Proxy Sites Offer Secret Passage to Myspace 330
JafSquared writes "As sites like MySpace.com gain popularity in young adults, schools all over are finding that taking measures to keep kids blocked out of these websites is becoming increasingly difficult. As this hype continues, proxy servers such as "Box of Prox" are springing up like wildfire. While system admins furiously work to diminish the strain placed on their school's local networks from sites like MySpace, these proxy sites are enabling easy access to restricted areas. However, schools aren't the only places that are feeling the heat. Proxies have also been becoming a bit of a complication in the workplace. To the more advanced user, the proxy server can become a tool for malicious intent as this article, delivering an anecdote with the termination of an employee, so poignantly details."
Proxies? (Score:5, Insightful)
Re:Proxies? (Score:5, Informative)
Re:Proxies? (Score:3, Interesting)
Have only a list of acceptable sites. when blocked put a link to submit for approval and teachers in the class or room can click on the link they wanted, view that it is not a backdoor to myspace or someplace inappropriate and then click "allow" which add's it to the whitelist.
simple works great and has near immediate access to sites not on the whitelist.
Too bad most scho
Re:Proxies? (Score:4, Insightful)
Re:Proxies? (Score:3, Insightful)
No wonder digg is getting more hits than slashdot now.
What with last weeks post about installing windows, and now this one "informing" us about proxy sites slashdot seem to be posting very trivial things now, Hardlly the cutting edge tech news site it used to be.
Re:Proxies? (Score:3, Insightful)
Lurk moar. (Score:3, Informative)
You gave an opinion about a Mac.
You never give opinions about Macs on slashdot (or really any forum). EVER.
There are two main camps:
1) Those who believe Macs are the saviors of all computing and Apple can do no wrong.
2) Those who think that Mac users are 'fags' and are stupid for wasting their money.
Even if you have a rational opinion, a person with moderation points from one group will lump you into the other group, and thus mod you down on principle.
Sorry, but that's how it
Re:Proxies? (Score:2, Insightful)
Do we have a war on social networking yet? (Score:5, Insightful)
Do politicians even consider how ridiculous their arguments are? Why, ghettos have become a haven for drug dealers, prostitutes, and other nerdowells! Do we ban ghettos? No, I believe parents simply teach their kids about the dangers of going there, and before they're old enough to understand that, the parents simply don't allow them to go there.
It's sad how human ignorance comes back with a vengeance with the emergence of any new technology or tool, without fail.
Re:Do we have a war on social networking yet? (Score:5, Insightful)
Re:Do we have a war on social networking yet? (Score:3, Informative)
Wrong. I used to do network security for schools - they are *really* paranoid (mainly coz if little Johnny's parents find out he's surfing porn at school it generates a helluva lot of bad press for the school in question). Most schools are rather overzealous with the firewall rules.
I'd guess that most any school, like a business would have ports 80, 443
Most schools use web proxies
Re:Do we have a war on social networking yet? (Score:5, Insightful)
Well, actually, we do ban ghettos (Score:2)
During the middle part of the 20th century, many urban "ghettos" in the US, inhabited mainly by Blacks, were leveled. In some cases they were replaced by public housing. For a very brief time, the public housing was better than what came before, but it rapidly deteriorated.
Elenor Roosevelt famously advocated for the demolition of illegal alley dwellings in the District of Columbia. At the time, they were cramped, filthy, areas that attracted vermin and were unpleasant to live in. I don't know exactly
Re:Do we have a war on social networking yet? (Score:2, Insightful)
Re:Do we have a war on social networking yet? (Score:3, Insightful)
When I was in high school, we were allowed to
Re:Do we have a war on social networking yet? (Score:2)
Re:Do we have a war on social networking yet? (Score:2)
Internet @ School (Score:3, Insightful)
Re:Internet @ School (Score:2)
Myself, I probably used the internet to a lot of its potential at school, but only because I blogged from it...
Re:Internet @ School (Score:2)
Re:Internet @ School (Score:3, Insightful)
What?!?!?! (Score:5, Insightful)
Re:What?!?!?! (Score:3, Funny)
Re:What?!?!?! (Score:3, Interesting)
You've hit the nail on the head; it is the 'not liking kids doing anything' that causes ADHD.
