In a previous article on Stealth Searching I wrote:
You will not click on any links on the cached pages as these will go to live pages. You will not allow your browser to download any images on the cached pages, as they may be live images from the target domain. You will be STEALTHY. They won’t see you coming.
A reader suggested that this requires some further explanation.
Google Cache Risks
Google caches only the text of the Web page. When the Googlebot copies the first 101K of HTML to a Google server, external files such as Javascript, Cascading Style Sheets, images, Flash, etc. are not saved. The images load from the live site not the Google cache. Normally, when you view the cached copy, you are not connecting to the live site. However, following any link on the cached page will connect you to the live Web site, if it still exists. Some pages in Google’s cache load the entire page from the original server thanks to a simple redirection script. If a cached page has no external files, then you will not show up in the site’s log by viewing Google’s cache; but how likely is that?
The Wayback Machine
The Wayback Machine changes the links of cached pages, to allow navigation within the cached pages. However, there is always the chance that you will navigate yourself out to the original site. Remember, nothing is prefect and this stuff wasn’t designed with anonymity as its objective.
The Dangers of TOR
Using TOR to explore the Google cache and The Wayback Machine seems to be the only option. However, Web history and geographic origin affects search results when you use TOR or similar methods.
TOR does require a certain level of technical knowledge and sophistication or it can backfire on you. For example, the SSLstrip attack that is now in the wild:
The attack is more than theoretical. Marlinspike tested the software on a public server he hosted for users of the Tor anonymous browsing network; he was, by his own account, able to grab passwords to 117 e-mail accounts, 16 credit cards numbers, seven Paypal logins and about 300 other logins to supposedly secure sites ranging from Gmail to Ticketmaster to Facebook.
If a TOR server is set-up for the purpose of running SSLstrip, then you’re in trouble. The very nature of TOR makes the possibility of a corrupt TOR server rerouting your data to the attacker very possible and an ideal situation for the crook.To use TOR effectively, the proxy must be configured properly and the user must be very observant to prevent an attack via SSLslip and similar threats. Google Cache Google The Onion Router The Wayback Machine Private Investigator Toronto Ontario Canada
0 Responses to “Stealth Searching III”