Free-proxies have been widespread since the early days of the Web, helping users bypass geo-blocked content and conceal their IP addresses. Various proxy providers promise faster Internet or increased privacy while advertising their lists comprised of hundreds of readily available free proxies. However, while paid proxy services advertise the support of encrypted connections and high stability, free proxies often lack such guarantees, making them prone to malicious activities such as eavesdropping or modifying content. Furthermore, there is a market that encourages exploiting devices to install proxies. In this paper, we present a 30-month longitudinal study analyzing the stability, security, and potential manipulation of free web proxies that we collected from 11 providers. Our collection resulted in over 640,600 proxies, that we cumulatively tested daily. We find that only 34.5% of proxies were active at least once during our tests, showcasing the general instability of free proxies. Geographically, a majority of proxies originate from the US and China. Leveraging the Shodan search engine, we identified 4,452 distinct vulnerabilities on the proxies' IP addresses, including 1,755 vulnerabilities that allow unauthorized remote code execution and 2,036 that enable privilege escalation on the host device. Through the software analysis on the proxies' IP addresses, we find that 42,206 of them appear to run on MikroTik routers. Worryingly, we also discovered 16,923 proxies that manipulate content, indicating potential malicious intent by proxy owners. Ultimately, our research reveals that the use of free web proxies poses significant risks to users' privacy and security. The instability, vulnerabilities, and potential for malicious actions uncovered in our analysis lead us to strongly caution users against relying on free proxies.

翻译：自网络早期以来，免费代理已广泛普及，帮助用户绕过地理限制内容并隐藏其IP地址。各类代理提供商以提升网速或增强隐私为承诺，推销其收录数百个现成免费代理的列表。然而，付费代理服务推广加密连接与高稳定性保障，而免费代理通常缺乏此类保障，易遭受窃听或内容篡改等恶意活动。此外，市场上存在鼓励利用设备安装代理的产业链。本文呈现一项历时30个月的纵向研究，系统分析我们从11家提供商收集的免费网络代理的稳定性、安全性及潜在操控风险。数据集累计超过640,600个代理，每日进行持续性测试。研究发现，在测试期间仅34.5%的代理至少活跃过一次，凸显免费代理普遍的不稳定性。地理分布上，多数代理源自美国与中国。借助Shodan搜索引擎，我们在代理IP地址上识别出4,452个不同漏洞，其中包括1,755个允许未经授权远程代码执行的漏洞，以及2,036个可导致主机设备权限提升的漏洞。通过对代理IP地址的软件分析，发现42,206个代理疑似运行于MikroTik路由器上。更令人担忧的是，我们检测到16,923个代理存在内容篡改行为，表明代理所有者可能具有恶意意图。最终，本研究表明使用免费网络代理对用户隐私与安全构成重大风险。分析中揭示的不稳定性、漏洞及潜在恶意行为，强烈警示用户应避免依赖免费代理。