What To Do If Your Being Watched Or Monitored Online
Or How To Tell If You Are Being Watched At All

The U.S. Supreme Court has ruled that the federal government can force schools and libraries to install blocking software on their computers, for Internet users of all ages, or be threatened with loss of federal funding. Not to mention parents, spouses, nosy friends and other malicious computer users who might try for whatever reason to monitor and listen in to what you do online.

From parental controls like those built into AOL, to programs like Cyber Patrol, Net Nanny, Cyber Snoop - to out and out keloggers installed to see everything you type and in some cases, to get screenshots of what your looking at - this page is here to help you take control of your online privacy.

Internet filtering software, internet babysitter programs, web blocking software...call it what you will, it is software that runs in the background on the machine you surf the 'net with for the purpose of restricting access to certain types of Web content--client-side Web censorship.  By blocking access to "inappropriate" sites and keeping intricate logs of any "offensive" sites you've tried to visit, these programs not only restrict your freedoms, but could also violate your privacy by telling your employer/co-workers/parents all the sites you've tried to access--be they about breast cancer, certain religious, political or sexual orientations, drug/alcohol use, AIDS, sites for helping you find a new employer....the privacy and job-security ramifications are far-reaching to say the least. Censorware is a tool-of-choice for overprotective parents and paranoid employers, and is typically fairly easy to disable despite password-protection and other schemes designed to deter cybersabotage.
 
 

Disabling most censorware on Windows ME
Windows ME reportedly has a system restore feature that lets you revert your system to a previous configuration. If you can use this to revert it to a day before the censorware was installed, viola! No more censorware.

how to disable AOL Parental Controls

Prior to AOL version 6, blocked sites can be accessed by placing a dot "." at the end of the URL. For example: to access http://controversialsite.com/ enter it as http://controversialsite.com/. to bypass the filter. See this C|Net article for more information. AOL is presently aware of this problem and has fixed it in the current version of the AOL client. I have a report (for AOL 5.0) this no longer works.

(The fix may also have been implemented server-side, making this work for NO versions of the software. if you have success with this or not, and what version of AOL's software you are using.)

how to disable Cyber Patrol 4! (and some earlier):

Method 1:
 
 

The now-infamous cp4break, or "The Breaking of Cyber Patrol (R) 4" whitepaper, contains the how to on forcibly removing the Cyber Patrol 4 censorship from your computer. The short and sweet version is as follows (you may want to print these instructions before trying to disable the software): Exit Windows (go to MS-DOS mode) so that you can move important Windows files around without any worry about the files being in use. Cyber Patrol 4 will have overwritten your system's original "system.drv" file with its own, cheat-protected version, and renamed your original file to "system.386". Find "system.386" and rename it to "system.drv", overwriting the CP version. This done, you can safely reboot the computer to remove the rest of the CP files without setting off any anti-hacker protection. You can now remove the load entry (FltProcess) it placed in your WIN.INI and the other load entry (FltProcess) in the Registry. If you are trying to bypass an unregistered version of CP 4, try entering omed as your password. omed is "demo" spelled backwards. Talk about your high security. The cp4break document also goes into much detail about the cryptography (if you can reasonably call it that) used to keep the blocklist secret, and how this can be circumvented. Although the document itself is perfectly legal, hot-headed lawyers from Mattel (R) (yes, the same company that makes Barbies), which owns the CP program, have gone to some length to censor this paper from the Internet by harassing ISPs with various threats. If you are afflicted with Cyber Patrol and cannot access the downloads here, there are many other places you can get it. Since they will almost certainly be blocked by CP by the time you read this, you'll likely need a friend or alternate computer to help you get hold of these materials.

Download CPHack.zip Windows program shows you the master password and what sites are on the blocklist. Breaking of Cyber Patrol 4 Documentation that explains CP's encryption mechanisms in great detail. Includes CPHack binary and source.   To conserve bandwidth, please download only the files you will find useful. If you are downloading cp4break, it is not necessary to also download CPHack (it is included).