Re:Internet @ School (Score:3)
No, the order of the day at public schools is social compliance through political correctness. Bad grades aren't handed out, but you are publicly chastized for not doing well (ie, towing the line).
welcome to 1995? (Score:3, Insightful)
Re:welcome to 1995? (Score:5, Informative)
Re:welcome to 1995? (Score:3, Interesting)
The case, of hiding your web travels while at work, was mentioned in this article [pcworld.com] which was cited in the post.
You'll note that, though the company did find out where their fire
Re:welcome to 1995? (Score:2, Insightful)
Basically, yes (Score:2)
MySpace.com IS created to get into young adults (Score:5, Funny)
The last time I was in a young adult, I know I certainly gained popularity.
Needs more attentive blocking. (Score:5, Informative)
Also, if an admin notices they're getting a load of traffic to say http://surfinsecret.com/index.php?q=d3d3Lm15c3BhY
I got around it by installing my own copy of phpproxy on my server and use it infrequently for certain sites. There's a lot of traffic to my domain anyway because I run an application my department uses on there, so it's fairly safe for me.
Re:Needs more attentive blocking. (Score:2, Informative)
http://translate.google.com/translate_t [google.com]
Enter URL of English language site, translate from Chinese to English, enjoy.
I remember doing this with Babelfish years ago. Works fantastically well!
Re:Needs more attentive blocking. (Score:2)
<offtopic rant>
gblon01 has been up for a total of 2 days in the last two weeks. If ipv6 is *ever* to be taken seriously then the people providing it need to take it seriously too. As it is it's a f..ing joke.
</offtopic rant>
Re:Needs more attentive blocking. (Score:2, Informative)
That's why you should use proxies that have "secret addresses" and run over https. Lets say I choose to make a monthly $5 donation to Überproxy, Inc. Now you just see me connecting to www.abc23foo.net port 443; and the domain changes every 2-3 months.
That's not a comment on policy though. I know that some p
Re:Needs more attentive blocking. (Score:2)
That's exactly what I came here to say... get caught at the workplace once, a reprimand, twice you're fired... it's going to stop. Starting handing out detentions at school and suspensions for repeat offenders and it's going to be equivalent to smoking in the bathroom as far as numbers, certainly not a rampant problem.
Looks like one of those when all you have is a hammer issues to me.
Next it will be SSH tunneling... (Score:5, Interesting)
Re:Next it will be SSH tunneling... (Score:2)
A new dawn for the Internet (Score:2, Informative)
Not really a new problem (Score:3, Interesting)
When I was in school (5 years ago), schools were trying to block well known proxies, but were unsuccessful at blocking those of us with 'home brewed' proxy servers. This wasn't really such a problem, because the policy was "get caught looking at sites x, y or z and you lose your computer privileges", why does this approach not work with advent myspace et al?
Proxies aren't such a big deal anyway, I worry more about the possibility of a savvy user with a bootable USB flash drive and OpenVPN.
Re:Not really a new problem (Score:3, Interesting)
Because before the first month of school was over with nearly every student in the school would have lost computer privileges. Kids are so fucking d
Strain on networks? (Score:4, Insightful)
Blocking sites is a half-assed solution since students will always find a way to expend bandwidth. (Personally, I think that the 'net doesn't need to be in classrooms anyway. I went to HS from 1993 to 1997 and survived just fine without going online in school.)
-b.
Re:Strain on networks? (Score:2)
Oh, please.
I personally can't see why anyone should have internet access. It seems like people living prior to 1990 did just fine without. People also did fine without books before Guthenberg came along.
Yeah yeah yeah, I'll get off your damn lawn now, old man.
Re:Strain on networks? (Score:2)
In classrooms. Used by the students during classes. I have no problem with schools having computers in the library to be used for research, or laptops being given to students to work on papers at home, or (of course) CS courses...
-b.
Re:Strain on networks? (Score:2)
Sorry to reply twice, but the emphasis on "wired schools/workplaces/foo" in the US is a pet gripe of mine. Don't get me wrong; I'm making fuck-you money off of this phenomenon right now, but people have to realize that "technology" doesn't only mean computers. If a school spends, say $200,000 on a shiny new network, IT consulting, M$ software, and computers, it detracts from other things the school could be spending money on. Like hiring the most
Re:Strain on networks? (Score:2)
Re:Strain on networks? (Score:2)
I stated that the:
...'net doesn't need to be in classrooms...
