1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Hundreds of free VPN apps are not fit for purpose - but sadly, we

    From TechnologyDaily@1337:1/100 to All on Thursday, October 09, 2025 20:45:09
    Hundreds of free VPN apps are not fit for purpose - but sadly, we can't tell you which are the naughty ones

    Date:
    Thu, 09 Oct 2025 19:32:00 +0000

    Description:
    Report reveals widespread privacy risks among free VPNs, including outdated code, hidden permissions, and insecure data handling practices.

    FULL STORY ======================================================================Many free VPNs act like spyware, collecting sensitive user information Several
    apps misuse permissions, turning privacy tools into tracking systems VPN developers often justify excessive access with misleading security explanations

    The growing popularity of free VPN apps has provided mobile users with an
    easy path to privacy - however, new evidence also suggests many of these apps may be doing the opposite of what they promise.

    Research from Zimperium zLabs has claimed a large portion of free VPNs for Android and iOS request excessive permissions, use outdated code, and may expose users to surveillance-level risks.

    Despite the scale of the findings, the report did not disclose which apps
    were involved, leaving users to rely on their own caution when choosing what they believe to be the best free VPN service . When privacy tools become surveillance risks

    A VPN app is supposed to encrypt and protect network traffic, but many of those analyzed show behaviors that contradict this purpose.

    Some request Androids READ_LOGS permission, which allows them to view system-wide activity, potentially giving them access to usernames, passwords, and personal messages.

    This ability effectively turns them into spyware, capable of keylogging and avoiding mobile threat detection.

    Others seek iOS permissions such as LOCATION_ALWAYS, granting 24-hour GPS tracking that enables continuous surveillance of a users movements.

    These permissions, which have no legitimate use in a VPN, can be combined
    with traffic data to create detailed profiles of a persons online and offline habits.

    Zimperiums analysis found many cases where free VPN apps requested private entitlements, which allow deep access to a devices operating system.

    Such privileges can let an app run code, extract sensitive data, or gain control over the device, creating serious privacy and security risks.

    Some apps also use outdated OpenSSL libraries still vulnerable to the Heartbleed bug from 2014, showing that many developers are neglecting even basic patching standards.

    Others fail to validate certificates properly, exposing users to man-in-the-middle attacks that allow interception of supposedly secure traffic.

    Researchers also found VPN apps requesting permissions like
    USE_LOCAL_NETWORK.

    This allows them to map nearby devices on a Wi-Fi network, a function better suited to malware than security software.

    Developers sometimes justify such access by claiming it improves connection troubleshooting, yet in practice, it allows device scanning and network reconnaissance.

    Several apps can even capture screenshots, exposing user data that is visible on the screen.

    With hundreds of VPNs found to present such risks, the difference between secure and unsafe tools becomes critical.

    Unfortunately, Zimperium declined to share the list of these VPNs, therefore, users must approach free VPNs with skepticism.

    Also, they should favor providers that undergo independent audits, clearly disclose their privacy policies, and avoid intrusive permissions.

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. You might also like These are the best firewalls around today Also take a look at the best endpoint protection software around Marketing teams ecstatic about
    AI as a paltry 7% of CMOs say they don't see ROI



    ======================================================================
    Link to news story: https://www.techradar.com/pro/hundreds-of-free-vpn-apps-are-not-fit-for-purpos e-but-sadly-we-cant-tell-you-which-ones-are-the-naughty-bunch


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)