Free Proxies: A Nasty Trick from the Handbook of Hackers

You won’t find any free proxies here. 

On the contrary, this article throws them under the bus. 

¯\_(ツ)_/¯

Because yes, apparently there are free proxy servers out there that are not set up to pawn your personal information, steal your credit card number, inject your computer with malware, turn your device into a zombie, or heaven forbid it – steal your cookies. 

But a lot of them are. 

First, a quick review of free proxy lists

Ever visit a free proxy website? (It’s where you find lists of free proxies online.)

Some bank on the seductive power of ‘free stuff’ to generate traffic for stuff they actually sell.

(We’re looking at you, Geonode…)

You can find lists of free proxies anywhere. Reddit, social media platforms…hacker forums. 

Great! 

Everyone loves lists. 

But uh…

How do free proxy sites generate the lists?

With proxy scanners: software that scans the world for open proxies

What are open proxies?

Open proxies are proxies open for anyone on the internet to use. Private proxies on the other hand – aka closed proxies – are not.

(It’s good hygiene.) 

Why are proxies left open? 

  • Sometimes due to misconfiguration. This can happen by accident, but it’s rare. 
  • Sometimes the misconfiguration is on purpose

It’s been left open by someone who lurks in the shadows. 

Who waits for bargain-seekers to discover this particular proxy, wide open and free to use…then proceeds to scrape and pillage them.  

That’s called a hackerpot. 

Not to be confused with a honeypot. 

Honeypots have a similar set up, except the ones lurking about are security professionals and government agencies. Many hackers have been snared this way. Many non-hackers too. 

Unauthorized access to websites is illegal either way. 

And besides…

Most of these proxies don’t even work. 

If they do, they’re slow. 

And then all of a sudden, they don’t work ever again.  

Why don’t free proxies work?

  • Websites don’t want anything to do with free proxies. So they block them.  
  • The administrator of the (unknowingly) open proxy finally found out their IP address is being used for sinister deeds. So the thoughtful thing to do is shut it down so no one else gets hurt. 

It does get you thinking…


How can these proxies really be free?

A proxy server costs money.

  • Hydro
  • Bandwidth
  • Maintenance
  • Snacks

Know of a free taxi service?

No.

Cars cost money.

  • Fuel
  • Maintenance
  • Snacks

…So how do free proxies make money?

The harmful (and most common) ways

  • Selling your personal information
  • Secretly implanting advertisements (Specifically tailored to your behavioural profile, since they have your personal information and monitor everything you do)

The harmless (and less common) way  

  • They bring traffic to a website that sells something else 

The free proxies will leave much to be desired. Either they don’t work because they’re burned, too slow, limited, or run out of bandwidth before you can even load the menu for US Netflix.

The facts about free proxies

According to a study that was conducted in 2015 by Christian Haschek, 79% of free proxies didn’t use HTTPS. 

Why would you use HTTPS?

HTTPS encodes data that has been sent to the proxy, assisted by an SSL certificate. To put it simply, the proxy server only ever sees an encrypted version of whatever you’re doing online. 

But 79% did not use it. 

Instead, they used HTTP.  HTTP doesn’t encrypt anything. 

Whoever owns the server (or hacked into it) is privy to all your activity. 

Passwords, bank login, credit card purchases – you name it. 

Now why might they use HTTP?

Incompetence? Fair enough, they don’t know any better. 

(Better find someone who knows better)

Now, if they are competent, there’s two scenarios that come to mind. 

  1. They believe that secrecy cripples relationships and they’d like to cultivate an ever-deepening intimacy with you.

It is possible. 

However, you can hardly explore true intimacy without healthy boundaries. 

Let’s rule that one out. 

  1. They’re secretly monitoring you.

It is possible. 

Even more convincing is the fact they offer privacy while not allowing encryption. 

Suspicious 

indeed.

We could simply stop the discussion here. 

1% is unacceptable. 

50% is unacceptable..times fifty. 

But 79%?

8 out of every 10 apples on this shelf gives you gum disease. The other two..are mysteries! Ah but the other two…

If you’re still here:

  1. This is entertaining for you 
  2. You’re wondering about the other 21%

The ones using HTTPS.

According to the study, more than all of them were injecting ads. (The bills aren’t gonna pay themselves.)

If you’re cool with that – cheers to a sense of adventure. But what about malvertising?

Let us consider the constitution of these ads – that by the way, secretly inject onto the websites you visit.  

Just saying..they’re unlikely to be candidates because they pass rigorous security screening.

And keep in mind, you can simply contract malware through a script: 

“The interesting thing about infections delivered through malvertising is that it does not require any user action (like clicking) to compromise the system and it does not exploit any vulnerabilities on the website or the server it is hosted from…”

Wikipedia

At least STIs are bound by user actions. 

(canned laughter)

So only 21% of these free proxies allow encryption. Out of all those – how many inject potentially infectious adware into your system?

…calculating…

According to the data,

all of them.

And they’ll take your cookies too. 

What’s it gonna be – worse or bad?

Sure, there’s always a margin of error in this kind of research which means free and safe-ish proxies do exist.

But even then, they don’t stay that way. 

And until something bad happens, you just don’t know.

And while you’re waiting, they’re slow af. 

“Remember that when you use a proxy server, you surrender your identity in exchange for anonymity” 

A little contradictory, yes. But all anyone can ever tell you is “I promise not to peek.” 

(We all know how that one goes.) 

However, if there’s incentive to keep the promise…

Well, well! 

Now, that changes things.

And that is what money does. 

Because after all – money isn’t real. 

It’s a placeholder 

It’s trust

Belief

And at the end of the day 

free proxies can’t have that.

(miming a mic drop)  

Thinking about buying proxies?

Great!

Learn more.  

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments