Within the VPN industry, there’s a lot of talk right now about a particular company called Hola Better Internet. The case of Hola and its decline is illustrating how companies can get sneaky about offering web anonymity services, and how exposés can make a certain company into a scapegoat for deceptive or shady practices in terms of Web services.
Hola Better Internet is a peer-to-peer VPN service. Using this type of VPN, users in one area of the world can show up as users in another area of the world, to get access to certain kinds of regionally restricted services such as Hulu, which sells access to American television shows, but isn’t available to everyone around the world.
The problem with Hola
What’s getting to Hola’s customers, and consumer advocates is that, while they offered a VPN service for anonymity, it actually allows other users to piggyback on your Internet connection. Hola never actually had any VPN servers or bandwidth, the members engaged in sharing each other’s connections and IPs, meaning malicious activities could have been perpetrated under your own IP without you having a clue. Hola did update their FAQ to explain how the service operates, but this was only done after the provider had been discovered of all its shady practices.
Of course, what most users did not know at first, is that the service would evidently use your internet bandwidth, which was in turn sold to cybercriminals for the purpose of DDOS attacks. Talk about a lack of caring for your user base. Unfortunately, that was not even the worst part. The worst discovery was related to the blatant security loopholes created, allowing attackers to access your devices.
The Israel based provider came under fire from every angle, after 8chan site owner grew suspicious of the software’s activity and conducted his own testing and investigation to determine what Hola was really doing in the backend. Twitter #AdiosHola hashtag started trending, and spelled the end to their malicious activity, at least for the informed users.
Experts talk about this as turning Hola user channels into an “exit node,” allowing other users to get connected through the original user’s connection. Going even further, Hola sells aggregated bandwidth from these accounts to other parties, who can redirect that bandwidth, for example, as noted in one report, to attack other web sites. Or, they can do worse: in this May 29 article on the Daily Dot called “Stop Using Hola Right Now,” researchers on the subject contend that Hola services could leave users open to rootkit installation, system remote control and other kinds of serious vulnerabilities that some characterize as “negligence” – in an environment where even unwitting errors can turn a company into a pariah, the extreme faults of Hola are getting a lot of attention.
It’s not that this kind of back-and-forth isn’t done within the industry — it’s largely the way in which it is done, and the lack of awareness or control that service customers have, with Hola. Industry insiders point out that unlike services such as Tor, Hola did not allow users to opt out of the multi-tenant channel strategy that allows the company to sell its extra bandwidth to outside customers. As for the specific reservations that Hola customers may have, consider this: if somebody else does something illegal through your connection, it stands to reason that you may get embroiled in some sort legal problem or be construed as having liability. And those are problems that nobody wants, especially when the legal side of the Internet is so much a part of what everyone is trying to understand and accommodate right now.
The bottom line is that now is the time to shy away from this company’s services and go shopping for a different VPN connection that will offer you the choices that you want, without the risks that you don’t want. Don’t use anything but the best and most trusted, and you can even check out our own review of the best here.
Look for more as this case continues to unfold in the public eye.