Check if Your Android VPN is Collecting Personal Data

It’s bad enough when various web sites collect your personal data and then resell it. However, it is despicable when apps do the same thing and probably doubly despicable when an app that reportedly secures your privacy instead violates it without telling you what it is doing. The folks at The Best VPN performed an audit into the permissions asked by 81 Android VPN apps available in the Google Play Store. What they found is unsettling: several readily available VPN apps may be accessing more data than they should be.

The results? You never want to use Yoga VPN or oVPNSpider as they had the highest number of unnecessary permissions, including highly sensitive information like specific location data, access to your phone’s status, and read/write permissions for both internal and external storage. oVPNSpider even asks for access to read your log files, which The Best VPN notes was previously disabled for third-party app due to the high level of security risks associated with access to such files.

Other Android VPNs deemed unsafe by The Best VPN’s testing include:

Continue reading

New TLS Encryption-Busting Attack also Impacts the newer TLS 1.3

If you use encryption (and I certainly hope you do!), you should be aware that a team of academics has revealed a new cryptographic attack this week that can break encrypted TLS traffic, allowing attackers to intercept and steal data previously considered safe and secure. This includes the encryption used by many, but not all, VPNs.

This new downgrade attack works even against the latest version of the TLS protocol, TLS 1.3, released last spring and considered to be secure.

You can find an article by Catalin Cimpanu describing the newly-discovered weakness in the ZDnet web site at: https://zd.net/2N2RPRS.

Comments: While this new obviously does pose a security risk for thousands of individuals and organizations that use encryption, I don’t think there is any need for immediate panic. First of all, there is no indication that the low-life hackers and government spies are already using the weakness. I am sure these miscreants will start exploiting the weakness as soon as they can read about the inner workings of the hack required, but that will take a few weeks. In the meantime, all the companies that create encryption software using TLS 1.3 should be updating their software.

Continue reading

US Senators ask DHS to look into US Government Workers Using Foreign VPNs

The use of a VPN is highly recommended to reduce the odds of anyone spying on your online activities. One exception: when the VPN is owned and operated by spies.

Two US senators have asked the Department of Homeland Security (DHS) to look into the possible dangers of US government workers using VPN apps that are owned by foreign companies and which redirect sensitive government-related traffic through servers located in other countries – namely China and Russia.

Their request comes after heightened fears on Washington’s side that foreign governments are spying on US citizens and government workers using commercial products. The two would like the DHS to issue an emergency directive and ban the use of foreign VPN apps if intelligence experts deem them a national security risk.

Continue reading

Is Your VPN Secure?

According to an article by Mohammad Taha Khan And Narseo Vallina-Rodriguez in the phys.org web site:

“About a quarter of internet users use a virtual private network, a software setup that creates a secure, encrypted data connection between their own computer and another one elsewhere on the internet. Many people use them to protect their privacy when using Wi-Fi hotspots, or to connect securely to workplace networks while traveling. Other users are concerned about surveillance from governments and internet providers.

Continue reading

Facebook Pays Cell Phone Owners to Install a Shady VPN that Spies on Them

Desperate for data on its competitors, Facebook has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity, similar to Facebook’s Onavo Protect app that Apple banned in June and that was removed in August. Facebook sidesteps the App Store and rewards teenagers and adults to download the Research app and give it root access to network traffic in what may be a violation of Apple policy so the social network can decrypt and analyze their phone activity, a TechCrunch investigation confirms.

Facebook has admitted it was running the Research program to gather data on their customers’ usage habits.

Continue reading

The Easiest Way to Install a VPN

The easiest method of installing a Virtual Private Network (VPN) is not the cheapest. Then again, the prices seem reasonable for what you receive.

I have been using VPNs for years on the various computers I have owned. The security and privacy of VPNs is important to me, and I believe such privacy should be important to every internet user. Who wants hackers, spies, or your local internet provider spying on your email messages and online usage of the web?

In the “good old days” of five years ago or so, VPNs were tricky to install, not available for some operating systems (Android, iPad, etc.), and required quite a bit of technical knowledge of TCP/IP networking to install and configure. Luckily, the technology has improved a lot, and today’s newer VPN products can easily be installed in Windows, Macintosh, Chromebook, Android, iOS, and possibly other operating systems by anyone with minimal technical skills. In most cases, installing a modern VPN is a simple matter of double-clicking on an installation icon and, once installed, entering a user name and password into the newly-installed VPN software, then clicking on “enable” or some similar word. If you know how to install programs in your computer, you probably can install a modern VPN. But beware: some of the cheaper VPNs may use the older, rather complicated installation methods.

Continue reading

Why You Might Want to Give Up Your Landline Phone

Millions of people are cutting the cords of landline phone service and have switched to cellular or VoIP (internet calling) services. You might think, “That’s nice, but I like my wired landline phone. I plan to keep it forever.”

I bet you will change your mind before long. You may not change it today, but I suspect you will change within a very few years. When you do, you probably will find you then have more privacy and lower expenses than you do today.

Rather than paying the higher prices for the next several years, I might suggest you might evaluate your options TODAY to see if it makes sense for you to switch now.

Continue reading