Menu
homeInstructions

Banking review. How VPN services work in different countries and why anonymizers are difficult to ban

Anonymizers- these are special sites, programs or browser extensions that allow you to hide data about the user, his location and the software installed on his computer from a remote server.

  • Any traffic passing through the anonymizer (proxy server) will have its IP address instead of the address of the computer from which the request was made;
  • Unlike VPN servers, anonymizers (proxy servers) do not have means of encrypting information passing through them

VPN (Virtual Private Network) is a technology that connects trusted networks, nodes and users through open networks who are not trustworthy. That is, a VPN is a secure window for accessing the Internet.

A tunnel is created between the user's computer and the server with installed software to create a virtual private network.

  • In these programs, a key (password) is generated on the server and computer to encrypt/decrypt data.
  • A request is created on the computer and encrypted using the previously created key.
  • Encrypted data is transmitted through the tunnel to the VPN server.
  • On the VPN server they are decrypted and the request is executed - sending a file, logging into the site, starting the service.
  • The VPN server prepares the response, encrypts it and sends it back to the user.
  • The user's computer receives the data and decrypts it with the key that was generated earlier.

Risks and inconveniences for the user when using anonymizers and VPN services

  • More low speed Internet connections than with a normal connection
  • Possibility of leakage of user data (logins, passwords, bank details, card and payment system data) if the VPN is configured incorrectly, as well as when passing through an anonymizer.
  • Possibility of infecting your computer with viruses (via inserting malicious code when passing anonymizers).
  • The provider that provides VPN services to the user receives all information about the user’s actions while he is connected to the Internet

Is it technically possible to prohibit the use of VPN services from a particular provider?

  • It is possible to detect VPN traffic and block it, but this requires expensive equipment.
  • In the case of smartphones and tablets, you can also restrict access to VPN services according to the “Chinese model” - if Roskomnadzor agrees to exclude VPN services from mobile application stores

How users will circumvent the law on anonymizers and VPN services

  • There are so many anonymizers and VPN services that it is impossible to block all these resources. It will always be possible to find an unblocked resource that does not comply with the requirements of this law.
  • You can create your own VPN on a rented foreign site (such a service may become popular in the next couple of years).
  • If the Apple Store and Google Market stop providing the ability to download those applications that do not comply with the requirements of this law, then users will begin to download them from alternative sources such as www.apkmirror.com, http://m.apkpure.com, http://f -droid.org, etc.

Who's watching over us?

Very, very many people are watching us, from ordinary overly curious hackers to bigwigs of the world behind the scenes, and they all need something from us. Lesser scammers need your passwords, IP addresses, and confidential information. The intelligence services need to know everything about your preferences, whether you have accidentally strayed from the herd of sheep that they obediently manage, whether you are visiting those resources that you do not need to visit. Online surveillance has existed since its inception and since then there is a constant the struggle between tracking systems and those who oppose them. Those who are trying to control us have more opportunities, but with knowledge and the right multi-level security system, you can solve any problem from ordinary surfing to effective underground.

Tracking tools can be divided into three levels, but it should be understood that each higher level uses the capabilities of lower ones, so it is more like a nesting doll.

Level 1

Providers, Trojan bot networks, polymorphic viruses, rootkits. All these dangers in themselves are quite serious, but if they are not involved by higher-level systems, they do not pose a particular danger, in terms of criticality for a person, of course, and not for the PC and the data on it.

So what do they do:

Providers

They have access to all your data, collect all your registration data, cut down traffic from torrent networks, and encrypted traffic. They do all this for their own commercial purposes, so it is not particularly dangerous, but what they do as part of the measures to ensure SORM - 2 and SORM - 3 is much more dangerous, and this is described below.

Trojan bot networks

They are a new type of Trojans that are united in networks, and it is Trojan networks that are found on most infected PCs around the world. The tasks of Trojans that get onto your PC are different, there are Trojans for fools who require you to deposit money via SMS and for this they will unblock you, but these are a minority, modern Trojans are more cunning, they hide in very hard-to-reach places and do not manifest themselves in any way. Their the main task collection of data, namely your passwords, your visited pages, your documents. After he transfers this data to the owner of the network (and the average network is from 10,000 PCs), the owner of the network will either sell your PC (more precisely, your IP) for spam or hackers, or use your IP himself. Since you can't take anything from most PCs, Trojans turn them into proxies for VPN servers and use them for spam or hacker attacks. But for us, the main danger of Trojans is not that they control our PC or steal passwords, but that they set you up for dangerous hacking operations on other people’s servers, as well as other illegal activities. But what’s even worse is that many bot network holders sell stolen data to level 2 and 3 systems, that is, they leak all your data to intelligence agencies for pennies, and in return they turn a blind eye to their activities.

Polymorphic viruses

The main danger is that they are difficult to detect, in our case it is also the fact that they can be written specifically for a specific site, or for your network, or for your system’s protection, and not a single antivirus will calculate such specially tailored polymorphs (Polymorphism) . It is polymorphs that stand guard over SORM and Echelon, these are “state programs”, they are not detected by ordinary antiviruses and firewalls, are installed by the provider and have the ability to penetrate your PC at any time. Infection channels are usually provider home pages, billing, Personal Area. It’s naive to think that you can ignore this, because if they couldn’t break your communication channel, then they will scan your ports and try to get into your PC. Government polymorphic programs are not malicious, the only thing they do is tell the person who installed them all your online actions and passwords, they record your activity on the PC. There is a department in the SORM system that develops such polymorphs; unless you are an extra-class hacker, you will not be able to avoid infection with a polymorph specially written for you. But there is also opposition to this.

Rootkits

Rootkits are actively used by intelligence agencies in conjunction with polymorphs. They are a process that hides Trojans and bookmarks from you, are not detected by antiviruses and anti-Trojans, and have complex heuristic polymorphic algorithms.

Department K

User tracking aspect

When entering the network, a person immediately comes under the close attention of tracking systems. In our case, SORM - 2, your provider, which provides you with access to the network, allocates you an IP or your temporary or permanent address. It is thanks to IP that interaction occurs between your browser and the server, thanks to it you receive the information that you see on the monitor.

Peculiarity network protocols and programs is such that all your IPs are written in the logs (protocols) of any server that you visited and remain there on the HDD for a long time, unless, of course, they are specifically erased from there.

The provider has its own IP range, which is allocated to it, and it, in turn, allocates IP to its users. The provider has its own database of IP addresses, each IP address in the database is linked to the full name of the person who entered into the contract and the physical address of the apartment where the access point is located.

IPs can be dynamic (change constantly), or static, that is, constant, but this does not change the essence of the matter, the provider constantly records your movements. The provider knows what resource, at what time and how long you were.

