Android VPN Apps Lack Security
https://sp-security.blogspot.com/2017/02/android-vpn-apps-lack-security.html
Security
researchers have warned over the lack of security in many VPN apps
offered by Google Play – more than a third of the tested apps had
built-in malware, and 2/3 featured at least one third-party tracking
library. Over 80% leaked IPv6 traffic.
Today, lots of Internet users choose to use the all-in-one VPN options available on Google’s Play store instead of premium VPN packages from reputable companies. Apparently, that could be quite a risky strategy, as many VPN apps available from Google Play carry malware, spyware, adware and cause data leaks.
In most cases, when users are choosing the app in the app store, they compare the number of downloads and the “star rating” of apps. However, it turned out that among the 283 apps tested, even the highest ranked and most popular apps carry troubles for users. The researchers identified 5 types of malware detected in the apps: adware (43%), trojan (29%), malvertising (17%), riskware (6%) and spyware (5%). In the meantime, only a marginal number of VPN users raised any concerns over these issues in the review sections for each app, although many of them experienced serious problems. At the same time, the high number of downloads suggests that people still have confidence in such apps, despite the problems they cause.
According to the same research, 2/3 of the tested VPN Android apps offer services to enhance online privacy and security, but at the same time, 75% of them use third-party tracking libraries and 82% request permissions to access sensitive data like user accounts and text messages.
Although VPN users usually associate this service with encryption and privacy, about 18% of the tested apps use tunneling protocols without encryption, and 16% of apps route traffic through other users of the same app instead of using dedicated online servers. Finally almost 85% of the VPN apps had IPv6 leaks, and 66% had DNS leaks due to misconfigurations or developer-induced errors.
So, if you are one of the users looking for the all-in-one VPN options available on Google’s Play store, you will have to carry out your own research before choosing the best app. The first recommendation is to choose well-known companies that are transparent about their practices.
Thanks to TorrentFreak for providing the source of the article.
Posted by:
Today, lots of Internet users choose to use the all-in-one VPN options available on Google’s Play store instead of premium VPN packages from reputable companies. Apparently, that could be quite a risky strategy, as many VPN apps available from Google Play carry malware, spyware, adware and cause data leaks.
In most cases, when users are choosing the app in the app store, they compare the number of downloads and the “star rating” of apps. However, it turned out that among the 283 apps tested, even the highest ranked and most popular apps carry troubles for users. The researchers identified 5 types of malware detected in the apps: adware (43%), trojan (29%), malvertising (17%), riskware (6%) and spyware (5%). In the meantime, only a marginal number of VPN users raised any concerns over these issues in the review sections for each app, although many of them experienced serious problems. At the same time, the high number of downloads suggests that people still have confidence in such apps, despite the problems they cause.
According to the same research, 2/3 of the tested VPN Android apps offer services to enhance online privacy and security, but at the same time, 75% of them use third-party tracking libraries and 82% request permissions to access sensitive data like user accounts and text messages.
Although VPN users usually associate this service with encryption and privacy, about 18% of the tested apps use tunneling protocols without encryption, and 16% of apps route traffic through other users of the same app instead of using dedicated online servers. Finally almost 85% of the VPN apps had IPv6 leaks, and 66% had DNS leaks due to misconfigurations or developer-induced errors.
So, if you are one of the users looking for the all-in-one VPN options available on Google’s Play store, you will have to carry out your own research before choosing the best app. The first recommendation is to choose well-known companies that are transparent about their practices.
Thanks to TorrentFreak for providing the source of the article.
Posted by:
SaM
extratorrent
