PSA: Don't use Hotspot Shield VPN
17Hi, in case any of you are using or are planning to use Hotspot Shield VPN, I’d strongly recommend against it- it looks like they are selling your browsing data to advertisers.
Their app is loaded with ad libraries and trackers, and they’ve been injecting Javascript into your pages specifically to track and then sell your traffic to advertisers.
See here:
and the legal complaint filed here with the FTC: https://cdt.org/files/2017/08/FTC-CDT-VPN-complaint-8-7-17.pdf
- 16 comments, 5 replies
- Comment
Don’t use them but much thx.
i use tunnelbear for when i need a vpn on public wifi
they just did a secuity audit and passed really well https://www.tunnelbear.com/blog/tunnelbear_public_security_audit/
I’ve been using PIA Private Internet Access.
Nord VPN for the win. Super cheap and super anonymous.
Just remember that you’re now placing your trust in your VPN provider, and hoping they won’t do anything funny with your traffic or the pages you’re visiting- otherwise, you get this:
If that happens, get a refund from your provider and run screaming in the other direction.
Ew.
I use Cyberghost. App is free and detects and blocks free wifi automatically before you use it. On par with Nord.
We used to use it back about 3 or 4 years ago, but always found it a PITA- slow, clunky, hard to sign into, and slow- Now I better understand why…
Thanks for the testimonials, as I have been looking for a VPN that is all of these: relatively inexpensive, very anonymized, cast-iron reliable [both as far as connection AND to not be selling all my personals to anyone], and [here is the kicker] easy for my barely computer-literate SWMBO to use w/o having to fiddle with.
@PhysAssist
Who’s tripping down the streets of the city
Smiling at everybody she knows?
Who’s reaching out to capture a moment?
Everyone knows it’s SWMBO.
@writdenied That actually sounds a lot like MY SWMBO, but the general consensus seems to be that it’s Windy…
I always liked that song, thanks!
PA
I’ve been using IP Vanish for a while at ten bucks a month. Thoughts on it?
Thats $80 more than i spend a year on PIA a year.
I don’t use a lot of VPN services, but when I need one in a jiffy I turn to https://www.vpnbook.com/freevpn. They don’t have a ton of options, but it’s OpenVPN based, and it’s free, and it seems to work.
Am I being stupid, or is this solid enough?
@simssj hard to say, but probably stupid.
We know there are many bad… at least, call them disingenuous, actors. We know bandwidth costs money. We know that good security for a company costs, at the very least, overhead, effort and time, that sort of thing, and is easy to get wrong.
What are the chances that somebody is giving strangers anonymity as a service, dealing with the inevitable abuse of their service, withstanding attacks against their servers, exposing themselves to legal complaints/risks, and swallowing that monthly bill, as charity?
I don’t know the answer, but I bet the odds are bad. (Though improved a little by use of off-the-shelf parts and some application of common sense, like disabling p2p.) I mean, there are projects like the EFF – literal charities – who do work along those lines.
As an aside, OpenVPN will be better than PPTP, as far as I’ve heard. See the description in the first paragraph at https://en.m.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol
It sounds like maybe you already knew that, but it never hurts to point it out.
Very timely. NPR just did a story on VPN issues yesterday: http://www.npr.org/sections/alltechconsidered/2017/08/17/543716811/turning-to-vpns-for-online-privacy-you-might-be-putting-your-data-at-risk
They quoted a study of 300 VPN apps on Google Play and found not only that ~40% sell your marketing info, but almost 20% didn’t even do their job: encrypt you data.
So thanks to all here for your thoughts on good and bad VPN options. As always this site and the forum are far from Meh.
It’s surprisingly easy to set up a VPN server for personal or even for a small company. Here’s an open source one that I’ve used and hosted on AWS : https://github.com/trailofbits/algo
The cost of running a tiny server in their cloud is super cheap.
Here’s an article last year from Ars Technica where they went into the challenges and ultimately the impossibility of making a Best VPN list: https://arstechnica.com/information-technology/2016/06/aiming-for-anonymity-ars-assesses-the-state-of-vpns-in-2016/
As @mollama mentioned, the majority of VPN apps on the Google Play Store are crap: https://arstechnica.com/information-technology/2017/01/majority-of-android-vpns-cant-be-trusted-to-make-users-more-secure/
OK, maybe I’m doing something wrong, but I run my own OVPN on digitalocean.com. Granted, I am pretty tech savvy and was able to set it up just through tutorials, but I pay $10/mo for the server (I run other stuff on the server, too). No one is selling my data, guaranteed. Downside is if the VPN goes down, I have to fix it. Other downside is I don’t have other country options, as digital oceans runs out of the US. But I connect to it via Mac, Windoze, and Android.
@qkerby
https://www.digitalocean.com/legal/privacy-policy/
Looks like they collect and share info.
@qkerby If you’re not using a VPN for torrenting or accessing streaming services, it matters less.
Hmmm …
https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/