A trustworthy virtual private network (VPN) is a good way to keep your internet usage secure and private whether at home or on public Wi-Fi. But just how private is your activity over a VPN? In other words, how do you know if the VPN is doing its job or if you’re unwittingly leaking information to prying eyes?
To find out, you first need to know what your computer looks like to the internet without a VPN running. Start by searching for what is my IP on Google. At the top of the search results, Google will report back your current public Internet Protocol (IP) address. That’s a good place to start, but there is more to your internet connection and its potential for leaks.
An example analysis from IPLeak.net.
Your public IP address is one way private information can leak over a VPN, but you can also leak information via Domain Name System (DNS) queries, WebRTC, torrents, and geolocation. To see what you look like in your default state, visit IPLeak.net. This website checks all the previously mentioned methods for leaking data. Take note of all the data you see on this page so you can compare it to your VPN’s.
Now close this site, connect to your VPN, and navigate back to IPLeak once again to see what you look like over your VPN of choice.
Not all of these tests happen automatically. The torrent test, for example, requires a small torrent file (available via magnet link) to run before it can detect any potential leakage.
The geolocation test is helpful, but keeping your location secure is pretty straightforward. Just don’t allow any website to use your location while on a VPN. One way to do that is to specify a browser, Firefox for example, as your VPN-only browser. Then disallow location requests on that browser. Alternatively, you could use a browser extension that provides a fake location to websites that request it.
The most likely culprit for leaked information, however, is DNS. To navigate the web your machine requires contact with DNS servers to help translate website addresses from names to numeric IP addresses. Typically your PC automatically uses the DNS servers of your internet service provider. The problem is that if you’re using a VPN and leaking DNS through a local service provider, you can reveal enough information to point anyone spying on you in the right direction. That’s why VPN services often funnel their customers’ queries through DNS servers that aren’t connected to your ISP.
Diving even deeper
The landing page for DNSLeakTest.com.
IPLeak is great, but there’s nothing like a little redundancy to ensure you’re really private over a VPN. As a second check against DNS leaks go to DNSLeakTest.com, and from the landing page choose the Extended test. This typically takes some time to complete, but it’s worth it as I have seen leaky results on this site that IPLeak didn’t catch.
If you are still seeing DNS servers from your VPN provider, and not your ISP, then you can be reasonably sure you aren’t leaking data.
Some top VPN choices
Many VPN services these days do a good job of preventing the various data leaks that could reveal your identity, and our top-rated VPN services should all work well. Still, if you’d like some specific advice, here are four VPNs that do a good job of protecting against data leaks on both Windows and Android. In most cases, you shouldn’t have to make any settings adjustments to the VPN, but if there are any notable settings to be aware of we will note them here.
Disclaimer: This post may contain affiliate links, meaning we get a small commission if you make a purchase through our links, at no cost to you. For more information, please visit our Disclaimer Page.
Nowadays, many users are using VPNs to hide and protect their identity while accessing the Internet. The goals are to hide your real IP address, encrypt & protect your personal information while transmitting between your PC and the Internet, as well as bypass & access geo-restricted contents.
However, all these goals can be fallen if your information is leaking out via a security hole or something else. Many VPN service providers out there, but not all of them are safe and protect you 100%. So, let’s take a look how to identify which VPN service is leaking your personal information and also learn how to protect yourself from these information leaks.
Table of Contents
How Did Your Information Leak Out?
Technically, when you connect to a VPN server, all of your traffic will go through an encrypted and secure tunnel, from your computer or device to the VPN server – the exit point, and then access the web or any other apps. To the outside world, your location is the location of the VPN server, such as United States, United Kingdom, Germany, or anywhere based on your choice. That’s great when you want to hide your real IP to access U.S.A streaming websites, right?
Nevertheless, there is nothing perfect. Many factors from your computer side can leak out your personal information that you don’t ever know. For example, the WebRTC communication protocol is one of many factors that can leak out your real IP if you don’t disable it. Even if you are behind one or two layers VPN, your real IP address is still being revealed.
Therefore, I have written this guide to help you learn more about information leaks when using VPNs and how to detect if your information is leaking out. Here are three methods that your personal information can be leaked out. Take a look at these methods and then use appropriate solutions to prevent them from leaking your information out.
Bugs And Protocols On Your Computer
As I mentioned above, the WebRTC communication protocol is one of many plugins, services or built-in functions on your computer or browser that can leak out your information. In this article, I will not go any further to discuss what is WebRTC. If you want to find out, read this article.
There are many VPN service providers allow you to try their service with trial programs. So just test them before using for main works or giving money for the premium subscription. Also, you can read these VPN reviews from CloudWards.Net. Many detailed & in-depth VPN reviews there that can help you to choose a good VPN service provider to use, protect your privacy against these kinds of information leaks. Check it out!
Here is a perfect result with a good VPN service, combine with a few extra steps to configure and disable everything that can leak out your information.
How To Disable WebRTC In Your Browser
The WebRTC is enabled by default on most of the internet browsers and it’s one of many factors that leak out your real location while using a VPN connection. In order to protect yourself against IP leak issues, I would recommend you to disable WebRTC on your browser.
To doing so, you can install ScriptSafe extension for Google Chrome, Opera or Disable WebRTC addon for Firefox. You can also disable WebRTC manually by typing “about:config” in the Firefox’s address bar, press Enter and then find the entry “media.peerconnection.enabled” and set its value to “false”.
You should be aware that when you disable WebRTC, some web-based apps and services will not work until you enable it. For example, some chat websites, Google Hangouts or food delivery sites that need to detect your real location.
Sometimes, without security flaws, there are chances that your DNS information can leak out. The causes are many but mostly come from your operating system configuration or error from the VPN provider.
DNS leaks aren’t bad like IP leaks. It’s a smaller issue, but many websites & online services still can detect your real location based on DNS information. As for instance, if the DNS server you are using belongs to a particular ISP that has location far away from where VPN located, then probably most of the websites & online services can quickly know that the VPN IP isn’t your real IP. It’s a fake one!
To check and verify that your DNS information isn’t leaking out, take a DNS leak test by using https://dnsleaktest.com. From the result, if this tool recognizes your real location or ISP, that means you have a DNS leak.
To prevent DNS leaks, I would recommend you change your default DNS server to be a third-party one, such as Google’s DNS, OpenDNS or any in this list. Technically, you don’t use DNS server of your ISP anymore. By that, websites & online services will know that you are using a third-party DNS server, but don’t know what your real ISP is.
If you are using Windows 10, I highly recommend you to turn off “Smart Multi-Homed Name Resolution“. It’s a new feature in Windows 10 to improve the web performance by sending all DNS requests to all available resources at once, and then choose to use the fastest one. By that, Windows 10 sometimes will redirect DNS requests through your the DNS server of your ISP instead of the DNS of your VPN provider.
To disable this feature, press Windows + R , fill in “gpedit.msc” and press Enter . The Local Group Policy Editor will show up, just navigate to Computer Configuration -> Administrative Templates -> Network -> DNS Client . Then find “ Turn off smart multi-homed name resolution ” and double-click on it, choose “ Enable ” and then click on the “ OK ” button.
You know, the Internet is running out of IPv4. That’s the reason why IPv6 has been invented. For further details about IPv6, read this explanation from Wikipedia.Org.
While the IPv6 is good at resolving the running out of IP address problem, it’s not really good at protecting your online privacy. For example, if you are using a VPN that doesn’t support IPv6, then all IPv6 requests will be ignored, and it won’t go through the VPN secure tunnel. Instead, these requests will go directly to the Internet. Therefore, your IPv6 address and its DNS information will be leaked out. This is a serious problem, and you should be aware and proactively protect against it.
VPNs (Virtual Private Networks) are great for security, but one of the big reasons many people use one is to mask or change their IP address. Thus, one of the essential motivations to utilize a VPN is to conceal your actual IP address. In addition, while using a VPN, all of your web movements are encoded and sent to a VPN server. These servers, which handle all the data on the server side and is run by your VPN provider, are encrypted.
This implies that outside eyewitnesses can only see the IP address of the VPN server and not your actual IP. VPN providers take strong measures to protect user IPs, including using shared IPs and not maintaining logs. However, there is still a chance that your IP address can be discovered while using a VPN. Read on to learn how to find out if your VPN is leaking your IP and what you can do about it.
An IP leak is the leaking of a user’s real IP address while connected to a VPN service. It can occur in a situation where a user’s computer is unknowingly accessing default servers rather than the anonymous VPN servers assigned by the network such as VPN. Here is simple example to understand IP leak while you are using a VPN:
Say you want to access some content that is not accessible (i.e. geo-restricted) from your home country. When you log into your VPN account, usually you can choose between servers in different countries. The VPN will “pretend” you’re actually located in the selected region. Usually that’s enough to convince you that you are now virtually in a supported country – all good so far!
But, if you go to access that content and are still facing the geo-restrictions, this means that service you are trying to access from a restricted country is actually tracking your original IP rather than the IP from the VPN server. This means your VPN is leaking your original IP.
Most IP leak types can affect any network protocol at one time or another on your smartphones, but the best VPN providers have built workarounds into their software to minimize the likelihood of an IP leakage. IP leaks aren’t normally the fault of your VPN service provider. They are often caused by vulnerabilities in existing technology like browser plugins (flash), web browsing software and operating systems on our smartphones.
Similarly, some DNS leaks can expose your original IP address to the DNS server. If your VPN has the “DNS Leak,” it means your DNS requests are being sent to an unsafe DNS server (usually one controlled by your internet provider). Some VPNs have built-in DNS leak protection, use their custom DNS servers, and use special technology to assure that your DNS requests are always routed securely, inside the encrypted VPN tunnel.
Some ISPs use a technology called “transparent DNS proxy”. Using this technology, they can intercept all DNS requests moving through their servers. If you specify the different DNS server on your home PC or router, it’s possible these requests could still be intercepted. If you have changed your DNS settings to use an ‘open’ DNS service such as Google or OpenDNS, expecting that your DNS traffic is no longer being sent to your internet provider’s DNS server, you may be shocked to find out that they are using transparent DNS proxying.
Your ‘real’ IP address is the one which is assigned to you by your internet service provider and can be used to identify your unique internet subscription specifically. All devices on your home network will share the same IP address.
Here are few useful steps through which you can check whether your VPN is working fine and not leaking your IP address:
Step 1: Check your IP – Make sure that your VPN is NOT connected. If you are sure that your VPN is disconnected, then go to Google and type “what is my IP address” to check your real IP.
Step 2: Sign in to VPN – Log into your VPN account and connect to the server of your choice. Verify twice that you are connected.
Step 3: Check your IP again – Go to Google and type “what is my iIP address” again to check your new IP. You should see a new address, one that corresponds with your VPN and the country you selected.
Step 4: Do IP Leak test – Several free websites allow you to check if your VPN is leaking IP. There is a good tool for IP Leak tests in regards to user’s online privacy. It’s unique because it’s a modern web app and includes a free API to use on your smartphones. Most IP or DNS leak tests used today are generally not mobile friendly, but more importantly outdated. For example, this tool’s API checks if DNS over TLS is enabled, which is missing from the older DNS leak test sites. This may be a relatively new protocol, but will become an increasingly important feature since it keeps your DNS requests encrypted. Its API also checks to see if DNSSEC is enabled or “Checking Disabled” is on or off. DNSSEC provides origin authority, data integrity, and authenticated denial of existence. So overall these results give you a more complete picture of your privacy and security settings.
There is another common leak named ‘Dropped Connection’ which occurs if your VPN disconnects suddenly, in which case all your web traffic will be routed through your regular Internet connection (less secure). This is the common IP leak and also the easiest to prevent.
Choosing a VPN service with a kill-switch feature is the right choice even for your smartphones. A kill-switch is a critical piece of your VPN client software that continuously monitors your network connection and makes sure that your true IP address is never exposed online in the event of a dropped VPN connection. If it detects a change, it will instantly stop all internet connectivity and try to reconnect to the VPN automatically. I recommend looking for this feature when you are comparing VPNs.
VPNs can be a great tool for protecting your privacy online, but sometimes they can be undermined. I hope this post has opened your eyes to risks of IP leaks and the importance of regularly checking for them to ensure your information is staying safe.
Note: This blog article was written by a guest contributor for the purpose of offering a wider variety of content for our readers. The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of GlobalSign
VPNs are great for security, but one of the big reasons many people use one is to mask or change their IP address. This lets you get around location-based restrictions on content, or check if your provider is throttling your connection. Unfortunately, a new security flaw can reveal your real IP address to prying eyes, even if you’re using a VPN, and it’s easy to exploit. Here’s how it works, and what you can do about it.
What’s All This Now? Is My Data At Risk?
Let’s back up a bit. A Virtual Private Network, or a VPN, is great for encrypting your data and boosting security , but it’s also useful to obscure your IP address. Your IP address is assigned to your internet connection by your service provider, and it can reveal who your service provider is and (in general) where you’re located. If you’ve ever visited YouTube and seen “Sorry, this video isn’t available in your country,” or tried to sign up for a new service only to find out your country isn’t supported, your IP address is how they know.
Why You Should Be Using a VPN (and How to Choose One)
You may know what a VPN, or Virtual Private Network, is; you probably don’t use one. You really…
Bosch 12V Brushless Drill/Driver Combo Kit
Lightweight, fast-charging, and powerful
The powerful impact driver hammer and anvil system provide up to 975 inch-pounds of torque. The drill and driver give you 300 inch-pounds of torque with a max speed of 1,750 RPMs.
Many people use VPNs specifically to get around those location restrictions . When you sign in to a VPN, usually you can choose an “exit server,” or a location your VPN will “pretend” you’re actually located. Usually that’s enough to convince a service you’re in a supported country.
The Always Up-to-Date Guide to Streaming Blocked Content Overseas
Regardless of which end of whatever pond you’re on, region blocked content is annoying. Whether…
However, a recently discovered security flaw allows remote sites to take advantage of WebRTC ( Web Real Time Communication , a feature built in to most browsers) to reveal a user’s true IP address, even if they’re connected to a VPN. As far as we know, sites aren’t taking advantage of the flaw yet, but considering services like Hulu, Spotify, Netflix, and others are taking steps to identify and lock out VPN users, it’s not a stretch to assume they’ll start.
A few lines of code is all it takes to remove the location protection you get from using a VPN, and figure out where you’re actually located and who your internet service provider really is (who can then tie your address back to who you are specifically.) While the vulnerability is primarily browser-based right now, any application that can render web pages (and uses WebRTC) is affected, meaning anyone who wants to can see past your VPN to where you really are and who you really are. Advertisers, data brokers, and governments can use it to peek through your VPN to find out where your connection is really coming from. If you use services like BitTorrent, have a set-top box like a Roku, or just stream music or movies on your computer through a site that’s not available in your country (or you’re an expat and live abroad), the apps and services you use could suddenly stop working.
How Can I Check If My VPN Is Affected?
The flaw was documented by developer Daniel Roesler over at GitHub . Roesler explains how the process works:
Additionally, these STUN requests are made outside of the normal XMLHttpRequest procedure, so they are not visible in the developer console or able to be blocked by plugins such as AdBlockPlus or Ghostery. This makes these types of requests available for online tracking if an advertiser sets up a STUN server with a wildcard domain.
To see if your VPN is affected:
- Visit a site like What Is My IP Address and jot down your actual ISP-provided IP address.
- Log in to your VPN, choose an exit server in another country (or use whichever exit server you prefer) and verify you’re connected.
- Go back to What Is My IP Address and check your IP address again. You should see a new address, one that corresponds with your VPN and the country you selected.
- Visit Roseler’s WebRTC test page and note the IP address displayed on the page.
If both tools show your VPN’s IP address, then you’re in the clear. However, if What Is My IP Address shows your VPN and the WebRTC test shows your normal IP address, then your browser is leaking your ISP-provided address to the world.
When TorrentFreak talked to VPN providers about the problem , including our favorite , Private Internet Access , that noted that they could duplicate the issue, but they weren’t sure how they could stop the vulnerabilty on their end. Since the IP check takes place directly between the user and the site they’re connected to, it’s difficult to block. Even so, they published a blog post warning users about the issue. TorGuard , another of our favorite providers, also issued a warning to their users . Those warnings also say that the issue only appears to affect Windows users, but that’s not necessarily the case—many comments (and our own testing) note that depending on your VPN and how it’s configured, your IP address may be leaked even if you use a Mac or Linux system.
Five Best VPN Service Providers
A VPN, or a Virtual Private Network, is a great tool to protect your privacy and security while you
Virtual Private Network or VPN is the best way to mask your true identity from the outer world. VPNs are widely used by people so that they can unblock the restrictions or hide their browsing history. The actual purpose of a true VPN is to hide your true IP address and provide you with another one so that you can access all the contents without any restrictions. But what if your VPN isn’t doing what it is supposed to do.
Also Read : Shazam
Yes, it might be possible that your trusted VPN is leaking information which was supposed to be hidden. It can happen through some security loopholes that are still not recognized by your VPN services provider. Here, we are going to tell you the way to check whether your VPN service provider is doing its job or not. Let’s see the reasons behind your security breach and the way to fix it. Read This: Beginners Guide To Download a Copy Of Facebook Data
How It Is Happening?
