
"VPNs are crucial security tools that provide users with a layer of encryption and IP masking to keep data secure and to mitigate the risk of users being monitored online. However, VPN users place a lot of trust in these services -- and if the provider does not maintain strong security practices, it negates the point of using a VPN in the first place."
"zLabs researchers separated the security issues they uncovered into five categories. In total, 65.13% of the apps demonstrated issues in the first category, risky behaviours and APIs, which included some VPNs possessing the ability to take covert snapshots of user interfaces and insecure activity launches, which could lead to the app being forced into an insecure state, user input injections and capture, and data exposure."
Roughly 800 free VPN apps across Android and iOS exhibit widespread security and privacy vulnerabilities. Many apps provide no meaningful privacy protections and can expose user data, device state, and activity. Over 65% of apps showed risky behaviors and API issues, including covert user-interface snapshots, insecure activity launches that can force insecure states, user input injection and capture, and data exposure. Weaknesses in exported content provider systems can enable data theft and privilege escalation. Problematic permissions and strange permission requests further increase risk, while only a minority of free VPNs avoid shady data collection or malicious behavior.
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]