"Classrooms" was meant literally, not referring to libraries, computer labs, etc - I think that the 'net makes a great research tool, but it's use does not have to be ubiquitous in schools, and it being ubiquitous might actually detract from the education aspect. Maybe one computer hooked up to a projector per classroom with no laptop use generally a
Re:Strain on networks? (Score:2, Insightful)
You mentioned that you didn't go online in school. What about at home? I graduated from high school in 1996 and the internet, in addition to some local BBS', were a great source of information and... TERM PAPERS. Sites like Altavista made doing research a breeze. While the rest of my peers were in the libraries and at the universities, I was a
Re:Strain on networks? (Score:2)
I'm not. I'm implying that there's a time and place for 'net use, and that's not (always) in the classroom. The library, computer courses, at home for research, but we don't need more distractions in class. (And a *good* teacher will keep the class's attention.)
-b.
Restrictions are evolutionary pressure (Score:5, Insightful)
But the moment, you introduce blockades to access to a "cool" thing like myspace or facebook, these talents become valuable in terms of utilization. More kids learn these, use these and try to out-do the other in terms of l33tness. If there aren't the artificial boundaries drawn by the authorities, these skills would have never been learnt, developed and hopefully put to good use in the future.
Whatever they block these with, they just raise the bar for the kids. Clever, curious and with the power of the rest of the internet behind them ... there's nothing that's totally blocked off. Probably threats to those who break the security and offer real world punishments maybe, but blocking it all is impractical. Of course, then there are those who prefer forbidden fruit to the ones in the fridge, for the momentary thrill of breaking some rules.
I remember breaking the proxy at a college where I was giving a talk. All I did was ssh -D 8080 into my box and bypassed the "security" of the campus network. But I did that by unplugging the monitor cable, running ssh and plugging the monitor back on in under 2 minutes.And lo, meebo.com suddenly worked. The kids thought I was some great genius or something. THat kind of ego-rush to a 17 year old teenager can drive them to do far more than just break firewalls to get kudos from their peers.
These kind of restrictions just favour the kids who learn to use the system, instead of just fighting it on the streets like the average politico.Re:Restrictions are evolutionary pressure (Score:2)
I used to run one of these. (Score:3, Interesting)
Re:I used to run one of these. (Score:2)
Below the uni level, where in most cases the school is expected to actively structure education so the kids will
Re:I used to run one of these. (Score:2)
Somehow make a couple bux outta it. Maybe offer some service as a Boss button, and quick links to sites, strip gfx, etc. Maybe force to view 1 sponsored ad. If you want to use it enough, people will use it.
Myself, I just use ssh and tunnel to my home unix box running squid for this reason. SSH is almost always allowed...
What's so difficult? (Score:2)
Add to
' MySpace.com. All Rights Reserved.' (changing the ' for angle brackets)
Re:What's so difficult? (Score:2)
I was also thinking that a whitelist solution would be an interesting idea as well. ie: Use a pop-up window, having the student "request" access to a apecific site, with reason; this way, you can file the student'
Re:What's so difficult? (Score:2)
Whitelists for websites are no good - for any reasonable sized organisation it would be too great a task, plus an extremely annoying hindrance to legitimate research.
Re:What's so difficult? (Score:2)
I don't know what everyone is fussing about really. Never had a problem with DG - seems to block everything you want it to without any issues if you know what you're doing.
Re:What's so difficult? (Score:3, Interesting)
Recent Joyous Discovery (Score:5, Informative)
I have Proxomitron at work to get through the firewall. It acts as a local proxy server, and works with our something-Point firewall. It seems like only ports 80 and 23 are open. No port 22 for ssh, and no ports for email.
Using puTTY configured to look at the local proxy server, I establish the appropriate ssh tunnels to my Linux box at home. I don't know why this works, so any explanation would be cool. I'm using port 22 via the Proxomitron local http proxy over the corporate http proxy to my plain vanilla Linux box. Fscking mystery to my how it works, but it does. Setting up puTTY to work directly with the company firewall doesn't work, and I have no idea why. Proxomitron is required.
Of course now with all the right tunnels, I can use FireFox on my Linux box or even Safari on my Mac (if I leave it on) via VNC, and I have instant anonymous surfing. Yeah, I know I'm using a helluvalot of bandwidth, and I generally don't need or do any anonymous surfing anyway.
