| I deal with a lot of abuse originating from "VPN" browser extensions. I've spent a lot of time looking at how they operate. A surprising number of these are implemented as open HTTPS proxies. You don't even need the extension installed to use the proxy, nor any kind of authentication. The extension just fetches a list of proxies that the company has configured and picks one. The free ones are rather questionable. For example, Hola makes your computer part of an expensive VPN service (sold under a different name) aimed at bypassing IP bans[0]. On some the free tier is made so inconvenient that you will almost have to subscribe to the paid tier if you're using it legitimately (but it's usually usable if you just want to get around some ban). There used to be some ad-supported VPN providers, which would ironically trade away all of the privacy you'd normally otherwise get by using a VPN, making them only useful for ban/block evasion. These have mostly died out now that ads == tracking is common knowledge[1], but I'm still very suspicious of "free" providers that offer generous access without payment. It's difficult to prove that logs aren't collected, and they could just as easily be collecting and selling user logs. If you're in the market for a VPN, pick a reputable provider that has no free tier (you should make sure that you are the customer and not the product), and ideally one that also provides actual VPN servers and not just a browser extension that connects to proxies. Another good option is to set one up yourself using a cheap VPS. [0]: http://adios-hola.org/ [1]: https://blog.cyberghostvpn.com/en/ending-free-version-cyberg... |