Is Hola safe? No. The fact that it’s a nasty and dangerous “VPN” provider isn’t a huge secret. Every internet security site, VPN review site, and community-based security forum has been vigilant in reporting the dangers of Hola. Despite that, a lot of people still use it, perhaps unaware of all the risks Hola poses to their online privacy and security.
Hola is not safe. Not even a little. Here’s a comprehensive list of reasons why you should uninstall Hola right now.
Hola: Not Really a VPN
Hola markets itself as a VPN provider that offers a free and a premium plan. The truth is that Hola isn’t a VPN. Not even close.
To start, Hola does not encrypt your data. This is a primary function of a VPN and a necessary feature for privacy and security reasons.
The next VPN functionality that Hola fails to deliver is traffic re-routing. VPNs work by re-routing your traffic through a secure tunnel on one of their servers. Hola doesn’t do that. In fact, Hola doesn’t even have servers to do that with. What it does is re-direct your traffic to another user’s computer. You’ll end up using the bandwidth and public IP address of that user while someone else gets to use yours.
This kind of re-direction does not secure your traffic. It doesn’t stop third-parties from spying or monitoring your internet use. It doesn’t hide your online activities. All it does is bumps them onto someone else, and bumps someone else’s traffic onto you.
Does that mean that Hola can’t help you unblock restricted content? No. If you’re using someone else’s IP, you’ll be able to access that person’s local content. However, Hola does not unblock Netflix, BBC, or any site that checks for proxy servers.
The short version of this paragraph is that Hola isn’t a VPN. It’s a Proxy. Proxies do nothing to keep you secure and private online.
The Dangers of Hola’s Peer-to-Peer Network
As I explained above, Hola is a proxy-based service, not a VPN.
That being said, let me explain exactly how Hola works.
When you download Hola and connect to its network, you’re essentially connected to a P2P network. Same as with Torrenting, you become both the client and the server. You can use someone else’s computer and IP and they can do the same with you. This means that you use the bandwidth of a stranger just as a stranger can use your bandwidth.
So far, no encryptions, no tunneling, and you are actively allowing other people to connect to your computer. Hola claims that sharing IPs via the Peer-to-Peer network is more secure and anonymous than using military-grade encryptions, but then has this on their FAQ page:
Notice this specific sentence: “As with any new technology, in addition to the benefits it brings there can be workarounds“. So, while Hola doesn’t admit that the safety of their P2P network can be easily compromised, the did take the time to acquit themselves from any possible guilt. Very shady.
Not All Users Are Born Equal
Another thing that Hola buries deep within its FAQ page without properly explaining the implications is that premium users don’t have to share their bandwidth.
Yup. If you pay Hola $5 a month, you’re technically buying other people’s bandwidth for your own personal use. Premium Hola users get to use the P2P network without participating in it.
This is how Hola justifies this particularly enraging aspect of their service:
“For commercial use by businesses, Hola providers similar routing functionality through the Hola network for a fee…The amount of traffic that Hola passes through a peer on its network per day on average is less than a 20 second YouTube clip. Premium users of the [network] pay a monthly subscription and in return only use the network and do not contribute to it with their idle resources.”
Sounds fine, right? I mean…the traffic amounts to less than a YouTube clip, so it should be ok. Right? Wrong.
Hola in no way controls what its premium users do with their connection. In other words, Hola does not limit what its paid customers do with your IP and your bandwidth. How exactly does that translate to barely any traffic passing through their networks? (Hint: it doesn’t.)
TLDR: Hola sells your bandwidth to its actual customers. Your information (traffic) is being re-directed to other users via a proxy with zero encryptions. There is literally nothing secure or private about how Hola functions. Hola is not safe.
The Dangers of Sharing/Selling Bandwidth
Here is a list of reasons why Hola’s primary function as a P2P network should be enough reason for you to uninstall:
Someone connected to your computer can use up all of your data.
They can slow down your internet speeds.
Any illegal activity done during this connection will be attributed to your IP. Your IP isn’t hidden and can be traced directly back to you.
Someone connected to your computer can easily execute programs on your system (including a rootkit).
Hola’s Army of Botnets
A Botnet is a network of computers that have been infiltrated/infected by a hacker. Usually, the hacker sends out malware to a whole list of internet users. Anyone who ends up installing the malware (without them knowing, of course) will be turning their system into a bot in the hacker’s botnet army.
This gives the hacker control over all of these infected devices, allowing him/her to launch attacks, mostly DDoS attacks, using all of those systems.
Hola does the exact same thing. Instead of accidentally installing the malware, Hola users are actively joining this P2P network by installing the Hola software. In fact, there is definitive proof that Hola’s users are part of a botnet. Since this “provider” works on the premise of P2P sharing, this is a vulnerability that will never be fixed.
Here’s what Vectra, a cybersecurity firm, had to say about Hola after they analyzed the software:
“While analyzing Hola, Vectra Threat Labs researchers found that in addition to behaving like a botnet, Hola contains a variety of capabilities that almost appear to be designed to enable a targeted, human-driven cyber attack on the network in which a Hola user’s machine resides.”
Vectra went on to explain that:
The software can download and install whatever it wants without your knowledge.
It contains a built-in console that can kill running processes, download and run a file while bypassing anti-virus software, and access/send content to any IP address.
Is riddled with malware.
Hola and the Luminati
What a lot of Hola users don’t know is that the company has another service specifically for businesses and corporations called Luminati. It states that businesses use the Hola network to check up on their own websites from different IPs and run competitor analysis without revealing their identity. Businesses pay per gigabyte, though, which is a little weird.
To run through a gigabyte, you’d need to be doing way more than “checking up on your website”. Technically, Luminati is selling bandwidth. Your bandwidth.
It gets even worse though. An organization called Adios Hola contacted Luminati’s customer support to find out how they prevent their customers from doing anything illegal with the bandwidth they purchase.
The live chat agent made it very clear that Luminati does not know what its customers do with the purchased bandwidth. In fact, they specifically replied with “we simply offer you a proxy platform. What you do with it, is up to you” and “we have no idea what you are doing on our platform”.
So, Luminati sells Hula users’ bandwidth to anyone who would pay and does nothing to make sure that they’re using it legally.
Hola Logs A Lot of Your Information
Log data: browser type, pages visited, time spent on pages, access time, access date.
Personal information: IP address, name, email address, screen name, payment and billing information, “and other information”.
Social network information (for users who register via a social network account): Full name, home address, email address, birth date, profile picture, friend list, personal description, and “any other information you made publicly available on such account”.
In other words, Hola logs everything about you.
They also specifically state that they share all of this information with third-parties:
“We may disclose Personal Information to other trusted third party service providers or partners…We may also transfer or disclose Personal Information to our subsidiaries, affiliated companies.”
How is this secure or private? (It’s not, just so we’re clear.)
Best Hola Alternatives
To reiterate what I’ve been saying throughout this blog: HOLA IS UNSAFE. DO NOT USE THIS SERVICE.
Do, however, use a credible and trusted VPN service. Your privacy and security are of utmost importance in this day and age. There are several valid VPNs that works as great alternatives for Hola without putting you, your data, or your bandwidth at risk.
A reader, writer, and avid internet user. Hiba has spent the better part of her adult life looking for ways to have a safer and more user-friendly online experience, all while praising the uses of VPN connections to anyone who would listen.