VPN channels all your traffic through a tunnel to another exit point which cloaks your actual remote position and it appears like you’re accessing the information through that exit point. It is a great way to mask your true identity and location from the outside world; however, it’s not foolproof. There are some ways to overcome this security to know your actual positions. It happens because of all the points stated below.
Protocols and Bugs
Some web browsers like Chrome and Opera use WebRTC protocol which stands for Web Real Time Communication. There is a loophole in this communication protocol which allows some websites to know your actual location by sending a request to your web browser. Even you VPN can’t do anything to stop this from happening. However, not every website is using it but still, there is a possibility that they can start using this vulnerability in the future.
DNS Info Leakage
DNS leaks are not much harmful as IP address leaks but they are still unmasking your location. This generally happens due to the operating system, configuration, VPN service provider’s mistake or your mishap. Through your DNS information, anyone can locate you. Also Read: Know The Reason Behind Photos Getting Saved in DCIM Folder
It is the next step for IP address as IPv4 aren’t enough. Many of ISPs started supporting this new version of IP address but if your VPN service provider isn’t up to date then this can be the biggest reason behind the security breaches. As your VPN only mask your IPv4 IP address, not IPv6 which makes it open to all the third party websites. Through your IPv6 any websites can know your actual location and keep a track of your online activities.
How Can You Check Whether Your VPN Is Faulty Or Not?
It is very easy to ensure whether your VPN is doing the actual work for you or not. You can follow the steps below to make sure that your VPN is working correctly.
- You’ll have to determine your actual local IP without using your VPN. Just go to “WhatIsMyIP.com” websites to know your local IP.
- Note it down somewhere so that you can match it when we perform a leak test.
- Now, we are performing a leak test and we are going to use “ipleak.net” to do this task.
- Search for the above address without using your VPN.
- Now, check whether your local IP address matches the results shown on the website.
- Open your VPN and load the website.
- Now, if you’re seeing your local IP address on the screen then your VPN isn’t hiding your true location. And if the results are completely different then you don’t have anything to worry about.
As you can see that it is very easy to know your location through your IP address so if your VPN isn’t hiding it then you need to change your VPN service provider. You’re no longer hidden, change your VPN soon. Keep visiting our blog for more such informative piece.
How to check if VPN is leaking your IP address? VPNs are undoubtedly sterling security tools and help their users change or mask their IP addresses. This helps them bypass location-based restrictions on their preferred content or even check if their provider is deliberately throttling or slowing down their Internet connection. Unfortunately on the flip side, security flaws may suddenly reveal your true IP address, even if a VPN is being used and becomes easily exploitable. This means that your online privacy and security may be at risk. Not to mention that geoblocked channels might also be able to detect your real location. VPN leaks are serious. They can jeopardize your banking data, emails, passwords, and even social security numbers.
How to Check If VPN Is Leaking Your IP Address and Stop It
How Causes VPN Leaks?
The crux of the matter is that a VPN or Virtual Private Network obscures your IP address as also the identity of your service provider and your location also. Should you visit YouTube and see that a certain video isn’t for viewing in your country or made an effort to sign into a new service, to be told only that your country doesn’t enjoy the support, it implies that they know your IP address. Using VPNs will help you bypass these location restrictions. Here are the three major ways your VPN can leak your personal information.
Outdated Protocols And Bugs
A lot of VPN providers fail to keep their VPN protocols up-to-date. Back in 2014, Heartbleed bug was exploited to hijack VPN sessions. A year later, security flaw revealed that it’s easy to see the real IP-addresses of many VPN users through a WebRTC feature. In other words, even when connected to VPN, websites you visit can still see your real address in some instances.
Perhaps DNS leaks are the most well-known form of how a VPN connection can leak your IP address. DNS leaks are mainly causes by poor operating system configuration, user errors, and VPN provider bugs. DNS stands for ‘Domain Name System‘. It basically is a mechanism that turns website addresses into IP addresses. Similarly to IP leaks, DNS leaks can also expose your location. Windows OS is probably the most affected by DNS leaks because of how it handles DNS requests and resolution.
Even the IPv6 protocol can cause VPN leaks. Without being aware of it, IPv6 can expose private info such as your current location. IP protocols are necessary for you to be able to send and receive data on the Internet. Without them, you would not be able to visit websites, download files, or send emails. Due to the fact IPv4 IP addresses are running out, IPv6 IPs were introduced.
The issue is that some VPN services can only handle IPv4 requests and ignore IPv6 requests. If your ISP provides you with IPv6 but your VPN service ignores IPv6 requests, your VPN connection is probably leaking your real location and other sensitive data.
How to Check if VPN is Leaking your IP Address?
This is how it works: On signing into a VPN, you have the option of choosing an “exit server,” or any location that the VPN will “pretend” you’re located. That convinces any service that you’re actually located in a country that’s supported. So here’s how you check whether your VPN is leaking and what you can do to stop it.
- In order to check if the VPN in operation is affected, get into a site such as Whatismyip.network and take a note of your actual IP address that the ISP has provided.
- Subsequently, log into your VPN, select an exit server in a different country and verify your connection.
- Return to the Whatismyip.network site to recheck your IP address.
- Ideally, you will see a new IP address, corresponding with your personal VPN as also the country you chose.
Then visit the WebRTC test page while noting down the IP address that’s displayed there. When both tools project the IP address of your VPN, you know it’s all right. However, should the WhatIsMyIP.network reflect your VPN while the WebRTC test reveals your normal IP address, you know your browser is definitely leaking the address provided by your ISP.
Fix VPN Leaking – Disable Your Browser’s WebRTC
Firefox, Chrome, and Opera and browsers that are based on these have default enabled WebRTC. Internet Explorer and Safari don’t. Thus, they aren’t affected. Either way, if the above-mentioned test works in your own browser, you know that you’re affected.
Switching over to a browser that isn’t WebRTC-enabled works here. In case you want to continue with the same browser like Opera and Chrome, install Chrome Web Store’s ScriptSafe extension. It’s actually overkill but will disable your browser’s WebRTC. Opera users are at liberty to use this add-on by first bypassing some steps.
With Firefox, two options are available. You can either install Mozilla’s Disable WebRTC addon or directly disable the WebRTC by opening a new tab and locating “about:config” in the address bar. Click on the false setting on “media.peerconnection.enabled”. However, browser extensions that protect privacy such as uBlock, AdBlock, Disconnect, and Ghostery don’t eliminate this behavior. Also, bear in mind that your favorite privacy add-on or ad blocker will update itself to block the WebRTC in future.
Fix VPN Leaking – Configure VPN on Your Router
This is a more surefire way of protecting yourself beyond tweaking your browser when you update or install add-ons. Running your VPN on your router instead of doing it directly on your computer is a permanent method. This will protect all devices on the home network as also other devices like tablets, smartphones, and set-top boxes with the same encryption that your desktop gets from a VPN.
However, if you’re often changing exit servers, you need to tweak the router setup every time you wish to change. Similarly, if your connection is needed sometimes only and particularly for work and not streaming, you have to disable or enable your VPN on the router every time the switch is needed. The process may be complicated or easy and depends on your VPN and router. Just do not ask Napoleon Dynamite to do this for you!
Fix VPN Leak – Use Your VPN Apps
If you’re manually configuring a VPN connection, the risk of DNS leaks is higher and depends on your exact operating system configuration. VPN providers like ExpressVPN constantly update and optimize their VPN applications to prevent DNS leaks.
Choose the Right VPN Provider
In some cases, VPN users might be tricked into signing up with an inexpensive VPN service. Although you might be tempted to do so in order to save a few bugs, you might be compromising your privacy in the process. Free VPN services for instances are notoriously known for leaking IP addresses. You want to make sure that you are using a bullet-proof VPN service. We have compiled all the best VPN providers in this review guide.
How to See If VPN is Leaking Your IP Address – Conclusion
VPN leaking affects mostly Windows users, but depending on the VPN used and its configuration, your IP address may get leaked on a Linux or Mac system as well. The worst news is that because of VPN leaks, you think you are protecting your sensitive data while you’re actually exposed. Hopefully, the guide above has given you a better idea about how VPN can actually leak your IP address and how to deal with such instances in case you come across them.
One of the things we hear most frequently is “I have a VPN. I’m anonymous.”
It may be startling to hear but that’s not true. Not by a long shot.
To learn why, consider that there are three broad methods that hackers, corporations and other spies can use to obtain your personal information:
- Eavesdropping on your internet connection
- Gaining access to your computers and home network
- Collecting data from the websites you visit
Spying on your Internet Connection
If an attacker can gain access to your internet connection, they can collect metadata that tells them a lot about you.