So, what's my traffic look like to my company IT boys for my interesting setup? I'm assuming that my secure ssh connection doesn't let anyone know what I'm doing over ssh; that's the point. But yet I have this traffic flowing out of Port 80 to Port 22 somehow, and it's either little tiny bursts when I'm working in bash, or it's a bandwidth hog if I'm using SAMBA or VNC over the connection.
-----
The whole initial point of the excercise was to talk to my MythTV box while on the road. All I wanted to do was ssh in to check my RAID status. I also had all kinds of ports open on my router so I could http into MythWeb, and Webmin, and MythStream, and SMB, and the router itself, and ftp, and generally a big mess. Now all I need is my single ssh port, and I'm good for everything without all of those open doors. At work I use puTTY, at the hotel I've got my iMac (remind myself to look for an ssh tunnel control panel so I don't have to keep using the shell).
Even with ssh, I'm subject to brute force attack, right? Wasn't there something like a magic knock I can setup so that I ping a certain sequence of ports in the right order, my ssh port opens up, otherwise being closed? Probably won't work for me, as I have a proprietary hardware router...
Re:Recent Joyous Discovery (Score:2)
Actually, any decently sized company would have the ability to inspect the packets, either from a sniffer or a local-to-
Re:Recent Joyous Discovery (Score:2)
Re:Recent Joyous Discovery (Score:3, Informative)
Checkpoint (and any 'decent' firewall these days) has the ability to do protocol inspection and enforcement of things like HTTP and if the admins at your work either upgrade to an appropriate version of Checkpoint or simply enable the protocol inspectoin (if already running appropriate code) they can easily enable the function to stop you doing what your're doing.
Re:Recent Joyous Discovery (Score:2)
Sensible? Those types of things are only sensible for a very limited number of environments. Many companies are willing to spend for signifigantly more security than is actually required for their situation. (And most of those companies proceed to set it up incorrectly so that they're not actually secure anyway).
Re:Recent Joyous Discovery (Score:2, Insightful)
your IT team should have fully locked down SOE images to prevent you installing and running your own apps (Cisco CSA works well), have disabled USB, CD and floppy drives
That policy is something I don't understand how it could be reasonably applied in a software company. I'm a software engineer and I don't know how I could work without being able to run whatever software I want. I'm not installing software every day, but I do need full access to USB (using USB devices is part of the job), being able to r
Comment removed (Score:5, Insightful)
Re:Why I plan to homeschool my kids (Score:3, Insightful)
So... you want to homeschool your kids.. because of filtering software at school?
Are you fucking kidding? Going to school is about having a social life and being thaught things by professional teachers, nobody gives a fuck about whatever site the school can filter, actually if the school you'd want to put your kids in had not a single computer, that would be just fine.
How silly can you be to take a decision that heavy of consequences for your hypothetical kids based on such an insignifying detail? I hope I
Re:Why I plan to homeschool my kids (Score:2)
If you have an issue about filtering, just wait until you do have kids and you think about home-teaching them. When they spend all day surfing myspace, slashdot and porn sites the filter software will slam down big time on them, and you'll be standing over them making sure they're using the computer to learn stuff that you consider to be useful. No doubt they'll be posting to slashdot that when they h
Legal? (Score:2)
Wrong approach (Score:2)
news? (Score:3, Interesting)
Seriously, I can't be the only one here who wrote a CGI proxy server so that I can get around censorware (like BESS) while in high school. I even sold access to it to my fellow students!
Code is simple:
# fetch the url specified after the "?"
# prepend the url of the proxy to all link tags
# print the page out to the user
So all you have to do is run apache with this CGI from home, and you never have to worry about censorware again.
Re: (Score:2)
What happened to whitelisting? (Score:2)
VLANs work wonders (Score:2)
MySpace not just for kids (Score:2, Insightful)
Proxies forever, problem now. (Score:2, Insightful)
A story of yesterday night:
- anonymous at
- more
- they find about 80 pics of a girl naked, masturbating.
- they find out m
Re:Proxies forever, problem now. (Score:2)
Re:Proxies forever, problem now. (Score:2)
http://forums.photobucket.com/showthread.php?t=126 40 [photobucket.com]
07-02-2006, 02:10 AM
If I have my album private, does that mean the photos I upload will not be featured in the recent images? I would assume a photo uploaded to a private album would not show in the recent images, but I could not find an answer when I searched the forums.
