back to article Do you use Hola VPN? You could be part of a DDoS, content theft – or worse

Embattled "free" VPN provider Hola is facing criticism over its practice of turning its users into exit nodes in a paid-for anonymisation service which can easily be used for nefarious activities. Hola's software is also claimed to include "unpatchable" vulnerabilities allowing takeover of user machines. As the Register …

  1. Anonymous Coward
    Anonymous Coward

    Coffee --> Screen

    People sign up for a free VPN service in Israel and expect a secure service? Humanity is doomed.

    1. HMB

      Re: Coffee --> Screen

      It's easy to say in retrospect, but if you have hope that there are solutions, then you can do more in life. The trick is being careful. I won't use it now, but when I did use it it was a valuable resource. I gained from it, but took the precaution of making it completely separate to my normal profile to protect information. I also kept only to the Chrome plugin to benefit from the sandboxing and didn't touch the standalone executables.

      Have sex people, just use protection. It's a metaphor.

      If you get cynical about everything, you wouldn't do anything. You would be too cynical to fall in love, too cynical to believe in yourself.

      It's about protecting yourself and being a bit daring in life sometimes that we get the most reward, so yes, I used Hola, no, I wouldn't now, no I don't regret it, I will keep believing that new things can have very positive impacts on how things can be for humanity.

      If you truly don't believe in any security or capability of anything positive, then expressing yourself on the Internet is a bad idea. I tend to refrain from that, but I want to see what can be possible. I love my TED talks. Am I making sense?

      1. FrankAlphaXII

        Re: Coffee --> Screen

        I don't believe in security. Only idealists and fools do.

        Edward Snowden stole how many files off NSAnet and JWICS and didn't get caught? He knew noone was paying attention and exploited that lapse in security to create a conversation the world should have been having at the end of the Cold War. Aside from the National Command Authority's emergency action messaging system, JWICS alone is supposed to be the most secure communications network there is by design, and even they're vulnerable to an insider launching an attack.

        I do believe in layers of security, that old defense in depth maxim. It costs more (whether its actual money or just time) but if you believe in keeping people who don't belong away from looking at your stuff it is well worth it. As long as it actually works correctly. But its hard to tell what works and what doesn't, especially not in the early days of an Arms race.

        There will always be a way to counter any sort of defensive measures somehow anyway. Best you can do is make yourself so difficult a target and make your garbage look so interesting that A.) no one bothers because the problem looks too difficult, and B.) if they do manage to succeed, they don't get anything of value other than maybe some plaintexts which will have nothing to do with the real keys but are there to drive opposing forces cryptographers insaner and waste their time.

  2. TeeCee Gold badge
    Coat

    Translation.

    "We would also welcome their participation in our upcoming Vulnerability Bounty Program...."

    Translates as:

    "Everything else we've tried has failed, so we're going to bribe these bastards to STFU..."

  3. PattyCummings4

    Hola screwed up big time, man. You expect a free VPN to be secured, No Way... I am currently using IronSocket. It works great PPTP and L2TP and OpenVPN support and no logs :D Pretty amazing I recommend it.

  4. kevinkanode

    If something looks like too good to be true, it most likely is.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021