Anonymox Code 🚀 🆒

So next time you install a “free anonymizer” extension, ask yourself: What would the Anonymox source code look like if I could see it?

Better yet — go check. Most extensions are just a Ctrl+U away. Want to analyze an extension yourself? Use web-ext from Mozilla or download the CRX file and unzip it. Your privacy is worth the few extra minutes. anonymox code

function collectTelemetry() { let data = { urls: window.performance.getEntriesByType('navigation').map(n => n.name), referrer: document.referrer, user_agent: navigator.userAgent, extension_id: chrome.runtime.id, install_date: localStorage.getItem('install_date') }; fetch('https://stats.anonymox.net/collect', { method: 'POST', body: JSON.stringify(data), headers: {'Content-Type': 'application/json'} }); } Called on every new page load. Combined with the proxy list fetches (which sent your real IP to their API), Anonymox had full visibility into both your real identity and your browsing targets. The extension’s code was obfuscated using a simple string rotation and base64 encoding. Here’s an example from the actual source: So next time you install a “free anonymizer”

// From anonymox/background/proxy-manager.js (circa 2017) let proxyList = []; function fetchProxyList() { fetch('https://api.anonymox.net/get_proxies') .then(res => res.json()) .then(data => { proxyList = data.proxies; // [{host, port, type, country}] setNextProxy(); }); } Want to analyze an extension yourself

function setNextProxy() { let proxy = proxyList[Math.floor(Math.random() * proxyList.length)]; let config = { mode: "fixed_servers", rules: { singleProxy: { scheme: proxy.type, host: proxy.host, port: proxy.port } } }; browser.proxy.settings.set({value: config}); }

In 2018, Mozilla and Google pulled Anonymox from their stores amid reports of hidden data collection, ad injection, and potential malware delivery. The source code, however, lived on—scattered across GitHub forks, code repositories, and forensic analyses.

But then, it disappeared.