Basic Authentication - Proxy Server Authorization

There's probably few areas were the phrase "a little knowledge is a dangerous thing" is more relevant that in technology. We've all come across an area where we actually cause more damage than we solve - I know I often have and I've been working in IT for over 20 years.
proxy authenticationI came across an example of how an interest in computer security and a desire to maintain privacy actually caused huge security risks to the users. It involves a group of users, a proxy server and the Proxy-Authorization Header. This anonymous proxy server was set up to protect a bunch of ahem l33t hackers from detection whilst they caused mischief on the internet.

The problem was they weren't terribly good at this ninja stuff and the proxy server they had set up was a very old and insecure proxy called winroute which used basic authentication, and worse forwarded the proxy _authorization header when browsing the internet.

So what does this actually mean ?

Well step by step here's what was actually happening

L33T Ninja hacker - aged 15 puts on his dark mask and ninja gear

L33t Ninja hacker logs on to the super secure l33t ninja proxy his mate set up

L33t Ninja type in password for authentication to said proxy server.

Great, fine up to here but the problem was the proxy server was completely insecure, and actually forwarded the Proxy_Authorization header to every web site our young hacker visited. What's the big deal with this - well the header contains the users proxy username and password in clear text.

A great calling card for a ninja surfer I'm sure ! But it happens all the time - proxy servers are wonderful, they can give you speed, anonymity and privacy but unfortunately they can also do exactly the opposite. To make it worse people often use the same username and passwords for everything so when you trap one, you've often got all their passwords.

Identity thieves know all this and prowl the internet looking for easy pickings like this. Make sure any proxy server you use is secure, make sure it's run well and it's NOT been set up by someone with no clue about computer and proxy security. It's kinda funny when it happens to our muppet hackers here - but not so when it's some ordinary person just trying to surf more securely with a little privacy !! Use a secure proxy like Identity Cloakers private proxies or do yourself a favour and don't use just any so called anonymous proxy !