You can use cphack.exe to decrypt much of what is in the encoded CP configuration files--including the passwords needed to disable the censorware.
For more info regarding the CPHack program and cp4break, and the lawsuits that have sprung up surrounding it, see the ACLU press release, the opinionated Slashdot article w/ comments, Politechbot's coverage (w/ legal docs), and especially the homepage of Matthew Skala, who co-wrote the cp4break file (not cphack, which is a different program) and reached the infamous "$1 settlement" with Mattel, clears up many misconceptions surrounding the issue.

For older versions:
For Windows²: Peacefire.org produces a program that disables most blocking software made before 12/17/2000.
For Windows¹: Download this set of Windows batch files for enabling and disabling Cyber Patrol. Once installed, type DISABLE in MS-DOS mode to kill the program, and ENABLE to return it to its original form.

Method 2²: (This will disable Cyber Patrol's blocking features without uninstalling the program)

1. Back up the files c:\patrol\cyber.bin and c:\patrol\cyber.not (rename them to cyber.censor and cyber.naugty, or whatever, so the program won't find them)
2. Create a zero-byte file named cyber.not to replace the one you renamed. You can do this by right-clicking in Windows 95 and selecting New... -> Text Document and renaming the resulting file to cyber.not, or by opening Notepad and saving a blank file by the same name.
3. Restart your computer (if you hold down SHIFT when selecting the "shut down" command, it will just restart Windows, which is all you need). When Windows reappears Cyber Patrol will notice it's been tampered with, and recreate its cyber.bin file in a slightly different version (but it won't recreate the list of blocked sites!!)
4. Restart Windows again. Now you have uncensored access to the 'Net.

The beauty of this method is it doesn't actually get rid of the program or change the appearance of anything (the CP icon is still in your taskbar, etc.--useful if your parents/boss/principal may be peeking at your screen).

Method 3:
Use what's known as the Jack Harris Method © to take advantage of a situation where the program temporarily lets down its defenses to tampering. This file also covers the "Dummy Default" to trick your parents/sysadmin/boss into thinking the program is still running when it's disabled.

how to disable CYBERsitter 2002: Jeremy Rand informs me that the "permanent" removal procedure for CYBERsitter 2000, below, also works for the 2002 edition. The "per-session" method, however, does not.
 
 

how to disable CYBERsitter 2000:

Andrew shares the following tips for disabling CYBERsitter 2000.

This procedure disables CS2000 on a session-by-session basis (e.g. until you reset the computer or change users) ...
1) click start~run and type regedit, then press enter. this will open the registry editor.
2) navigate to the key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders.
3) delete the key 'net98'.
you are now filter-free. (note: this must be done every time you start windows or change users.)

This procedure disables the censorware permanently (e.g. remains disabled if you reboot the computer, change users, etc.)
1) run regedit.
2) navigate to
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run.
3) delete any instances of 'C2K'
You will probably need to restart the computer for the above to take effect.

Riley Shea has a webpage that details a method for obtaining the CYBERsitter 2000 master password. You can then use this password to bypass the program. It also explains how to remove tattletale entries from the program's logfiles. This process involves the installation of a known Trojan Horse, so this procedure is aimed at computer gurus only--preferably ones with a 'sacrificial' PC for such an occasion. See How to completely stop cybersitter2000! for details.
Warning!! Part of this process involves installing Sub Seven, a nasty Trojan program that can give others access to your computer. Once you retrieve the password you must remove Sub Seven from your system to prevent unauthorized access. See a free removal utility here. Simply deleting the Sub Seven files will not rid you of the Trojan. Again, this procedure is for gurus only.

how to disable CYBERsitter (older versions):

Method 1²:
To disable CYBERsitter 97 (sorry, this won't work with v2.12 or the proxy-server version):

( * Note that the above text is a graphic banner. This is to prevent CYBERsitter from detecting the words and censoring them out. To spread this information on your own pages in a manner in which CYBERsitter 'victims' will be able to read it, you will need to display it as a graphic.)

