By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,490 Members | 1,328 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,490 IT Pros & Developers. It's quick & easy.

Javascript and anonymity

P: n/a
Does javascript install any sort of "cookies" that allows a site to
uniquely identify you every time you visit, regardless of wether or not
you disable normal web browser cookies?

An anonymous web browsing utility I use states that you are not truly
anonymous unless you turn off things such as java, javascript, and some
other applications. This being because they somehow have the ability to
find their way back to the originating site without using your web
browser and thus can reveal to the originating site the real IP of your
browser that requested the page, bypassing the hops through my fellow
servers that helped me request the page without revealing my IP
address. Any truth to this? Links? FAQs?

Nov 8 '06 #1
Share this Question
Share on Google+
16 Replies


P: n/a

<re****@techemail.comwrote in message
news:11**********************@m7g2000cwm.googlegro ups.com...
Does javascript install any sort of "cookies" that allows a site to
uniquely identify you every time you visit, regardless of wether or not
you disable normal web browser cookies?

An anonymous web browsing utility I use states that you are not truly
anonymous unless you turn off things such as java, javascript, and some
other applications. This being because they somehow have the ability to
find their way back to the originating site without using your web
browser and thus can reveal to the originating site the real IP of your
browser that requested the page, bypassing the hops through my fellow
servers that helped me request the page without revealing my IP
address. Any truth to this? Links? FAQs?
true, it is out there, keep a googling
Nov 9 '06 #2

P: n/a

<re****@techemail.comwrote in message
news:11**********************@m7g2000cwm.googlegro ups.com...
Does javascript install any sort of "cookies" that allows a site to
uniquely identify you every time you visit, regardless of wether or not
you disable normal web browser cookies?

An anonymous web browsing utility I use states that you are not truly
anonymous unless you turn off things such as java, javascript, and some
other applications. This being because they somehow have the ability to
find their way back to the originating site without using your web
browser and thus can reveal to the originating site the real IP of your
browser that requested the page, bypassing the hops through my fellow
servers that helped me request the page without revealing my IP
address. Any truth to this? Links? FAQs?
They're right, use a search engine and find out all about it

--
Posted via a free Usenet account from http://www.teranews.com

Nov 9 '06 #3

P: n/a
VK
re****@techemail.com wrote:
Does javascript install any sort of "cookies" that allows a site to
uniquely identify you every time you visit, regardless of wether or not
you disable normal web browser cookies?

An anonymous web browsing utility I use states that you are not truly
anonymous unless you turn off things such as java, javascript, and some
other applications. This being because they somehow have the ability to
find their way back to the originating site without using your web
browser and thus can reveal to the originating site the real IP of your
browser that requested the page, bypassing the hops through my fellow
servers that helped me request the page without revealing my IP
address. Any truth to this?
Yeah... we are living in the terrible world. Did you hear about the
last javascript program: it makes the content invisibly blink with the
frequency affecting alpha-rhythms of user's brain. In less then a few
minutes the affected person has an internal voice telling her to buy a
Microsoft product - and she cannot fight with this voice.

:-)

:-|
JavaScript can set/read cookies over document.cookie : but it is
exactly the same as any server can do. Whatever your cookie policies
are on the browser: they are applicable to either case. For Internet
Explorer for instance check Tools Internet Options Privacy.
my fellow servers that helped me request the page
without revealing my IP address
You mean services like
<http://www.anonymizer.com/consumer/products/anonymous_surfing/?
(just naming the oldest one of this kind).
JavaScript is not allowed to read IP of the client machine.
I am using an IP anonymizer regularly while posting here, so my post IP
originating sometimes from London sometimes from Moscow (in case if let
them jump on Od' Lady Europe first or die surrounded by snow and bears
:-))

As a conclusion: you are one of many seeking an easy solution for a
complicated problem. "Just press one button and my security/privacy is
set". Alas neither JavaScript nor cookie is not that magic button - and
this button doesn't exist at all.

