Comment: I didn't notice that feature

(See in situ)


I didn't notice that feature

I didn't notice that feature of Startpage.

I am a computer expert. I don't claim I know everything, but I have deep knowledge of this topic. And it is a broad topic. There's so many types of proxies: We can have proxies that operate at the TCP layer, which merely redirect traffic without discriminating based on content: regular SOCKS proxies, including Tor, for example. These types of proxies cannot protect you from malware any more than a firewall can. (That is, basically not at all)

Then we have proxies which can apply rules, and decide to alter or reject requests and/or responses based on various criteria. These can look at HTTP protocol fields to make decisions, as well as the content of the request or response. They can be used to protect both clients (web browsers) and servers, as well as plugins hosted within browsers and server side code hosted by web servers. This type of thing looked promising back in 2004 or so, but as someone who's been following this since the mid 1990s, I can tell you that the idea of protecting something as complex as a web browser with a proxy is dubious at best.

In theory, a proxy can block traffic that would exploit a vulnerability. In practice, there may be cases of server side code that can't be easily updated that would benefit from such protection. This is absolutely not the case for web browsers. The teams that maintain web browsers have a far better understanding of their vulnerabilities than any teams offering proxies have.

Google is literally offering millions of dollars in the next month for disclosure of vulnerabilities in Chrome. The prizes for 0day at conferences are worth more than the companies behind Cocoon and Startpage combined. If either had anything worth a damn, someone would just buy them.

Browser security is about process hardening, privilege separation, sandboxing, virtualization, and related fields. Proxies do not operate at the correct layer to provide credible protection against modern malware. All they are good for is shielding your IP address from the remote peer. Web based proxies may provide some protection incidentally, but only at the expense of breaking legitimate functionality.

Proxies are good for 3 things:
1) Make your traffic go somewhere else, before going to the target site. This is necessary at conferences or other networks where the network admin might know you personally and take interest in your traffic. A VPN or any kind of layer 3 proxy is sufficient.

2) To catch stupid users (skilled users can always bypass) trying to exfiltrate proprietary data from a corporate network you are tasked with protecting, or to enforce a white listed web access so that the jobbers don't go anywhere except work related sites on company time. This is kind of the reverse of keeping malware out: Keeping certain data in. It's actually impossible, there's always a way to sneak it through unless you utterly cripple access to the internet.

3) To assist in testing the security of web applications by enabling on the fly modification of cookies, post variables, and so on. And browser plugins are taking this over as they're actually better suited.