Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Ways to improve page rank, or deceptively get more users to your websites or away from your competition. Where you can discuss SEO (search engine optimization) issues as it relates to computer security. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
bypassing search tracking via onion routing
Posted by: tx
Date: June 01, 2007 03:27PM

I got into this discussion and I would like to hear some of your comments on the feasibility of this:

user goes to mysite.com
mysite.com serves a search page
user submits search query to mysite.com
mysite.com submits query to google web service via a tor-like network
google returns results for the query and logs whatever they choose
(the logs will of course reflect the IP of the tor exit node, and not the mysite.com server(s))
mysite.com scrubs any ads from the content and anything else undesirable and displays the results.

Result:
User has queried google. Google's logs reflect a bunch of tor exit nodes as opposed to the IP of the user or mysite.com

The end goal is to avoid all google ads and tracking mechanisms, and to prevent searches from being correlated to you as a user.

P.S. I'm aware that this is tinfoil hat overkill

-tx @ lowtech-labs.org

Options: ReplyQuote
Re: bypassing search tracking via onion routing
Posted by: kuza55
Date: June 01, 2007 07:53PM

Why should anyone trust one mysite.com more than we trust google? mysite.com could just as easily be doing logging.....

Anyway, there is no need for this - all you need to do is turn of javascript, flash/other plugins, and use Tor, and you get the same effect.

Options: ReplyQuote
Re: bypassing search tracking via onion routing
Posted by: tx
Date: June 02, 2007 03:37PM

Oh, I completely agree with you. I don't think this is something that's actually worth doing, but I just am curious whether anyone can think of any ways it _wouldn't_ work... call it a pure hypothetical.

EDIT: A user having turned of java(script) and is a requirement, of course.

-tx @ lowtech-labs.org



Edited 1 time(s). Last edit at 06/02/2007 03:38PM by tx.

Options: ReplyQuote
Re: bypassing search tracking via onion routing
Posted by: Anonymous User
Date: June 02, 2007 07:06PM

A simple way is to to use a PHP script. Any script in PHP for example only shows the IP of the server who fetches the content, it shows nothing private of the user.like you can fetch with cURL, really fast.

Back in 2002 I built such scripts regularly for clients who wanted to surf from their admin screen.

Options: ReplyQuote
Re: bypassing search tracking via onion routing
Posted by: Anonymous User
Date: June 02, 2007 07:10PM

Like this simple implementation in a few scripts:

function openURI($url) {

$tty = curl_init();
$user_agent = "Mozilla/5.0 (compatible; MSIE 6.01; Windows NT 7.0)";
$referer = "http://www.google.com/";
# It only shows the server IP.
curl_setopt($snoop, CURLOPT_URL, $url);
curl_setopt($snoop, CURLOPT_HEADER, 1);
curl_setopt($cnoop, CURLOPT_USERAGENT, $user_agent);
curl_setopt($snoop, CURLOPT_NOBODY, 1);
curl_setopt($snoop, CURLOPT_CONNECTTIMEOUT, '5');
curl_setopt($snoop, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($snoop, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($snoop, CURLOPT_REFERER, $referer);
$header = curl_exec($tty);
$sub = curl_getinfo($tty);
curl_close($tty);

}

Options: ReplyQuote
Re: bypassing search tracking via onion routing
Posted by: FiSh
Date: August 12, 2007 11:51PM

kuza55 Wrote:
-------------------------------------------------------
> Why should anyone trust one mysite.com more than
> we trust google? mysite.com could just as easily
> be doing logging.....
>
> Anyway, there is no need for this - all you need
> to do is turn of javascript, flash/other plugins,
> and use Tor, and you get the same effect.

Don't forget cookies

Options: ReplyQuote
Re: bypassing search tracking via onion routing
Posted by: chovy
Date: August 13, 2007 01:08AM

what would be sweet if there was a search engine for .onion sites.

Options: ReplyQuote


Sorry, only registered users may post in this forum.