Probably what's happening across the world's middle schools: MSN/facebook/youtube blocked by the school firewall? No problem, I know a kid who can get us around it. Here, she says, just google proxies, and we click on the first one, and proceed to enter our credentials..
One of the first things I did at that age whenever changing schools was to set up a couple proxies to get around SonicWall or whatever my school would be using. I added a link to my Facebook and usually a funny pic from around the web to the landing page... definitely one of the easiest ways for an introvert to get others to remember their name...
Edit: Oddly, nobody from the schools ever called me out on it despite PII on the page and the WHOIS data (I was using personal domains at that point, .com and .info). I can't remember if Tor ever worked, but back then it was slow as hell anyway because even the school's "high-speed" connection wasn't close by today's standards.
Further edit: I was trying to learn PHP at the time, and was using some existing scripts along with dinky little modifications. It wasn't malicious, but a couple times it was fun to manually post stats for which sites were the most visited. The type of sites people used it for was not surprising. Regrettably I never took it far enough to do anything clever, instead pretty much abandoning code for following couple years.
Fun memories since I'd mostly buried that whole period as "boring, non-technical, and embarrassingly childish" stuff.
We used software and hardware key loggers to get system and firewall passwords. We'd just shut the firewall off if we wanted to do something that was blocked.
I think an obvious, if not particularly harmful thing for a free proxy to do would be replacement of ads with ones that pay to the proxy owner, and injection of affiliate links whenever possible. I wonder how common that is?
Someone I know very well runs one of the largest proxy networks.
"Why wouldn't we? Our users aren't particularly tech-savvy, and we've calculated that 90% of our [user] base doesn't have an adblocker of such installed. ... [we] see 90% [of our income, combined with our VPN services] from injecting ads - sometimes, they are more relevant than what the visiting site serves."
Back in 2001 I did some consulting for CyberRebate, who were building exactly this. In return for running their proxy you'd earn reward points that you could cash in on their site. They imploded (http://en.wikipedia.org/wiki/CyberRebate) before the product was launched.
> extra piece of code that does things like send all data entered in forms to your server
Assuming you're injecting JS, the site isn't SSL meaning all that data is available to the proxy anyway (its part of their operation). The botnet angle is much more interesting than the loss of privacy one.
What happens if the user tries to visit a site with https, like gmail? Can the free proxy still be destructive? I assume yes, but I'm interested in hearing about the technical details.
Once my ISP (Cox Communication) injected a message into a web page I was reading to notify me of their planned service downtime. So I wonder the legality aspect of this type of injection. Is anyone who transmits data can modify pages?
I'm not aware of any such case going to court anywhere, although it probably has by now.
In Sweden a couple of years ago, the largest mobile operator Telia injected some toolbar with ads on top of all mobile web content. Within a working day literally all of the swedish media sites had collectively blocked all access to their web sites from Telia mobile IP ranges. The next day the ad toolbar was gone.
Another group of users of free proxies (I had been in that group in the past), are people living in countries behind state run firewalls/filters. You want to read the news, or even check your email (in some cases) and you need a proxy. You cannot afford to run your own proxy. So you use the free ones, AND YOU KNOW they are not safe, but you don't have a choice.
If you live in one of those countries using the proxy will get you into the same trouble as reading those sites in the first place, heck probably into even more trouble.
Quite a few non-free "privacy apps" just route your traffic through free, open proxies that they keep scanning. So, of course, you end up being completely exposed to snooping and injections.
Some proxy providers ask users to install client-side apps. You don't have to do all this dance to see what user is seeing if you can install a binary on users machine. This is what most of people in Iran and China do.
One way or another, somebody is watching. Either it's the NSA or some ad agency interested in your browsing habits while you "bypass" the filters.
In the future, I imagine almost every site will use HTTPS—maybe browsers will even refuse to connect over plain HTTP. Then this kind of attack won't be possible.
I'm sure that there will be free proxies that "require you to install this program" (which also installs a certificate) to work. But yeah, it helps for e.g. the middle schoolers who don't have admin rights on the computers anyway.
3. Configure it to bind to the vps public ip, set a high port, limit access to your home/work ip address or range(s)
4. Set your browser proxy to vps.ip.add.res:12345
The above is simple and effective, only downside anyone else on your ip or range you specified can use that proxy too (if they find out the ip:port and if they done steps 3 and 4 above).
