Author Topic: anonymizer  (Read 8735 times)

kimo

  • Guest
anonymizer
« on: June 09, 2005, 06:03:27 AM »
how does this work with something like Anonymizer.com surfing or privoxy ?  I was never able to anonymously surf and use roboform at the same time maybe you can help out here?

Also - note the roboform form -filling algorithms are very sophisticated - rather than try to duplicate them - i'd suggest trying to work with them to replace their inhouse password generator feature.

Offline Eric H. Jung

  • grimholtz
  • Administrator
  • *****
  • Posts: 3353
anonymizer
« Reply #1 on: June 09, 2005, 02:03:10 PM »
Hi Kimo,

PasswordMaker works with Anonymizer and Privoxy.

Let's take Yahoo! mail as an example. Assuming you want the same password for yahoo.com and http://anon.free.anonymizer.com/http://mail.yahoo.com/?.intl=us (the URL used when you go to Yahoo! Mail through Anonymizer), here's what you should do:

1. Go to the Advanced Options dialog
2. Create a new account
3. In the When URL Contains field, type yahoo.com.
4. In the Use This URL field, type yahoo.com.

That's it! Now whenever you navigate to any url with yahoo.com (e.g., http://mail.yahoo.com or http://anon.free.anonymizer.com/http://mail.yahoo.com/?.intl=us), the same password is generated for both.

Hope that helps,
-Eric

Offline glowworm

  • Jr. Member
  • **
  • Posts: 13
anonymizer
« Reply #2 on: July 08, 2005, 04:18:44 AM »
I'm using Privoxy and TOR along with PM (no special configuration) without a problem. It even works on FreeNet's hidden onion servers if you don't mind S-L-O-W browsing ;)

Anonymizer would require the domain fix mentioned above.
« Last Edit: July 08, 2005, 04:20:48 AM by glowworm »

Juandon

  • Guest
anonymizer
« Reply #3 on: July 27, 2005, 08:53:09 PM »
Would this feature allow phishers to create a fake site that somehow contains the phrase yahoo.com thus tricking the software into realeasing your password?

I'm not entirely sure if it is possible to do this, or if your software falls for this, I was just wondering.  

Also I don't know why someone would want to go into important password protected sites through a proxy, but you never know.

Offline Eric H. Jung

  • grimholtz
  • Administrator
  • *****
  • Posts: 3353
anonymizer
« Reply #4 on: July 27, 2005, 09:49:11 PM »
Hi Juandon,

Quote
Would this feature allow phishers to create a fake site that somehow contains the phrase yahoo.com thus tricking the software into realeasing your password?
Yes, but the user must still click "Submit" after the password field is populated. It goes without saying that you should examine the URL before submitting any data over the internet.

Regards,
Eric

Offline Eric H. Jung

  • grimholtz
  • Administrator
  • *****
  • Posts: 3353
anonymizer
« Reply #5 on: July 28, 2005, 02:39:09 AM »
By the way, if you're using any modern browser, you're safe from IDN (international domain name) URL spoofing (a.k.a. homograph attacks). Specifically, Firefox deals with this by displaying those URLs as PunyCode (read this for more info). You can try this out by going to http://www.pаypal.com/ and looking at the address bar.
« Last Edit: July 28, 2005, 02:39:49 AM by Eric H. Jung »

PasswordMaker Forums

anonymizer
« Reply #5 on: July 28, 2005, 02:39:09 AM »