1) Make sure you have all updates for your OS recommended by producer.
2) Use the latest version of your preferred browser. Firefox 2.0 has
times lesser security exploits than Internet Explorer 7.0: so if you
are using IE, you may consider try Firefox 2.0.
3) Have reputable anti-virus software installed with paid subscription
(so it updates virus database regularly).
4) Take more fresh air and physical exercises so nightmares of a
worldwide conspiracy against your privacy would leave you. :-)

Nov 9 '06 #4

P: n/a

VK wrote:
re****@techemail.com wrote:
Does javascript install any sort of "cookies" that allows a site to
uniquely identify you every time you visit, regardless of wether or not
you disable normal web browser cookies?

An anonymous web browsing utility I use states that you are not truly
anonymous unless you turn off things such as java, javascript, and some
other applications. This being because they somehow have the ability to
find their way back to the originating site without using your web
browser and thus can reveal to the originating site the real IP of your
browser that requested the page, bypassing the hops through my fellow
servers that helped me request the page without revealing my IP
address. Any truth to this?

JavaScript can set/read cookies over document.cookie : but it is
exactly the same as any server can do. Whatever your cookie policies
are on the browser: they are applicable to either case. For Internet
Explorer for instance check Tools Internet Options Privacy.
Is this in a different folder than the typical folder for cookies
[c:\documents and settings\user name\cookies\*.*] ? In the case of
Firefox, do you know where to check for cookies? It clearly doesn't
store them in the default folder I noted above.
my fellow servers that helped me request the page
without revealing my IP address

You mean services like
<http://www.anonymizer.com/consumer/products/anonymous_surfing/?
(just naming the oldest one of this kind).
JavaScript is not allowed to read IP of the client machine.
That's great news. But I think the problem noted by the sites I read is
that the javascript routine may try to "phone home", thus indirectly
revealing the origin of the real requester of the web page. Can you
tell me about this?

Nov 9 '06 #5

P: n/a
VK

re****@techemail.com wrote:
Is this in a different folder than the typical folder for cookies
[c:\documents and settings\user name\cookies\*.*] ? In the case of
Firefox, do you know where to check for cookies? It clearly doesn't
store them in the default folder I noted above.
Tools Options Privacy Cookies Clear Cookies Now
Tools Options Privacy Cookies Settings Clear private data
when closing Firefox

TweakUI for Windows XP:
<http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx>
TweakUI for older Windows:
<http://www.microsoft.com/ntworkstation/downloads/PowerToys/Networking/NTTweakUI.asp>

Install, go to Control Panel
Tweak UI Paranoia tab raise all checkboxes; restart Windows.

Your Web browsing will be a real torture now, but you are well prepared
for a surprise FBI visit. :-)
But I think the problem noted by the sites I read is
that the javascript routine may try to "phone home", thus indirectly
revealing the origin of the real requester of the web page. Can you
tell me about this?
Most of the sites stating that you are all unsecure "until install X
software" are spyware destributors. Go to your OS producer site and
read what *they* have to say. Also go to your browser producer site and
read what *they* have to say.

And no: JavaScript programs exists only on the page where loaded and
disappear when you leave the page. They don't reside in the memory.
That is why it may be good idea before going to check you bank account:
simply close all open browser windows, then open one and go right to
the back page.

Nov 9 '06 #6

P: n/a
I would recommend JanusVM.
http://janusvm.peertech.org

It uses Tor to hide your IP. Privoxy and Squid to filter web crap
(ads, cookies, etc.) and spoofs your web browsers UserAgent.
Now about the JavaScript/Java/Flash issue of getting your real
IP...don't worry about it. JanusVM routes ALL TCP traffic through Tor,
so the proxy bypass tricks in Java and Flash don't work (which is good
for you). As for Cookies, just have firefox clean them every time you
close your browser. UDP and ICMP traffic are not passed through when
you use JanusVM, because those can leak your REAL IP address.