From this data, they can infer your interests, income, hobbies, the number and types of devices you own, the websites you visit and more. Collectively, this data can be used to produce an impressive personal profile about you (are you a gambler? Do you drink too much?). At worst, an attacker can intercept unencrypted account information and take over your identity.
This attack is one kind to which you will be subjected if you connect to public wi-fi at a coffee shop or airport. But ISP and cellular carriers also collect this information about you, and with the fall of net neutrality, they will be selling it very soon.
A VPN is ideal for reducing this threat, so let’s move on to the others.
Gaining Access to your Computers and Home Network
Any software installed on your PC can potentially see what you are up to and transmit that information to third parties. In fact, if you use Chrome as your browser, Google does this exact thing when they transmit your browsing history to the cloud. Same with many other popular browsers. Once there, it is permanently stored to be used in any way they see fit, now or in the future.
When your antivirus software scans the URLs you go to, they are also collecting that data and selling it to advertising companies.
Your cellphone isn’t safe either. A 2013 study showed that over 80% of the top iOS and Android apps were leaking personal data. And haven’t you ever wondered why Google invested so much money in Android, just to practically give it away? It’s because your data is so valuable, that they have spent billions building and maintaining a “walled garden” just so they can collect it.
As we head into the “Internet of Things” (IoT) era, we should become increasingly alarmed about the potential for any of the numerous devices on our home networks to act as security back doors as well the possibility that they may even be overtly spying on us.
It isn’t possible to use a VPN with most of your devices. And even for those devices which do allow you to use it, this doesn’t prevent apps from accessing personal data nor does it prevent the device from bypassing the encrypted connection. For instance, your Intel computer is likely running Minix, a secret operating system with full access to your files and network that you have no control over. And for years, Google Chrome has been using a protocol called QUIC which bypasses firewalls and other security gateways, giving them unfettered access to your browsing history.
VPNs can’t prevent this kind of privacy attack. Once something is running on your computer or home network, it can usually communicate freely with the outside world.
Collecting data from the websites you visit
It is a well known fact that many websites sell their usage data. It is not so well known how promiscuously this data is shared throughout the advertising ecosystem.The songs you listen to on Spotify, the searches you conduct on Google, the items you buy on Amazon. all of it is for sale.
This data is aggregated into clumsy and insecure databases known as “DMPs” and tied to you through your unique audience identifier, a kind of digital social security number that you aren’t allowed to access.
If you login to these sites, you typically agree to allow them to do whatever they want with your data. However, even sites that you don’t typically log in to, such as entertainment sites, newspapers and blogs also uniquely identify you using a variety of methods, such as cookies or browser fingerprinting.
Have you searched for anything related to medical symptoms? Your insurance company is willing to pay to find out.
VPNs can’t protect you against this form of data collection, because their code is allowed to enter your network and run (almost) without any limits. Using these methods, it is relatively easy to identify an individual even though they are using a VPN.
What’s The Solution?
VPNs are useful for cloaking your IP address and are often ideal for file sharing services or accessing geographically limited content.
But for everyday internet use, you need something different:
- You need to protect all of your devices and applications. even hidden ones you may not know about
- You need to encrypt your DNS
- You need to block application layer tracking technologies (cookies, browser fingerprinting, etc)
- You need to block tracking and advertising services at the network layer
Furthermore, these things matter a great deal for most people:
- It shouldn’t break streaming or gaming
- It should be fast
- It should just work without too much tweaking
A smart hardware device is called for. Because if all outbound internet traffic is forced to go through a single point, then even apps running secretly on your network can be stopped from transmitting data to the outside world.
Similarly, by monitoring all inbound traffic, we can stop corporations and hackers from transmitting code to our devices and spying on us, consuming bandwidth and slowing down our computers.
Winston was built as new type of security device, one which combines a firewall, IP cloaking and much more to eliminate as much bloat and data collection as possible.
What Is a DNS?
The Domain Name System (DNS) is an internet protocol that translates website addresses into code so they can be read by computers. This is crucial to helping internet users visit their favorite websites, access search engines, use social media, and watch streaming services.
The DNS translates a web address into an Internet Protocol (IP) address, which enables computers to recognize the location a user wants to access and helps devices communicate with each other. Web browsers use DNS servers to discover the IP address that users search for and enable people to get a more user-friendly experience on the internet.
Users’ DNS requests go to servers that are operated by their internet service provider (ISP), which records user data in logs. This can be a privacy concern because that data can be subpoenaed by law enforcement agencies to track user activity, or in some countries, sold to advertisers and other third parties without the user’s permission. However, users can avoid this by using a virtual private network (VPN) to keep their browsing activity encrypted, private, and secure.
What Is a DNS Leak?
A DNS leak is a security flaw that occurs when requests are sent to an ISP’s DNS servers even when a VPN is being used to protect users. A VPN is designed to encrypt a user’s internet connection, which keeps their traffic in a private tunnel that hides all of their browsing activity. That means all the user’s internet searches and website visits are hidden from everyone except for their VPN provider.
However, a DNS leak occurs when the user’s DNS requests move outside the encrypted tunnel and become visible to their ISP. As a result, all their browsing activity, including their IP address, location, and web searches, goes through the ISP in the same way it would if they were not using a VPN.
How Can a DNS Leak Happen?
There are several situations that can result in a DNS leak occurring, including:
- An improperly configured VPN: A DNS leak is most likely to occur when a VPN is configured improperly and assigns a DNS server belonging to the user’s ISP. VPNs require a user to connect to their ISP before they log in to the VPN, so this is likely to occur when users regularly use multiple networks.
- An ineffective VPN service: A VPN service that does not have its own DNS servers will result in DNS leaks occurring and will fail to provide effective protection from DNS leaks.
- No Internet Protocol version 6 (IPv6) support: IP addresses were originally 32-bit Internet Protocol version 4 (IPv4) addresses with four sets of three digits. But 128-bit IPv6 addresses have been created to extend the pool of IP addresses and accommodate more devices. The internet is still transitioning, and some VPNs may not support IPv6, which may push a user’s DNS request outside of the encrypted tunnel.
- Transparent DNS proxies: Some ISPs have started forcing customers to use their DNS servers even when they change their settings to a third-party VPN. If the ISP detects DNS setting changes, it uses a transparent proxy that forces a DNS leak by redirecting the user’s web activity to its own DNS servers.
- Windows smart features: Microsoft introduced a feature known as Smart Multi-Homed Name Resolution (SMHNR) in devices using operating systems from Windows 8 onwards. The feature submits DNS requests to available servers and accepts whichever DNS server responds first. This can cause a DNS leak and leave users open to spoofing attacks.
- Windows Teredo: Windows operating systems include a built-in feature called Teredo that aims to ease the transition from IPv4 to IPv6. It helps the two IP systems coexist more easily but creates a huge security issue for VPN users. That is because Teredo is also a tunneling protocol that can take precedence over a user’s encrypted VPN tunnel.
Is a DNS Leak Bad?
A DNS leak can be serious because it contravenes the reasons why a user deploys a VPN service. It can result in users’ private information, such as browsing activity, IP address, and location, unknowingly being leaked to their ISP, third-party organizations, and malicious actors monitoring network activity.
Is My DNS Leaking?
Internet users can check whether their DNS is leaking by testing their VPN connection. Many VPN suppliers and vendors provide tests that show the DNS server the user is connected to and supply additional information about their browsing session.
How Does a DNS Leak Test Work?
A DNS leak test provides users with information about their VPN connection, including the active IP address and location. This can be compared against their real IP address and location for a DNS leak check. Users can also run a DNS status check, which displays whether they are using DNS servers that belong to their ISP or their VPN. The tests also provide advice on DNS leak protection as well as how to fix an issue.
Are DNS Leak Tests Safe?
Reputable VPN providers provide DNS leak tests that are safe and secure. Users should avoid DNS leak tests from untrusted providers.
How Do I Fix a DNS Leak?
A standard DNS leak can be fixed by configuring a VPN to only connect to its own DNS servers. This will force a computer to only use the VPN’s DNS servers and not connect to the user’s ISP.
In the case of the Windows SMHNR issue, this can be more tricky because it is built into the operating system. Some VPN providers enable Windows 8 and Windows 10 VPN users to install a free plugin that resolves the issue, while other users will need to contact their VPN for support.
How Fortinet Can Help
The Fortinet FortiTester solution enables users to test for DNS leaks. It checks the latency of a user’s network connection or DNS server. FortiTester enables organizations to future-proof and secure their infrastructure by assessing the people, processes, and technologies accessing their network.
What is DNS?
The Domain Name System (DNS) is an internet protocol that translates website addresses into computer language. This helps internet users visit websites and enables devices and websites to talk to each other.
What is a DNS leak?
A DNS leak occurs when virtual private network (VPN) users’ browsing activity is exposed outside of their encrypted connection.
