005, 22:19
Quote:
[Originally Posted by TBone]

I guess the deciding factor for me is that we're talking about the government. And no matter what you do, governments tend to behave like a bureaucracy (damn, I can never spell that without looking it up!). Even law enforcement does, if to a lesser extent.


I don't view all government or law enforcement as being inherently bad. It's the clowns who are on power trips that bug me. It took a long time to bring McCarthy back in line, and all it took was a writer with enough guts to expose him for what he was: a mindless bully. I'm leary about the fact that the present US government has the ear of corporate types. Then again, they've been around for 4 years and have bigger things to worry about, like terrorists.

Thanks for the support.

SiGiNT
January 12th, 2005, 23:23
I have access to several different proxy software packages but use them very seldom, as far as I know, except for the DOD bust about 4 years ago the only enforcement going on right now is for distributing copywritten material or causing damage to other systems - if you want to be a legal philosopher you could argue that even though you didn't pay for it, as soon as you accept the EULA you are licensed to use the software, anyway proxies can almost always be traced back to you, otherwise hackers would never get busted distributing their evil bugs.

Anyway the Judge probably is using a pirated copy of office!

SiGiNT

Silver
January 13th, 2005, 05:58
I'm not a lawyer, and don't play one on TV ( ), but in order for law enforcement to "raid" somewhere (be it a home, business, server hosting datacenter) they need something called "probable cause". In other words, a warrant for entry, investigation and seizure will only be issued if a Judge can be convinced that an illegal activity is taking place. A warrant application will only be made by law enforcement if they are reasonably confident of getting a successful prosecution. Reverse engineering software is very different from distributing cracked software. If this forum was taken down, any prosecution would first have to prove that the activities discussed on this board were illegal. That in itself is a serious issue, as the charter of the forum and the activity of the mods clearly shows that all actions are taken to prevent illegal software from being distributed. So the question becomes, is it illegal for researchers to discuss and analyze code? Bear in mind that security vuln researchers spend all day doing precisely this, so it isn't a clear cut yes or no answer.

Investigating and prosecuting online "crimes" (and by this I mean the DoD busts etc) is fantastically time consuming and expensive. Normally the effort is only expended when the results will be spectacular. With the greatest respect to this forum, it's small fry compared to some of the larger warez forums or ftp sites out there. Shutting it down would be a small victory, and actually prosecuting anyone would be a waste of time.

You have nothing to worry about, IMO.