Hola, a popular VPN service, is in deep trouble. According to the latest revelations from 8chan, if you use the free Hola service, you may have become part of a botnet, and could have involuntarily participated in DDoS attacks. Even paying subscribers have been exposed to serious security holes that enable anyone to execute malicious programs on your computer, leaving you vulnerable to ongoing cyber attacks.
How Hola works
Hola is not technically a VPN service; it doesn’t own or lease VPN servers, nor does it pay for any bandwidth. Actually, Hola operates like a bit torrent service for web browsing. Every user connected to Hola’s network is considered a peer, with non-paying users defined as exit nodes, which allows other Hola users to use those nodes as a proxy to access the Internet. Hola tracks each user and routes traffic from peer to peer, describing its service as a “peer to peer VPN network”. Hola claims its service gives people the freedom to browse the Internet without censorship and allows people to browse the web anonymously. However, in fact, Hola’s network presents serious security and privacy issues.
- Because Hola doesn’t maintain any VPN servers it has no control of the security of the machine that routes your traffic.
- Unpaid users become by default an exit node of the Hola network. This means other users can browse the Internet through your device, so your IP address becomes the “foot print” of another person’s online activity. If that person did something unlawful, it would be traced back to your IP.
- Hola also has a sister site – Luminati, which sells access to its network to anyone who is willing to pay. Selling users’ bandwidth without their informed consent is at the very least dishonest, but exposing them to security risks and malicious attacks is clearly unethical and irresponsible. A malicious person can use Hola’s network to create a botnet and launch a DDoS attack devastating enough to take even a large website down – imagine 40+ million users trying to access Facebook at the same time. That’s what happened to 8chan.
While Hola claims to protect your privacy and enhance your online security, in reality it does exactly the opposite. Hola creates a security hole on your device and makes you vulnerable to cyber attacks. If you’re still using Hola, you should uninstall it immediately. Now the logical question is, “what are the alternatives”?
The closest alternative to Hola is TunnelBear. It works not only on mobile devices and desktop computers, but also as a standalone Google Chrome browser extension. That means you can browse the web with VPN and still access the local network and conduct other Internet activities without VPN. Because the TunnelBear Google extension only works with the Chrome browser, it doesn’t encrypt all traffic from your computer. To encrypt all the traffic install the TunnelBear desktop application. The following is a list of trusted VPN services to replace Hola. The VPN listings are in no particular order; click on the column header to sort them according to your needs.
|VPN Service||Price [one year]||Logs Keeping||Jurisdiction|
|ExpressVPN||$99.95||No||British Virgin Islands|
If you come across a good VPN service you’d like to recommend, please tell us about it so we can include it in the listing.
And don’t forget to share this post with anyone who might still be using Hola!
Image credit: https://www.flickr.com/photos/ukaaa/
Got a question? Post it in our forums. We’ll work it out.