Complaints, feedback, pricing

Had yet another complaint sent in by email yesterday from someone frustrated by our tryout proxy servers at pickaproxy.com being unavailable most of the time. I understand, and we have been working on addressing this for a few months. The infrastructure requirements are not trivial, however, to be able to scale this service, and we have decided not to simply upgrade to a 2x or 4x bigger dedicated server. Currently we are handling an average of nearly 400,000 new objects each day in our web accelerator cache, and I suspect this would be much higher if we could handle more.

I asked this frustrated user what they would be willing to pay on a monthly subscription basis to have our service available for x hours a day, since this is one of the options we are considering. Not everyone will be able to pay, we know, but for those of you who are willing and able, I would appreciate hearing your views.

Another option - since we have yet to find anyone who is prepared to sponsor a separate server - is to license our server to organizations who can set it up for their own users. This would mean they supply their own hardware and infrastructure and we license our server software to them, likely for something like $599 or $999 per year, which would include all upgrades and fixes. In this case, scability can be controlled because there would be a finite number of users to serve. This should appeal to businesses, government departments, media organizations, and many others who need to give their users an ad hoc way to use the Internet in a mostly anonymous way without requiring tens or hundreds or thousands of downloads, installs, configurations and constants upgrades.

Let us know what you think.

Tryout proxy server IP addresses now listed

Our 15 different "tryout" proxy services at pickaproxy.com now show which IP addresses they are made up of, along with their geographic location ("geolocation") and the name of the organization that owns it. For the "Tor speak" version of our web site page, we now also show the Tor node nickname of each.

Many of you will likely wonder why we have so many IP addresses included in each of these - the US, Germany, non-China, non-US and non-Germany ones have 32 different IP addresses. The reason is because each of our proxy services randomly assigns 1 of these IP addresses to you each time you go to a web site, and also changes it every x minutes to 1 of the other IP addresses. The actual value of "x minutes" is not precise, and depends on a number of factors that we cannot predict in advance at this point. This random assignment of IP addresses allows more users to use the same proxy service at the same time.

Our "random" tryout proxy service does not have a specific set of IP addresses - it randomly picks from the complete set of Tor Network proxy servers, which is averaging about 617 so far this month.

Next up is to show the real-time status of each of these proxy services, so you can know in advance which ones are currently working and which ones are currently not. The US proxy in particular is often running at capacity and also crashes and goes offline regularly, which is something we are working on getting resolved. The crashes are automatically resolved every 1-2 hours when we take down and restart each proxy service, but it is still vexing that we have not been able to stop the crashes so far.

We have also changed the way we determine "Excluded" proxy servers, and now show the list of globally excluded proxy servers underneath the list of "Current tryout Proxy Servers". Previously we were excluding specific proxy server "nicknames" but we now also support excluding by ISP, Owning Organization, domain name, IP address and IP address range, Country, Continent, City, Tor software version number running on the proxy server, and the operating system "platform" running on the proxy server.

German data retention law effective 1/1/2009

We have now setup a Hamachi VPN connection for those wanting to use non-German proxies. First, use your LogMeIn Hamachi software to connect to our "nonDEvpn.pickaproxy.com" network, with password 8qJWqcv8. Then set your proxy to point to "hamachi.pickaproxy.com" with port 18233. That's all you have to do. All communications between your software and our proxy server is encrypted and private over the Hamachi VPN, and your IP address will appear to be in 1 of 32 random non-German countries, which we change every 1-2 hours.

For the Tor crowd, what "non-German" means for us is not only exit nodes that are outside Germany, but also entry nodes (1 of 18 random entry nodes changed every 1-2 hours) that are outside Germany. Relay nodes (middleman nodes) may or may not be in Germany. We currently only restrict relay nodes by way of our global "Currently Excluded Nodes" list, shown on http://www.pickaproxy.com?speak=tor. Eventually we will let our subscribers choose their own "Excluded Nodes" if they want them, either individually, or by excluded or included Country or Continent, or by excluded or included ISP's and Owning Organizations.

Geolocation API for Firefox, Chrome and other browsers

I see that the World Wide Web Consortium (www.w3.org) has a draft specification for making available quite a bit of Geolocation information about a user to the web sites they are visiting. The draft spec is available for viewing at dev.w3.org/geo/api/spec-source.html and it defines your last position, your current position, a server-specified "watch position" which I presume would trigger something on the web page you are visiting, your latitude and longitude, your altitude, heading and velocity.

This is not all new, but by making it a new standard for browsers, it will no doubt increase the use and awareness of Geolocation, and I have no doubt that it will improve the user experience.

But it also points to an increased need for Geospoofing functionality to give you the option to "take cover" sometimes.

Report just released on Chinese surveillance of Skype users

The Information Warfare Monitor project and ONI Asia, with support from the OpenNET Initiative, the Citizen Lab, and the SecDev Group released a report yesterday on their findings of Chinese surveillance of Skype users.

