Are Free Proxies Safe for Collecting Competitive Intelligence?

The cost-effectiveness of free proxies is a characteristic that appeals to users. But the cost savings may paradoxically prove expensive in the long run. Free proxies are notorious for lacking security and being unstable and unreliable. The issue is further exacerbated if you use a proxy supplied by an untrusted provider to carry out sensitive activities like collecting competitive intelligence. But how exactly are free proxies unsafe for such use cases? How are they unstable? Read on to find out.

Are free proxies unsafe?

We start by stating that not all free proxies are unsafe. Reputable providers will make attempts to guarantee security but with a caveat: their free proxies should only be used for testing purposes and small-scale tasks.

That said, untrusted providers do not give such warnings. And that may be because they may have nefarious intentions – to conduct man-in-the-middle (MitM) attacks. You should be wary of such free proxies because they are more likely than not unsafe. But how so?

What makes some free proxies unsafe

There are two possible elements that can make a free proxy unsafe:

1. Surveillance by the free proxy provider

2. Provider’s abuse of root certificates

Surveillance

Typically, proxy providers, like internet service providers (ISPs) and virtual private network (VPN) providers, can see the traffic to and from your computer. While trusted providers may not maintain logs that track this inbound and outbound traffic, untrusted providers may do so.

Untrusted providers may surveil your connection with the aim of harvesting the data. It’s worth noting that while they cannot see the exact content of the web traffic because of encryption, they may log the sites you visit. This way, they track your every move. They may then sell this data to competitors. And given this backdrop, using a free proxy from an untrusted provider may not auger well for your business.

Abuse of root certificates

In some cases, their actions may be even more nefarious and unethical. There are various layers of protection that ensure you securely use the internet and access websites. The first is the authentication and/or encryption offered by protocols like the HTTPS (hypertext transfer protocol secure) and the TCP/IP (transmission control protocol/internet protocol). These protocols ensure untrusted providers cannot see the content of the data routing through the proxy server.

The second is SSL/TLS certificates, which are foundational to HTTPS. Web servers and web clients (browsers) use these certificates to establish trust (e.g., by verifying the identity) and subsequently establish a secure and encrypted connection. These certificates can be exploited to enable untrusted providers to steal data.

Specifically, such providers can install their own root certificates on your device’s root store, which, unlike those issued by a reputable certificate authority, are untrusted. By issuing the untrusted root certificate, the free proxy provider makes connections unsecured. The process is, of course, much more complex than this. But Malwarebytes has previously shown how root certificates can be abused to execute a MitM attack or install malware.

The installed malware could be spyware that collects user activity. In this regard, the spyware renders the gathered competitive intelligence, which should ideally be kept safe as it informs business practices, an open secret instead. A free proxy provider that opts to carry out a MitM attack instead may eavesdrop and tap the data transfers. They can easily get a hold of competitive intelligence.

Are free proxies unreliable?

The security angle is just one of three reasons that make free proxies unappealing for users looking to collect competitive intelligence. The other is instability. Usually, free proxies assign IP addresses that have already been blacklisted. This means that requests routed through these tools will be automatically blocked.

Imagine a situation where you want to collect competitive intelligence from multiple websites, yet all the requests to these sites are denied because the IP address assigned to your connection is blacklisted. That would mean that you cannot gather this much-needed information. This scenario shows the unreliability of free proxies.

Are free proxies unstable?

A free proxy is usually a shared proxy. Many users share the available bandwidth, which slows the connection down. The slow speeds can create a situation where your requests are timed out. Also, you cannot connect to a free proxy whose bandwidth has been exceeded; the connection, if successful, may ultimately fail. Free proxies, therefore, generally suffer from poor performance and frequent downtimes, characteristics that render them unstable. They cannot be used to collect competitive intelligence.

Conclusion

Free proxies are unstable, unreliable, and unsafe. These issues are common among free proxies supplied by untrusted providers. Instead, free proxies provided by reputable proxy providers are ideal for testing purposes and small-scale web scraping tasks. But if you still wish to collect competitive intelligence, the best option is to use datacenter or residential proxies.