![](\"https:\/\/images.idgesg.net\/images\/article\/2018\/10\/ipsecurity-protocols-network-security-vpn2-100775458-large.3x2.jpg\"\/)
<\/p>\n
Credit to Author: Jonny Evans| Date: Thu, 08 Aug 2019 05:50:00 -0700<\/strong><\/p>\n I\u2019m told Apple is at last looking into the privacy and security of free VPN apps made available across its platforms, following a report<\/a> from researcher, Simon Migliano.<\/p>\n The researcher has flagged up several concerns that really should be recognized by anyone choosing a VPN service from both the Apple and Google App Stores:<\/p>\n That last allegation is particularly concerning.<\/p>\n Think about the nature of VPN services \u2013 while they make it much harder for third parties to access\/monitor your website traffic while you are using them, they do so by routing traffic via their own servers.<\/p>\n That\u2019s fine when your traffic is kept in a private space, but much less fine when information about what you are doing online is sold on to third parties without any oversight.<\/p>\n These could be data aggregators, hackers, or worse.<\/p>\n Given that anyone using a VPN service is likely to prize privacy and potentially seeks to protect trade secrets or other important confidential data, weak spots in the security provision are a big concern.<\/p>\n Your VPN service provider has good insight into what you do.<\/p>\n Migliano published his data in late 2018.<\/p>\n In his report, he accused both Apple and Google of not doing enough to protect users against second-rate VPN services.<\/p>\n \u201cWe notified Apple and Google of our updated findings and formally requested they address the privacy risks identified,\u201d he told me.<\/p>\n \u201cTo make it as easy as possible for them to resolve the issues, we supplied detailed lists of the apps that required their attention as they still posed a risk to users, along with recommendations on remedial steps to take.\u201d<\/p>\n He explains that Apple is now looking into his claims, though no action has yet been taken.<\/p>\n This follows Apple\u2019s decision in early June \u00a0to acknowledge that VPN apps require stricter regulation than other apps.<\/p>\n Apple also banned such apps from sharing any data with third parties, though hasn\u2019t begun enforcing this policy yet, the researcher claims.<\/p>\n \u201cHowever, unless Apple takes action to enforce these new rules and kick non-compliant apps from its App Store then it\u2019s simply paying lip service to privacy,\u201d he said.<\/p>\n To its shame, given the nature of Miglianos claims, Google has not responded at all at time of writing, the researcher said.<\/p>\n Apple meanwhile has a high-level commitment to protecting user privacy<\/a>, and recently moved to suspend human checks of Siri conversations<\/a>.<\/p>\n What makes this all the more concerning is that those apps he has identified as insecure are responsible for over 210 million downloads on Google Play.<\/p>\n Similarly, they are being downloaded 3.8 million times a month via Apple\u2019s App Store, he claims.<\/p>\n All over the world, Internet users are waking up to the need to protect their privacy.<\/p>\n This isn\u2019t just in terms of personal privacy, but as enterprise systems, workflows and infrastructure becomes increasingly digitized, privacy and security protection are becoming essential bulwarks against all manner of cyberthreats.<\/p>\n With this in mind, Migliano said:<\/p>\n \u201cEven putting aside the question of whether there\u2019s cause for concern that Chinese companies have quietly cornered the free VPN market, this category is crying out for proper regulation.<\/p>\n \u201cThe privacy boom is happening against a backdrop of growing internet shutdowns around the world, which means conditions are ripe for VPN profiteering.\u201d<\/p>\n There\u2019s a catch to all of these claims, of course:<\/p>\n Migliano works for a company called Top10VPN, which claims to test existing VPN services.<\/p>\n This means he certainly has a business case to justify exposing weak or insecure service, but may also mean his claims need to be challenged.<\/p>\n On his part, the researcher says that he is not involved in the commercial side of his company, and is not involved in recommendations the company makes.<\/p>\n Fortunately, if Apple is indeed acting on those claims, his claims will soon be challenged \u2013 and (when found appropriate) every user will benefit.<\/p>\n Meanwhile, Migliano’s company recommends ExpressVPN<\/a>, NordVPN<\/a> and IPVanish VPN<\/a>, all of which are fee-based. I\u2019ve only used NordVPN, which I liked, but have never used the other services myself.<\/p>\n How to choose a VPN service<\/p>\n Here is a little advice on choosing a VPN.\u00a0<\/p>\n “If I were pressed to recommend a free VPN, it would be a toss-up between TunnelBear and Windscribe as they operate on the freemium model, which means they don’t need to run invasive ad trackers and have revenue to fund a safe network,” Migliano said.<\/p>\n I\u2019m hoping Apple will look into these claims.<\/p>\n When it does, I\u2019d urge it to figure out some form of kite marking scheme in order that customers choosing to use a VPN service can more easily identify and choose a scheme they can trust, rather than those who subsidize their business by selling your data to data aggregators<\/a>.<\/p>\n Also read:\u00a0<\/strong>How to stay as private as possible on Apple’s iPad and iPhone<\/a>.<\/p>\n Updated: Additional information regarding Migliano’s work at his company and advice for identifying a VPN service.<\/em><\/p>\n Please follow me on\u00a0Twitter<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Credit to Author: Jonny Evans| Date: Thu, 08 Aug 2019 05:50:00 -0700<\/strong><\/p>\n I\u2019m told Apple is at last looking into the privacy and security of free VPN apps made available across its platforms, following a report<\/a> from researcher, Simon Migliano.<\/p>\n The researcher has flagged up several concerns that really should be recognized by anyone choosing a VPN service from both the Apple and Google App Stores:<\/p>\n That last allegation is particularly concerning.<\/p>\n<\/p>\nWho owns your VPN service?<\/strong><\/h2>\n
\n