All the resources you visited, and he writes at time intervals from 15 minutes to 1 hour, he writes into his database, when you go to any new resource it is also recorded (resource ip). This data is provided in the database in the form of numbers and does not take up much space. The database of your logs is stored by the provider for 3 years by law, and by tacit agreement with people from SORM - 2 for 10 years.

This is one of the conditions of SORM-2; without it, no provider will receive a license from FAPSI to provide telecommunications services. Thus, an archive of all IPs issued to you for 10 years is stored by the provider, as well as an archive of all your logs (where, when and at what time you “surfed” the network). SORM, through special equipment, has direct access to these databases, and in the SORM system - 3 this data is generally directly integrated into this global system.

If, for example, you are interested in a SORM operator, he simply activates one button in the program and the SORM system begins to record all your traffic, everything that you transmitted, downloaded and watched, simply by using a hardware scanner sniffer on the provider’s channel. Physically, the data will be stored by the provider from where it is transferred for analysis to the SORM operator. I would like to note that, as a rule, all your traffic is UNENCRYPTED and, if desired, anyone can intercept it, not just SORM - 2.

SORM - 2 also installs traffic analyzers on the providers’ channel; they view information on a set of keywords, on visited resources, on the presence of encrypted traffic, and in all these cases there is a message into a system that makes decisions in automatic mode what to do next. Which one global level control, I think clearly and draw conclusions about what incriminating evidence is available on everyone. If the contract is issued for your grandmother, then do not think that operational development will be carried out in relation to her, SORM databases are connected with the registration database and the central FSB database and SORM databases on other resources, and you will be associated if necessary, there are no fools there.

SORM - 2 on search engines, is directly integrated into the database and views ALL your requests by keywords, and also uses ALL your settings for cookies that the search engine collects. If necessary, compiles using keywords and specific search queries a “picture” of a particular user, remembers passwords and logins.

SORM - 2 on all major social portals collects mainly your information that you leave and logs page visits, remembers passwords and logins.

SORM-2 in mail servers displays all your mail, associates your IP with which you registered this mail. Analyzes and gives a signal if encrypted correspondence via PGP is detected.

SORM - 2 in e-commerce systems completely scans your PC, registers it in the registry, binds to the MAC address, equipment serial number, system configuration and IP, and of course to the data you left during registration. Of course, all this is done by the e-commerce program, but the information it receives is available to SORM.

SORM 2 in VPN and proxy servers

Not for all of them, of course, but for many (legal ones for all), it writes logs. Very a big problem this is the unreliability of the proxies themselves, many proxies in the SORM - 2 system, the rest are official legitimate servers and, by law, provide SORM - 2 operatives with all the logs of interest. That is, even if you work through 1 or 100 proxy servers, you will be promoted very quickly, just call the owner of the service or come. Exotic countries will only increase the time it takes to find your IP (but, if necessary, they will do it quickly). It is through the promotion of proxy chains that most hackers are caught. All proxy servers write LOGES, and this is living compromising evidence (except for specially configured ones).

SORM - 2 in Data Centers

SORM - 2 is also integrated into all data centers and traffic communication points, if the servers and, accordingly, the hosting are located in Russia, which means that you can get an archive of logs and install a Trojan to the database of registered users only by calling or visiting the data center, It is in this way, in hardware, that most patriotic sites are monitored, as well as VPN servers or resources on which SORM - 2 is not installed directly as equipment. Your admin can re-encrypt his database at least 100 times, but if he has a Trojan on his server in the data center and the channel is being tapped, then even if he wants to, he will not save user logs, their addresses, or anything else. confidential information. Having their own server will only make their task more difficult. For security, you need your own server and your own person in the data center and preferably in data centers abroad.

SORM - 2 on domain name registrar servers

It tracks who and what is registering, writes the ip, automatically breaks down the reality of the entered data, if it is determined that the data is wrong - the domain name is put on a note, if necessary, they can easily close the domain name. SORM - 2 also uses a whole network of TOR servers (like other intelligence agencies), which listen to traffic passing through them.

Level 3

Echelon

Echelon - an order of magnitude more much more cool system than SORM - 2, but with the same tasks and goals, uses all lower levels 1 and 2, the official owner of the CIA, is on Google, built into Windows in the form of bookmarks, on all routers, in the largest data centers in the world, on all backbone optical cables, differs in scale and in that, if desired, the operator uses a satellite and watches you on a monitor in real time. The FSB does not have direct access to it, although it can obtain it upon request, although its principles are the same. By by and large Echelon is a global global SORM - 2, this system has much more opportunities and finances around the world. The system controls banking transactions, has the ability to open encrypted messages and communication channels, and interacts very closely with Microsoft and Skype.

What is the difference between a VPN and a proxy?

When you dig into network settings your computer or smartphone, you will often see options labeled `VPN` or `Proxy`. Although they do partly similar work, they are very different. Our article will help you understand the difference between them and what they are needed for. You might want to use some of them.

What is a proxy?

Typically, when you browse a website on the Internet, your computer connects directly to that site and begins downloading the pages you are reading. Everything is very simple.

And when you use a proxy server, your computer first sends all web traffic to it. The proxy redirects your request to the desired site, downloads the relevant information, and then returns it back to you.

Why is all this needed? There are several reasons for this:

  • You want to browse websites anonymously: all traffic that comes to the site comes from the proxy server, not from your computer.
  • You need to overcome filters that limit access to certain content. For example, as you know, your Netflix subscription in Russia will work in . But if you use a proxy server from Russia, then it will look like you are watching TV while in Russia, and everything will work as it should.

Although this scheme works quite well, there are still a few problems with the proxy:

  • All web traffic that passes through the proxy can be viewed by the owner of the proxy server. Do you know the owners of the proxy server? Can they be trusted?
  • Web traffic between your computer and the proxy server, as well as the proxy server and the site, is not encrypted, and therefore a skilled hacker can intercept the transmitted sensitive data and steal it.

What is a VPN?

A VPN is very similar to a proxy. Your computer is configured to connect to another server, and your web traffic routes through that server. But while a proxy server can only forward web requests, a VPN connection can route and provide complete anonymity all your network traffic.

But there is one more significant advantage of VPN– all traffic is encrypted. This means that hackers cannot intercept data between your computer and the VPN server, so your sensitive personal information cannot be compromised.

VPN is the most safe option

2018

Trend Micro warns about the dangers of using Hola VPN

One of the most popular free VPN services, downloaded millions of times, poses a privacy risk because it does not properly hide users' digital fingerprints, researchers warn.

It's about service Hola VPN, with about 175 million users worldwide. According to a new report from Trend Micro, Hola VPN has a number of serious security problems, and one of the main ones is the lack of encryption.

