Interview with Hat [proxy-elites]

posted onApril 20, 2002
by hitbsecnews

By: The Hacktivist

Note: This article first appeared over at our affiliates site The Hacktivist. The original article can be viewed here.

Interview with Hat, founder of proxy-elites, an organization whose goal is to assist Internet users to bypass censorship enforced by their local authorities.

Q1. When were the proxy-elites founded and what were its initial goals?

A1. It was founded on June 2000. Our goal is to assist Internet users to bypass censorship enforced by their local authorities.

Therefore, we provide information, proxies and discuss methods as well proxy-tools used to bypass censorship, port scanning to find open ports and their capabilities enable to use services on such ports, finding proxies on open ports and public proxies on know ports, etc... Also we discuss CGI-proxies, Shell accounts and network matters such as TCP/IP, UDP, DNS, censoring, ICMP, gateways, sockets & API, Servers (HTTP, FTP, Gopher, Socks), Cookies & Security, SSL Tunneling, spoofing, anonymity, cypherpunks, firewalls, etc..

Q2. Most of the discussion on proxies has been in the context of privacy concerns why have you focused on the ability to use proxies to counter censorship and bypass content filtering?

A2. Well, the cyberspace offers us a universe with neither boarders nor limitations for exchange of data and information. However, it seems that day after day, the horizons is shrinking due to the actions enforced by local authorities in each country, formulating a profound effect on the rights of citizens of those countries. That's why; our priority is to bypass content filtering, and then comes privacy!

As a result, proxy-elites is the coalition of individuals who fight to protect and promote fundamental human rights such as freedom of speech and the right of privacy on the net for users everywhere by prohibiting prior censorship of on-line communication.

Q3. Could you briefly describe how proxy's work and how they can be used to avoid Internet censorship?

A3. In an enterprise that uses the Internet, a proxy server (a computer program that provides services to other computer programs in the same or other computers) that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, caching service as well censoring/blocking the incoming and outgoing contents.

A proxy server receives a request for an Internet service (such as a Web page request) from a user. If it passes filtering requirements, the proxy server, assuming it is also a cache server, looks in its local cache of previously downloaded Web pages. If it finds the page, it returns it to the user (unless they decided to block that page) without needing to forward the request to the Internet. If the page is not in the cache, or it is old and needs to be refreshed, the proxy server, acting as a client on behalf of the user, uses one of its own IP addresses to request the page from the server out on the Internet. When the page is returned, the proxy server relates it to the original request and forwards it on to the user.

To the user, the proxy server is invisible; all Internet requests and returned responses appear to be directly with the addressed Internet server. (The proxy is not quite invisible; its IP address has to be specified as a configuration option to the browser or other protocol program.)

An advantage of a proxy server is that its cache can serve all users. If one or more Internet sites are frequently requested, these are likely to be in the proxy's cache, which will improve user response time. In fact, there are special servers called cache servers. A proxy can also do logging!!

The functions of proxy, firewall, and caching can be in separate server programs or combined in a single package. Different server programs can be in different computers. For example, a proxy server may in the same machine with a firewall server or it may be on a separate server and forward requests through the firewall.

Q4. It seems that much of your focus is on the Middle East. Given that the Middle East is a vast and diverse region could you describe the conditions and restrictions affecting Internet users in some of the major countries in the region?

A4. Yes, my focus is on the Middle East cause I'm from it and live in it. However, please keep in mind that not all of the Middle East countries enforce the type of censorship you have in mind. But those known to be the worse worldwide other than China are, Saudi Arabia, UAE, and Syria.

They for example blocked all famous ports, such as port 80, 8080, 3128, 119, etc…. and some of them censor by other methods like blocking by keyword. Say your http address contains a word such as sex as part of the address, then that site is automatically not available. Therefore, you are forced to use their proxy servers to access the Internet. As a result, you can browse only through their 'eyes'. What they allow you to see is all what you get, no matter what's your age or profession or education level.

Other countries have different type or lets say levels of censorship or no censorship at all. For example, in Jordan there are many ISP's and individuals are free to chose the one they like depending on many aspects which may include but not limited to the level of censorship that ISP 'offers', not 'enforces'.

Q5. Proxy Elites has been blocked by the Saudi authorities, have you had any run-ins with various state authorities?

A5. Well, No. There is no point or hope. Not only in Saudi, I think it would be the same if other Middle East countries decided to block Proxy Elites. There is no democracy in such countries, it's one-man-show! And you are not luckily to talk to this man, unless you meet in hell :o)

Q6. What kind of penalties might people face for bypassing content filtering?

A6. It all depends on which 'values' did you break, and the penalties would be at least same to that implemented on citizens by the civil law against a contrary of those values!

In UAE, and according to their TOC, the worse can be *termination of service for life*. And since there is *NO* other ISP in UAE, means you are back to cave. Of course there are more unwritten penalties that someone may not be surprised to hear when such cases happen, but normally I didn't hear of any termination of service because of any "criminal or unlawful purpose such as but not limited to vice, gambling or obscenity or for carrying out any activity which is contrary to the social, cultural, political, economical or religious values of the UAE." (Quoted from Etisalat TOC, for more details, http://www.emirates.net.ae/terms.html).

Regarding Saudi Arabia, I would expect it to be at least similar to UAE if not worse, maybe jail for few months?! Similarly would be in few other gulf countries, but I will not be surprised if it is worse in Syria. It may vary from country to country depending on what type of contrary to which value priority that country is claiming to guard!

IMHO, in UAE it would be 'cultural', though I don't believe that cause we saw worse on streets. Maybe contrary to 'religious' values!! Well, they can claim any?!

