How internet anonymity software leak user details

London, June 30 (IANS) Even the Virtual Private Networks (VPNs) — which people use in the hope of avoiding mass surveillance — leak information about the user, says a study.

VPNs are getting increasingly popular for individuals wanting to circumvent censorship, avoid mass surveillance or access geographically limited services like Netflix and BBC iPlayer.

Used by around 20 percent of European internet users, they encrypt users’ internet communications, making it more difficult for people to monitor their activities.

“There are a variety of reasons why someone might want to hide their identity online and it’s worrying that they might be vulnerable despite using a service that is specifically designed to protect them,” said study co-author Gareth Tyson from Queen Mary University of London (QMUL).

However, the new study of 14 popular VPN providers found that 11 of them leaked information about the user because of a vulnerability known as ‘IPv6 leakage’.

The leaked information ranged from the websites a user is accessing to the actual content of user communications, for example comments being posted on forums.

Interactions with websites running hypertext transfer protocol (HTTPS) encryption, which includes financial transactions, were not leaked. The leakage occurs because network operators are increasingly deploying a new version of the protocol used to run the Internet called Internet Protocol Version 6 (IPv6).

IPv6 replaces the previous IPv4, but many VPNs only protect users’ IPv4 traffic. The researchers tested their ideas by choosing 14 of the most famous VPN providers and connecting various devices to a WiFi access point which was designed to mimic the attacks hackers might use.

Researchers attempted two of the kinds of attacks that might be used to gather user data. One is ‘passive monitoring’, which means simply collecting the unencrypted information that passed through the access point.

The second is DNS hijacking, which is redirecting browsers to a controlled web server by pretending to be commonly visited websites like Google and Facebook.

The study also examined the security of various mobile platforms when using VPNs and found that they were much more secure when using Apple’s iOS, but were still vulnerable to leakage when using Google’s Android.

“We’re most concerned for those people trying to protect their browsing from oppressive regimes. They could be emboldened by their supposed anonymity while actually revealing all their data and online activity and exposing themselves to possible repercussions,” Tyson said.

Leave a Reply

Please enter your comment!

The opinions, views, and thoughts expressed by the readers and those providing comments are theirs alone and do not reflect the opinions of or any employee thereof. is not responsible for the accuracy of any of the information supplied by the readers. Responsibility for the content of comments belongs to the commenter alone.  

We request the readers to refrain from posting defamatory, inflammatory comments and not indulge in personal attacks. However, it is obligatory on the part of to provide the IP address and other details of senders of such comments to the concerned authorities upon their request.

Hence we request all our readers to help us to delete comments that do not follow these guidelines by informing us at Lets work together to keep the comments clean and worthful, thereby make a difference in the community.

Please enter your name here