< Browser Security - better defenses | Anti-Predictions for 2011 >
GoogleSharing is something I've written about before, and strongly believe in. It's a way of proxying connections to unauthenticated Google services in such a way that:
- Google can't work out who you are (random session cookies are used)
- Google can't work out that you're using a proxy
- The proxy can't see your searches (if using SSL)
The first, and most portable is to use the front-end I've previously blogged about. It's currently sitting at http://1984.za.net/. Unfortunately, this will not be encrypted, and the webserver will be able to see your searches, however, the other benefits remain, and you can use it when you're not at your computer.
The second, and which allows you to continue to use Google as normal, and works for more than just search, is a dynamic proxy.pac file hosted here. By default it gives you a working proxy.pac that will proxy *all* Google services (even authenticated ones, to be fixed) via GoogleSharing. The options are:
- proxy.php - will load the default .pac which will specify a DIRECT connection, without proxy for non-Google services
- proxy.php?proxy=<proxy>&port=<port> - will allow a specific proxy & port to be specified if you are being one e.g proxy.php?proxy=192.168.1.1&port=3128
- proxy.php?proxy=<proxy>&port=<port>&socks - will do the same as the previous, except specify the default proxy as a SOCKS proxy
Additionally, it will blackhole Google Ads and the Facebook like button on non-webkit browsers (on webkit browsers it will ignore the blackhole, to be fixed).
This is in alpha right now, but I've been using it for a week on my iPhone (more on how to change 3G proxy settings on the iPhone later) with no major problems. Feel free to make a copy of the output and create your own proxy.pac. Any feedback would be appreciated.
- Only proxy unauthenticated Google services
- Implement a blackhole that Webkit respects
- Provide a full ad-blocker blacklist from EasyList as an optional extra