I’m tired of paying for a VPN, a service that claims to protect your privacy while connected to a public Wi-Fi network in the local cafe, airport, or hotel.
For over a decade, security experts have recommended using a VPN to protect your internet traffic from bad actors trying to spy on you. But just as tech gadgets get obsolete over time, so do some tech tips.
The reality is that web security has improved so much over the past few years that VPN services, which charge monthly subscription fees as expensive as Netflix, provide unnecessary protection for most privacy-conscious people. some security researchers said.
Many of the more popular VPN services are now less reliable than in the past, as they were bought by larger companies with shady track records. It’s a breakthrough when it comes to using a VPN service, which intercepts our internet traffic. If you can’t trust a product that claims to protect your privacy, what’s the point?
“Trusting these people is really essential,” Matthew Green, an IT scientist who studies encryption, said of VPN providers. “There’s no good way to find out what they’re doing with your data, which they have enormous control over. “
I learned it the hard way. For several years, I subscribed to a popular VPN service called Private Internet Access. In 2019, I learned that the service had been acquired by Kape Technologies, a security company in London. Kape was previously called Crossrider, a company that was called by researchers at Google and the University of California for developing malware. I immediately canceled my subscription.
Over the past five years, Kape has also purchased several other popular VPN services, including CyberGhost VPN, ZenMate, and, last month, ExpressVPN under a $ 936 million deal. This year, Kape also bought a bunch of VPN review sites that give top marks to the VPN services it owns.
A spokeswoman for Kape said the long-shutdown Crossrider was a development platform that was misused by those who distributed malware. She said Kape’s VPN review sites maintain their independent editorial standards.
“It kind of sets a worrying precedent from a consumer perspective,” said Sven Taylor, founder of tech blog Restore Privacy. “When the average user goes online to search for product information, does he know that what he is reading may have been written by the company that owns the end product? “
Here’s what you need to know.
What has changed with VPNs
Not that long ago, many websites lacked security mechanisms to prevent bad actors from listening to what people were doing when they were browsing their sites, which opened the door for their data to be hacked. It has helped VPN services become a must-have security product. VPN providers have offered to help hide browsing information from users by creating an encrypted tunnel on their servers through which all of your web traffic passes.
But over the past five years, the internet has undergone immense changes. Many privacy advocates and tech companies have pushed website builders to rewrite their sites to support HTTPS, a security protocol that encrypts traffic and fixes most of the aforementioned issues.
You have probably noticed the padlock symbol on your web browser. A locked padlock indicates that a site is using HTTPS; an unlocked means it is not and is therefore more likely to be attacked. These days, it is rare to come across a site with an unlocked padlock; 95% of the top 1,000 websites are now encrypted with HTTPS, according to W3Techs, a site that compiles data on web technologies.
This means VPNs are no longer an essential tool when most people browse the web on public Wi-Fi, said Dan Guido, CEO of Trail of Bits, a cybersecurity firm.
“It is very difficult to find cases where people have been injured by connecting to the airport, cafe or hotel Wi-Fi,” he said. Nowadays, he added, the people who benefit from a VPN are those who work in high-risk areas and who could be targets, such as journalists who correspond with sensitive sources and chief executives. company holding trade secrets while traveling abroad.
So what to do? Fortunately, most of us can stay secure online with some basic protections that, unlike VPN services, are free, Guido said.
It’s important to note that users should keep the software on their devices and web browsers up to date, as new software updates include security protections against the latest vulnerabilities, he said.
Another crucial step is to set up online accounts with two-step verification, which requires two forms of verification of your identity before allowing you to log in. This protection can help prevent attackers from gaining access to your data if they get your passwords.
For those who would still prefer not to browse the web on a public Wi-Fi network, there is a simple solution included on most smartphones. Personal hotspot, a feature for sharing a smartphone’s cellular data connection wirelessly with other devices, such as your computer, can be enabled in the phone’s settings. Many phone plans do not charge an additional fee to use this feature, although the access point does count towards the monthly data allowance in your cellular plan.
How to create your own VPN
I turned to Algo VPN, a free tool developed by Guido that automatically creates a VPN service in the cloud, which protects my browsing activity by allowing me to create a virtual tunnel on an outside server for the passage of my Internet traffic.
Following the instructions listed on the Algo VPN project website, I set up a cloud service where my VPN service would be located on Amazon Web Services, a reputable and widely trusted cloud provider. The rest of the steps were to install scripts on my computer and enter commands to generate my VPN.
After about an hour, I set up a VPN that worked perfectly. The best part? Not only is it free to use, but I no longer have to worry about trust because the operator of the technology is me.