The report is titled Breaching Trust: An analysis of surveillance and security practices on China's TOM-Skype platform .

Netcraft.com now ranks pickaproxy.com as 19,640 most popular site

Netcraft.com, the web site that Tim O’Reilly praised in August 2003 by saying on his blog that "I've thought for a long time that Netcraft represents a real revolution in market research.", now ranks pickaproxy.com as the 19,640 most popular site on the Internet amongst users of it's Netcraft Toolbar.

Thank you everyone for helping us get there.

http://toolbar.netcraft.com/site_report?url=http://www.pickaproxy.com

EFF: How to Blog Safely (About Work or Anything Else)

http://w2.eff.org/Privacy/Anonymity/blog-anonymously.php

LogMeIn Hamachi - a better VPN?

We have provided support for stunnel secure communications between our users' computers and our pickaproxy.com server(s) since May 1, 2008. Today we have added support for LogMeIn Hamachi which may be a better way of doing the same thing.

Initially we are only setting up 3 Hamachi VPN "networks" while we try this out. You can connect to our cavpn.pickaproxy.com "network" from your LogMeIn Hamachi software using password ca487_nx. Then, once you are connected, you can change your proxy settings to cavpn.pickaproxy.com and port 8132 to get access to Canada-only IP Addresses.

Alternatively you can connect to our usvpn.pickaproxy.com "network" using password us92XAM5, then change your proxy settings to usvpn.pickaproxy.com and port 8125 to get access to USA-only IP Addresses. 

Or you can connect to our devpn.pickaproxy.com "network" using password deX3Bc_, then change your proxy settings to devpn.pickaproxy.com and port 8133 to get access to Germany-only IP Addresses.

The LogMeIn Hamachi software encrypts all communications between your computer and our server, so that no one can snoop on it. Not us, your ISP, or anyone else.

Tor Network "Code Green" criteria

We have updated our criteria for showing the Tor™ Network as "Code Green", which is how we define it as operating "normally". Our criteria was bound to change, since the Tor Network itself is in many ways a work in progress. And I doubt this will be the last change we make to it. In order to make it more clear what our criteria is going forward, we have now included a new listbox called Tor Network Status "Code Green" Levels, which can be seen at pickaproxy.com?speak=tor.

I should clarify that our criteria is not endorsed by the Tor Project, but rather something we embarked on ourselves to identify and communicate to our users when something does not seem to be right with the Tor Network in aggregate. This is one of the added values of using our service. What we changed yesterday was the minimum number of "Guard" nodes, which was reduced from 300 to 200, and a minimum number of "Hidden Service" Directory Servers was established at 15.

"Guard" nodes are an important part of the Tor Network design, but pretty much irrelevant for our users at this time. We handle that part for you as part of the connection we give our users into the Tor Network. If you are interested in the details about guard nodes, I suggest you start with reading http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#head-9927a2f6d044e4c5b1fc610d92175b7c8d4f49d9.

The reason we changed our criteria yesterday from 300 to 200 Guard nodes is because there have been a significant number of times recently when the total number of Guard nodes has been less than 300. In fact about 30% of the time in September so far this has been true, compared with about 5% in August, and only about 2% of the time for July. We figure the normal state of the Tor Network must have changed, and 200 Guard nodes is still a reasonably high number.

"Hidden Services" are another important part of the Tor Network, but also irrelevant for the majority of our users at this time. Hidden Services are web servers (and web services) running on the Tor Network that do not expose their IP Address to their users. If you are interested in the details about Hidden Services, I suggest you start with reading https://www.torproject.org/docs/tor-hidden-service.html. The number of Hidden Service Directories is important because the more there are, the greater the protection they offer to Hidden Service users.

Let us know if you have any questions or concerns about these changes.

Change your proxy settings (how to...)

Lots of questions lately on how to change your proxy settings...

If using Microsoft Internet Explorer, go to Tools | Internet Options | Connections | LAN Settings and select the "Use automatic configuration script" option, with http://www.pickaproxy.com/nonCN.proxy.pac as one example of the PAC files we currently support for tryouts.

As an alternative, you could select the "Use a proxy server for your LAN" option, along with the "Bypass proxy server for local addresses" option, de-select the "Automatically detect settings" option, click the Advanced button, enter "tryout.pickaproxy.com" in the "Proxy address to use" fields for HTTP, Secure and Socks, and enter 8123 in the "Ports" fields.

If using Firefox, go to Tools | Options | Advanced | Network | Connection Settings and select the "Automatic proxy configuration URL" option, with http://www.pickaproxy.com/tryout.proxy.pac as one example of the PAC files we currently support for tryouts.

After this, use your browser to go to https://check.torproject.org or http://www.whatismyipaddress.com or https://www.showmyip.com to confirm that your new proxy settings are geospoofing you!

Other browsers and other programs will have similar ways to change their proxy settings. If you come across something that is giving you grief, let us know and we will find out what you need to do.