Tuesday, May 4, 2010
"A widely used proxy service thought to provide anonymous Web surfing and used to skirt network administrator bans on access to sites like Facebook frequently reveals sensitive information about its users, according to a Swiss security researcher.
"Glype is a small bit of PHP code that routes requests for Web pages through other Web pages running its software, said the researcher, who runs the Swiss Security Blog and the Zeus Tracker project. He prefers to remain anonymous.
"The Glype code allows someone to, for example, access Facebook at work even if that page is blocked, as it appears the traffic is coming from the Web page running the proxy. Many companies now block sites such as Facebook.
"Glype's code is free, and anyone can install it on their Web page. But Glype is frequently misconfigured, the researcher said. It allow someone running a Glype proxy to turn on a log, which shows the IP (Internet protocol) address of the user, what site they requested and the time.
"Many of those people running a Glype proxy have not turned that logging function off, and worse yet, made it Web facing, meaning that URLs can be manipulated to reveal full logs.
"The researcher checked about 20 Glype proxies, found 1,700 logs files and more than one million unique IP addresses. `There are dozens of such 'insecure' proxies out there,` he said via instant message on Friday..."