Is a DNS leak bad?
A DNS leak can be bad because it makes private browsing data available to internet service providers (ISPs), third-party organizations, and hackers.
Is my DNS leaking?
VPN vendors provide DNS leak tests that enable users to check the status of their connection, Internet Protocol (IP) address, and DNS server.
When using the internet, do not take security for granted. It is especially true even if you’re using a virtual private network service, or VPN, because there is still a possibility that your security could be, for the most part, in danger. There are a couple of drawbacks some VPNs may have that can leak your data or information into the wrong hands, or disclose your IP address.
More often than not, people opt to use a virtual private network service for many reasons, for example, masking IP addresses, securing data, and restoring access to geo-restricted contents. When you use a VPN, you can appear as if you are in a different location because you use the IP address of the virtual private network rather than the one given by the internet service provider (ISP).
Ensuring that your VPN is a hundred percent secure and safe is critical not to leak any vital information to anyone. For a little help, here’s how to test, check, and verify that your VPN is indeed secure. So, take a read!
Local and Public IP Addresses
You need to understand and learn how IP addresses work so that you’ll know how VPNs safeguards your IP address. For the most part, there are two IP addresses types, local and public. The local IP address isn’t unique and does not distinguish who you are.
Instead, it is your public IP address that’s particular to you and creates your distinct identity when accessing the internet. Privacy leaks happen when Web Real-Time Communication or WebRTC reveals your public IP address rather than the IP address of your VPN.
Believe it or not, a website can disclose your public IP via WebRTC. This problem is extremely bothersome if hackers utilize this browser feature because they can get your IP address and determine your exact physical location.
The security aided by VPNs is negated if a hacker uses the WebRTC protocol to reveal your exact ISP IP address, meaning, anyone can access or know your location. The WebRTC protocol can be utilized on both Chrome and Firefox to expose your IP address. However, this danger does not apply to all virtual private network services, for example, the best paid vpn available today.
Is Your VPN Vulnerable?
Chrome and Firefox on all devices are susceptible or penetrable when WebRTC is enabled. For a little help, follow these helpful steps to check if your VPN is affected or influenced by this kind of hacking:
- Know Your Public IP Address
So, the first step is to find out your public IP address. You can see it by turning off your virtual private network service and searching “what is my IP address” in the Google search box. Keep in mind not to use the internet via your VPN.
- Log in and Join Your VPN Connection
The second step is to log in and connect to your VPN connection, then do the first step again. By then, you will know the IP address of your preferred VPN server. Compare the original IP address from step one and the IP address obtained from step two. If you made certain that you switched off your VPN to know your actual IP address and obtained the same addresses for both the first and second steps, then your public IP address is, for the most part, exposed to the world. But if you obtained a different IP address for both then move on to the next step.
- Inspect Your IP Address on BrowserLeaks
You can make certain that your VPN is safe and secure by inspecting and studying the IP address on BrowserLeaks. If you see the IP address of your VPN, then your IP address is indeed secure. If not, then your IP is leaked to the world.
You can switch off the WebRTC protocol on your Firefox and Chrome to guard and shield yourself from this kind of data breach. Most web browsers have enabled WebRTC by default. But some people experience a slow-running browser when they switch off WebRTC.
When using the web, hackers can track you using different methods . One example is through a browser extension. Browser extensions in Chrome are, for the most part, penetrable to leaks. To check for extension leaks, enable the Chrome plugin from your virtual private network service, copy and paste this URL chrome://net-internals/#dns in your browser, double click “clear host cache,” and go to any website to check the vulnerability.
Inspect and study the three common types of VPN leaks, browser extension leaks, DNS leaks, and WebRTC leaks, to ensure that your VPN is extremely secure. Moreover, ensure that you select or pick out a high-quality VPN provider to optimize the effectiveness, functionality, and efficiency of your virtual private network server.
About the Author:
Tyler Pack is a real estate consultant and journalist, with a passion for smart homes technology. He is keen on writing about home and property security, and cybersecurity.
JP is our CTO. He has over 25 years of software engineering and networking experience, and oversees all technical aspects of our VPN testing process. Read full bio
- What Is a VPN?
- Which VPNs Leak?
VPN leaks can expose your IP address and activity to anyone viewing your connection. Unless you know how to detect them, you may never know they’re happening. Find out which VPNs leak with up-to-date research from our experts.
Many VPN services that claim to protect your privacy are in fact leaking your IP address, DNS requests, and location without you even knowing it.
Your VPN connection may seem safe: there are no notifications or errors, your VPN service has a strict no-logging policy, and it’s headquartered in a privacy-friendly jurisdiction.
However, it’s still possible your internet service provider (ISP), government, and anyone else monitoring your traffic is watching everything you do online.
One study of free VPN applications found that over 80% of the VPNs tested leaked their users’ IP address.
Our own investigation into free VPNs revealed that 25% of the most popular free Android VPN apps fail to protect users due to DNS and other leaks.
Unless you know how to detect IP and DNS leaks, you may never know that your VPN is leaking.
There is no room for error with these leaks: just one leaked data packet is enough to reveal your identity and activity to anyone viewing your connection.
So which VPNs can you trust to hide your IP address?
We tested 90 of the most popular VPN services for data leaks. We found that a significant number of popular VPNs leak some kind of user data through DNS or WebRTC:
- 19% leak user data in some form
- 16% leak DNS requests
- 6% leak your IP address through WebRTC
We also found leaks in as many as 17 of the VPNs we’ve reviewed. That’s 19% of the ‘best’ VPNs on the market.
All the 90 VPNs we tested, and the data they leak, are listed in our VPN leaks comparison table.
To test your own VPN for IP and DNS leaks, use our all-in-one VPN leak test tool.
What Is a VPN Leak?
A ‘leak’ is when your VPN exposes personal information that could be traced back to your true identity. This typically refers to your IP address, DNS information, or geographic location.
VPN leaks reveal your identity and activity to your ISP, government, and any other third party monitoring your connection. For this reason, a leaking VPN is fundamentally useless.
You undoubtedly want to keep this information private, so VPN providers market themselves accordingly. The truth is, however, that most VPN protocols were not actually designed with privacy in mind.
By default, most protocols send DNS requests to default servers. They leak IPv4 traffic when forced to reconnect, and they are usually completely oblivious to IPv6 traffic. Only the VPNs specifically developed to offset these problems will offer you protection.
Here is a summary of the four main types of VPN leak:
IP Address leaks: IP leaks occur when your VPN fails to mask your personal IP address with one of its own. This is a significant privacy risk as your ISP and any websites you visit will be able to link your activity to your identity.
DNS leaks: A VPN is supposed to route your DNS requests to its own DNS servers. If your VPN routes these requests to your ISP’s DNS servers instead, it’s called a DNS leak. This exposes your browsing activity and any websites you visit to any other eavesdroppers. To find out which servers your device is using, you can test your DNS servers using our tool.
WebRTC leaks: WebRTC is a browser-based technology that allows audio and video communications to work inside web pages. WebRTC has clever ways of discovering your true IP address even if a VPN is on. The best VPNs block WebRTC requests.
To find out if your VPN is working as it should, you can run your own basic test at home using our VPN and Torrent IP leak testing tool. It requires very little technical knowledge and takes just a matter of minutes.
You can also conduct a basic manual test for IP leaks using our What Is My IP checker tool.
Simply check your IP address before and after connecting to a VPN server – if your IP address doesn’t change, your VPN isn’t working.
Which VPNs Leak Your Data? (90+ Tested)
We tested 90 of the most popular VPN services for data leaks. Our research revealed that a significant number of VPNs leak some kind of user data through DNS or WebRTC.
We found that of the 90 services tested:
- 19% leak user data in some form.
- 16% leak DNS requests.
- 6% leak your IP address through WebRTC.
The following tables list all 90 VPNs and the specific types of data they leak. If you’re searching for a specific VPN, use Ctrl+F to find the provider you’re looking for. An asterisk means we detected a leak when using the VPN’s browser extension or other custom application.
If you’d like to skip this table, you can jump straight to the bottom line on VPN leaks.
We have always commented in our articles that one of the aspects that users value the most when they connect to the network is the security of their privacy. This is why the use of different tools is necessary and one of them is VPN. This is the virtual private network and in the next tutorial we will show you How to check if my VPN is leaking my personal data?
Through the VPN we can feel that our personal information is safe and protected from anything that could violate it. But doubt always appears and that question within us, is it really private? is there any way or way that we can know How to check if my VPN is leaking my personal data?
Of course, before you can answer that question, you can also ask yourself what is a VPN And what is it for, how does it work and what is the best VPN? You can answer these questions and other questions you have on this topic. But many people tend to confuse VPN with a Proxy connection and they have a big difference.
