Stop using the Hola VPN right now. The company behind Hola is turning your computer into a node on a botnet, and selling your network to anyone who is willing to pay.
“selling access to the network through a site called Luminati”
Come on man, you wanna maybe pick a… less sinister name?
Dammit, the only reason I got Hola was because Reddit told me to a few months ago in a top post. You guys tricked me!
Quick question. I used media hint, an older version when it was free. any ideas on it’s security? It’s reliable in that I only ever use it for pandora music.
This is the best tl;dr I could make, original reduced by 71%. (I’m a bot)
If you're using Hola, a free virtual private network that lets you stream things like Netflix abroad, you need to stop immediately.
Security researchers discovered multiple security flaws in Hola and published their findings on a site called "Adios Hola.".
Hola is going even further, by selling access to the network through a site called Luminati from $1.45 to $20 per GB. On Adios Hola, researchers published chat logs between them and the company explaining that they don't enforce rules that say people shouldn't be engaging in illegal activity because the company has "No idea what you are doing on our platform."
Extended Summary | FAQ | Theory | Feedback | Top five keywords: Hola^#1 user^#2 network^#3 researchers^#4 Security^#5
Post found in /r/technology, /r/firefox, /r/chrome, /r/dubai, /r/indonesia and /r/realtech.
Anyone have good suggestions for alternatives?
It seems the extension has been removed from the Chrome store:
Item not found. This item may have been removed by its author.
Wasn’t his known for years? I still argue with people on /r/documentaries about not using it lol.
Does Hola do this when it’s “off”? I literally use Hola for about 30 seconds once a week during football season. I start a connection outside the US so I can launch NFL Game pass, and once it’s launched I disconnect the VPN.
So I probably have it “on” less than 10 minutes a year but it is installed and the extension enabled all the time.
Looks like they updated their website to now say:
Hola is a peer to peer network that provides everyone on the planet with freedom to access all of the Web! It works through the community of its users - Hola users help you to access the web, and you help them in return when your computer is not in use (see FAQ).
But if we go back 3 days, it wasn’t there. http://web.archive.org/web/20150528175041/http://hola.org/
Is it enough to disable it? ive had it disabled for awhile.
I don’t see Hola avaialble anymore on the chrome web store. Did they remove it?
What if I am paying for Hola? Does it still use me as a node?
How can I check?
How many people have actually gotten in trouble because of HOLA and someone using their connection to do something illegal?
if the service is free, you’re the product
I’m afraid this ship has sailed and now everyone thinks this is gospel, but this phrase is a pretty big generalization. Sometimes it applies to bad behaviors and sometimes to benign ones.
I think it hinges on how careful a company is with your identity.
This VPN example shows an example of a company’s literally selling data about a person that can be tracked back to you. That’s really not good.
However, people will also say that companies like Spotify or Google make you “the product” when you use their free services.
In those cases, you’re “the product” in the same way you’re “the product” when you drive down there street and see billboards.
Companies like Spotify and Google don’t sell you, they sell advertisers on access to your field of view. They don’t sell your data or identity. Rather, they use data points to show you ads you might care about.
Apple goes about it differently: they use free services to lock your into iOS and keep you on the platform. You’re not “the product,” but they’re using free stuff to keep you from leaving.
Aw fuck, am I compromised in some way? Can I remove the problem? I’ve definitely used this for streaming US sites.
The general rule is that if a product is free then you are the product.
Of course it’s turning your computer into an exit node. That’s how it’s FREE, not Hola has been more than sketchy about this (only adding this disclaimer AFTER the news broke) but people should know nothing is free (TANSTAAFL). They should have been more upfront but being an exit node isn’t the end of the world and for some people is a fair trade off. As for selling data through the network I’m divided. The costs appear high enough that use for DDoS (unless using reflection attacks which I don’t know enough on to say one way or the other in this case) doesn’t seem plausible and there are legit reasons for wanting to appear to come from multiple IP’s (this may often be for “gray use” area’s like scraping but I’m no that opposed to scraping).
Also I use PrivateInternetAccess and have found their service to work very well for my uses ($40/yr, unlimited, up to 5 devices concurrently, socks5/PPTP/Native-client connections). Right now I use it on my phone all the time, on my laptop 99% of the time, and all of my torrenting goes through it. Speeds are great and I often forget I’m on the VPN. I am not affiliated with PIA in any way and I only started using them last month so take my advice with a grain of salt but I was referred to it by longtime users.
Don’t use a VPN that requires you to install their software. Use one that supports OpenVPN and download OpenVPN straight from openvpn.net.
It would be lovely if the top comment was how to uninstall Hola!.