10 Tips For Selecting A VPN Service

choosing your VPN

IT’S back to the tried-tested-and-proven maxim when it comes to today’s technology.

There’s no such thing as a free lunch. And if it’s too good to be true, then there’s a high probability there’s a catch.

That was certainly the case for YunHe Wang’s victims. The Chinese national was arrested in an international joint operation in Singapore for running a major botnet known as ‘911 S5’ for nearly a decade, amassing around US$100 million in profits by reselling information access to criminals.

“Bot refers to computers controlled by a malicious actor,” explains Kevin Reed, Chief Information Security Officer (CISO) at Acronis, a Swiss technology company founded in Singapore.

Allegedly, Wang created a bunch of sites offering ‘free virtual private network (VPN)’ services, which create an encrypted tunnel for organisations to share information privately and to mask their computers’ IP addresses. 

Adds Reed: “The thinking is that VPNs protect the user from snooping on public Wi-Fi, but that is not true. 

“VPNs simply shift the vantage point from the local Wi-Fi gateway to the VPN gateway in another location.” 

Reed adds that “the VPN gateway owner knows more about you, because they usually have your payment data and it’s easier for them to correlate your traffic patterns with the real person, than it is for a Wi-Fi provider in a coffee shop.”

VPNs Still Pose Risks

Reed says there are two kinds of risks associated with free VPNs.

First, you allow unknown, unvetted software to run on your laptop.

Nobody would run VPN service if they cannot generate the revenue or at least cover the costs somehow. If the VPN user is not paying, they are not the customers. 

Free VPN services can sell your information, like browsing data, which already is intrusive, but also they can try doing other, more damaging things.

The second risk is associated with the fact that you connect your laptop to a remote location via an encrypted tunnel and as connections from your computer can go through this tunnel, connections from other computers can go through the tunnel in the reverse direction. 

This is what happened in Wang’s case. He provided a tunnel for his victims by pretending to be free VPN, but the tunnel worked in reverse, allowing Wang’s customers to access the Internet from the IP addresses of unsuspecting victims.

For example, if a victim in US installed Wang’s VPN software on their computer and used it to hide their IP address, Wang’s customers would be able to use the victim’s computer as a gateway and connect to the Internet from the victim’s IP in the US.

Wang sold access to 19 million Windows computer he hijacked, propagating his malware through Virtual Private Network (VPN) programs like MaskVPN and DewVPN, and pay-per-instal services that bundled his malware with other program files, including pirated versions of licensed software, according to court documents in the US.

Free VPNs are not necessarily better or worse than the paid ones here. 

Selecting a reliable VPN provider involves careful consideration of privacy, security, and data disclosure policies. 

Here are 10 Tips from Acronis to help you make an informed decision when it comes to choosing a VPN service.

Tips for chosing a VPN

No Logs Policy

A no logs policy means the VPN provider does not store any information about your online activities.
This is crucial as it ensures that even if the provider is compelled to share information, they have nothing to disclose.
Look for providers that have had their no logs policies audited by independent third parties.

Tips for chosing a VPN

Jurisdiction

The country where the VPN provider is based affects how your data is handled.

Opt for providers based in countries with strong privacy laws and outside of the Five Eyes, Nine Eyes, and Fourteen Eyes alliances, which share intelligence data.

Switzerland and Panama are known for stringent privacy protection.

Tips for chosing a VPN

Encryption

Ensure the service provider uses strong encryption protocols such as the robust AES-256 used by VPN providers and for securing databases. 

This high-level encryption protects your data from being intercepted and read by unauthorised parties.

Tips for chosing a VPN

Kill Switch

Like an emergency stop, the Kill Switch disconnects your internet if the VPN connection drops, thus preventing any data from leaking outside the secure VPN tunnel.
This ensures continuous protection without exposing your real IP address.

Tips for chosing a VPN

Domain Name Server (DNS) Leak Protection

If you value your privacy, which presumably is why you’d want a VPN, you have to ensure your service provider prevents your DNS queries from being exposed to your ISP.
This works by ensuring all DNS requests are routed through the VPN, maintaining your privacy.

Tips for chosing a VPN

Independent Audits

It’s important to keep your service provider honest.

Regular, independent security audits and the publication of the results demonstrate a provider’s commitment to transparency and security.
Look for providers that have undergone recent audits and have a track record of addressing any issues found.

Tips for chosing a VPN

Clear Data Disclosure

No ifs and buts…the VPN should have transparent data disclosure policies, explaining what data, if any, they collect, and how it’s used.
This includes logs of connection times, bandwidth usage, and more.

Tips for chosing a VPN

Speed & Performance

A good VPN should not significantly slow down your internet speed.
Before deciding, look for user reviews and independent speed tests to ensure the VPN performs well under different conditions.

Tips for chosing a VPN

Multi-device Support

Flexibility is vital.

Ensure the VPN supports multiple devices with a single subscription, allowing you to protect your smartphone, laptop, and other devices simultaneously.

Tips for chosing a VPN

Customer Support

Availability is key.

Reliable customer support can be crucial in resolving issues quickly.

Look for providers offering 24/7 support through various channels such as live chat, email, and phone.

See also  7 Reasons Why It's Called Investor Communications

LEAVE A REPLY

Please enter your comment!
Please enter your name here