SOCKS proxy security concerns

As claimed, “A socks proxy simply transfers data from a client to a server, not penetrating into this data contents (therefore it can work with HTTP, FTP, SMTP, POP3, NNTP, etc.)”, I really can’t buy it, can’t a SOCKS proxy log data, analyze its content, redirect traffic, capture submitted forms, intercept SSL/TLS communications, “harvest” emails, or even spoof an IP address through a poisoned DNS?

I understand that SOCKS operates at lower level than HTTP proxies, and that it support authentication in its SOCKS5 version.

I found it risky to use proxies, but sometime its the most “feasible” as an exchange to privacy, when it come to region limitation and bandwidth allocation.

Can anybody clarify the above points?

What are the security implications of connecting to Tor through an SSH SOCKS proxy?

Suppose I have a user account on a remote server run by a friend.

I create a SOCKS tunnel on my computer that forwards connections from a local port to the remote server: ssh -N -D 12345 john@10.1.1.5 (i.e. all local connections to localhost:12345 gets forwarded to the 10.1.1.5 server).

I configure the connection settings on the Tor browser to connect to the Tor network through a proxy: the SOCKS proxy on localhost:12345 that I just created.

The question: what are the security implications of this scheme? What can the remote server (10.1.1.5) see when I browse the web through the Tor browser?

Presumably, the remote server will be able to log connections and determine the sizes of the HTTP requests made through the Tor browser, but will it be able to determine the specific websites visited, or eavesdrop on POST requests?

How to Match Socks

When I do my laundry I tend to make a pile of unmatched socks, putting new socks on the top of the pile and matching off pairs if two of the same sock are near the top of the stack. Since eventually socks will get buried deep in the pile I occasionally dump some of the sock pile back into the laundry pile.

I started to wonder if there was an efficient way to choose when and how I return socks from the sock pile to the laundry pile. So I made up a formalism.

We have two collections of socks, the first one $ L$ represents the laundry pile and the second one $ S$ represents the sock pile. We have perfect knowledge of the contents of both collections. We then have three actions:

  • Move the top sock from $ S$ to $ L$

  • Move a random sock from $ L$ to the top of $ S$

  • Remove the top two socks of $ S$ iff they match. (Make a pairing)

Each sock has exactly one match and at the beginning of execution all the socks are in $ L$ . Our goal is to empty both $ L$ and $ S$ so that all of the socks have been matched off in as little time as possible. I want to measure the efficiency of an algorithm as expected number of performed operations, as a function of the number $ n$ of socks.

What is the most efficient algorithm for this task? What is its asymptotic expected number of operations?


My Algorithm

Here’s the best algorithm I was able to come up with.

In the following, it should go without saying that if you ever encounter a pair on the top of $ L$ you should remove it.

We start with phase one. In phase one we will count the number of complete pairs in $ L$ if there are any pairs in $ L$ we will move an sock from $ L$ to $ S$ , if there are none we will move an sock from $ S$ to $ L$ . We repeat this process until there are exactly three socks, two of them constituting a pair, in $ L$ , then we begin phase two.

In phase two we move one sock from $ L$ to $ S$ if it is not in the pair, we move the last two socks of $ L$ to $ S$ creating a pair, if it is in the pair we have two socks left in $ L$ one that matches the top and one that does not. We keep moving socks from $ L$ to $ S$ moving them back if we do not create a pair. Once we have created a pair we move back to phase one.


The idea for this question is similar to this question, however the actual models for sock matching are radically different.