Pages

Saturday, 24 January 2015

如何使Flash applets匿名,避免暴露你的真实ip(即使你用代理也容易被Flash applets暴露你的真实ip)

How to anonymize Flash applets

By default Flash and Java applets are deactivated in JonDoFox for security and privacy reasons. It is possible for Flash and Java applets to circumvent browser proxy settings and offer the possibility of tracking by browser fingerprinting.
If you want to see a Flash video you may download it with VideoDownloadHelper and watch it with media player. It is not required to enable Flash for this purpose.
To increase your anonymity if you really have to enable Flash applets, you may save the configuration file mms.cfg in the following directories:
  • Windows (32Bit): %Windir%\System32\Macromed\Flash\
  • Windows (64Bit): C:\Windows\SysWOW64\Macromed\Flash\
  • MacOS: /Library/Application Support/Macromedia/
  • Linux: /etc/adobe/
The configuration file mms.cfg contains the following proposed settings:
  1. Disable socket connections to avoid circumvention of proxy settings and deanonymisation: DisableSockets=1
  2. Disable spekers, microfon and enumeration of installed fonts to reduce the quality of browser fingerprinting: AVHardwareDisable=1
    DisableDeviceFontEnumeration=1
  3. Blocking cookies and third party content to avoid tracking: ThirdPartyStorage=0
    LocalStorageLimit=1
    AssetCacheSize=0
  4. Disable up- and downloads of files by srcipting API and enforce security settings for old Flash applets: FileDownloadDisable=1
    FileUploadDisable=1
    LegacyDomainMatching=1
    1. If you were testing the configuration with our anonymity test you will see: it is NOT perfect. It is possible for Flash applets to read your screen size, your operating system and kernel version. This may be used for browser fingerprinting.
      Flash Applets anonymisiert
      Flash is a risk for your anonymity, even with the proposed configuration above.

      from https://anonymous-proxy-servers.net/en/help/flash-applets.html 
      -----------------------------
      经测试,此方法确实有效。 具体做法:
      修改c:\windows\System32\Macromed\Flash\mms.cfg文件如下:
      (如果保存不了,可把mms.cfg移动到桌面,修改之后,再移回
c:\windows\System32\Macromed\Flash\)

AutoUpdateDisable=0
SilentAutoUpdateEnable=1
DisableSockets=1
AVHardwareDisable=1
DisableDeviceFontEnumeration=1
ThirdPartyStorage=0
LocalStorageLimit=1
AssetCacheSize=0
FileDownloadDisable=1
FileUploadDisable=1
LegacyDomainMatching=1

即:在原来的 内容
AutoUpdateDisable=0
SilentAutoUpdateEnable=1
之下面加上上面多出来的9行内容。

重启firefox,然后访问http://ip-check.info/?lang=en页面里的链接:
START TEST!
Please click here to start the full anonymity test and see all results.


你会发现该页面里的flash cookies一栏之前是显示你的本地ip的,现在变成了OFF不再显示你的本地ip.这样你的本地ip地址就不再会暴露给目标网站。(即目标网站不再能看到你的本地ip)这样就起到了匿名的作用。
访问另一个测试匿名性的网站http://proxytester.org/,也没有再显示我的本地ip.