How internet anonymity software leak user details

Posted By: Gizbot Bureau

    Even the Virtual Private Networks (VPNs) -- which people use in the hope of avoiding mass surveillance -- leak information about the user, says a study. VPNs are getting increasingly popular for individuals wanting to circumvent censorship, avoid mass surveillance or access geographically limited services like Netflix and BBC iPlayer.

    How internet anonymity software leak user details

    Used by around 20 percent of European internet users, they encrypt users' internet communications, making it more difficult for people to monitor their activities.

    SEE ALSO: Faster internet soon to become a reality

    "There are a variety of reasons why someone might want to hide their identity online and it's worrying that they might be vulnerable despite using a service that is specifically designed to protect them," said study co-author Gareth Tyson from Queen Mary University of London (QMUL).

    However, the new study of 14 popular VPN providers found that 11 of them leaked information about the user because of a vulnerability known as 'IPv6 leakage'.

    How internet anonymity software leak user details

    The leaked information ranged from the websites a user is accessing to the actual content of user communications, for example comments being posted on forums.

    Interactions with websites running hypertext transfer protocol (HTTPS) encryption, which includes financial transactions, were not leaked. The leakage occurs because network operators are increasingly deploying a new version of the protocol used to run the Internet called Internet Protocol Version 6 (IPv6).

    SEE ALSO: Internet use to drive 1.4% rise in global media consumption

    IPv6 replaces the previous IPv4, but many VPNs only protect users' IPv4 traffic. The researchers tested their ideas by choosing 14 of the most famous VPN providers and connecting various devices to a WiFi access point which was designed to mimic the attacks hackers might use.

    Researchers attempted two of the kinds of attacks that might be used to gather user data. One is 'passive monitoring', which means simply collecting the unencrypted information that passed through the access point.

    The second is DNS hijacking, which is redirecting browsers to a controlled web server by pretending to be commonly visited websites like Google and Facebook.

    The study also examined the security of various mobile platforms when using VPNs and found that they were much more secure when using Apple's iOS, but were still vulnerable to leakage when using Google's Android.

    "We're most concerned for those people trying to protect their browsing from oppressive regimes. They could be emboldened by their supposed anonymity while actually revealing all their data and online activity and exposing themselves to possible repercussions," Tyson said.

    Source: IANS

    Read More About: how to internet software
    X

    Stay updated with latest technology news & gadget reviews - Gizbot

    We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Gizbot sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Gizbot website. However, you can change your cookie settings at any time. Learn more