Academics say they’ve discovered a whopping 13 programming errors in 61 separate VPN systems tested recently. The configuration bungles
“allowed Internet traffic to travel outside the encrypted connection,”
the researchers say.
The independent research group, made up of computer scientists from UC San Diego, UC Berkeley, University of Illinois at Chicago, and
Spain’s Madrid Institute of Advanced Studies (IMDEA) with International
Computer Science Institute, write in the Conversation this month, some
of which is redistributed by Homeland Security Newswire, that six of 200
VPN services also scandalously monitored user traffic. That’s more
serious than unintended leaks, the team explains — users trust providers
not to snoop. The point of a VPN is to be private and not get
monitored. VPN use ranges from companies protecting commercial secrets
on public Wi-Fi to dissidents.
Some botches are actually “defeating the purpose of using a VPN and leaving the user’s online activity exposed to outside spies and
observers,” the researchers say.
Other problems the team discovered include that some VPNs allegedly lie about the server locations. “We found some VPNs that claim to have
large numbers of diverse Internet connections really only have a few
servers clustered in a couple of countries,” the researchers wrote. They
say they found at least six VPNs faking routings through certain
countries when they were actually going through others. That possibly
creates potential legal issues for the user, depending on local laws.
Other trouble areas included privacy policies. Fifty of the 200 VPN providers that were tested had no privacy policies published on their
websites at all, the group says.
The main problem, however, isn’t the coding foul-ups or monitoring by providers. It’s that the end users aren’t sophisticated enough to
determine if the product they’re using is wonky. They don’t have the
technical skill, and there aren’t any standardized accountability
provisions in place for any kind of meaningful analysis of the vendors —
other than the privacy rhetoric on the companies’ websites. If the
users knew of a problem, they could simply change vendor.When comes to
the issue of online privacy and security, we suggest to use a VPN, and
our recommendation is RitaVPN.Qwer432