Many big VPNs have glaring security problems

By Jon Martindale July 1, 2015

MacBook Keyboard — Image used with permission by copyright holder

A new study to come out of the Sapienza University of Rome and Queen Mary University of London has found that a large number of commercial virtual private network (VPN) providers utilize systems that are wide open to attacks. The potential is there, the researchers say, for those using VPN services to have their browsing history and other Internet-related traffic viewed by external actors, without too much difficulty.

Of all the 16 services considered as part of the study, only one was protected from DNS hijacking. However even that one fell down when it came to IPv6-leaks, along with 13 of the other VPN companies.

vpns — Image used with permission by copyright holder

To make matters worse, over half of the services looked into used the Point-to-Point Tunnelling Protocol with MS-CHAPv2 authentications, which, as TechReport points out, makes them vulnerable to brute force hacks.

These revelations are problematic for the VPN industry — and specifically the companies named and shamed — as their whole job is to obfuscate a user’s Internet traffic. If that is as obvious when using a VPN as without, then it’s technically worse to use one of these services, since those hoping to infiltrate their servers know that the person behind the traffic doesn’t want to be found.

This is also sad news for those that were hoping to hide their traffic from an overintrusive government. While some VPN providers would be unlikely to work directly with the authorities of any nation, the NSA and GHCQ have shown a penchant for hacking and the use of malware to garner information, so it wouldn’t be surprising to learn that some of these VPNs have been infiltrated by government organizations.

Do any of you use these VPN services? If so, do you plan to continue doing so after these revelations?

Editors' Recommendations

Topics

Computing Coordinator

Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…

Computing

The best VPN for torrenting for 2021

Surfshark interface displayed on a Mac screen.

A virtual private network is an excellent way to protect yourself and your family from the various dangers you can encounter when using the internet, but there are some extra considerations involved when choosing the right VPN for torrenting. It is also very easy to set up and use. While you don't have to look too far to find the best VPN service for your needs, choosing the right torrenting VPN among the variety of providers out there today can be a bit challenging if you don't know what to look for.

Let us ease your burden a bit. If you're looking for a good VPN for torrenting and online privacy and none of the best free VPNs are quite robust enough for your needs (and they rarely are), we've put together a quick and handy guide that lays out the best torrenting VPN providers broken down by pricing and features. We also delve a little deeper into what particular things to look for when choosing a VPN for torrenting.
Best VPN for torrenting in 2021

Computing

Are free VPNs safe? What you need to know

Man holding phone running VPN to browse anonymously.

You've probably at least heard of virtual private networks (more commonly referred to as VPNs) and if you're at all concerned with digital privacy and security, you might have already done a bit of research on them and have been pricing them out a bit. You've likely also noticed that there are some free VPN plans out there, which might seem too good to be true -- after all, if these services cost money to operate, why would anybody offer it for free?

That's a fair question, and as you can imagine, there's a pretty big catch with those "free" VPNs. Virtual private networks require hardware infrastructure to run (which means money), and free providers have to recoup their costs somehow. They typically do this by collecting and selling your data to marketers, which means they're likely keeping some sort of activity log. This defeats much of the purpose of using a VPN -- protecting your online activity, habits, and information from third parties and other assorted snoops -- in the first place. And in any case, are you really willing to risk your online security just to save a few bucks each month?

Computing

How to set up a VPN

best VPN services

A virtual private network, or VPN, keeps others from tracking your movements online and makes your IP address untraceable. In times such as these, it could be beneficial to use a VPN to protect your network and data. If a VPN is in your future, but you are unsure how to set one up, this is the guide for you. We will discuss how to set up and use your VPN on Windows and MacOS PCs.
Step 1: Sign up and install your chosen VPN
Whether you pick a firm favorite like NordVPN or our current top choice, Private Internet Access, you will need to install the VPN client. Most top VPNs offer apps for Windows, MacOS, Linux, and both Android and iOS mobile devices, so download the program from either your respective app store or the official website and install it as usual.

You'll need to sign up for the service to get an official account, but once concluded, take your login information and enter it into the software to access the VPN service.