07-02-2006, 02:41 AM
You are correct. An image in a privat
Re:Proxies forever, problem now. (Score:2)
for the simple reason threads on
title says it all (Score:2)
I can think of *so* many better destinations for Secret Passages.
Huh? Poignant? (Score:3, Funny)
The part about the firing was short and rather matter-of-fact. Where, exactly, was the poignancy [m-w.com]?
In the words of a famous Spaniard, "I do not think it means what you think it means."
Whitelisting is the necessary answer (Score:3, Insightful)
Filter Complainer (Score:4, Interesting)
What did this program do? It ran in the background, monitoring Internet Explorer's address bar (couldn't find a nice API for Firefox, but mozilla.org was blocked anyway). When it detected that the proxy had taken over (http://www.lghs.net?blockedsite=mozilla.org&reas
(Yes, I know it's probably not moral to use school computers for this. Yes, I know he could have created an email filtering rule to send the messages to the trash. I liked it, and so did the users. *Shrug*.)
Bullshit article (Score:3)
Anyone who reads that from this so called "Network and Computer Systems Administrator" will be seriously scratching their head. First, they used a tool from the same people that make Webwasher pseudo-ware. This software basically looks for HTTP GET requests and prepares a report. Then he mentioned they found evidence of a leet batch file, "footprints", whatever those are, and of course this employee of theirs was some leet uber hacker going to deploy the latest and greatest worm on their network of poorly secured network running some sort of automated intrusion detection ware.
Then he ships the system off to Forensics (what company has a Forensics department I don't want to work at) and they were able to find all the bits, maybe even some bytes. When it came down to it, the company supposedly terminated the employee for using an online anonomyizer service, assuming they couldn't prove he was using it to break company policy.
If this story is true, which I highly doubt based upon the anecdotal evidence of this so called "Network and Computer Systems Administrator" they should have fired none other than this dumbass. Bullshit article.
Re:Well... (Score:2)
Re:Well... (Score:2)
'ssh -N -v -L 5900:localhost:5900 username@server.ip'
The first portnumber is the port you allocate at your workstation, and the second is the target port at the server you wish to access. Substitute localhost for whatever hostname or ip you want, it can be on your LAN or on the internet.
This will create a
Students vs. Public Schools (Score:2)
Tr
Re:Students vs. Public Schools (Score:2)
You had your grading, scheduling, and payroll systems on the same local network as the student lab computers? Sheesh.
Having the administrative systems on the same network as the computer lab and worrying about network hacking is sort of like teaching chemistry classes in the school cafeteria and worryi
Re:Students vs. Public Schools (Score:3, Interesting)
I'm not the grandparent but I can respond to this. The way most K-12 systems are setup this is largely unavoidable. All computers are on one network within each school building. I know in the system I worked for most schools had one router and a class C of address space. The Internet access was provided by the state, and all sites ran through central office and through a firewall there
Re:Students vs. Public Schools (Score:3, Interesting)
Opt-in, not opt-out (Score:2)
I agree completely. Schools are stupid if they think they can prevent access to Myspace and other sites in this way.
The way to do this would be the exact opposite - not a list of banned sites, but a list of allowed sites. If you want school PCs to be limited to school activities, that would be the way to go. Of course, this would seriously limit the kids' ability to do legitimate research online.
So really there is no good solutio
Re:host (Score:2)
Re:host (Score:2)
Why? Just, why?
Re:host (Score:2)
Re:host (Score:2)
MySpace is bad (Score:2)
MySpace is the antithesis of the geek world. It is a corporate website that allows users to violate every standard of web design without having to know a lick of code or even html. The user pages are downright painful to attempt to decipher at times, and there is usually some horrible music playing in the background that is difficult (if not impossible) to stop. The fact that it is used for criminal activity only adds to the collective distaste.
Re:MySpace is bad (Score:3, Funny)
Other than the background music, you're describing slashdot.
Re:host (Score:3, Interesting)
Re:host (Score:2)
Re:Security (Score:4, Informative)
Similarly, it's only a matter of time before the MySpace cottage industry cranks out a few JavaScript programs to read and reply to MySpace messages, post to blogs, and whatever other services MySpace offers.