This post was originally posted on https://blog.viralsangani.me.
Checkout this post at - https://blog.viralsangani.me/posts/be-anonymous-create-yo...
For further actions, you may consider blocking this person and/or reporting abuse
Just be aware of your specific threat model. Tying your "anonymity" VPN to your AWS credit card may not be what you want.
And your browser is still going to continue fingerprinting and websites will continue to use tracking cookies though a VPN. So all it is really doing is stopping your ISP from monetizing your traffic, which you get with a DNS over HTTPS provider without needing to spend money in the cloud, and is default in Firefox and I think just turned on in chrome as well.
The other issue is your traffic isn't encrypted traveling to the proxy, which means your ISP still sees your requests for the various sites. I use Tinyproxy and an ssh tunnel:
Then set up your browser to use a proxy on localhost:8888. Tinyproxy is set to only listen on the localhost. Using an SSH tunnel allows you to use the proxy no matter where you are.
Well, HTTPS traffic is still encrypted so your ISP won't see what traffic you mean to send, just that you are communicating with your VPN server in AWS because that is the only DNS traffic it see. So you're fine there, but again DNS over https is an easier and cheaper way to accomplish that.
Your ISP won't be able to see the traffic, but they will know what sites you are visiting since those requests go across in plaintext. Here's an example line from Squid log when used as a proxy server:
That's the traffic your ISP will see. Since you aren't encrypting traffic between you and the proxy, even DOH won't stop your ISP from seeing the sites you are visiting.
Your plan is solid, except for the connection to the proxy server. 😄
You should be encrypting traffic between yourself and the proxy! That's half of a proxy's point
😄 We're on the same page, except you didn't put that part in the article. You're not encrypting anything between your browser and the proxy.
Not my article!
Ah man, it must be getting late, LOL! Apparently I've failed at reading tonight and probably should go to bed. 😄
Sure, thanks for the suggestion, I will edit the part to encrypt the traffic between browser and proxy.
Just a note. All of AWS IP ranges are publicly available, and can be blacklisted for sites you go to. This is a fun project to try, but recommend better surfing habits (https only/duckduckgo)or using a local virtualized machine with A public DNS entry in resolv.conf. You do pay for bandwidth usage on AWS.
wondering if this could work to bypass streaming site haha. and i think there is a missing step.
Which step?
from pc to ec2 instance ? please correct me if i am wrong
This is great but is an EC2 instance required? Can we use some routing/firewall/or API gateway to forward requests on demand?
Can i bypass streaming sites using ec2 proxy ?