In particular, during active session The connection to the supernode is not encrypted, and an attacker can intercept the transmitted traffic using a man-in-the-middle attack. In addition, the lack of encryption can lead to leakage of IP addresses, which authorities can use to track citizens in countries with totalitarian regimes.

When using Hola VPN, a user opens a new tab in the browser or enters a domain name into address bar, the resource is accessed directly from its real IP address. Unlike other VPN services that route traffic through an encrypted tunnel, Hola VPN is not a secure VPN solution, but rather an unencrypted web proxy.

Trend Micro now detects Hola VPN as potentially unwanted software and recommends users remove it from their systems. In turn, the manufacturer called the company’s report “irresponsible.”

Apple has banned individuals from writing VPN apps for iPhone and iPad

The global application publishing rules have also undergone a major update, tightening and describing in more detail the provisions related to protecting user privacy. In particular, clause 5.1.1 of the rules of publications on the collection and storage of user data (5.1.1 Data Collection and Storage) has increased from four to seven subclauses.

Innovations in the App Store Review Guidelines were made based on the work of App Store censors over the past few months, during which applications that provided users with anonymous access to Internet resources.

From now on, hosters are required to report to the authorities about the owners of proxies and VPNs

The State Duma adopted in the third reading a law on fines for hosters and search engines related to means of bypassing blocking on the Internet. The law, which will come into force 90 days from the date of official publication, is a set of amendments to the Russian Code of Administrative Offenses.

Fines will be levied on hosting providers who provide tools for bypassing blocking on the Internet without informing Roskomnadzor who owns these tools.

Alternatively, instead of submitting information about the owner of a proxy or VPN to Roskomnadzor, the hosting provider can inform the regulator that it has notified that owner to provide information about itself. If such a message has not been received from the hoster, he will also face a fine.

In both of these cases, the fine for citizens will be from 10 thousand to 30 thousand rubles, and for legal entities- from 50 thousand to 300 thousand rubles.

Fines for search engines

The law also provides for fines for search engines that make it easier for users to access Internet resources blocked in Russia. In particular, if a search engine operator has not connected to the federal state information system, which contains information about which resources are blocked, then such an operator will be fined. For citizens in this case, the fine will be from 3 thousand to 5 thousand rubles, for officials - from 30 thousand to 50 thousand rubles, and for legal entities - from 500 thousand to 700 thousand rubles.

The State Duma approved in the second reading the tightening of liability for anonymizers

In May 2018, the State Duma adopted in the second reading a bill providing for the introduction of administrative fines for violating the law on anonymizers. In particular, if the hosting provider and anonymizer do not provide Roskomnadzor with data on the owners of means of access to blocked sites, this will entail a fine - from 10 thousand to 30 thousand rubles for citizens and 50 thousand - 300 thousand rubles for legal entities, writes "Interfax".

In addition, issuing links to prohibited sites in search engines will result in a fine. For this it is proposed to collect 3 thousand - 5 thousand rubles from citizens, 30 thousand - 50 thousand rubles from officials and 500 thousand - 700 thousand from legal entities.

VPN service rating

23% of VPN services reveal users' real IP addresses

Italian researcher Paolo Stagno tested 70 VPN services and found that 16 of them (23%) revealed users' real IP addresses. The problem is related to the use of WebRTC (Web Real Time Communication) technology, which allows audio and video calls directly from the browser. This technology is supported by a number of browsers, including Mozilla Firefox, Google Chrome, Google Chrome for Android, Samsung Internet, Opera and Vivaldi.

WebRTC is an open standard for real-time multimedia communications that runs directly in a web browser. The project is designed to organize the transfer of streaming data between browsers or other applications that support it using point-to-point technology.

As the researcher explained, the technology allows the use of STUN (Session Traversal Utilities for NAT) and ICE mechanisms to organize connections in different types networks. The STUN server sends messages containing the IP addresses and port numbers of the source and destination.

STUN servers are used by VPN services to replace a local IP address with an external (public) IP address and vice versa. WebRTC allows packets to be sent to a STUN server, which returns a "hidden" home IP address, as well as addresses local network user. IP addresses are displayed using JavaScript, but since the requests are made outside the normal XML/HTTP procedure, they are not visible from the developer console.

According to Stagno, 16 VPN services reveal users' real IP addresses: BolehVPN, ChillGlobal (plugin for Chrome and Firefox), Glype (depending on configuration), hide-me.org, Hola!VPN, Hola!VPN (extension for Chrome), HTTP PROXY (in browsers that support Web RTC), IBVPN, PHP Proxy, phx.piratebayproxy.co, psiphon3, PureVPN, SOCKS Proxy (in browsers that support Web RTC), SumRando Web Proxy, TOR (works as PROXY in browsers with Web RTC), Windscribe. WITH full list tested services can be found here.

2017

A number of VPN services refused to cooperate with Roskomnadzor

According to the public organization Roskomsvoboda, not all VPN services intend to follow the law that has come into force. Seven services have already made their position on the new requirements clear. The first is ExpressVPN, which said back in the summer that it would "absolutely never agree to any regulations that compromise a product's ability to protect users' digital rights."

Service ZenMate prepared in advance for possible blocking in case of refusal to restrict access to sites prohibited in the Russian Federation. The company announced an “elegant solution” that allows the service to automatically switch to “sustainable mode” without causing serious inconvenience to users. “In this mode, the connection will be redirected through the largest backbone Internet services. These services play a key role for the Internet, and therefore blocking them paralyzes the Internet,” the company said in its blog.

Services Tunnelbear And PrivateVPN do not intend to comply with Russian law, since they are not Russian companies. Tunnelbear servers are located outside the Russian Federation, and PrivateVPN is ready, if necessary, to move its server from Russian territory.

They also announced their refusal to cooperate with Roskomnadzor Golden Frog(the company owns the VyprVPN service), TorGuard And TgVPN. “We will not comply with this law and will do everything to remain accessible to users from Russia. Among other measures, we are preparing applications with built-in ways to bypass VPN blocks,” the TgVPN team said in their Telegram chat.

The law on anonymizers came into force in Russia

To implement the law, the Federal State Information System (FSIS) is being launched. Upon request from law enforcement agencies, Roskomnadzor will identify a provider providing technologies to bypass blocking.

The law will need to be implemented upon requests to Roskomnadzor from the federal executive body carrying out operational investigative activities or ensuring security. Russian Federation(Ministry of Internal Affairs and FSB).

As reported on the Roskomnadzor page on VKontakte, the agency and market participants - Kaspersky Lab, Opera, Mail.ru and Yandex - are already completing testing of the “new interaction system”. In addition, anonymizers 2ip.ru and 2ip.io have already agreed to cooperate with Roskomnadzor.

