VPNs are Finally Dead; Long Live The Onion Router!
The ubiquity of access to the Internet in today’s digital age has created a false sense of security where users believe they’re ultimately secure. And while this may be true for the most part, it’s the companies selling protection in the form of Virtual Private Networks (VPNs) that have perpetuated this myth.
For years, the only safe way to connect two or more networks protected by firewalls was to do so through a VPN—an extension that authenticates and encrypts communication between public or shared networks.
Like most things, Internet security has become a commodity, but new evidence suggests that some of the services we’ve come to trust with our online security may not be up to the task.
Studies Reveal Weaknesses
A new study from researchers at Sapienza University in Rome and at Queen Mary University in London found that 10 of the world’s 14 most popular virtual private network (VPN) services leaked IP data when they registered their credentials and tested the software.
These companies were, in alphabetical order: AirVPN, Astrill, ExpressVPN, HideMyAss, HotspotShieldElite, IPVanish, Mullvad, PrivateInternetAccess, proXPN, PureVPN, StrongVPN, TorGuard, Tunnelbear, and VyprVPN.
The unfortunate reality is that if a group or individual were to covet sensitive information, it would be well within their ability to access via passive monitoring and/or DNS hijacking.
The former describes a scenario where unencrypted information can be collected, and the latter refers to a more devious approach whereby the user is redirected to a controlled web server masquerading as a popular site like Facebook or Google.
Such threats have been allowed to persist because of a systemic dependence on outdated technology infrastructures and the increasing sophistication of brute-force computer hacking, not to mention a general inability to protect information inclusive of browsing history against public detection.
This amounts to a significant problem that affects us all and the question on many people’s mind now is, What can be done? The answer may lie in appropriating a hacker’s best and most useful tool: true anonymity.
TOR and Traffic Encryption
While there is some merit asking users to take the necessary precautions when browsing online, experts are praising The Onion Router (TOR) for its ability to eliminate this line of thinking. In fact, they’re saying it’s a far superior alternative to VPN services.
Put simply, the TOR network allows users to mask their virtual footprint by disguising their identity and moving encrypted data through multiple TOR servers. In this way, nothing can be tracked back to your computer. The downside is that slow load times may be an issue.
The service is free and available as part of a non-profit organizational initiative to promote the widespread acceptance of online privacy tools. All you have to do is download the browser and you’re good to go.
Who Benefits from This Technology?
Journalists operating in foreign countries that impose strict censorship laws are expected to benefit greatly from this new technology, but it’s ultimately open to everyone. For the average user, what this means is that they can finally keep their information out of the hands of unscrupulous marketers, third-party ISPs, and white-collar criminals.
TOR is still relatively young and won’t solve every privacy issue overnight, but it is making great strides in that area. You can rest assured that its affiliation with a non-profit organization will guarantee the network is kept up to date and is continually improved upon to meet the needs of its growing audience.
The Future of VPNs in the Face of TOR
VPNs were never really designed for use beyond internal corporate communication channels and, as we’ve seen, are becoming inadequate for handling today’s online security issues. And, as more and more individuals and business come to appreciate the TOR network, the safer it becomes.
When the world’s leading online privacy companies are unwilling to make good on their promises of a more secure future, a sacred trust is broken. It will be some time before VPNs are capable of addressing and fixing the problems outlined in the report, but in the eyes of their users, the damage may already have been done.
When are you going to make the move?
Image credit: @felixtriller (via Flickr)