Security researcher discovers free proxies a dangerous alternative to VPNs

Security researcher Christian Haschek recently put free proxies to the test to find out if they are in fact trustworthy and secure. Now the results may not be surprising for most as overall he discovered that the consensus was that free proxies are full with nasty surprises and for those of you who want something for free you should take heed in the findings published.

We all like to pay as little as possible for whatever we want or need in this world, why spend more than you have to if it can be found cheaper elsewhere? The economic downturn which kicked off in 2008 ultimately saw consumers becoming more cash-savvy and saving where possible. With less disposable income those areas that aren’t seen as necessary are always the first to be cut and if you can pick something up for free then even better!

Free, free, free is the magic number!

When it comes to accessing blocked content or sites that aren’t ordinarily available in your country or over the network you’re using it quite clearly isn’t considered a critical need and so many users search for “free proxies” or “free VPNs”. Indeed, users searching for the term “free VPN” according to Google data shows a consistent increase every year since 2009.

Free VPN

Google shows a strong increase in Free VPN searches

Free VPNs and proxies are a dangerous arena with recent headlines exploding across the privacy community at the start of 2015 revealing that free web proxy service Hola was utilising user’s system resources to provide their network and also selling those resources to commercial customers on a grand scale.

Hola are not the only culprit of utilising the resources of users with other outfits such as Yourfreeproxy.net stating in their small print that user’s systems will be used to do “mathematical calculations” in which “any rewards or fees” are the “sole property” of the parent company of the site. A good way to make money out of users when they aren’t paying for the service.

Yourfreeproxy EULA

Yourfreeproxy EULA reminds users how the service is funded.

Recent research published by Christian Haschek first started off putting 443 free proxy services to the test to find out just how secure they are and expanded this research to over twenty thousand in the weeks following.

His findings will be surprising to most users who search and make use of free proxy services and only go to reaffirm that free proxies and free VPN services can not be relied on to safeguard your information and in many cases can be downright dangerous to users who put themselves at risk of having personal data stolen or computer systems compromised.

Free doesn’t look all that good anymore

Haschek took free proxies at random from doing a simple search engine search, something which most users would start with themselves. Simply by accessing Google he then entered the term “free proxies” and carried out his research on the topmost results. Initial results showed that the majority of proxies blocked encrypted HTTP requests meaning that HTTPS was disallowed.

It was discovered that of the 13307 working proxies 62.33% of them did not allow HTTPS. This forces users to access sites over plain text which could be read by the proxy owner.

While not being able to use a secure web session is bad enough the situation becomes more serious with the findings of free proxies injecting additional code into users browsing. This included both advert injection and more seriously scripts which could be used to carry out a more sinister purpose. Haschek discovered that combining injecting HTML, injecting Javascript and some form of “altering data” occurred on 58% of the 13307 working proxies tested.

Over half of all servers is an alarming number indeed meaning you have a 1 in 2 chance of falling foul of something as simple as an extra advert appearing on your browsing session to something more serious being inserted into your browsing session.

Haschek concluded that only a quarter of all proxies tested would be considered “safe” and with statistics this bad it only goes to show that searching for free proxies and also free VPNs which would suffer a similar fate is littered with unknown consequences. The final advise from Haschek? “Don’t use free proxies”.

I’ll leave you with the following author unknown quote

If you’re not paying for, you’re not the customer. And if you’re not the customer, you’re the merchandise.

A list of reliable VPN companies who won’t sell your data or utilise your system resources can be compared in our VPN Comparison Guide or by browsing our VPN Reviews.

Image courtesy of iosphere at FreeDigitalPhotos.net

Leave a Reply

Your email address will not be published. Required fields are marked *