The draft law was introduced by deputies Maxim Kudryavtsev (United Russia), Nikolai Ryzhak (A Just Russia) and Alexander Yushchenko (Communist Party of the Russian Federation).

Fines for violating the law banning anonymizers

The State Duma is going to legislate fines for search engine operators if they do not fulfill their obligations to gain access to the Roskomnadzor register and block links to information resources included in the list.

The document provides for a fine for individuals - 5 thousand rubles, for officials - 50 thousand, for legal entities from 500 thousand to 700 thousand rubles.

The creator of Tor explained how Roskomnadzor can block Tor

Roskomnadzor requirements for anonymizers

The State Duma banned anonymizers in Russia

The law prohibits search engine operators from displaying links to blocked resources on the territory of the Russian Federation. A similar ban is provided for owners of anonymizers and VPN services. Sites that report ways to bypass blocking will, in turn, be blocked by Roskomnadzor. In addition, based on requests from the Ministry of Internal Affairs and the FSB, the department will identify a provider that allows the use of an anonymizer and request data from it to identify the owner of the service. To provide necessary information the provider will have three days.

As specified, the requirements of the law do not apply to operators of state information systems, government agencies and authorities local government, as well as for those cases of using anonymizers when the circle of their users is pre-determined by the owners and their use occurs for “technological purposes to support the activities of the person carrying out the use.”

If the bill is approved by the Federation Council of the Federal Assembly of the Russian Federation and signed by the President of Russia, most of the provisions of the document will come into force on November 1, 2017.

The Ministry of Internal Affairs and the FSB of Russia may begin to identify ways to bypass blocking on the Internet

If passed, the law will come into force on November 1, 2017. On the same day, the procedure for identifying anonymizers and requirements for methods of restricting access to them will come into effect.

As specified, the bill does not affect operators of state information systems, state agencies and local governments, and also does not apply to non-public means of bypassing blocking if they are used “for technological purposes to support the activities” of the organization, and the circle of their users is determined in advance.

As the publication emphasizes, we're talking about specifically about blocking casino sites by the Federal Tax Service, however, anonymizers have a wider application. In addition, the State Duma is currently considering a bill to ban anonymizers, VPNs and similar services for bypassing blocking. So far, the document has only passed the first reading. In view of this, the publication’s lawyers interlocutors call the new order illegal - since it gives the Federal Tax Service the right to block not only online casinos, but also the very opportunity to enter an online casino.

Deputies prohibited anonymizers and search engines from giving access to prohibited sites

At the end of June 2017, the State Duma approved in the first reading a bill on regulating the activities of services designed to gain access to Internet sites by bypassing official blocking, as well as on excluding links to blocked resources from search engine results. The authors of the bill were deputies Alexander Yushchenko (fraction of the Communist Party of the Russian Federation), Nikolai Ryzhak (A Just Russia) and Maxim Kudryavtsev (United Russia).

The document represents amendments to the law “On Information, IT and Information Protection”. The bill introduces obligations for “owners of information and telecommunications networks, information networks and computer programs, as well as owners information resources, including sites on the Internet designed to gain access from the territory of Russia to networks and programs.

Under this definition should include services that provide indirect access to Internet resources: anonymizers, proxy servers, VPNs, tunnels, browsers with a bypass access function (Tor, Opera, Yandex.browser), etc. Such services were originally intended for access to the Internet while hiding your IP address, but after the introduction of the Register of Prohibited Sites in Russia in 2012, they gained mass popularity to circumvent such restrictions.

What will happen when Roskomnadzor finds an anonymizer

The bill assumes that Roskomnadzor, the agency that maintains the Register of Prohibited Sites, will monitor such services and include them in separate register. The owners of the relevant resources will be given access to the Register of Prohibited Sites, and they will be required to block Russian users from accessing such sites.

When Roskomnadzor detects an anonymizer or other this kind of resource, it will send a request to its hosting provider to obtain the contact information of its owner. The hosting provider will have to respond with information within three days. Next, Roskomnadzor will send a request to the owner of this resource to include it in the above-mentioned register. If the owner does not respond to Roskomnadzor within 30 days and does not take measures to block Russian users’ access to prohibited sites, the agency will block access to it from Russian territory.

New responsibilities for search engines

In addition, the bill introduces an obligation for search engine owners to exclude from search results links to resources included in the Register of Prohibited Sites. Search engine owners will also be given access to the Register of Prohibited Sites.

At the same time, fines for violators are introduced into the Code of Administrative Offences. For owners of search engines for failure to gain access to the Register of Prohibited Sites and for failure to filter links to prohibited resources, fines will amount to p5 thousand for individuals, p50 thousand for officials and from p500 thousand to p700 thousand for legal entities. For owners of anonymizers and other similar services, fines for failure to provide Roskomnadzor with information about themselves will range from p10 thousand to p30 thousand for individuals and from p50 thousand to p300 thousand for legal entities.

CSIRO: VPNs aren't always as private as they're thought to be

Australia's CSIRO (Commonwealth Scientific and Industrial Research Organization) has warned users of virtual private networks (VPNs) that their security often doesn't live up to the technology's name.

Researchers from this organization found that 18% of reviewed applications do not actually encrypt user traffic, 38% implement directly on user device malware or intrusive advertising and more than 80% request access to sensitive data such as user account data and text messages.

16% of VPN apps analyzed use opaque proxies that modify user HTTP traffic by inserting and removing headers or using techniques such as image transcoding.

In addition, two VPN applications were found to actively inject JavaScript code into user traffic to distribute advertising and track user activities, and one of them redirected e-commerce traffic to external advertising partners.

“The main reason tens of millions of users install these applications is to protect their data, but just this function these applications do not perform,” the report reads.

While most of the apps surveyed offer "some form" of online anonymity, CSIRO said some app developers deliberately set out to collect users' personal information which could be sold to external partners. However, only less than 1% of users show any concern about the security and privacy of using these applications.

18% of the VPN applications studied use tunneling technologies without encryption, and 84 and 66% of applications leak IPv6 and DNS traffic, respectively. As a result, the report says, these applications do not protect user traffic from agents installed along the way that carry out online surveillance or surveillance of users.

If you look at the official descriptions of applications on Google Play, then for 94% of applications with leaked IPv6 and DNS data, it is said that they protect personal information.

Before publishing its report, CSIRO contacted developers whose apps were found to have security flaws, which resulted in some taking action to fix the vulnerabilities and some apps being removed from Google Play.

