Are proxies safe?

[SteveD87]

I've never used them before, so decided to test them out to see what they do. I use a Mac, and inputted the web and secure web proxies from hidemyass.com into my network preferences. I loaded up Chrome and Safari and asked Google what my IP was. Sure enough, it was the IP of the proxy. I tried a few from different countries. The ones with low anonymity were faster it seems, higher seems slower. Tried ones from USA, Russia, Indonesia etc. Couple didn't work. Indonesia one caused Google to say my IP - or the Indonesia IP was causing too much traffic so had to enter a captcha to bypass it. Once I'd done that, it was terribly slow, so gave up with them.

Anyway, are they safe? I haven't logged into anything - didn't even check my email etc. Just loaded up Google and Outlook.com to see if it worked and that was it.

Are proxies safe, or could my computer/logins be compromised?

 

[BK_123]

I wouldn't use them and I haven't, I don't trust them even though they will say that are safe and secure.

 

[_michaelm]

Put simply: if you don't control the proxy server, you cannot trust it as much as any device under your control. They also make any 'secure' i.e. SSL/TLS connections you would ordinarily establish less secure by proxying those too. This involves decryption of your data within the proxy and then re-encryption between the proxy and the destination server.

In summary, proxies (by definition) create a network vulnerability by guaranteeing all your traffic flows through a single intermediary - something which is not guaranteed with traditional connections once data is on the internet (i.e. dynamic packet routing rather than fixed circuit connections).

All this makes proxies high value targets for exploitation since people rarely use them if they aren't trying to avoid being identified. There are some exceptions such as websites which only serve a particular country or media streaming services, but generally people who need to operate anonymously, thereby risking proxy servers being trusted, are doing so for a reason.

Having said all that, provided you are sensible and don't disclose personal information over a proxied connection then there isn't really anything to worry about - but I'd have to ask 'why bother?' in that instance as it will make your web experience significantly slower depending on proxy server load.

 

[SteveD87]

Yeah, I attempted using a US proxy at first to try accessing US streaming sites - Hulu etc - purely and simply to see if it would work. It didn't even load up the site fully, it was too slow, so was curious about other proxies, to see if they were faster. They never were.

I didn't disclose any details such as logins or passwords. Only thing I did was create an email account through the proxy to see if it worked - emailed myself then disposed of the email account. Well, I say disposed, it's still active, I just did it as a test on speeds etc. It was horrible, took about 10mins to load up yahoo.com. Also tested it out to see if the emails I were receiving - in my thread in Cyber Safety - could have been created under a proxy. I still don't know, but thought I'd test it.

So, since I didn't enter any proper logins or passwords - I'm good? I've removed the proxy now - I think - by unchecking web proxies through my network settings and deleting the IP and port - which is all I needed to do right?

 

[_michaelm]

Yeah I'd say you're good - worst case in that scenario is your email address (the real one which you sent a test email to) could have been captured and could be publicly known now - but knowing an address can only get you spam (assuming you practice safe email policy), and I dare say your email is on plenty of other public places anyhow.

Having removed the ip/port and unchecking the proxy box you're all clear.