Bekijk even onderstaande video, niet in scrollen, staat op het juiste tijdstip

https://www.youtube.com/watch?v=cWZqpCe-cvA&feature=youtu.be&t=5770


Tekst versie:
Hotspot Shield VPN accused of spying on its users and selling
Developed by Anchorfree GmbH, Hotspot Shield is a free VPN service available on the Windows,
Windows Phone, Mac, iOS, Android, Chrome.
An estimated 500 million users around the world.
But, sometimes you get what you pay for. The Centre for Democracy and Technology, a
US-based non-profit advocacy group, working with Carnegie Mellon University who carefully
examined the Hotspot Shield system and clients, yesterday filed a 14-page complaint with the
US Federal Trade Commission alleging that it is willfully violating its own privacy policy of
providing "complete anonymity".
The Hotspot Shield VPN app promises to "secure all online activities," hide users' IP addresses
and their identities, protect them from tracking, and keep no connections logs while protecting
its user’s internet traffic using an encrypted channel.
However, according to research conducted by the CDT along with Carnegie Mellon University, the
Hotspot Shield app fails to live up to all promises and instead logs all connections, monitors
users' browsing habits, redirects online traffic and sells customer data to advertisers.
Hotspot Shield was also found injecting Javascript code using iframes for advertising and
tracking purposes.
Reverse engineering of the app's code revealed that the VPN uses more than five different
third-party tracking libraries.
Researchers found that the VPN app discloses sensitive data, including names of wireless
networks (via SSID/BSSID info), along with unique identifiers such as its users unique Ethernet
MAC addresses and mobile device IMEI numbers.
And, the VPN service sometimes redirects e-commerce traffic to partnering domains. If users
visit commercial websites, the VPN app redirects that traffic to partner sites, including ad
companies, to generate revenue. For example, when a user connects through the VPN to access
specific commercial web domains, including major online retailers like www.target.com and
www.macys.com, the application can intercept and redirect HTTP requests to partner websites
that include online advertising companies."
Now... as we know, this is ALL tempered by the fact that not even a VPN can peer into HTTPS
traffic. But they can still monitor IP addressesAnd note that disclosing things like their users'
MAC address and IMEI number cannot be
dismissed as inadvertent and benign. it HAD to have been deliberate since neither of those
unique identifiers would ever normally travel across and IP connection. Both MAC and MEI are
strictly local-link network identifiers. So the Hotspot Shield client-side app needed to deliberately
seek and send that information.
Once again, my refrain on this will be familiar to our listeners: Hotspot Shield has the right to
whatever they choose. But they cannot misrepresent what they are doing. That's the CDT's only
complaint. If users are truthfully informed about WHY their apps and its services are free, and
how Hotspot Shield is monetizing their use of the free service, then I (and the CDT and FTC)
would have no problem with that. But it's NOT okay to be offering a service which claims to
provide absolute privacy enforcement while deliberately and by design violating that promise.
Our takeaway is that trust and reputation really matters for a VPN service provider, and
understanding the provider's economic model is crucial.