Not much time remains before the new Federal Law 1 comes into force, which is known as the Law on the Prohibition of Anonymizers and VPN Services (hereinafter referred to as the Federal Law, Amendments). We are talking about prohibiting the use of technologies, information systems and programs that allow you to bypass the blocking and gain access to blocked information resources with prohibited content, access to which is limited in Russia. The world media has already rushed to compare the series Russian bans With Chinese program“Golden Shield”, which provides a system for filtering Internet content and blocking mobile applications and services that offer VPN and instructions for anonymous login on the Internet According to experts, strengthening censorship on the Internet with the light hand of the Russian legislator will lead to Russia building its own protective screen, which will effectively reflect all negative content, preventing Russian users from accessing it. However, whether such attempts can be put into practice from a technical point of view and whether legal mechanisms will help here is far from clear. The amendments will primarily affect owners of VPNs 2 and anonymizers 3 , as well as search engines, which will be required to block any links to information resources or information and telecommunication networks that are prohibited Federal service for supervision in the field of communications, information technology and mass communications(hereinafter referred to as Roskomnadzor). The owners of VPN technologies will bear responsibility for violating the new requirements directly. Thus, such a well-known anonymous browser as Tor or anonymous network I2P, which will have to block access to prohibited websites. Proxies and smart domain name systems will also be banned ( Domain Name Systems, DNS). However, do not think that the ban will apply only to owners of specialized VPN technologies. We are also talking about sites that post instructions on how to bypass blocking, as well as application stores that provide VPN services for smartphones. Relatively speaking, any Internet resource that offers the use of a VPN to bypass blocked sites will be at risk. As for security, for example, Internet banking, the Amendments will not apply to encryption tools used by banks when making payments. When making payments, banks often use a secure SSL connection 4, which ensures the confidentiality of transmitted information using a special channel through which information is transferred between the browser and the server in encrypted form to avoid distortion and loss.

Does the explanatory note explain a lot?

The explanatory note5 repeatedly pointed out that the experience of blocking information resources hosting prohibited content was not entirely successful. For example, search engines, even after blocking, provided links to blocked resources, not to mention the use anonymous proxy servers, VPN to gain access to blocked resources. It is no secret that VPN works as a proxy server, using which the user, when browsing the Internet, appears to be in another country. This technology allows you to bypass government-installed network security systems and gain access to the Internet without any restrictions and without the risk of surveillance by government agencies. It is curious that the bulk of services providing these capabilities are not located in Russia, which calls into question the potential of the new Federal Law. At the same time, control powers to comply with the new bans are granted not only to Roskomnadzor, but also to law enforcement agencies, with which Roskomnadzor plans to interact in order to monitor and obtain information about the emergence of services to bypass blocking.

Procedure for interaction with Roskomnadzor

Single register domain names, indexes of Internet site pages and network addresses that allow identifying sites on the Internet containing information the distribution of which is prohibited in the Russian Federation is available on the Roskomnadzor website at the link http://eais.rkn.gov.ru/.

The innovations will apply only to VPN services and anonymizers that provide access to online resources and information and telecommunications networks, access to which in Russia was blocked by Roskomnadzor. As a rule, the decision to block information resources is made in relation to those that contain information related to child pornography, drugs, propaganda of suicide or extremism. In addition, Roskomnadzor regularly blocks websites containing pirated videos, music or software. In this regard, the question arises: how should the new rules be applied to VPN services used for corporate purposes, and are the innovations of the Federal Law applicable to such situations in principle?

VPN for corporate use

The issue related to the use of anonymizers or VPN services for corporate purposes is not directly addressed in the Amendments. At the same time large companies, with offices around the world, quite often provide remote access their employees to a single corporate platform using VPN channels.

In the Amendments, however, there is an exception to the adopted innovations, provided for in Art. 17 of the Federal Law. In particular, restrictions will not apply if two conditions are met: 1) the circle of users of software and hardware is pre-determined by their owners (owners of VPN services); 2) such software and hardware are used to technologically support the activities of the person using them. In the absence of official explanations from Roskomnadzor and the Ministry of Telecom and Mass Communications, we believe that in the latter case we are talking about the use of software and hardware for carrying out commercial (economic) activities. An example here would be the use of VPN connections for corporate purposes among a limited number of users. In this regard, a preliminary conclusion arises that VPN, as well as other software, hardware and technologies used for internal corporate purposes and to support the company’s activities, fall under the exceptions provided for by Federal Law. It is worth noting that in the draft Federal Law Art. 17 looked a little different and it directly mentioned that the requirements of the Law would not cover cases where the owners of information and telecommunication networks, information systems or computer programs ensure their use exclusively by persons who are in labor relations with such owners 6 . However, the wording initially proposed by State Duma deputies has undergone changes in favor of a more vague and broad formulation of the exception.

In this regard, it is too early to draw clear conclusions. In addition, there are no guarantees that the same VPN channel can be used both for corporate purposes and to gain access to resources and websites blocked in Russia. For example, VPN connections such as HideMy.name, ExpressVPN or PIA can simultaneously be used both to provide corporate employees with access to a global corporate platform and to bypass blocked access to prohibited information resources in Russia. At the same time, it does not clearly follow from the new Federal Law how responsibility will be distributed (or whether it will be) among the owners of software and hardware and persons using such technologies to support their activities.

According to press reports, Internet Ombudsman D. Marinichev has already called the adopted Federal Law madness, citing the fact that “it is impossible to separate a VPN that is used for commercial purposes from a VPN that is used to bypass blocking” 7 . There are fears that the practice of applying the new Federal Law will follow the path of total blocking by service administrators of tools such as VPN and TOR, regardless of the purposes for which they are used.

The procedure for interaction of Roskomnadzor with hosting providers and website owners 8

It is known that Roskomnadzor maintains the Unified Register of Prohibited Sites (hereinafter referred to as the Register) 9 . Information about restricting access to sites and (or) pages of sites on the Internet can be obtained by contacting universal service checking restrictions on access to sites and (or) pages of sites on the Internet posted on the official website of Roskomnadzor: http://blocklist.rkn.gov.ru/. The reasons for the lack of access should be requested from the hosting provider or telecom operator.

In this regard, there is active interaction between Roskomnadzor and the Registry operator. The hosting provider 10 has only 24 hours to notify the owner of the website 11 that it serves of the need to immediately remove the Internet page that contains information that is unacceptable for distribution in the Russian Federation. In turn, the site owner also has 24 hours to delete the controversial Internet page. Otherwise, access to this page will be restricted by your hosting provider. Refusal or inaction of the site owner will lead to similar consequences. Failure to take these measures by the hosting provider and/or site owner will directly entail the inclusion of the network address, which allows the site to be identified on the Internet, in the Register, due to which hosting providers and site owners are recommended to promptly comply with legal requirements, and only then try to challenge the decision to include in Registry in court 12 .

Alternative option is an appeal to the Registry operator with a request to exclude information from the Registry after removing prohibited information from a blocked site. The procedure for contacting the Registry operator is also provided in the event that the decision to include a blocked site in the Registry is canceled in court.

