Stories
Slash Boxes
Comments

SoylentNews is people

Several Privacy-Busting Bugs Found in Popular VPN Services

posted by cmn32480 on Friday March 16 2018, @04:23PM   Printer-friendly
from the i-wanna-be-an-anonymous-coward dept.

"exec" writes:

Three popular VPN services have been found to leak private user information, which if exploited could be used to identify users.

The report, published Tuesday, reveals several vulnerabilities in Hotspot Shield, Zenmate, and PureVPN -- all of which promise to provide privacy for their users.

But the research reveals bugs that can leak real-world IP addresses, which in some cases can identify individual users and determine a user's location.

In the case of Hotspot Shield, three separate bugs in how the company's Chrome extension handles proxy auto-config scripts -- used to direct traffic to the right places -- leaked both IP and DNS addresses, which undermines the effectiveness of privacy and anonymity services.

http://www.zdnet.com/article/more-privacy-busting-bugs-found-in-popular-vpn-services/

-- submitted from IRC

Original Submission

 
This discussion has been archived. No new comments can be posted.
Several Privacy-Busting Bugs Found in Popular VPN Services | Log In/Create an Account | Top | 11 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Friday March 16 2018, @11:04PM (2 children)

    by Anonymous Coward on Friday March 16 2018, @11:04PM (#653838)

    Aren't they the one's that sold out the kid who hacked Sarah Palin's email ages ago?

  • (Score: 2) by Runaway1956 on Saturday March 17 2018, @01:39AM (1 child)

    by Runaway1956 (2926) Subscriber Badge on Saturday March 17 2018, @01:39AM (#653896) Journal

    The hacker admitted he was worried about being caught, writing "Yes I was behind a proxy, only one, if this sh*t ever got to the FBI I was f**ked, I panicked, I still wanted the stuff out there ... so I posted the [information] ... and then promptly deleted everything, and unplugged my internet and just sat there in a comatose state."[15]

    https://en.wikipedia.org/wiki/Sarah_Palin_email_hack [wikipedia.org]

    Depending on which direction we start splitting a hair, maybe a VPN can be called a proxy. But, no, PIA is not a simple proxy. The kid was relying on proxies, and apparently he didn't know the difference between an anonymous proxy, and a logged proxy. Either way, just one proxy sure as hell isn't enough to be called "secure". Typical state actors jump around the globe before reaching their targets.

    • (Score: 0) by Anonymous Coward on Saturday March 17 2018, @04:23PM

      by Anonymous Coward on Saturday March 17 2018, @04:23PM (#654117)

      Everyone knows that you have to have 7 proxies.