Many Android VPNs don’t do their job, according to security report
Your privacy may not be as private as you think.
According to a new paper funded by the CSIRO’s Data61 research institute and the US National Science Foundation, many of the Android VPN apps found on the Google Play store have been found to leave user data exposed. “Our results show that — in spite of the promises for privacy, security and anonymity given by the majority of VPN apps — millions of users may be unawarely subject to poor security guarantees and abusive practices inflicted by VPN apps,” stated the researchers.
The study found that 82% of the apps requested permission to access accounts data and private text messages, 75% used third-party tracking libraries, 18% used tunneling protocols without encryption and 84% left IPv6 traffic unprotected due to lack of support, misconfigurations and developer errors.
Worse still, of the 283 apps tested overall, 38% were found to contain “some malware presence” when run through the free online virus scanner VirusTotal. These include the popular apps EasyOVPN, TigerVPN and VPN Free.