Method 2²:
Download this small program (written by Saruman of DFR Rese*rch & Engineering). It contains a program to display CYBERsitter 97's master password and another to decrypt its blockfiles and let you see exactly what is being blocked by this software:


Method 3¹:
CYBERsitter inserts its settings in Windows' win.ini file, but before it does, it saves a backup copy as win.cyb in your Windows directory (same place as win.ini). To disable CYBERsitter, rename win.ini to something you'll remember (win.censor, for example) and rename win.cyb to win.ini.

If you've installed other software after CYBERsitter was installed on your system, the setup processes of these programs may have made their own entries to win.ini (the one with all the cybersitter crap in it) and may not run properly if you swap in the copy of win.ini without these settings. In this case, instead of renaming the win.cyb file, open your existing win.ini file (remember, make a backup copy first!!!) and delete the sections [TCPIP User] and [TCPIP Settings], as well as the line load=TCPWAIT.EXE, which should be near the beginning of the file. Your win.ini will look something like this:


 

 

Method 4¹
This will disable CYBERsitter's blocking of websites. (Unfortunately, CYBERsitter will still log all accesses and may censor individual "offensive" words.)

• Hit ctrl-alt-del and end task "Tcpwait"
• Go into the C:\windows directory.
• Create a temporary folder c:\windows\holderand move the file "cywin0.opt" to the temporary folder.
• Restart any Internet applications running. CYBERsitter's blocking will no longer be in effect.


To prevent inappropriate sites/words from being found in your CYBERsitter logs:

The logfile will be named cywin.alt and probably in your Windows directory (if not, use search to find it). It will be labeled as read-only to prevent other programs from modifying it; to fix this in Windows 95 right-click on the file and select Properties..., then uncheck the read-only attribute in the infobox that appears. (In MS-DOS, use attrib -r cywin.alt). The file can now be opened and modified in Wordpad or another text editor. You could also overwrite the file with a "clean" version you've saved from another surfing session.

How to disable Cyber Snoop:

Method 1:
The following taken directly from the CyberSnoop help file under the subject of "Forgotten Password":
"If the administrative password is forgotten or Cyber Snoop application files are missing, Cyber Snoop must be reinstalled.  To re-install Cyber Snoop while monitoring is On:

1. Start setup from your installation file or CD-ROM.
2. When prompted, select Custom Setup.
3. From the Custom setup menu select only Application Files and Help Files.
4. Continue through remainder of installation."

You might have to start Windows in Safe Mode (press F8 when you see the "Starting Windows 95..." screen, and select it from the list that appears) to do this if the software is running. If you can't find your parents' Cyber Snoop installation disk (I think it has a goofy brown dog on the cover) or the installation file (use Windows' Find... to look for "cs*.exe" where * is the version number, eg. cs30.exe.), you can download a trial copy from their Web site at www.cyber-snoop.com. When it asks for your name, type "Demo" and leave the Product Serial Number field blank. Now you can reset the password to your own liking, and if you want, use it to uninstall the censorware! Also, having the correct password means you can get rid of that telltale "Network access disabled/files tampered with" security message if you've tried to get around the software by deleting system files, Registry keys, etc. (Cyber Snoop has one of the better anti-hack security measures of the censorware products listed on this page.)

how to disable Eyeguard "flesh tone" scanning program

Got some great information in from Chris C. on this one. Bypass is ridiculously easy on this:
As described:
Basically you install it and it checks your screen for flesh colours, it can then either just log it or lock your screen. It's pretty crappy as it would lock out on kids bare feet (people seem to have a passion to baby pictures on their desktops, uurgh), and scanned Financial Times articles (a browny paper we have in the uk).

Disabling this program simply involves killing it off in Windows Ctrl-Alt-Del task menu (or Wintop). The prog. apparently uses Rundll32 to do its dirty work.

How to disable Net Nanny:

First things first, there is reportedly an "in-case-Mommy-forgot-the-password" backdoor to the program (some or all versions). Try ~frontdoor as your password. Thanks Jonathan G. for the tip.

