We are living in a world that is heavily dependent on technology and the innovations of tech firms progressively amassing more power than any one of us in our right minds should be comfortable with.
Facebook, Google, Apple, Microsoft, Samsung: all the tech giants helping shape the future of the world with cutting-edge research and technological products are also – unfortunately – impinging on some of our most fundamental rights. The right to privacy remains the most threatened of all.
This is where tools like VPNs and proxies come in to save us from companies, institutions, and governments overeager to acquire our personal data available online, often without express permission.
But healthy skepticism demands that we question if these supposed guardians of online privacy aren’t the enemies themselves. The short answer, in many cases, is that they don’t.
The purpose of this article is to demonstrate why free proxy services and many free VPNs may be compromising – rather than protecting – your online privacy without your knowledge.
The Insecurity of Free Proxies
To start with, let’s see why free proxies, which are easy accessible with a simple Google search, are insecure.
The most in-depth investigation of the whole deal with proxy services was performed by a cybersecurity research, Christian Haschek. The results he obtained are quite shocking.
There were a total of 443 free web proxies inspected in this research. First, let’s consider the good news Out of all the proxies tested, a 100% successfully hide the user’s IP address. That is the primary purpose of any proxy/VPN; to hide your IP address.
So far so good. Unfortunately, that’s where the good news ends and a series of bad ones start.
Have you ever found annoying ads popping out all over the screen when using a proxy? Well, it turns out that as much as 16.6% of all the proxies analyzed were actively modifying static HTML pages by injecting adware.
But the worst of it 79% of these proxies don’t use HTTPS. In layman terms, this means that your web traffic is passing naked and unencrypted through these proxy servers for anyone that has access to said servers to see.
The lack of HTTPS in proxy servers makes for the perfect environment to analyze user traffic and even steal login details.
Nonetheless, this still leaves 21% of free proxies that do use HTTPS and thus at least deserve the benefit of doubt on our part. But if you are someone that values your privacy even a little bit, be extremely careful when deciding on a proxy server to use.
Risks Underlying Free VPN Apps
What about free VPNs though? At first glance, you could be forgiven for thinking that a free VPN would offer much better protection, considering the strong standards of encryption that most VPN providers claim to follow.
Unfortunately, a research investigating hundreds of free VPN apps on Google Play Store revealed a different story. According to this study, more than of the 30% of the free VPN apps inject adware to user’s devices, while 18% of these didn’t use any form of encryption.
The last fact is particularly alarming because one of the reasons that people use VPNs is to keep themselves secure on public Wi-Fi hotspots, which are otherwise easy targets for hackers. Users trusting these VPNs can be tempted to perform privacy-sensitive tasks freely, expecting the VPN to keep them safe.
But without any proper encryption to mask user traffic, these substandard VPNs only open up unsuspecting users to serious breaches of privacy.
If we compare the results of these two studies, you have the percentage of unencrypted proxies at 79%, whereas that of unencrypted VPNs is only 18%. This shows that the latter is still a much safer choice, if you have the luxury of choosing between the two.
In fact, there are still quite a few free yet legitimate VPN services with strong privacy-oriented logging policies and security protocols in place. Moreover, the situation with the safety of VPN apps has greatly improved since most of the problematic VPNs have been taken down from the Play Store and other official app stores.
As such, there are definite risks with the use of proxies as well as VPNs, but the latter fares much better on the whole.
Factors to Consider When Choosing a Proxy/VPN
Since neither VPNs nor proxies are safe 100% of the times, how can you make sure you make the right choice when you need one? Here are a few characteristics that most trustworthy proxy/VPN services share:
- Clear no-logging policies: If a provider has gone to some lengths to describe their logging policy which states their commitment to keeping no logs related to the user, chances are the provider is a legitimate one and can be trusted.
- Business model: It is extremely important to think a little critically about how a provider is making profit. VPNs and proxies require a server infrastructure. If a provider is charging you no money at all for it, they are probably selling your data to third-parties because it costs money to keep servers up and running. One legitimate business model is freemium, whereby providers only offer limited features for free while their full-fledged versions cost money. Most VPNs/proxies following this model are reliable. Those that are completely free need to be treated with a lot of caution.
- User reviews: Always perform a background check on a provider and see what users are saying about the service. Reddit is a great platform to determine the general opinion of users regarding a service. If a VPN seems to be popular and has many satisfied users, there’s almost certainly a good reason for that.
- Proxy Checker: To check if a VPN or proxy server is using HTTPs and hiding your IP, enter the server address of your proxy in a proxy checking tool such as this one. This will help you see at a surface level if your chosen server is applying encryption at all.
Free proxies and VPN services both have their demons, but the security and reliability of VPNs comfortably trumps that offered by proxies. Nonetheless, it pays to be careful no matter which IP-changing tool you’re using, because all of these are capable of seeing your online activity. If you can’t trust a particular tool, listen to your gut. It might save you from the exploits of a data-harvesting scam.