Free Chrome VPN Extensions Leave Users Exposed
The online security concerns have made people all over the world wary of using Internet service. But the Internet is a necessary evil, and hardly anyone in this tech-driven age can go without using it (anyone who needs to compete or be productive needs to use the Internet). Therefore, to keep people safe online, a number of tools have been created. They can be free or paid, can be simple or complicated to use, but they all promise to provide data protection to users by keeping away cybercriminals, hackers, snoopy Internet service providers, and security agencies.
A Tool for a Thousand Uses
A virtual private network (VPN) is one such tool that offers privacy protection to users, besides a range of other services such as IP masking, content unblocking, and others. Because of the popularity of VPNs, there is a range of such services available now, both free and paid. Needless to say, people are more drawn towards the free stuff, therefore, the number of free VPNs have increased by leaps and bounds.
While premium VPN Chrome extensions have a registration fee as well as a monthly fee, free VPNs don’t cost anything. People can just sign up and start using the application on their phone or computer.
Newer smartphones these days also come with preinstalled VPN. Many browsers, such as Opera and Chrome, offer free VPN extensions so that people can use the VPN service directly from their browsers without downloading or installing any other application. The VPN services that come preinstalled are always free.
Nothing is Free
In recent times, a lot of privacy breaches and data leaks by free VPNs have come to light. That free VPNs make money by collecting and selling user data is a known fact. Running a VPN service requires money because maintaining servers in different countries isn’t a mean feat.
When a VPN doesn’t charge money from customers it is undoubtedly making money by selling customer data to advertising partners because free VPNs are always ad-supported.
Most recently there has been another case that highlights how unsafe free VPNs are. Instead of protecting your data, they make you more vulnerable to external threats. The latest research has found that several VPNs are leaking DNS queries and exposing the Internet activities of the user to the Internet service provider.
The research was conducted by ethical hacker and security researcher John Mason, who provided a detailed study involving seventeen different VPN services that work as Chrome browser extensions. Ten of those VPNs, all of them free, have been found to leak data.
What are DNS queries? They basically refer to requests your computer makes to the Internet for the websites you want to visit. In the normal case, a VPN is supposed to mask such queries.
But the research has uncovered that the browser extensions have been leaking the data because of a Chrome function called DNS prefetching. This function is intended to help websites load faster by making Chrome prefetch domain names that appear in the hyperlinks that come up in the browser.
For instance, when Chrome comes across a Google search result page the browser extracts the domain name from each hyperlink and assign each of them to an IP address.
A Perplexing Issue
What Mason has found is that several of the VPN Chrome extensions studied have failed to mask this prefetching function, exposing DNS queries to an ISP. Since the study was published, a few of the VPNs mentioned have fixed the problem, but not all of them seem to bother about the leak. One of the VPNs studied in the research, Hola VPN, doesn’t intend to change anything.
Hola has said that it is basically a content unblocker, used by those who want unrestricted view of video content from other countries. For instance, people in the US who want to view Netflix UK can use Hola VPN. Those who don’t want an unblocking service and only seek privacy protection should use a different VPN. That’s the reason before purchasing a VPN, people must look deeper into the types of services they provide.
Mason again studied the VPNs included in the research after they claimed to have fixed the issue and found that the problem persists. It basically means that in order to provide complete security to users, these VPNs would need to change the way they operate, which they aren’t willing to do.
The Main Goal
The only option to people right now is to choose only sterling VPNs that have had a long run in the industry. By avoiding free VPNs and choosing dependable paid services, users can minimize the risk and protect their data online. In case you’re looking for a Chrome VPN add-on that actually does protect your online privacy, install ExpressVPN’s Chrome extension.