Net Nanny Version 4.0: In Windows 98 or Windows ME, click Start > Run, and type msconfig in the box to start a Windows configuration tool. Go to the Startup tab, which displays a list of programs that run at startup. Uncheck the entries for "nntray.exe"and "NNSvsc", then restart. Net Nanny disabled! Thanks Jon M. for the info.

Method 1^1,2:
To disable Net Nanny for a single session in Windows 95, press CTRL-ALT-DELETE to bring up the Close Program dialogue. Depending on the version of Net Nanny you are afflicted with, either OCRAWARE or Wnldr32 will appear on the list. Select whichever is listed and press End Task.

To disable it more permanently, try some of these methods of getting rid of it for good:

Method 1²:
Open the file c:\windows\system.ini. Under the section marked "[boot]", there should be a line labeled "drivers=" with some stuff listed after it. Remove the word "wndrv16.dll" from the "drivers=" line. (If there are other words listed on the "drivers=" line, leave them there, just remove "wndrv16.dll".) Save changes to the file and restart your computer, and Net Nanny is gone for good!

Method 2¹: (note: this may only apply to the win3.x version):
Open the file config.sys (it should be in your c:\ directory) and look for the line DEVICE=C:\NN\NNDRV.SYS. This is the net nanny driver. To prevent it from loading type REM in front of this line, so it appears as REM DEVICE=C:\NN\NNDRV.SYS. (REM stands for Remark; it tells the computer not to process that line because it is a user-inserted remark or comment.) Reboot to eliminate the copy of NN resident in memory, and you'll be censor-free! Net Nanny will no longer load when you restart your system.

To clear Net Nanny's log file:
Delete the file Wnn3.log (it should be in your Net Nanny directory). Note that you can't open the file and delete individual entries, because the file is encrypted.

Also be sure to check out the essays by Eddy/Saruman (one of the original CyberSitter crackers) on reverse-engineering Net Nanny and CyberSitter.

How to disable SurfWatch:

Method 1²:
Downloaddfrom Peacefire.org - the universal censorware bypass program. It stops most censorware written before 12/17/2000.

Method 2²: Permanently uninstalls SurfWatch from your computer. (This information taken word-for-word directly from Peacefire)

1. Remove the shortcuts to "SurfWatch" (and possibly "SurfWatch Updater") from the StartUp folder.
2. Open the win.ini file and replace the line
         load= C:\CO_RO_NT\surfctl.exe
   with just
         load=
3. Run regedit.exe to edit the Windows 95 Registry and delete the key "GraphicsFilter", which is a subkey of
         HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\
   The value of this key will be "C:\CO_RO_NT\surfctl.exe". Delete it before continuing.
4. Restart the computer in DOS mode. Move to the c:\windows\system\ directory and type:
         attrib -h -r -s system.drv
         attrib -h -r -s net.drv
         move system.drv system.bak
         move net.drv system.drv
5. Type "win" to start Windows again. If it tells you "Windows is still running one or more MS-DOS based programs..." try typing "exit".


SurfWatch will now be disabled on your computer. Reverse all of the steps above to re-enable it.
 

How to disable WinSelect
Jack B reports that Winselect can be disabled by doing the following:
 

• Go to Start > Run, and type msconfig in the box that appears (Win98/ME only - on other Windows versions, it may be necessary to remove its Start-up reference by hand). Un-select it on the "Startup" tab.
   
• Press Ctrl-Alt-Del to bring up the Task Manager. Highlight WinSelect and press "End Task".
   

