Are Free VPN’s Safe? The Truth About So-Called “Free” VPN Providersjames seibel
Most people use a VPN to increase their safety when using the internet. There is a general understanding that a VPN, or Virtual Private Network, means your data is encrypted and protected from the government, advertising trackers, etc. from analyzing your internet traffic and seeing what you are doing.
This is not the case – there is no definitive VPN protocol or standard type of VPN network. Just because your mobile device has the “VPN” logo at the top, does not mean you are protected. This simply means that a VPN of some sort is running, and your internet traffic is being routed through a different server, but it does not mean that you are protected. In fact, with a free VPN provider, you are very likely having all your traffic scanned for passwords, sensitive info, etc. and someone is trying to hack you.
This week, a technology advocacy group asked the FTC to investigate “Hotspot Shield” free VPN for “sharing sensitive information with third party advertisers and exposing users’ data to leaks or outside attacks” despite promising enhanced security and safety.
After all, if free VPN’s were safe and useful, why would anyone pay for a top-tier anonymous VPN like Private Internet Access? The answer is that free VPN’s are extremely dangerous, and rational people who care about their safety pay for high-quality VPN service to prevent their data from being sold to the highest bidder, or even being hacked.
How are “Free” VPN’s free?
There is no such thing as a free lunch. Operating a VPN means running a server to handle internet traffic. It costs money to run the server, it costs money to handle the internet traffic, and it costs money to develop the free VPN application and get it into the iOS and Google Play app stores.
So why would someone offer a VPN service for free? Simply put, they are making money, either from selling your data, injecting ads into your browsing experience, or even hacking people using the service.
Selling Your Data
As your internet traffic flows into the free VPN provider, they can decrypt all of the traffic (because they have the encryption / decryption keys) and figure out which websites you’re going to (also from DNS leaks). Your user profile, which is often already known from ad trackers like Google and Facebook, is then matched with the websites you visit and sold to big data firms, advertising companies, and marketing departments at corporations. This is big business. The company can also freely provide data to the government.
Once the free VPN provider decrypts your internet traffic, it can be modified. Individual HTML pages can have their code changed to put additional advertisements into it. You pay for the extra traffic these ads use with your mobile data plan, which then makes money for the “free” VPN provider.
Hacking Your Computer and Stealing Your Accounts
On Android especially, the VPN software has full abilities to manage all network traffic on your device. The VPN app is responsible for communicating with web servers, including SSL protected websites. A sophisticated hacker can “man in the middle” (MITM) your traffic, and access your encrypted data (such as banking websites) without you being aware of the changes. Even if they can’t manage to break SSL (it’s difficult to do), they can do a variety of tricks, such as routing you to similar websites with the URL slightly different (“phishing“) to get you to enter account credentials, allowing them to steal your information without you being aware.
Our business is selling VPN routers to protect your internet traffic. We take VPN security and encryption extremely seriously. This is not a joke – free VPN’s are dangerous. Using a free VPN is monumentally stupid. The only reason to even consider using a free VPN would be to change your IP address to a different country to watch movies from different regions, but even then you have to be 100% sure you turn it off before browsing any other websites. Very risky.
Please, if you care at all about your security when using the internet, do not use free VPN’s. This is not about spreading fear, uncertainty, and doubt (FUD). Free VPN’s are very dangerous and they put your identity and security at risk.