Interaction of Roskomnadzor with law enforcement agencies

The Federal Law also describes in detail the procedure for Roskomnadzor when law enforcement agencies contact it if they have identified sites or computer programs that allow them to bypass blocking and gain access to resources blocked in Russia. Having received a request from law enforcement agencies, Roskomnadzor, in turn, sends a notification to the hosting provider or other person who has posted software on the Internet to access blocked resources. The notification is sent in order to identify the owner of the site or software through which access to prohibited networks and resources is provided. The hosting provider, in turn, sends the owner of the site or software a request to connect to the federal state information system of information resources, information and telecommunication networks, access to which is limited (hereinafter referred to as the System). However, Roskomnadzor can send the corresponding request directly if violations were identified by it independently. 30 working days are given to comply with Roskomnadzor’s requirements. Similar rules apply to search engine operators.

Responsibility

Responsibility for non-compliance with the adopted Amendments is not established in the Federal Law either for search engines, hosting providers or owners of Internet sites. It is possible that subsequent amendments will be made to the Code of Administrative Offenses of the Russian Federation later, after the Federal Law comes into effect. So far, the Code of Administrative Offenses of the Russian Federation establishes only the liability of telecom operators for failure to fulfill their obligation to limit/renew access to information, access to which was limited/resumed on the basis of information received from Roskomnadzor (Article 13.34 of the Code of Administrative Offenses of the Russian Federation).

At the same time, a number of VPN owners in Russia have already agreed to the new amendments and are using the same blacklist URLs(links on the Internet) that ISPs and telecommunications companies must block. Accordingly, VPN services that do not meet the requirements established by law are blacklisted. At the beginning of this year, Roskomnadzor, at the initiative of the prosecutor's office, already blocked the Hideme.ru VPN service based on a court decision after it was established that the VPN channel was used to access extremist materials.

Foreign providers of VPN connections have already begun to leave Russia, as, for example, PIA (Private Internet Access, an American VPN provider) did, curtailing all its activities in the Russian Federation since July 2016, after the adoption of the “Yarovaya package” 13. According to representatives of the service, this was done after the servers of VPN owners in Russia were seized by Russian authorities without any warning.

What's next?

Amendments to information legislation will likely force owners of VPNs and similar services to be more careful and carefully monitor the purposes for which they are used. Otherwise, there is a risk that if violations are detected, anonymizers and VPN services may be blocked. IT specialists clarify that this can be done using several methods: by type of traffic or by IP addresses. The last method is quite simple; Roskomnadzor will only need to enter into the register of blocked sites all the IP addresses of official sites where you can purchase a VPN, and public servers Tor. The second path is more thorny, as it requires the installation of special and very expensive DPI equipment that will analyze Internet traffic. Identifying VPN traffic using such equipment is not difficult.

However, if from a technical point of view it is quite simple to block a VPN service, easier for the provider restructure it and create new IP addresses. Moreover, the scale using a VPN-technologies and the emergence of more and more new means that ensure anonymity on the Internet, today are incommensurate with the prohibitions introduced by the legislator.

Abroad, the new amendments are called another strong blow to the open Internet by the Russian authorities. Many draw parallels with Chinese Internet reform, as the Chinese government pioneered the ban on VPN channels by requiring VPN services to be licensed. Moreover, one of the criteria for obtaining a license is that VPN services must block access to sites and services with prohibited content. Therefore, when making predictions regarding the implementation of Russian Amendments in practice, it is worth mentioning the Chinese experience, where, after the bans were adopted, a hidden mode began to be used to bypass the system firewall protection(firewall). This service is already used by ordinary citizens in China, the UAE, Iran and other countries where access to VPN is blocked or limited. Stealth mode disguises encrypted VPN traffic as regular TLS or SSL connections. Since https traffic regularly uses hidden mode for encryption purposes (for example, for secure payment with credit card and when entering passwords), this method of masking VPN traffic seems quite convenient and effective. This mode will make it possible with a high degree of probability to hide the fact that the VPN channel was used. In this regard, even despite the fact that a draft order of Roskomnadzor has already been developed to approve the Procedure for monitoring the implementation of anonymizers by owners, VPN services and search engine operators' obligations to implement the innovations that come into force on November 1, 2017, it seems very difficult to apply the new restrictions of the Russian legislator in practice.

1. Federal Law of July 29, 2017 No. 276-FZ “On Amendments to the Federal Law on Information, information technology and on the protection of information."
2. VPN (English: Virtual Private Network) is a generalized name for technologies that allow one or more network connections (logical network) to be provided over another network.
3. Anonymizers include websites and special malicious programs that make it possible to open previously blocked Internet resources. Anonymizers allow you not to leave data about your real location, IP address and other parameters when visiting blocked resources on the Internet.
4. SSL (Secure Sockets Layer) is a protocol that secures data sent between web browsers and web servers. The main purpose of the protocol is server authentication, ensuring users that they have reached the exact website they wanted to visit. Any page whose address begins with https is transmitted securely using SSL.
5. One of the initiators of the bill was the Public Council under the FSB of Russia.
6. http://asozd2.duma.gov.ru/addwork/scans.nsf/ID/F071CE249CC1BD814325813900378252/$File/195446-7_08062017_195446-7.PDF?OpenElement.
7. https://zona.media/news/2017/06/08/marinichev.
8. https://eais.rkn.gov.ru/toproviders/.
9. The full name of the register is the Unified Register of domain names, indexes of pages of sites on the Internet and network addresses that allow identifying sites on the Internet containing information the distribution of which is prohibited in the Russian Federation.
10. Hosting provider - a person providing services for the provision of computing power for placing information in an information system permanently connected to the Internet, https://eais.rkn.gov.ru/toproviders/.
11. The owner of a site on the Internet is a person who independently and at his own discretion determines the procedure for using a site on the Internet, including the procedure for posting information on such a site, https://eais.rkn.gov.ru/toproviders/.
12. The decision can be appealed by the owner of the Internet site, hosting provider, telecom operator in court within three months from the date of such decision,

We conducted a survey of specialists to find out how feasible this is.

The document refers to “information and telecommunication networks, information systems or programs for electronic computers that can be used on the territory of the Russian Federation to bypass access restrictions.” That is, the restrictions apply to both the VPN and the Tor browser.

In addition, the document obliges search engines not to show links to sites blocked in Russia. Search engines will open access to the register of prohibited sites, and if they refuse to remove them from the search results, the company will be fined 500–700 thousand rubles. Perhaps this is done so that it is impossible to find a prohibited site using Google, copy the link, and then access it through a VPN.

Why do you need a VPN?

