Android Padlock
Android Padlock

If you have ever heard or read anything about VPNs or Virtual Private Networks, it will surely have been to praise its great advantages when it comes to surfing the Internet securely, especially if we do it from an open or public Wi-Fi network.

It is true that a VPN encrypts our communications and improves security, but it is also true that not all the mountain is oregano or gold is all that glitters, so if you are thinking about using a VPN solution from a secure provider, be very careful, because some of these services suffer failures and leaks that could jeopardize your privacy and security.

Although there are many VPN solutions on Android, as a general rule and understanding what a VPN is, you should never use a stranger’s private network unless it is completely trustworthy, just as we do not use Wi-Fi networks that seem unreliable. But let’s get a little on the subject…

VPN? What the hell is a VPN?

If we are clear about the concept of local network, which is the network that any of us can have at home with the router and several connected equipment, it will be very easy to understand what this is of a Virtual Private Network or VPN.

Broadly speaking, and without technical explanations, a VPN allows a device to connect to a local network through the Internet by sending its data traffic in an encrypted form. That is, if you create a VPN in your home, you can connect from anywhere, through the Internet, as if you did from your livingroom.

The implications are several, and all lie around the encryption of communications and the connection through the local network, that these cases makes the actual Internet output of the device connected through a VPN, is precisely the local network of destination. In addition, the device in question would be connected virtually to the destination network, or what is the same, you would go to the Internet from your home network just as you would if you were connected from your own home.

  Jan Koum, founder and CEO of WhatsApp, resigns after alleged pressure from Facebook to weaken data encryption

Does it have advantages to navigate after a VPN?

Well, it really has advantages, some of them also key, such as for example that we can connect to an open Wi-Fi network from anywhere without fear that nobody can capture our communications and inspect them, because they will be encrypted.

A VPN also allows our Android device to go online virtually from another site, so we can skip the regional protections of some services, such as those that restrict access to a series, news or sporting events depending on the country of connection.

Likewise, it is also possible to connect from anywhere to our local network as if we were at home, using computers or printers connected without any restriction, and even being able to make VoIP calls as if we started them at home.

Why should not you trust a stranger’s VPN?

Well for many the reason may already be obvious after the explanations, and is that if we use a VPN to feel more secure and that no one can read our data traffic, you should know that this traffic will reach the VPN provider who can actually read it and analyze it even more than it openly recognizes.

Purposes for this analysis can be infinite, and no matter how secure the VPN provider is, it is a private network of a third party that manages that someone, so this network can have unintentional security problems and leaks that they could endanger the privacy of the users connected through it.

In fact, the breach detected in WebRTC that allowed to obtain the real IP of the connected users after the service, put in doubt to all those denominated “safe providers”, that still try to recover of the blow.

  Meltdown patches opened a serious vulnerability in Windows 7

According to the well-known security expert VoidSec, up to 23 percent of the most popular VPN providers on the Internet have filtered IP addresses of their users through WebRTC, a problem that has been dragging on since 2015 and for which there are some plug-ins or complements that repair it.

For those who do not know WebRTC, it is a popular open source project implemented in the main web browsers, and that allows communication in real time through APIs made in JavaScript. It is generally used to run chat or instant messaging applications for web browsers, among other similar functions such as video calls or exchange of P2P files.

The problem is not trivial, and according to VoidSec, WebRTC can be used to consult information that should remain private, since the protocol allows requests that return both the domestic IP address, the hidden one, and the local network addresses for the system it uses. the user.

These requests are not visible because they are not part of any XML or HTTP interaction, but they can be obtained with simple codes created in JavaScript, functional also in practically all browsers , as the most important ones – Chrome, Firefox, Opera, Samsung’s Internet, Brave, etcetera- carry WebRTC enabled by default.

And then… is there any way to navigate completely safe?

Well, the answer to that question is that everything is relative, because you would not navigate completely secure or configuring your own VPN with your own security and privacy policies, because all computer systems are exposed to vulnerabilities.

  What does your favorite song know?

At least, we do have a list of VPN services in which users have leaked data, more than interesting information available on the website of VoidSec itself.

In addition, and although the experts advise us to effectively configure our own VPN with options such as OpenVPN, completely free, it is also indicated that it is best to disable WebRTC to protect our privacy, something that in Chrome requires installing extensions such as uBlock Origin and that in other browsers. It is done in the configuration itself or through other methods that can be easily found on the Internet.

And obviously, using logic will lead us to a successful conclusion, because the biggest problem for commercial VPN providers is precisely that, they are companies and companies do not always look for the good of their clients, but rather to earn money.

Some companies monitor our activity in the VPN to promote targeted ads, others are simply insecure, and in general most of the free VPN services are always avoidable, because they are generally monetized with our information.

You know, surfing the Internet safely is no child’s game, and even insurance providers are sometimes as safe as it seems. And you… do you use VPNs in your day to day? Also on Android phones?

Leave a Reply