How to check if my VPN is leaking my personal data?
When you have a VPN on your properly functioning Windows computer, it becomes an impenetrable wall for them to spy on your data. In addition to offering you other options, this is why every day more users are added to the use of this tool. So in this way we can navigate safely, even if we connect through public WiFi networks.
VPNs also prevent the collection of data and information by the companies that provide the service of telecommunication. Then you wonder what kind of information the operators can get. Well, they can know your exact location, as well as the pages you visit and frequent and the different services we use.
You may also be interested in:
Using Canva Easily To Stories Designed To Instagram
But without a doubt, the most common use of this tool is to avoid the geo-blocking. Therefore, we can access a specific service that is blocked in a country. In this way, through the use of the VPN, we can enter the website without any problem, thereby circumventing the restriction that existed.
What can we do to check the VPN
It is important to note that VPNs unexpectedly stop working correctly and this can lead to future problems for our security. So so that a filtration of our data we must make use of a tool. And this is none other than a web page that will provide us with the information we need in a very simple and fast way.
So to know or check if my VPN is leaking my personal data, we are going to use IP Leak. Through this page, we will know through the IP address what our current location is. As is already known, VPNs can hide the IP address that we have, so that we can surf the net as if we were in another country and not ours.
We simply use the page and it must tell us from which country we are connected, so the IP Address must match the VPN. In this way we can verify that our VPN is working correctly and we should not be alarmed. But on the contrary, if the IP address and the VPN do not match, then there is a problem and it will have to be corrected.
Another page that we can use and that offers us a similar service is DNS Leak Test, To use it we must enter it and select the option Start test. This action will generate that it begins to carry out tests to our system, when it finishes it will show us what our geographical location is, it should never show us the real IP address but the one that appears in the VPN.
You may also be interested in:
How To View And Check The Ping And Fps In Pubg Easily – Player Unknown’S Battlegrounds
This is why we recommend you make use of a VPN service that works correctly, that is secure, so that you do not have problems with your security. And so we finish this instructive article, which shows you the easy and fast way that exists to check if my VPN is leaking my personal data.
How useful did you find this content?
Click on a star to rate!
Submit the score
Average score 0 / 5. Counting of votes: 0
So far, no votes. Be the first to rate this content.
I’m sorry this content was not useful for you!
We have always commented in our articles that one of the aspects that users value most when connecting to the network is the security of their privacy. That is why the use of different tools is necessary and one of them is VPN. This is the virtual private network and in the next tutorial we will will show how do I check if my VPN is leaking my personal data?
grace to VPN, we can feel that our personal information is safe and protected from anything that might violate it. But doubt always arises and this question in us, is it really private? is there a way or a way to know How do I check if my VPN is disclosing my personal data?
Of course, before you can answer this question, you might also ask yourself what a VPN and what is it for, how does it work and what is the best VPN? You can answer these and other questions on this topic. But many people tend to confuse VPN with a proxy connection and they have a big difference.
How do I check if my VPN is leaking my personal data?
When you have a VPN on your Windows computer that works properly, it becomes an impenetrable wall for them to spy on your data. In addition to offering you other options, that is why every day more and more users are added to use this tool. So we can browse safely, even if we connect through public WiFi networks.
VPNs also prevent the collection of data and information by the companies that provide the service. telecommunication. Then you wonder what kind of information operators can get. Well, they can know your exact location as well as what pages you visit and frequent and the different services we use.
But without a doubt, the most common use of this tool is to avoid the geo-blocking. Therefore, we can access a specific service that is blocked in a country. In this way, through the use of the VPN, we can access the website without any problem, thus bypassing the restriction that existed.
What can we do to verify the VPN
It is important to note that VPNs unexpectedly stop working properly, which can cause future problems for our security. To prevent a fuite of our data does not happen, we have to use a tool. And it is just a web page that will provide us with the information we need in a very simple and fast way.
So, to know where check if my VPN is leaking my personal data, we will be using IP Leak. Thanks to this page, we will know thanks to IP address what is our current position. As we already know, VPNs can mask the IP address that we have, so that we can surf the net as if we were in another country and not our own.
We just use the page and it needs to tell us which country we’re connecting from, so the IP address needs to match the VPN. This way we can verify that our VPN is working properly and we don’t have to be alarmed. But on the contrary, if the IP address and the VPN do not match, then there is a problem and it will have to be fixed.
Another page that we can use that offers us a similar service is DNS Leak Test, to use it, we need to enter it and select the Start test option. This action will make it start testing our system, when it finishes it will show us our geographic location, it should never show us the real IP address but the one that appears in the VPN.
That is why we recommend that you use a well-functioning VPN service that is secure, so that you do not have any issues with your security. So we end this instructional article, which shows you the quick and easy way to check if my VPN is disclosing my personal data.
A VPN is a great privacy tool that hides your location and IP address. But, not all services protect your privacy as they should.
Misconfigured apps may leak your real IP address thus revealing your true identity. If you’re concerned about your connection status, you should do a VPN test. So, how to check if VPN is leaking IP address?
Let’s first take a look at the ways how your service can leak your IP address.
Table of Contents
What is IP Leak?
A VPN leak reveals your real IP address when connected to a server. It can happen due to misconfiguration or poor technical implementation. A VPN leak can expose your identity by leaking your IPv4, IPv6, DNS, and WebRTC requests. A secure service will never leak your IP in any circumstance.
An IP address is the most accurate identification of who you are online. It is critical for a VPN service to keep this information hidden. If your IP is leaked this means that:
- all online activity can be linked to you
- your connection is no longer private
- your torrenting and P2P downloads can be detected
- websites know who you are
- your ISP knows where you browse
Let’s see what leaks a VPN may have.
IPv4 and IPv6 Leaks
IPv4 is the most common version of the IP address that is used on the web. It is a direct link between you and your browsing activity. No VPN should ever have a simple IPv4 leak. If it does, this means that the service has some serious technical issues. You should stop using such a VPN service and switch to the one that does not leak.
IPv6 leak is like an IPv4, but it is just a different version of the same address. Many ISPs like Verizon or Comcast already assign you both versions of addresses.
If a VPN provider does not take into account IPv6 there’s a chance it can leak it. Nowadays the best providers have IPv6 leak protection that blocks this type of IP.
A DNS leak can reveal the websites you are visiting to your ISP. Your device queries the IP address of the website you are trying to access before even connecting to it. These DNS requests must be routed inside an encrypted VPN tunnel.
If VPN apps do not handle these requests there’s a risk that the websites you access are exposed. To prevent this, it is best to use a VPN that uses its own private DNS addresses.
WebRTC is a browser feature that is commonly used for real-time communication. This technology allows faster speeds for video chats, live streaming, and file transfer. But when it comes to privacy it may not be the best solution out there.
WebRTC can create communication channels outside the encrypted tunnel. VPN apps can not control this feature and thus it has to be handled manually. You can also turn it off with a VPN extension for your browser.
How to Check if VPN is Leaking IP Address?
When you want to check if your VPN is leaking IP addresses you need to do a VPN test. IP leak tests will show you if your service is properly configured and verify all types of leaks. IP leaks might be inconsistent, so it’s best to check with a few VPN servers.
Here’s how to check if VPN is leaking IP address:
- Step 1: write down your current IP address when you are not connected to a VPN. You can check your real IP address at https://ipleak.net/
- Step 2: Connect to a VPN server you wish to test
- Step 3: Go to ipleak.net and wait until all automatic tests will finish. It is best to run this test on a clean browser session. You can use the Private Window to avoid any false positives as the websites may cache the data.
- Step 4: Check the results. If you are connected to a VPN server and you see your IP address, it means that a VPN is leaking IP address.
- Step 5: Double-check. Use browserleaks to verify your results. This is another great website that can check for any of the leaks a VPN might have.
What to Do if a VPN Is Leaking Your IP Address?
If you noticed that a VPN is leaking your IP or DNS, it is a bad sign. You should immediately change to a VPN with DNS protection. Services like NordVPN, AtlasVPN, PrivateVPN are the best choices for privacy.
It is not much you can do to fix those issues as it depends on the under-the-hood configurations. Changing to a different VPN server might temporarily help, but a root cause can only be fixed by the provider itself. A VPN with an IP leak is unsafe to use.
What to Do In Case of a WebRTC Leak?
As mentioned before, WebRTC is a tricky technology that a VPN can not control. To protect yourself from this leak you can disable it manually or use a VPN browser extension.
The best VPN services have extensions that can easily disable WebRTC with just a button click. Another way is to disable it manually in browser settings.
How to Disable WebRTC on Chrome:
To disable WebRTC leak on chrome you need to install the WebRTC Leak Prevent extension. It will block any IP leaks associated with it, but will not disable it. It modifies privacy and security settings so that you can still use it.