Using VPN services, you can bypass blocking of sites that do not work in Russia (for example, Spotify). But that's not the only reason they are needed. Remote workers and branch employees connect via VPN to corporate services, thereby not putting company data at risk. People who access the Internet through public wifi and are afraid that their data will be intercepted, they also use VPN to protect themselves from intruders.

If your computer usually connects to the Internet through the provider’s server, then the VPN service sets up a tunnel between your computer and remote server. This way you access the Internet in a roundabout way. All data inside the tunnel is encrypted, so the provider and hackers do not know where you go under the VPN connection or what you do on the Internet. In this case, sites do not see the true IP address of your computer, since you are working under someone else's address. VPN (Virtual Private Network) creates a secure private network within the unsecured Internet.

How will it be blocked?

According to the project, Roskomnadzor is going to find VPN services, such as TunnelBear, for example. After this, the hosting company will be asked to provide contact information for the owners of TunnelBear. If the hosting sends contacts (it must do this in three days), then Roskomnadzor writes a letter to the owners of TunnelBear, in which it demands that Russians be blocked from accessing sites blocked in Russia. A month is given for this procedure. If the service agrees, it is given access to the register of prohibited sites; if it refuses, then its site (and, possibly, infrastructure) is blocked for two days.


When will the lockdowns start?

The draft states that the law will come into force 90 days after official publication. If the bill is considered and adopted before the end of the spring session of the State Duma, the law will come into force before November. The first blockages may occur before the end of the year.

Artem Kozlyuk, head of the public organization Roskomsvoboda:

“Everything is heading towards the fact that the law will be adopted urgently. Most likely until the end of the spring session. Now it is being approved by the Duma committees: it was approved by the legal department, it was previously approved by the information policy committee, and on June 19 there will be a meeting at which, I have no doubt, it will be finally agreed upon. Of course, the meeting will be held with the beneficiaries of the bill, primarily with the Media Communications Union, in the depths of which the original draft of the document was born.

This is the trend of the last five years. Almost all of these laws were adopted in an extremely short period of time - from two weeks to a month - without taking into account the opinion of the industry, let alone taking into account the public outcry. The government's opinion is not even taken into account. The text contains a note stating that implementation will not require costs from the federal budget. Therefore, the Russian government’s response to the bill is not required. The government sometimes acts wisely and makes critical comments on the text. But no one takes them into account, because deputies and beneficiaries do not want this.

It would be surprising if the first reading does not take place before the end of June. But if not in the spring session, then at the beginning of the autumn session it will be accepted. When will it come into effect? If they pass this year, then most likely at the beginning of next year we will live according to the new rules.”

Sarkis Darbinyan, co-chairman of the Internet Users Association:

"Experience recent years showed that even the wildest initiatives to regulate the Internet can be adopted in the State Duma. After all, behind the legislative initiative are well-known media lobbyists of the pre-Internet era, Roskomnadzor and some private individuals who are not averse to making money from it. Therefore, they have a very large resource that can be used to pass legislation.”

Is it even possible to block a VPN?

Sarkis Darbinyan: “The simplest thing that Roskomnadzor will do is to enter everything into the register domain names and IP addresses of official websites of popular VPN services where you can purchase the product. However, this does not mean that users will not be able to receive setup files VPN applications on forums, mirrors, by mail or instant messengers, or set up tunnels yourself. If there is a genuine desire to announce a large-scale raid against VPN and the fundamental ability to connect to remote machines outside of Russia, enormous costs will have to be incurred. All telecom operators will be forced to purchase at their own expense certified DPI equipment produced in China. Only it can detect VPN traffic and distinguish it from other encrypted HTTPS traffic.”

Artem Kozlyuk: “They will put a spoke in the wheels of those who for some reason do not want to connect to the register of prohibited sites and limit access for clients. IP addresses will be blocked technical domains, and not just websites. This is now happening with the blocking of instant messengers: not only the web resource is blocked, but also the technical capabilities of the application. Sometimes this succeeds, but then the messenger comes to life again. It depends on the owner of the resource that was blocked: whether he is ready to provide clients with updates in order for the service to work again. I assume that 80–90% of services will remain available to users from Russia. Some very small ones may die off, but the majority, of course, will remain.”

Karen Kazaryan, CEO Internet Research Institute:

“Technically it’s a game of cat and mouse. As we know, China has a complex intelligent system to block such applications, which analyzes traffic. The system is very, very expensive and will only work if Internet access is centralized. But, as we again know, there is no particular problem with access to Western services in China - not everything is caught by the system. In Russia, the conversation will be about simply adding links to downloading applications to blacklists. What they will do with application stores or tools built into operating systems is a separate question.”

Markus Saar, head of the VPN service HideMy.name:

“If a site is blocked, this does not in any way affect the operation of the VPN itself, which means that those who are already clients of the service will not notice any changes for themselves. A VPN itself, unlike a website, is extremely difficult to block, and you will need to delve deeply into the operating principles of each individual service, the structure of the network, etc., and there are hundreds of such services all over the world, and new ones are constantly appearing. In this case, the VPN service can quickly restructure the network, and everything will need to be done anew (and the procedure can be automated). Nobody does such things in practice, not even in China.”

Can Roskomnadzor interfere with Tor?

Karen Kazaryan: “Theoretically, it is possible to add node addresses to blacklists, but this works out very quickly. Although, given the ongoing circus with the operation of the “Inspector” system and the distribution of “white” lists to providers, it is not clear how they even decided to block anything.”

Artem Kozlyuk: “It is possible to complicate the work, but this requires enormous power and a lot of money from the budget.”

Sarkis Darbinyan: “With Tor it’s even more difficult. You can block output nodes and even calculate intermediate relays. But after they began to fight Tor in China, the application developers taught the system to build bridges using hidden relays. The bridge feature was created specifically to help people use Tor where access to Tor networks blocked."

Do VPN users have alternatives?

Karen Kazaryan: “There are a lot of VPN services. I doubt that Roskomnadzor will really influence their performance. Not to mention that setting up your own VPN on a rented foreign hosting is a matter of ten minutes and five dollars.

Sarkis Darbinyan: “There are many ways that a person can use: research the issue and easily set up your own VPN, use other solutions such as Psiphon, Tor, browser turbo modes, plugins, purchase another VPN service that cares about users and takes prompt action.” .

What will the blocking lead to?

Artem Kozlyuk: “Almost all business is tied to VPN. Virtual private networks of any enterprise, from small to large, are at risk. Crashes in VPN work can happen at any time due to incorrect operation on enforcement of the new law. We see an endless number of times how Roskomnadzor implements these laws. Firstly, they are poorly written from the technical side, and secondly, in the process of law enforcement, Roskomnadzor increases this technical illiteracy to new proportions.”

