Hi Folks,
Is it safe to use an open proxy sever for personal information (such as banking) if the connection is under HTTPS? (Using a proxy directly from a web browser…not CGI proxy)
1.) For example, if I connect to a online bank using a proxy server under HTTPS, can the operator of the proxy server have access to my login information, or is the info encrypted by the time it reaches the proxy?
I know that there exists some DNS spoof programs that will redirect you to a fake URL to Phish your info…but assuming that the correct URL is entered directly in the web browser using a proxy such as: – and the URL remains the same… At this point is the info safe?
Can the proxy server operator use my authentication cookie to login back into the site after I’ve logged out?
2.) Also a chain is a strong as it’s weakest link: If I’m using a proxy server to connect to a site under HTTPS, is the entire connection under HTTPS…or only the portion between the proxy and the website…and therefore my connection to the proxy would be under plain HTTP and therefore unsafe…
Regards
Is it safe to use an open proxy sever for personal information (such as banking) if the connection is under HTTPS? (Using a proxy directly from a web browser…not CGI proxy)
1.) For example, if I connect to a online bank using a proxy server under HTTPS, can the operator of the proxy server have access to my login information, or is the info encrypted by the time it reaches the proxy?
I know that there exists some DNS spoof programs that will redirect you to a fake URL to Phish your info…but assuming that the correct URL is entered directly in the web browser using a proxy such as: – and the URL remains the same… At this point is the info safe?
Can the proxy server operator use my authentication cookie to login back into the site after I’ve logged out?
2.) Also a chain is a strong as it’s weakest link: If I’m using a proxy server to connect to a site under HTTPS, is the entire connection under HTTPS…or only the portion between the proxy and the website…and therefore my connection to the proxy would be under plain HTTP and therefore unsafe…
Regards