A new paper shows many free VPNs in Google Play store put your privacy at risk
In world wide Data Privacy Day it’s important to remember that free VPNs are far from safe. A new paper (PDF) by researchers from Australia’s Commonwealth Scientific and Industrial Research Organization, University of New South Wales, The Institute of Company Secretaries of India and University of California, Berkeley shows that a vast majority of free VPNs for Android, many very popular and high rated, put their users’ security at risk. The study shows that alarmingly
- 75% of the apps tested use third-party tracking libraries.
- 82% unnecessarily request permissions to access sensitive data such as user accounts and text messages.
- 38% contain some form of malware (adware 43%, trojan 29%, malvertising 17%, riskware 6% and spyware 5%).
- 18% do not encrypt anything
- 18% provide no information on who is hosting the VPN servers
- 16% forward traffic through other users’ network bandwidth (making the user basically one node in their VPN network).
- 84% expose user’s real IP address via IPv6 DNS leaks.
- 4 of the analyzed apps perform TLS interception. Although three of these claim this is in order to perform traffic acceleration, this allows them to selectively intercept data sent to secure HTTPS Such as banks, email services, e-commerce sites, and online tax return websites.
Many people are using these apps to secure their movements online but all these free VPN apps are doing is putting them into even bigger risk online than without a VPN.
“Millions of users appear to trust VPN apps despite their potential maliciousness,” the study noted. Yet “VPN apps like HideMyAss and VPNSecure which claim to provide security and anonymity are not effective against surveillance and malicious agents.”
How to stay safe?”
The best way to stay safe is to stop using any free VPNs. Free VPNs are using the user to make money, which means these services don’t value your online privacy or data security at all. It is best to stick with the best VPNs available that really can be trusted and are trusted by millions of users all over the world. These reputable VPN services can be obtained for less than $5 per month.