This makes the use of Hotspot Shield extension entirely pointless. The last 4 are harmless, but the first 3 are there only for a single purpose: collect user data and send it to the biggest privacy violators that exist, and to make sure the data is valuable, it’s sent from your IP address.Īdditionally, since Google Analytics is “white listed” (bypasses the proxy), every single site that has Google Analytics, majority of sites do, will be able to track your IP address, regardless of you using the extension. Return ‘https :443 https :443 https :443 https :443 https :443 ’ Īny request made to the following domains bypasses the proxy and is sent through your ISP assigned IP address: If(shExpMatch(host, ‘’) || shExpMatch(host, ‘’) || shExpMatch(host, ‘’) || shExpMatch(host, ‘’) || shExpMatch(host, ‘ ) || shExpMatch(host, ‘localhost’) || shExpMatch(host, ‘127.0.0.1’)) return ‘DIRECT’ Started = Date.now() if((started-100) (started + 2000))) active = true Here is what the Hotspot Shield Pac file looks like, the bolded part is of extra interest: let active = false, The Pac file is base64 encoded, you can decode it via this online tool. You can extract the Pac file by going to a special URL in your Chrome browser while connected to a location. Here is where it gets even better.īrowser extensions that proxy traffic usually implement a secure proxy via what’s known as a Pac file. You may think, “Well, I’m using a proxy, so they don’t see my IP, so all this data is useless”. You may ask yourself, “why would that be built right into the extension that claims free and unlimited bandwidth?” Ahh, right. The sheer amount of requests that the extension makes is also rather troubling. The company claims that it has accurate audience measurement to over 100 million web destinations. What you probably don’t know is that it’s bullshit.Įssentially, every single click that you make in the Hotspot Shield browser extension triggers a request to Google Analytics ( ) which logs every event like connecting, disconnecting, changing locations, etc.Īdditionally, it also makes periodic requests to which is an alias domain for Quantcast, a company that does the following: Quantcast is an American technology company, founded in 2006, that specializes in AI-driven real-time advertising, audience insights & measurement. Sounds great, now you have “Security and Privacy”, for free, with no limitations. When you install the Hotspot Shield browser extension, it gives you access to their free servers, with no bandwidth limit. In this case the bad apple is Anchor Free, and their product Hotspot Shield. That being said, there are always bad apples that ruin it for the rest. Free VPN services have a bad reputation, and in most cases it’s undeserved.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |