Security Issues > Anonymizers >
Anonymizers protect your identity for normal
surfing, but have the following limitations:
- HTTPS. Anonymizers cannot process secure
protocols like "https:" since your browser needs
to directly access the site to maintain the secure encryption.
- Plugins. If
you access a site with an anonymizer that invokes a third-party plugin, then
you can't be assured that the program won't establish independent direct
connections from your computer to the remote site that are not anonymized.
Widely used, standard programs can usually
- Logs. All anonymizer sites claim that they don't keep a
log of your requests. Some sites, such as the Anonymizer, keep a
log of the addresses accessed, but don't keep a log of the connection
between accessed addresses and users logged in.
- Java. Any Java applications that
you access through an anonymizer will not be able to bypass the
Java security wall and access your
name, email address, or file
system. Some services have stated that Java security is not compromised "if you use the URL-based anonymizer",
but that it might be "if you use the anonymizer as a regular proxy".
- Active X. Presumably safe, authorized Active X applications
are certified with a certificate number. Active-X applications have
almost unlimited access to your computer system, and once downloaded
by a website they bypass the anonymizer completely. They can access
and reveal your name and
and can access
file system to perform file creations, reads, and deletions. Your
only protection with Active-X is traceability -- if a program maliciously
causes damage to your system you can track the author down through
the certificate registration system.
and cannot reveal data or perform destructive
acts to your computer system. Some services such as the Anonymizer
state that there may be a security problem "if you use the URL-based
is safe and is left enabled."