Tag Archives: security

An explosive tale about airport security

I really really dug this post about carrying gunpowder through airport security.

You can’t create a secure airport that is worth traveling through.  The solution isn’t to figure out every possible way that people can attack airports and prevent those…  That’s an insolvable problem.  A better way is to find people who are trying to hurt us and deal with them in a legal, just way.

People who are trying to hurt us face many of the same problems we do.  They need networks, support, materials, etc.  They also recruit and are looking for moral support.

These seem like much richer avenues of investigation.

How to get around a proxy system

This sounds complicated but it is really simple.  That it is so simple is why the internet is amazing and awesome.

from flickr user Bright Tal with a CC licenseProxies are used by people in positions of authority who want to control what you view on the internet.  Such groups include the governments of Turkey and China.  Also, the internet security team of most major corporations.  Some of these motives are good:

  • Blocking you from visiting websites that will infect your computer with spyware.
  • Blocking you from looking at naked people at work and totally creeping your coworkers out.
  • Blocking you from using webmail or instant messaging to communicate with customers in insecure ways or in ways that can’t be audited for a lawsuit.

Some of these motives are bad:

  • Blocking you from learning about problems at the group.
  • Blocking you from “wasting” company time or resources.

Generally you will eventually find a situation where you want to look at a website that has been blocked improperly.  I’ve often seen sites that discuss internet security vulnerabilities classified as “hacking” – but I need to know if those sites affect my work.

kindly sourced from flickr user Dazzie DWhether your intentions are pure or not, here is a simple way to give yourself internet freedom.

Download CGIproxy and install it on something that faces the unfiltered internet.  This might be your web host if you have one.  If not, you can install a web server on your home computer.  It is easier than you might think, and with DynDns, you can have your own domain name for your home computer.

You are done.  Now you can navigate in your browser to where you installed CGIproxy.  It will surf the sites you are blocked from.   Doing that is a hassle, though.  You have to go to CGIproxy when you want to go to a different site.  Lame.

Let’s make it easier through the magical power of bookmarklets.  We will put two little buttons in your browser that let you proxy blocked sites and unproxy them when you are somewhere safe again.

I wrote up a little page for you that generates proxy and unproxy bookmarklets for CGIProxy.  Go there, put in the URL of your CGIproxy, and choose your options.  I’ll automagically generate the bookmarklets for you.  You just drag them up to your browser quick links and now you have the keys to the kingdom.

Let me know if anything isn’t clear – I did the extra work so that it could be useful for you.

BangoWhatthehell

I am intrigued by this weird advisory on cryptome, keeper of, if not all, then at least exclusively, things you are not supposed to know. There’s no attribution, no explanation, and no other mention of this on the web.

The very short gist is:

Avoid the treacherous anonymous web browser, bangotango.com. It is harvesting unwary user addresses. It is operated by triumphpc.com as a law enforcement/intelligence sting.

It would be an interesting concept, if only because it has such problems with the idea of entrapment. The idea that the some agency could make the promise of proxied worry free browsing, even going so far as to include the text of the 4th amendment on the website, and then use evidence gathered there in court is boggling.