I would recommend you check out JanusVM. At least 50,000 people are
using it now.
It works well with just about every application I use.

re****@techemail.com wrote:
Does javascript install any sort of "cookies" that allows a site to
uniquely identify you every time you visit, regardless of wether or not
you disable normal web browser cookies?

An anonymous web browsing utility I use states that you are not truly
anonymous unless you turn off things such as java, javascript, and some
other applications. This being because they somehow have the ability to
find their way back to the originating site without using your web
browser and thus can reveal to the originating site the real IP of your
browser that requested the page, bypassing the hops through my fellow
servers that helped me request the page without revealing my IP
address. Any truth to this? Links? FAQs?
Nov 10 '06 #7

P: n/a

Goldy wrote:
I would recommend JanusVM.
http://janusvm.peertech.org

It uses Tor to hide your IP. Privoxy and Squid to filter web crap
(ads, cookies, etc.) and spoofs your web browsers UserAgent.
Now about the JavaScript/Java/Flash issue of getting your real
IP...don't worry about it. JanusVM routes ALL TCP traffic through Tor,
so the proxy bypass tricks in Java and Flash don't work (which is good
for you). As for Cookies, just have firefox clean them every time you
close your browser. UDP and ICMP traffic are not passed through when
you use JanusVM, because those can leak your REAL IP address.

I would recommend you check out JanusVM. At least 50,000 people are
using it now.
It works well with just about every application I use.
At last. Whew, thanks Goldy, I was going crazy with all these wise
crack remarks about paranoia, FBI, etc. I wonder which of the
newsgroups the previous jerk off posters come from.

You addressed my issue directly, by pointing out that there exists a
"proxy bypass trick in Java and Flash". Thank you very much. That was
my basic concern. I'm going to check out all that stuff. Thanks! :)

Nov 10 '06 #8

P: n/a
VK
ret...@techemail.com wrote:
I was going crazy with all these wise
crack remarks about paranoia, FBI, etc. I wonder which of the
newsgroups the previous jerk off posters come from.
"Paranoia" is not my term - it is official name of the tab in Tweak UI
interface officially distributed by Microsoft, Inc (see the links I
provided). If you feel yourself offended: please address it to
Microsoft.

If you felt some humor behind my post - it is presented, but only in
the style. All technical details are strictly correct and serious.

A bit humorist style of my posts - and sorry if seemed offensive - is
because it is really funny to read such vague questions as "I'm going
to the Internet. THEY told me that I can be recognized there. Is it
true?"

What exactly do you want to hide? The fact of visiting
"CrackesSerials.foo" or "HotBabes.bar"? Then IP forging and cookie
clean up helps to some extend. If you did something so bad that the
government went on you then the exact traffic is kept for the law
defined time on your provider's server and can be requested at any time
(USA. EU, Russia, China)

If you want to hide the fact of buying online "How to make a bomb in 15
minutes: Definitibe guide" than it is even more funny because
everything is attached to your credit card/ PenPal account etc and it
gets known to all credit companies around the world in 15sec after the
fact of buying.

For sake of it look at your wallet (unless your are from a 3rd word
country): 99% is discount cards and credit cards. Your preferred store
is Safeway? Well, some news for you: Albertson's knows exactly the
amount of beer you drunk last year, your preferred mark of chewing gum
(don't want to use cigarettes as the sample) and Target knows the
preferred color of clothes you want to wear.

In the Internet the only thing one may hide (up to some extent) is the
fact of reading something or saying something at the given moment of
time. The rest of your a** remains uncovered.

This way: what exactly did you want to hide from us? ;-)

Nov 10 '06 #9

P: n/a
Klingsor wrote:
Sirs, apologies as this may not be the appropiate group
for my questionning ; could you direct me to an URL or FAQ
or message group detailing how to convert a regular e-mail
into a message to a usenet news-group such as
this alt.privacy.anon-server ?
( not necessarily anonymous though , hence my apologies :)

You add a Newsgroups header like this to your email:

Newsgroups: alt.privacy.anon-server

Then you post it to one of the mail2news gateways, e.g.:

ma*******@news.demon.co.uk
ma*******@anon.lcs.mit.edu
ma*******@zedz.net

(You must have an email client that lets you add your own custom
headers, though.)
Do you know a decent email client that allows the addition of custom
headers?