How to Disable WebRTC on Firefox:
- Type into URL field “about:config” and accept the risk
- Type “media.peerconnection.enabled” into a search bar
- Change the value to “false”
- That’s all, you are protected from WebRCT leak on Firefox!
What Happens if Your VPN Leaks?
Your Identity Gets Exposed
A VPN can hide your identity from the websites you visit. It does so by using a VPN server’s IP address on your behalf. If your real IP is leaked then this means your location and your identity is exposed. A leaking VPN can not protect you from being tracked by advertisers or being traced.
Reveals Browsing Habits to ISP
If your DNS requests are leaking this means that ISP knows where exactly you are trying to connect. ISP can read the logs that are stored on the DNS server. All your browsing activity can be traced back to you if the VPN did not handle DNS queries.
You Can Get a Fine For Torrenting
IP leaks are common among poorly made VPNs. They can have IP, DNS, or WebRTC leaks. To check if your VPN leaks, you need to do a VPN test. It will show if you can trust a VPN with your privacy.
The best VPNs will never leak your IP and provide you the tools to be protected at all times.
Here are some VPNs with IP and DNS leak protection:
By Thorin Klosowski
Illustrations by Jon Han
By making a few simple changes to your devices and accounts, you can maintain security against outside parties’ unwanted attempts to access your data as well as protect your privacy from those you don’t consent to sharing your information with. Getting started is easy. Here’s a guide to the few simple changes you can make to protect yourself and your information online.
Use These Tools
Make smart use of the tools available to keep your data safe.
Secure your accounts
Why: In the past decade, data breaches and password leaks have struck companies such as Equifax, Facebook, Home Depot, Marriott, Target, Yahoo, and countless others. If you have online accounts, hackers have likely leaked data from at least one of them. Want to know which of your accounts have been compromised? Search for your email address on Have I Been Pwned? to cross-reference your email address with hundreds of data breaches.
How: Everyone should use a password manager to generate and remember different, complex passwords for every account — this is the most important thing people can do to protect their privacy and security today. Wirecutter’s favorite password managers are LastPass and 1Password. Both can generate passwords, monitor accounts for security breaches, suggest changing weak passwords, and sync your passwords between your computer and phone. Password managers seem intimidating to set up, but once you’ve installed one you just need to browse the Internet as usual. As you log in to accounts, the password manager saves your passwords and suggests changing weak or duplicate passwords. Over the course of a couple of weeks, you end up with new passwords for most of your accounts. Take this time to also change the default passwords for any devices in your house — if your home router, smart light bulbs, or security cameras are still using “password” or “1234” as the password, change them.
Everyone should also use two-step authentication whenever possible for their online accounts. Most banks and major social networks provide this option. As the name suggests, two-step authentication requires two steps: entering your password and entering a number only you can access. For example, step one is logging in to Facebook with your username and password. In step two, Facebook sends a temporary code to you in a text message or, even better, through an app like Google Authenticator, and you enter that code to log in.
Protect your Web browsing
Why: Companies and websites track everything you do online. Every ad, social network button, and website collects information about your location, browsing habits, and more. The data collected reveals more about you than you might expect. You might think yourself clever for never tweeting your medical problems or sharing all your religious beliefs on Facebook, for instance, but chances are good that the websites you visit regularly provide all the data advertisers need to pinpoint the type of person you are. This is part of how targeted ads remain one of the Internet’s most unsettling innovations.
How: A browser extension like uBlock Origin blocks ads and the data they collect. The uBlock Origin extension also prevents malware from running in your browser and gives you an easy way to turn the ad blocking off when you want to support sites you know are secure. Combine uBlock with Privacy Badger, which blocks trackers, and ads won’t follow you around as much. To slow down stalker ads even more, disable interest-based ads from Apple, Facebook, Google, and Twitter. A lot of websites offer means to opt out of data collection, but you need to do so manually. Simple Opt Out has direct links to opt-out instructions for major sites like Netflix, Reddit, and more. Doing this won’t eliminate the problem completely, but it will significantly cut down the amount of data collected.
You should also install the HTTPS Everywhere extension. HTTPS Everywhere automatically directs you to the secure version of a site when the site supports that, making it difficult for an attacker — especially if you’re on public Wi-Fi at a coffee shop, airport, or hotel — to digitally eavesdrop on what you’re doing.
Some people may want to use a virtual private network (VPN), but it’s not necessary for everyone. If you frequently connect to public Wi-Fi, a VPN is useful because it adds a layer of security to your browsing when HTTPS isn’t available. It can also provide some privacy from your Internet service provider and help minimize tracking based on your IP address. But all your Internet activity still flows through the VPN provider’s servers, so in using a VPN you’re choosing to trust that company over your ISP not to store or sell your data. Make sure you understand the pros and cons first, but if you want a VPN, Wirecutter recommends IVPN.
Use antivirus software on your computer
Why: Viruses might not seem as common as they were a decade ago, but they still exist. Malicious software on your computer can wreak all kinds of havoc, from annoying pop-ups to covert bitcoin mining to scanning for personal information. If you’re at risk for clicking perilous links, or if you share a computer with multiple people in a household, it’s worthwhile to set up antivirus software, especially on Windows computers.
How: If your computer runs Windows 10, you should use Microsoft’s built-in software, Windows Defender. Windows Defender offers plenty of security for most people, and it’s the main antivirus option that Wirecutter recommends; we reached that conclusion after speaking with several experts. If you run an older version of Windows (even though we recommend updating to Windows 10) or you use a shared computer, a second layer of protection might be necessary. For this purpose, Malwarebytes Premium is your best bet. Malwarebytes is unintrusive, it works well with Windows Defender, and it doesn’t push out dozens of annoying notifications like most antivirus utilities tend to do.
Mac users are typically okay with the protections included in macOS, especially if you download software only from Apple’s App Store and stick to well-known browser extensions. If you do want a second layer of security, Malwarebytes Premium is also available for Mac. You should avoid antivirus applications on your phone altogether and stick to downloading trusted apps from official stores.
Keep apps from spilling your data. Here’s what digital security experts wish you’d change in 2022.
Keep your data safe from prying phone apps.
Digital security becomes more important with every passing year, making 2022 far past time to heighten your protection. That’s especially true when it comes to your phone and the apps it runs. Apps are notoriously tough to trust . Unfortunately, there’s no way to tell at face value if an app is tracking you, even when you say stop , and no protection is foolproof in today’s world of ever-evolving technology. An app that behaves well today could turn into a bad actor tomorrow if the company behind the app is sold, changes its direction or winds up compromised because of a flaw .
There are ways to find and delete the data Google has saved about you, along with some new privacy settings in Android and iOS to stop apps from tracking you . But there’s more you can do to protect your data privacy and improve your smartphone security. We talked to digital security experts about the data privacy and security steps they wish more people would take when using smartphone apps. Below are their suggestions. Consider this your phone security New Year’s resolution list.
More from 12 Days of Tech Tips
- How to turn off Find My iPhone in 4 quick steps (and when you should do it)
- Apple AirTags can be used to track you. Here’s how to make that stop
1. Use a password manager
The strongest passwords are random strings of characters. A series of letters, numbers and symbols in no particular order is less likely to be found in the dictionary and harder for a computer to crack with brute force. The downside is that these complex passwords are much harder to remember.
This is where a password manager app comes in handy. Password managers keep all your passwords in one encrypted and password-protected app. They also generate and remember strong passwords . While apps like Google Chrome and Samsung’s proprietary phone app will offer to save passwords for you, security experts always go to the password manager .
It’s also best to avoid using the same password for multiple accounts. If one account is compromised in a data breach, all the accounts are compromised. With a password manager, each one of your accounts can have a different, complex and hard-to-crack password. Some will even generate passwords for you.
We recommend one called Bitwarden , but there are many other password managers to choose from.
2. Use a VPN on public Wi-Fi
If you’re going to get on a public Wi-Fi network while on your phone instead of using your mobile data, experts suggest using a VPN . A virtual private network can keep your data from being snooped on by other people lurking on the same public network. They can also mask your data transmissions, avoid filtering and censorship on the internet and allow you to access a wider variety of content around the world. Here’s everything to know about VPNs .
For our purposes, it can shield you from having to get on a free public network that others can use to gain access to your phone. When looking for a provider, it’s important to research the company to find out if it’s well-known and trustworthy . The Apple App Store and the Google Play Store have dozens of VPN apps that are free , but some have questionable practices, so take care.
Regardless of how frequently you plan to use a VPN, it’s important to read through the service agreement so you know what data might be collected and where it will be stored. See CNET’s guide to the best VPNs .
Discover the latest apps: Be the first to know about the hottest new apps with the CNET Apps Today newsletter.
