«

»

Jan 22 2012

Print this Post

moxie’s proxy

Moxie Marlinspike, a security researcher probably best known for his SSL proxy tool, likes google even less than I do. His googlesharing website says:

“Google thrives where privacy does not. If you’re like most internet users, Google knows more about you than you might be comfortable with. Whether you were logged in to a Google account or not, they know everything you’ve ever searched for, what search results you clicked on, what news you read, and every place you’ve ever gotten directions to. Most of the time, thanks to things like Google Analytics, they even know which websites you visited that you didn’t reach through Google. If you use Gmail, they know the content of every email you’ve ever sent or received, whether you’ve deleted it or not.

They know who your friends are, where you live, where you work, and where you spend your free time. They know about your health, your love life, and your political leanings. These days they are even branching out into collecting your realtime GPS location and your DNS lookups. In short, not only do they know a lot about what you’re doing, they also have significant insight into what you’re thinking.”

His solution to this problem was interesting. He came up with the idea of a proxy system which would intercept all google queries, strip off identifying material (such as cookies and UserAgent strings and other HTTP headers) substitute new identifiers and mix the requests up with those from other users before forwarding to google. Implementation depended upon a Firefox addon (nothing for other browsers) which identified google queries and forwarded them to the proxy. All other traffic was untouched.

image of googlesharing proxy

I stopped using google (except via scoogle) some time ago, and when Moxie’s new proxy first surfaced I thought it interesting but susceptible to the same problem I discussed in mid 2009 when writing about Hal Roberts’ experience of GIFC – all you are doing is shifting knowledge of your searches from google to a new intermediary. However, Moxie later addressed this problem with the release of version 0.20 of his addon so I thought I’d take another look at it. Unfortunately the addon won’t work with FF 9 (which I am using). Moxie’s proxy is not the only one out there however. Because he released the code under an open source licence, others have picked it up. I found one at gs.netsend.nl. They also provide an updated FF addon which will work with versions up to 15 (i.e. probably around next wednesday given the speed with which Mozilla is currently shipping new FF releases).

Once the addon is installed, it gives you two proxy options in the preferences settings – one is the original proxy.googlesharing.net, the other is gs.netsend.nl itself. In testing I found that the original googlesharing proxy seemed to be off-line, but when using the netsend.nl proxy I was reassured to see the message “Search results anonymized by GoogleSharing” added to the google homepage. I was even more reassured that my sniffer showed a connection to vps1101.pcextreme.nl on 31.21.98.201 and not to any known google network.

So, will I use it? Maybe. But the proxy mechanism seems to be unreliable. In many tests, the proxy connection seemed to be bypassed and the connection was obviously made direct to google (as evidenced by my sniffer). I think this failure is doubly unfortunate because it does not fail safe (i.e. the connection does not simply fail with an error message, it passes you direct through to google). This could lead the unwary to think that they are protected when in fact they are not.

I prefer not to use google at all. And in those cases where I do want to compare results with another search engine I prefer to do so via tor. But it is one more option in my toolkit if used carefully. And if using it pisses off google, then it is worth it occasionally.

Permanent link to this article: http://baldric.net/2012/01/22/moxies-proxy/

4 comments

Skip to comment form

  1. Peter

    Mick,

    The Dutch company Ixquick (ixquick.com) has been offering privacy
    protected searches for quite some time. However, the prime reason
    Google got so big over companies like AltaVista (remember them?) was
    because they actually had the best results, and barring the paid-for
    inserts that is still often the case.

    Thus, ixquick made another site in the US called start startpage.com,
    which combines the ixquick privacy idea with search results from Google.

    BTW, if you want to annoy Google and Farcebook there are better methods :) :)

  2. Mick

    Peter

    I use ixquick. My preference is scroogle, but ixquick comes second. then duckduckgo (stupid name), then bing (yes, I know….)

    Cheers

    Mick

  3. Tim

    Hi Mick,

    I’m wondering if you have any insights on the connections made to Google that bypass the addon? I remember i’ve seen some connections to 1e100.net with older versions of the addon, not sure if they’re still made directly.

  4. Mick

    Hi Tim

    The connections go to servers on the 1e100.net network. I’ve just run a re-test, and with version 0.22.2 of the addon in place and active with gs.netsend.nl selected as the proxy, the connection to “www.google.co.uk” went straight through to “bru01m01-in-f94.1e100.net” (209.85.147.94) a server on the google network.

    Mick

Comments have been disabled.