In Saudi, it is 'religious' values obviously; at least that's what they claim!

In Syria, it is 'political' reasons, no doubt. It is the biggest *Sin* there to talk or even 'dream' in politics, and so on.… What I mean to say here that it is really bad everywhere, but you can never expect what the penalty might be. There might be none, or they might ignore it (as in UAE, to some limit) or you might get hanged somewhere else, who knows?!

Q7. Are there any projects or activities that Proxy Elites are working on at the moment?

A7. Sure. Our Perl-guru, Wayne, wrote and developed proxyTools and localProxy. proxyTools programs consist of several programs, which are: findProxy, statProxy and sortProxy. As the name describe, these tools are used to find proxies and services as well test them enable that they can be used in a browser to bypass the censorship, or to be used as host/services in another programs like localProxy.

localProxy is a set of communication strategies such as GET, CONNECT, decoded URLs, socks 4/5, SSL, news and emails via such CommStart's, PROFIND, etc… This tools can be used to bypass censorship by implementing the right CommStart making use of a 'hole' in the enterprise firewall, such as open ports, or proxies that allow CONNECT. On the other hand, it is a good tool to keep your privacy even when you don't have to bypass censorship if it doesn't exist.

You can find the programs at our proxyTools project page at:
http://sourceforge.net/projects/proxytools

Also, we have few more supporting channels other than Proxy Elites mailing list, such as an IRC channel, #proxy, which is hosted at: http://openprojects.nu/ also a FAQs: http://plaguesplace.dyndns.org/proxy-elites-faq/

Q8. Are you familiar with the CULT OF THE DEAD COW & Hactivismo's project "peekabooty" to bypass content filtering and end censorship on the Internet?

A8. Sure I am. cDc known as a group of hackers best known for creating security tools to exploit holes in Microsoft software. However, regarding the Peekabooty! We've heard a lot about this anticensorship tool to be coming soon, and we are still waiting! Peekabooty is an attempt to create an anonymous, private way of getting human rights information across the Internet while protecting the identities. I wish them all the best and would be happy to put my hand on the first version when it's available!

Q9.What are your thoughts on the future of censorship on the Internet as well as resistance to it?

A9. I think the days of censorship are counted. But real progress hasn't been happening much. We've seen a lot of activity when it comes to 'Privacy', but anticensorship? No.

Very few geeks consider bypassing censorship as their priority, since most of the countries are free of censorship some how. Now we have projects like Freenet, Mojonation and Peekabooty. Hope we see more of these!

1.) Password Selection - netcrash
2.) Interview with Hats [proxy elites] - The Hacktivist
3.) Nessus Attack Analysis Using Snort - spoonfork
4.) Browsing Websites at your own risk - Obscure
5.) Security Trends - What they forgot to secure - Obscure
6.) Game Review: The Sims Vacation Expansion Pack - sQ

Source

Tags

Articles

You May Also Like

Other Articles In This Section

Recent News

Friday, November 29th

North Korean hackers posing as IT workers steal over $1B in cyberattack
OpenAI is at war with its own Sora video testers following brief public leak
Found on VirusTotal: The world’s first UEFI bootkit for Linux

Tuesday, November 19th

CISA Director Jen Easterly, in Place Since 2021, to Step Down
Korea extradites Russian, Vietnamese suspects linked to $16M ransomware scheme
WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Friday, November 8th

North Korean hackers target cryptocurrency with malware
Man sick of crashes sues Intel for allegedly hiding CPU defects
Law enforcement operation takes down 22,000 malicious IP addresses worldwide

Friday, November 1st

Youth of today say passwords are old news, passkeys are the future
Chinese attackers accessed Canadian government networks – for five years
OpenAI launches ChatGPT with Search, taking Google head-on
Here’s the paper no one read before declaring the demise of modern cryptography
Not just ChatGPT anymore: Perplexity and Anthropic’s Claude get desktop apps

Tuesday, July 9th

China's APT40 gang is ready to attack vulns within hours or days of public release
AI-Powered Super Soldiers Are More Than Just a Pipe Dream
The president ordered a board to probe a massive Russian cyberattack. It never did.
Massive car dealer ransom attack is mostly over after 2 weeks of work-arounds

Wednesday, July 3rd

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux
Two of the German military’s new spy satellites appear to have failed in orbit

Friday, June 28th

Indonesian Airports, Data Centres Hit By Worst Cyberattack in Years
Cisco Talos warns of wider security implications following Snowflake breach

Thursday, June 27th

I Wore Meta Ray-Bans in Montreal to Test Their AI Translation Skills. It Did Not Go Well
Researchers upend AI status quo by eliminating matrix multiplication in LLMs
YouTube tries convincing record labels to license music for AI song generator
Critical MOVEit vulnerability puts huge swaths of the Internet at severe risk
Julian Assange to plead guilty but is going home after long extradition fight

Thursday, June 13th

Hackers show off jailbroken checkm8-vulnerable iPad and Apple TV running iPadOS 18 & tvOS 18 respectively
One of the major sellers of detailed driver behavioral data is shutting down
Turkish student creates custom AI device for cheating university exam, gets arrested

Wednesday, June 12th

Chinese-Made Biometric Access System Has 24 Vulnerabilities
Apple and OpenAI currently have the most misunderstood partnership in tech
Adobe to update vague AI terms after users threaten to cancel subscriptions
China state hackers infected 20,000 Fortinet VPNs

Tuesday, June 11th

Russia Is Targeting Germany With Fake Information as Europe Votes