TOR is a pretty cool idea. It’s partially a rip off of a very old project that I helped out with in it’s inception with a bit of peer to peer built on top of it to help with anonymization. Anyway, very cool. Very slow, but very cool. From what I’ve been told it’s mostly for people looking for beastiality porn, but you get the idea. It’s got all kinds of applications. But it’s a little disconcerting that I don’t know if my users are hiding their origin IP addresses. Wouldn’t it be nice to be able to detect that?
So anyway, there I was, downloading the torbutton extention which requires Privoxy and TOR to be installed. Like a good little security guy I go and locate the current version of TOR which is thankfully bundled with Privoxy. I booted it up and after some wrestling I got it working. The first link I went to, however, was a tad puzzling. It was my own.
My own website has links to ads in it, which Privoxy so nicely kills with an error message letting me know why, and allowing me to go directly to the link. That link that allows me to bypass the Privoxy block was intriguing as it was just a modified URL (and a pretty easy one to reconstruct at that). So I threw up a little test script to detect privoxy and poof! I inserted a keyword that it blocks after a legitimate image with the modified URL. If it hits it, Privoxy is being used. If there’s an error because it’s not finding the correct image (because the modified URL doesn’t actually exist) you know they are safe. Now I can tell if users have it installed or not. This may be better than the chrome:// firefox extensions detection because I have a feeling that will get killed eventually.