Hi ElinorD,
On 6/20/07, ElinorD <elinordf(a)gmail.com> wrote:
People are asking what the problems are with open proxies.
Well, that's an open-ended question with a numerous list of responses =D. In
general, the only concern as far as Wikimedia is concerned is that open and
anonymizing proxies serve to enable spammers and vandals to perform their
dirty deeds with little we can do to stop them--that is, users of open
proxies are next to impossible to block.
Connel MacKenzie has stated some interesting problems with the idea of an
admin using open proxies here:
http://en.wikipedia.org/wiki/Wikipedia_talk:Requests_for_adminship/Charlott…
He states (and I haven't the expertise to know if he's right or not) that
it
makes admin passwords insecure, which would be something very serious.
Indeed, there is the potential that passwords sent in plaintext over an open
proxy are far easier to fish out than those sent through a direct
connection. This is because many proxies will cache and log information sent
over them, which may be accessible to any number of people, and it is far
more likely when using a proxy-server that packets sent over the connection
can and are being monitored. Nonetheless, that assumes that someone
monitoring packets or accessing logs *cares* about Joe Blow's Wikipedia
password and stumbles across it--naturally, if someone knows that Joe Blow
has logged in through a certain proxy and goes out to find that password, he
will have a far greater chance of being successful, though the chance is
still fairly slim.
For the most part, however, with onion routers such as TOR nodes and other
trusted open proxy services, this risk is almost non-existent. It is even
further diminished by safe browsing practices, such as sending personal
information only over encrypted connections. I would say that there is a
risk, but that the risk is quite minimal.
--
Daniel Cannon (AmiDaniel)
http://amidaniel.com
cannon.danielc(a)gmail.com