are not lawyers, and cannot provide legal advice. This article is intended
only to raise awareness of a few of the many issues involved with the
use of "public" proxies.
When I first learned about anonymous proxy servers, I thought they
were the greatest thing since sliced bread. But given their "public"
availability and lack of advertising support, a question loomed in my
mind: "Why would anyone operate a public proxy server?". A
little logic, and a little research, eventually led us to establishing
iPrivacyTools in it's current form (using private
proxies). Here's why:
If I worked in law enforcement and wanted to catch "bad guys"
by the dozens, there would probably be no better way of accomplishing
that objective than by setting up an "anonymous" proxy server
and monitoring/logging the traffic flow. My guess is that anonymous
proxies are a magnet for abuse by criminals who wish to be "invisible".
Along the same lines, if I were a criminal and wished to tap a goldmine
of passwords and financial information, setting up an anonymous proxy
would also be a perfect way to do just that.
These problems are magnified by the fact that most public proxy servers
are not configured to work with SSL.
policy" on such services should be a red flag to legitimate users.
So aside from the "honeypot" purposes mentioned above, why
would anyone be motivated to provide free bandwidth for an anonymous
public proxy server? It's true that there are some generous people out
there who think that everything on the Internet should be "free".
But keep in mind that operating such a relay exposes the server owner
to tremendous legal risk, as they become "associated" with
all the activities of people surfing through their IP's. Who would want
to do that, without any user screening? The answer is probably: nobody.
I don't know the statistics, but my guess is that these "public
proxy servers" are usually open to public access either because
of system admin error, or as a result of a computer virus, hacking,
or malware. In other words, they are not actually "public",
but rather private servers that are being accessed by the public without
permission. And that means that you may be breaking the law just by
connecting to them.
Having said all of the above, I must also say that I have never personally
heard of anyone being sued for surfing via a proxy server without permission.
And it seems that thousands of people continue to use them despite their
other risks as well.
If you do choose to use "public" proxy servers, or "anonymous"
proxy servers, I believe there may be a few things you can do to limit
your personal risk:
- Find a server that supports SSL connections. Although they're more
difficult to find, having SSL functionality will make it much less
likely that your passwords could be intercepted while logging into
websites via an https:// page.
- If you cannot find an SSL-compatible proxy, then do not login to
any pages with passwords, and do not submit any financial information
(e.g. credit card numbers) while surfing. Viewing web pages is about
all that you can do safely without SSL.
- Do not do anything illegal. Obviously, doing anything illegal on
the Internet is illegal whether you're using a proxy or not. Feeling
that you might safely break the law while using an anonymous proxy
server would be a false sense of security. You may actually just be
exposing yourself to one more level of legal risk.
- Do not ever expect untraceable anonymity from an anonymous proxy
Again, we are not lawyers, and none of the information on this page
should be construed as legal advice. If you have any further legal questions
or concerns, it would be best to consult with an attorney.
Do you have any input about anonymous proxies or public proxies
that you'd like to add here?
Please let us know, so that we
can keep this information fresh and useful.