When is a Proxy Secure?


For many people, using proxies is an essential step to enable security and personal privacy.  They will know that every time they use the internet for anything that a record is kept in many places about their activity.  Often it’s just a small cookie or a record in a log, but at your ISP for instance there is a complete record of every site you visit, every file download and every video watched.   This is where the authorities go for instance when they want to investigate something, your ISP.

So it’s hardly surprising that many people seek to hide some of this information, you don’t need to be an international jewel thief or extremist terrorist to want a little more privacy than is currently available to the average internet user – i.e none at all.

So then they look at proxies, and indeed a ten minute Google search will point you in this direction.  The proxy server will sit in between you and the web site you visit, meaning that they cannot record your visit properly – only the proxy address.  You’ll still get everything logged in your ISP though unless the connection is encrypted perhaps using a VPN or SSH instead.

But here lies a problem, proxies can offer a layer of security but only when they are configured and administered properly.  If they aren’t then you are merely handing over yet another complete record of your online activity to another server.  In fact it can be worse than that, lots of of the ‘free proxies’ available online are only put there to steal and harvest people’s data.  Enterprising hackers will take over these open proxies and log all the data that is transmitted through them – looking for usernames, passwords and identity information that can be used to make them money.

The internet is swarming with free proxies, using the vast majority of them is a really bad idea. I logged into four the other week completely at random and all of them were completely insecure in fact two of them had the proxy service itself running in the context of the ‘root’ account – something only a real IT novice would ever do and extremely dangerous.  The reality is that a server is only secure when someone is taking the time and effort to ensure it is secure – that knowledge and effort is rarely available for free.

However if you’re only using a proxy to stream video, perhaps from BBC iPlayer or another media site then perhaps a free proxy could work?  After all there’s no personal data just a stream of video so what’s the harm?

Well nothing really, the problem here is much more about practicalities, all these free proxies are completely overloaded and run at a pitifully slow rate.  Occasionally you’ll unearth a little fast gem that has escaped notice by the proxy scrapers – but it won’t be fast for long -rarely longer than an hour or so.  Expect to spend more time looking for new servers than using them.   If you can afford it then a paid subscription is definitely the way forward.  Here’s one I recommend in this video – Fast Proxy Server.

As you can see the proxies in this program run very quickly indeed, if you want to stream HD or even standard resolution video or media then a slow proxy will make most un watchable.

2 thoughts on “When is a Proxy Secure?”

  1. Pingback: Dave Edes
    • Sure David,

      Well the goal for the Identity Cloaker owners is to provide maximum anonymity without infringing any laws. It’s important not to break any laws, because if you do then the authorities are able to access whatever they like if they wish. Fortunately EU privacy laws are probably the most advanced in the world. Also remember while you are connected through any proxy server there is the potential to log everything you do, so it’s important to know.

      So basically, following EU privacy laws – this is what Identity Cloaker does, quoted directly from the company (after me interrogating them

      1) We are required, according to the local as well as EU privacy laws, *not* to
      store the transferred data including visited URLs so this is information we
      simply cannot disclose as we are not even allowed to store it, and we do not
      store it.

      2) What must we store? The fact that the service was used, and the physical amount of data transferred ( no other details of sites). This has to be stored currently for a minimum of 6 months – then these are deleted.

      Hope this is useful….

Comments are closed.