I can telnet to the SMTP server and type the headers in manually but
that gets really old after a while.

Nov 10 '06 #10

P: n/a
"Debra Lee Logan" <de***********@hotmail.comwrote:
>Do you know a decent email client that allows the addition of custom
headers?
Pegasus Mail (www.pmail.com). Very full featured, Bayesian filtering,
custom headers, on and on and on. And free.

--
Tim Slattery
Sl********@bls.gov
Nov 13 '06 #11

P: n/a
>
true, it is out there, keep a googling

Alternatively, http://www.blackboxsearch.com
--

Mapping the Internet 24/7: http://www.netdimes.org
Nov 16 '06 #12

P: n/a
I tried to create stats from google groups, pulling their former dejavu info
and post numbers.

After 5 or so queries ( while they contact my server several times during a
day),
they disconnected me for a month and sent me a cease and resist note.

-------------------------------------------------------

Then I switched to an anonymizer, using queries only every few seconds or
so.
I never finished the project. After a month google restored searched for my
ip.
I am glad I did not 'mess up' the anonymizer account.

------------------.

Google belongs to the evil doers. basta.

We are just to stupid to realize.

A $ market evaluation in the thousands of millions for a search utility that
can be created by anyone. ARE WE STUPID ?

Most of us are.




"Macarro" <an*@email.invalidwrote in message
news:op.tiscilnmeih28w@localhost...
>
>>
true, it is out there, keep a googling


Alternatively, http://www.blackboxsearch.com
--

Mapping the Internet 24/7: http://www.netdimes.org
Feb 14 '07 #13

P: n/a
Google is the world's biggest enemy of privacy

I use scroogle.org whenever possible

idiots think that google is a cool bunch of hippies, because they
have "bring your pet to work" and other cosmetic claptrap

the masses are idiots who say "google it"

On Wed, 14 Feb 2007 05:25:01 -0500
"asdf" <as**@asdf.comwrote:
Google belongs to the evil doers. basta.

We are just to stupid to realize.

A $ market evaluation in the thousands of millions for a search
utility that
can be created by anyone. ARE WE STUPID ?

Most of us are.
Feb 14 '07 #14

P: n/a
Anon said the following on 2/14/2007 11:53 AM:
Google is the world's biggest enemy of privacy
And you are one of the world's biggest idiots.

[follow-up set to alt.privacy.anon]
--
Randy
Chance Favors The Prepared Mind
comp.lang.javascript FAQ - http://jibbering.com/faq/index.html
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
Feb 14 '07 #15

P: n/a
asdf wrote:
I tried to create stats from google groups, pulling their former dejavu
info and post numbers.

After 5 or so queries ( while they contact my server several times
during a day),
they disconnected me for a month and sent me a cease and resist note.

-------------------------------------------------------

Then I switched to an anonymizer, using queries only every few seconds
or so.
I never finished the project. After a month google restored searched for
my ip.
I am glad I did not 'mess up' the anonymizer account.

------------------.

Google belongs to the evil doers. basta.

We are just to stupid to realize.

A $ market evaluation in the thousands of millions for a search utility
that
can be created by anyone. ARE WE STUPID ?

Most of us are.




"Macarro" <an*@email.invalidwrote in message
news:op.tiscilnmeih28w@localhost...
>>
>>>
true, it is out there, keep a googling

Alternatively, http://www.blackboxsearch.com
--

Mapping the Internet 24/7: http://www.netdimes.org


post in decent english you dumb cocksucker
Feb 14 '07 #16

P: n/a
>
post in decent english you dumb cocksucker
Forgot to take your Midol??

----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Feb 20 '07 #17

This discussion thread is closed

Replies have been disabled for this discussion.