Hi ElinorD,
On 6/20/07, ElinorD elinordf@gmail.com wrote:
People are asking what the problems are with open proxies.
Well, that's an open-ended question with a numerous list of responses =D. In general, the only concern as far as Wikimedia is concerned is that open and anonymizing proxies serve to enable spammers and vandals to perform their dirty deeds with little we can do to stop them--that is, users of open proxies are next to impossible to block.
Connel MacKenzie has stated some interesting problems with the idea of an
admin using open proxies here:
http://en.wikipedia.org/wiki/Wikipedia_talk:Requests_for_adminship/Charlotte...
He states (and I haven't the expertise to know if he's right or not) that it makes admin passwords insecure, which would be something very serious.
Indeed, there is the potential that passwords sent in plaintext over an open proxy are far easier to fish out than those sent through a direct connection. This is because many proxies will cache and log information sent over them, which may be accessible to any number of people, and it is far more likely when using a proxy-server that packets sent over the connection can and are being monitored. Nonetheless, that assumes that someone monitoring packets or accessing logs *cares* about Joe Blow's Wikipedia password and stumbles across it--naturally, if someone knows that Joe Blow has logged in through a certain proxy and goes out to find that password, he will have a far greater chance of being successful, though the chance is still fairly slim.
For the most part, however, with onion routers such as TOR nodes and other trusted open proxy services, this risk is almost non-existent. It is even further diminished by safe browsing practices, such as sending personal information only over encrypted connections. I would say that there is a risk, but that the risk is quite minimal.