There is a special type of censorware that works by acting as a proxy between your browser and the Internet. What this means is, when you request a page thru your browser, the censorware requests the page off the 'Net, verifies that it's "clean", then passes it on to the browser. Some methods of trying to get around a Proxy censorware are as follows:

• Look at your browser's Proxy Settings, and see if the censorware is listed and see if it can be removed. The censorware makers have probably thought of this, but it never hurts to try the simple stuff first.
• If trying to access a blocked page, try accessing it thru an anonymizing proxy server. Unfortunately the censorware makers have thought of this too, and so the biggest and well-known anonymizers (anonymizer.com, etc.) may be blocked by the program. If possible, find one that encodes the URL being requested. Alternatively, try piping the restricted URL thru the Akamai server's forwarding scheme as described on this Peacefire page (here I'm using this method to link to the site to bypass censorware filters, in lieu of stealing any page and reposting it here). Note that most proxies will not work against CYBERsitter, which filters by keywords instead of URLs.
• Use the site's numerical IP address Worldspy workaround page for instructions on getting a site's numeric address). Also, try using this numeric address in combination with a proxy server such as the Akamai proxy as described above.
• Try some of the URL-encoding suggestions on the PC-Help URL Obfuscation page. This information is intended for tracing spammers who encode their fraud-page addresses, but has proven successful is bypassing many a stupid censorware filter. (To access any blocked page http://controversialsite.com/controversialpage.html, try http://blahblah@controversialsite.com/controversialpage.html)
• Check out SASIC's Bypass Tools.
• Try accessing through a cache or translation service. Google serves cached versions of pages; try entering cache:http://www.blockedsite.com in a Google search. Web.archive.org also provides a cache. Google also provides a language translator, as do Systransoft and AltaVista. Enter the blocked site as the URL to be translated (even if it is already in your language).
   
• See below, under "BESS proxy filter". Some of the BESS solutions may work for a variety of other proxy filters...

Some workarounds for BESS proxy filter
 

• [9/27/2002] It is reported that blocked sites can be accessed in the browser by entering them in the following format:

http://cleansite.com@blockedsite.com
 

That is, substitute the domain name of any non-blocked sited, followed by an @ and the blocked URL. (This format is used by most browsers to supply a username and password to FTP sites, but can be included in HTTP URLs as well.) Presumably, the filtering software assumes that the "@" and everything following it is not part of the domain name and should not be checked.

 

• Since this is a proxy-based censorware program, you can most likely access blocked pages by accessing them through an anonymizing proxy. Unfortunately, BESS already blocks most of them. If you're CGI-savvy, you can setup a CGI script on another (unblocked) server that will forward you the requested page. A new (beta, at the time of this writing) document from Peacefire provides instructions for setting up your own circumvention proxy.
   

• You can also access pages thru AltaVista's translator. Copy the URL into it, select [(any language) to English] (or whatever your language preference) and press Translate. It doesn't matter if the page is already in that language. The page will be displayed thru Altavista's server, bypassing the URL checker.

Anyway, try fiddling with your browser's proxy settings, particularly if it's someone such as parents (as opposed to a school admin. or boss) who installed the software. They are typically not too knowledgeable when it comes to these things, and will likely have left loopholes open :)

Censorware Not Listed

Since many censorware products have built-in security schemes to resist hack attacks, deleting files or registry keys at random will probably cause the program to strand you without any internet access, and probably snitch to your parents/sysadmin that you've been tampering with the systemfiles. Your best bet is to get ahold of the administrative password that disables the software or allows you to surf without censorship. Since parents like to write down passwords, and often assume children are too stupid to go looking for them, you'll likely find a nice unencrypted master password in Mommy's purse or some other obvious place. Network administrators (if you're beating censorware in a school or office lab) are a more crafty bunch and will typically manage their passwords more securely.

If you know that your parent/admin sometimes types in the password, put a key logger program onto your system. Key loggers monitor all keystrokes and save them to a file you can read later...you'll see everything that's been typed, including the censorware password.

This page contains an impressive list of DOS/Windows key logger programs.

 

How To Defeat Anti-Censorship Proxies
 

Requested Page: 

This takes the requested page and bounces it through a censorship-safe server in the States, under its own hostname and IP address (not yours)...this bypasses IP-based censorship like the new Australian Government censorship policy.

If you have a Web server, you can add this feature to your own site!

 

Contact/Submit     theNSAisWATCHIN     News Monster     Images Archive       News Monster Archive
The Frances Farmers Revenge Web Portal