You can switch off the vps when not using it (saving you money)
[+] [-] pizza|11 years ago|reply
[+] [-] ics|11 years ago|reply
Edit: Oddly, nobody from the schools ever called me out on it despite PII on the page and the WHOIS data (I was using personal domains at that point, .com and .info). I can't remember if Tor ever worked, but back then it was slow as hell anyway because even the school's "high-speed" connection wasn't close by today's standards.
Further edit: I was trying to learn PHP at the time, and was using some existing scripts along with dinky little modifications. It wasn't malicious, but a couple times it was fun to manually post stats for which sites were the most visited. The type of sites people used it for was not surprising. Regrettably I never took it far enough to do anything clever, instead pretty much abandoning code for following couple years.
Fun memories since I'd mostly buried that whole period as "boring, non-technical, and embarrassingly childish" stuff.
[+] [-] skrebbel|11 years ago|reply
[+] [-] Kiro|11 years ago|reply
[+] [-] driverdan|11 years ago|reply
[+] [-] KhalilK|11 years ago|reply
[+] [-] danjayh|11 years ago|reply
[+] [-] joshmn|11 years ago|reply
"Why wouldn't we? Our users aren't particularly tech-savvy, and we've calculated that 90% of our [user] base doesn't have an adblocker of such installed. ... [we] see 90% [of our income, combined with our VPN services] from injecting ads - sometimes, they are more relevant than what the visiting site serves."
[+] [-] hackerboos|11 years ago|reply
[+] [-] flavor8|11 years ago|reply
[+] [-] Goopplesoft|11 years ago|reply
Assuming you're injecting JS, the site isn't SSL meaning all that data is available to the proxy anyway (its part of their operation). The botnet angle is much more interesting than the loss of privacy one.
[+] [-] sillysaurus3|11 years ago|reply
[+] [-] antimora|11 years ago|reply
[+] [-] johansch|11 years ago|reply
In Sweden a couple of years ago, the largest mobile operator Telia injected some toolbar with ads on top of all mobile web content. Within a working day literally all of the swedish media sites had collectively blocked all access to their web sites from Telia mobile IP ranges. The next day the ad toolbar was gone.
[+] [-] alimoeeny|11 years ago|reply
[+] [-] dogma1138|11 years ago|reply
[+] [-] jedisct1|11 years ago|reply
[+] [-] ksrm|11 years ago|reply
[+] [-] msoad|11 years ago|reply
One way or another, somebody is watching. Either it's the NSA or some ad agency interested in your browsing habits while you "bypass" the filters.
[+] [-] bbcbasic|11 years ago|reply
[+] [-] kbart|11 years ago|reply
[+] [-] blevinstein|11 years ago|reply
Then, he modified it slightly to scrape facebook username/passwords, and gave the URL to all his friends. :)
I wonder whether modern security practices (e.g. https everywhere) will make proxies less lucrative (and therefore less common).
[+] [-] jldugger|11 years ago|reply
[+] [-] binaryanomaly|11 years ago|reply
[+] [-] stepstep|11 years ago|reply
[+] [-] skrebbel|11 years ago|reply
[+] [-] chmars|11 years ago|reply
[+] [-] nonninz|11 years ago|reply
While their desktop proxy service is free, they also offer a premium account for their VPN services for mobile.
See: http://techcrunch.com/2014/10/01/zenmate/
[+] [-] jfoster|11 years ago|reply
[+] [-] tbg|11 years ago|reply
Nah, just use Private/Incognito windows when using "free" proxies
[+] [-] jjp|11 years ago|reply
[+] [-] ryan-c|11 years ago|reply
[+] [-] Goopplesoft|11 years ago|reply
[+] [-] read|11 years ago|reply
[+] [-] yc1010|11 years ago|reply
2. Install tinyproxy (apt-get install tinyproxy)
3. Configure it to bind to the vps public ip, set a high port, limit access to your home/work ip address or range(s)
4. Set your browser proxy to vps.ip.add.res:12345
The above is simple and effective, only downside anyone else on your ip or range you specified can use that proxy too (if they find out the ip:port and if they done steps 3 and 4 above). You can switch off the vps when not using it (saving you money)
[+] [-] Spooky23|11 years ago|reply
https://www.linode.com/docs/networking/ssh/setting-up-an-ssh...
[+] [-] ptman|11 years ago|reply
[+] [-] higherpurpose|11 years ago|reply
[+] [-] gog|11 years ago|reply
[+] [-] shocks|11 years ago|reply
[+] [-] 99jessy|11 years ago|reply
[+] [-] jarfil|11 years ago|reply
[+] [-] curiously|11 years ago|reply