Markus Saar: “It is still not clear how verification and control will take place. VPN, as opposed to a form of anonymizer, is closed network, and to access it you must purchase paid subscription and install the software. Moreover, some services do not have their own software, and you need to configure the connection manually using configuration files, keys and certificates. The second question is how rational it is to “hit” tech-savvy users who have reached the point of using VPN, Tor and other tools. After all, if they once found the strength and desire to bypass censorship, they will do it again and again.”

Sarkis Darbinyan: “Blocking VPN traffic by telecom operators clearly means colossal damage to the entire corporate sector, the country’s digital economy and a decrease in the security of Russian citizens in the global digital environment in the face of foreign intelligence services, corporations and attackers using vulnerabilities for surveillance and data theft. No one has ever been able to completely block the ability to transmit and receive information via VPN, even in Asian and Muslim countries with repressive regimes. Providers have lists of IP addresses of the most popular VPNs, which they update and block at some intervals. But VPN traffic has also learned to disguise itself. The VPN provider can create new IP addresses at least every minute (plus endless IPv6), so this will become increasingly difficult and expensive.”

The use of means in Russia to bypass blocks to access prohibited sites will be prosecuted by law from November 1. We discuss what VPNs and anonymizers are and what threatens those who decide to pretend that they have not heard about the new law in the “Q&A” section.

What are anonymizers?

Anonymizers are special sites (proxy servers) that act as an intermediary between you and the resource you want to visit. But at the same time, they will not be able to track your real IP address on the site, since you are visiting them on behalf of the IP address of the web proxy. An anonymizer has a narrower scope than a VPN, but their operating principles are similar.

What is a VPN?

VPN is a virtual private network, in simple words, it is a technology that provides secure communication of a logical network over a private or public one if available high speed internet. Moreover, all information transmitted internally is reliably protected by encryption algorithms that form secure tunnels. Unlike regular network, VPN connection does transmitted information inaccessible from the outside and protects it from illegal use.

So, now you can’t use VPN services and anonymizers?

Federal Law No. 276 “On Amendments to the Law “On Information, Information Technologies and Information Protection” does not prohibit the use of VPN services and anonymizers. The only point is that with their help it will no longer be possible to visit prohibited sites.

Owners of information and telecommunication networks and information resources through which access to sites prohibited in Russia are provided are prohibited from providing opportunities for viewing them. The display by search engines of links to blocked Internet resources is now also illegal; first of all, the ban applies to resources with pornographic and extremist content.

Thus, in Russia, with the help of the law, they intend to fight the spread extremist materials and other prohibited information.

Who will monitor this and how?

Control is entrusted to Roskomnadzor. The Committee will create and maintain a federal state information system (FSIS), which will contain a black list of prohibited resources. At the same time, the FSB and the Ministry of Internal Affairs will have the authority to find services that help gain access to sites blocked in Russia.

When contacted by law enforcement agencies, Roskomnadzor will identify a provider that allows the use of anonymizers. Notification will be sent to him at in electronic format about the need to provide data that will identify the owner of the anonymizer. The provider will have three days to provide the relevant information, TASS reports.

After this, Roskomnadzor will send the anonymizer a requirement to connect to FSIS. The resource will have to join the system in 30 days. Internet search engines operating in Russia will also be required to connect to FSIS at the request of the department.

After fulfilling the first requirement, anonymizers are given only three days to ensure compliance with the ban on providing the ability to use programs and other technical means in Russia to gain access to prohibited sites, and search engines are given the opportunity to stop issuing links to them. In case of refusal, such services will be blocked.

Can my home Internet be blocked if I search for a blocked site?

No. The law, which comes into force on November 1, 2017, does not contain grounds for blocking home internet when searching for prohibited sites.

The provisions of the new law will not apply to operators of state information systems, state agencies and local governments, as well as to cases of use of anonymizers, provided that the circle of their users is predetermined by the owners and their use occurs for “technological purposes to support the activities of the person carrying out the use.”

The law does not impose additional prohibitions, since we are talking about sites that are already blocked in Russia.

The issue of security when working on the Internet has always been acute, and many solve it with the help of various free services, of which there is no shortage today. There are free anonymizers, proxy servers, and even in the form of browser plugins (extensions). There are advantages to such solutions, but there are also many disadvantages that you need to be aware of.

Let's take this fairly popular VPN extension like Zenmate. It is available for all major browsers: Chrome, Firefox, Opera. If your only goal is to access a site blocked by your ISP, then Zenmate may be suitable for you, but there are a lot of "buts" here. Firstly, browsing the Internet will become noticeably slower. Free VPN Services are very popular, which has a downside: a lot of people use them, while their resources are limited (due to being free). The result is slow and sometimes even impossible work. This is made worse by the fact that your ISP may throttle or slow down traffic through the VPN, which often happens unexpectedly.

Secondly, there is a high probability that one day Zenmate will simply stop working for you, since the provider (or your network administrator), as well as government bodies are well informed about free VPN services and know how to disable them. If such a service continues to work, it may function partially: one day you will discover that mail, torrents, IP telephony or other services you need do not work.

If you want to ensure complete anonymity, then free VPN services are not suitable in principle, and not only because they usually actively cooperate with law enforcement agencies. For example, the mentioned Zenmate requires registration, in which you send your address to the developers Email. What happens to him next is anyone's guess. Naturally, when you explicitly disclose your email, there is no longer any talk of anonymity.

Not only Zenmate, but almost everything free VPN and proxies have such an arsenal of disadvantages that makes them unsuitable for more or less serious work. They keep logs (logs of all user actions), the connection is unstable and sometimes breaks, high speed is not guaranteed. Some providers are actively hunting for free VPN services and at the same time their users. User Agreements such services are often disadvantageous for users, which the latter may not be aware of. There may be such insidious clauses as the transfer of logins and passwords from other services or the right to sell your data to third parties. It is possible that your computer may be infected with viruses and other types of malware. There have even been cases where VPN services have stolen bank account details and other financial data.

Full-fledged There are simply no free VPN services, simply because they need to exist on something. Any free service is actually shareware: it does its best to promote the paid version, and in its absence it intensively shows you advertising.

What about anonymizers?

Anonymizers– this is an even less reliable solution. To begin with, reliable and fast anonymizers that do not show advertising do not exist in nature. This is known to everyone who spent hours searching for a “normal anonymizer” and found nothing.

A common disadvantage of anonymizers is the lack of pictures on the page, the inability to download or watch videos, and many other defects in displaying content. If you are ready to endure such difficulties, be prepared for the fact that your favorite anonymizer will one day “fall”, stopping working, or even close down altogether. Observation advertising banner on every page is the least evil of all. Anonymizers, just like free VPNs, keep logs and save all user actions, including passwords entered on pages. Is all this worth the meager savings that free anonymizers provide?