3. Be mindful of app permissions
One tip that almost all of the experts mentioned was double checking which permissions the app asks for. You should also ask yourself whether it makes sense for an app to ask for certain permissions. An app asking for access to data that isn’t relevant to its function is a major warning sign .
“[If] you’re downloading a simple app for a pocket calculator for instance and the app is requesting access to your contact list and location,” said Stephen Hart, CEO of Cardswitcher. “Why would a calculator need to see your contact list and location? Requests like that should ring some alarm bells.”
Graphic by Pixabay/Illustration by CNET
In addition to paying attention to permissions that you grant to an app, it’s also important to monitor how your phone behaves after you download it. Shlomie Liberow, a technical program manager and security guru at HackerOne, said that drastic changes in your device’s battery life are another red flag, since malicious apps can constantly run in the background.
“If after installing an app, you notice your battery life decreasing faster than usual, that may be a tell-tale sign that the app is up to no good and is likely operating in the background,” Liberow said.
4. Research the app or company
While you can’t tell at face value if an app has sinister motives , a quick Google search can supply more information. The experts suggested searching the name of the app and the phrase “data scandal” or “scam.” Hart said the results should tell you if the company has experienced any recent privacy or data leaks.
“This search should also tell you if data breaches are a common occurrence at that company and, if they have experienced any, how they have responded to them,” Hart said. “If the company has been affected several times and done nothing to address the problem, steer clear of the app — it suggests that they aren’t taking the issue seriously.”
Joe Baker, an IT Systems Administrator at Anderson Technologies, said it’s wise to avoid an app if it’s the only one a developer has produced or if the developer was responsible for any other shady apps.
5. Limit social media exposure
Facebook’s Cambridge Analytica data scandal put the popular social network in hot water. But even people who’ve freed themselves from Facebook’s siren call after the fallout (or never created a profile in the first place) might still be at risk for privacy invasion . If you appear on a friend or family member’s account, you’re still visible online . After those accounts are observed, companies can construct a “shadow profile” that details a person’s likes, dislikes, political leanings, religious beliefs and more.
It has long been believed that IP addresses and Cookies are the only reliable digital fingerprints used to track people online. But after a while, things got out of hand when modern web technologies allowed interested organizations to use new ways to identify and track users without their knowledge and with no way to avoid it.
BrowserLeaks is all about browsing privacy and web browser fingerprinting. Here you will find a gallery of web technologies security testing tools that will show you what kind of personal identity data can be leaked, and how to protect yourself from this.
The primary tool that illustrates server-side capabilities to reveal the user’s identity. It has basic features such as showing Your IP Address and HTTP Headers, IP-based geolocation (GeoIP) determines your Country, State, City, ISP/ASN, Local Time. There’s also TCP/IP OS Fingerprinting, WebRTC Leak Tests, DNS Leak Test, IPv6 Leak Test.
WebRTC Leak Test
Browser Fingerprinting with no user agent identifiers, only through the HTML5 Canvas element. The method is based on the fact that the same canvas-code can produce different pixels on a different web browser, depending on the system on which it was executed.
WebGL Browser Report checks WebGL support in your browser, produce WebGL Fingerprinting, exposes your Graphics Card and other WebGL and GPU capabilities more or less related web browser identity. Also, this page contains the How-To enable or disable WebGL in your web browser.
Font metrics-based fingerprinting. System fonts enumeration. Font fingerprinting techniques are based on measuring the dimensions of elements filled with text or single unicode glyphs. Font rendering in browsers is affected by many factors, and these measurements may vary.
HTML5 Geolocation API testing tool. Checks browser permissions for geolocation. Based on the latitude-longitude and accuracy received from the browser, it shows the radius of your location on the interactive map.
Web Browser’s Features Detection. This page contains a huge list of HTML5 feature detectors, whose support or lack of support may affect your browser’s identity profile if you try to change it.
The set of demos that try to determine Content Filters usage, is the applications that operate between the browser and the web page and manipulate the connection and content of a visited web page. Among them are Tor Browser, Privoxy, Adblock Detection.
What permissions usual unsigned Java Applet has? It can be the extended Java Machine description, OS Detection: Name, Version, Arch, User Locale, and some file system-related information. CPU Cores count, amount of Dedicated Memory, JVM instance Uptime, Network Interfaces Enumeration.
Describes the Flash Player Runtime properties such as Flash Version, Plugin Type, Operating System, Manufacturer, System Language, Web Browser Architecture, Screen Resolution, and other properties that describe the hardware and multimedia capabilities.
Getting system information using Silverlight Plug-In, installed in your web browser. Shows your system environment details such as OS Version, Processor Count, System Uptime, Time Zone, Installed Fonts, System and User Culture, Region and Language OS settings, Silverlight Isolated Storage Cookies.
Here is a list of new, experimental, controversial, broken, and deprecated tools:
- DNS Leak Test – Standalone page for DNS Leak Test.
- SSL/TLS Client Test – Shows the SSL/TLS capabilities, TLS Fingerprint, Mixed Content Test.
- CSS Media Queries – Pure-CSS Media Queries Test Page.
- ClientRects Fingerprinting – Displays the exact pixel position and size of the rectangle of drawn HTML elements.
- Social Media Login Detection – Cross-origin login detection for most major social networks.
- Do Not Track – Detects DNT support in your web browser.
- Firefox Resources Reader – Firefox «resource URI» fingerprinting, platform and locale detection.
The site does not collect any data, does not keep or process any fingerprint records. All information shown is read-only. Some third-party services (Google, Disqus) may collect personalized data and set unwanted cookies. You can control everything on the Site Settings page.
In 2019, using a secure internet network is more important than ever. Cybercriminals continually find new ways to gain access to personal information they later use or sell to others. If you’re not protected, your privacy is at risk.
In theory, a Virtual Private Network (VPN) is a good way to protect your privacy through encryption and a masked IP address. However, a VPN will only protect your privacy if it’s set up and working correctly.
Do you know if your VPN works as promised?
Review this top 10 list of available VPN services to compare features, benefits, and security promises. Most VPN services come with a free trial so you can test it out before you commit to a plan. Most also offer multiple pricing plans so you don’t get stuck paying for services you won’t use.
Don’t be afraid to sign up for a free trial from multiple services, but don’t take your free trial for granted. Use that time to run some tests to make sure the service delivers on its promises.
Why you need to test your VPN service before you pay up
When testing a VPN service, the main thing you want to find out is if your VPN is leaking your IP address. After all, a VPN is designed to mask your real IP address. Some people just want to hide their true location while others want to access location-restricted content online. Either way, if your IP address is being leaked, you have no privacy.
According to Life Hacker, a recently discovered security flaw allows remote sites to exploit the Web Real Time Communication (WebRTC) feature inherent to most browsers. The exploit will reveal a user’s real IP address even while connected to a VPN.
Some streaming media providers ban VPN users
In addition to privacy concerns regarding leaked IP addresses, if you’re using a VPN to access streaming media in other countries, running a test will ensure you don’t waste your money. Services including Hulu, Netflix, and Spotify are working on identifying VPN users to deny access to content. Some already have.
How to test a VPN
The best way to test a VPN to see if it performs as advertised is to get your actual IP address, log in to your VPN and connect to your preferred server, and then go check your IP address again to see if it’s the one you selected. If your IP matches your VPN server, then your VPN is not leaking your IP address and is functioning as it should.
Next, perform a WebRTC leak test to make sure your public IP address picked up by the test is your VPN server’s IP address. If your public IP matches your VPN’s IP, your privacy is protected and your VPN is working. If your public IP matches your actual IP address, you need some extra protection.
Remember that VPNs are not responsible for a WebRTC leak – it’s your browser. The only way to prevent this leak is to disable WebRTC in your browser. If you’re using Chrome, Opera, or Firefox, WebRTC is enabled by default.
To disable WebRTC:
For Chrome and Opera, install the ScriptSafe extension. You might be surprised to learn you can install Chrome extensions on Opera.
For Firefox, you can install the addons Disable WebRTC or NoScript, but if you don’t want to be weighed down by addons, follow these simple instructions:
- Open a new tab and type ‘about:config’ into the address bar without the quotes. Hit enter.
- Find the setting called ‘media.peerconnection.enabled’ and set this to false.
Once you’ve disabled WebRTC, go back to the WebRTC leak test to verify it has been disabled.
Take your security one step further by installing your VPN at the router level
While installing a VPN on your router won’t replace the need to disable WebRTC in your browser, it is a good idea for other reasons. For example, all of your IoT connected devices (smart appliances, smartphones, game consoles) will be protected with encryption.
For more information about setting up your VPN on your router, check out this tutorial from techradar.
Security isn’t perfect, but choose your VPN wisely
Don’t choose a service based on price or popularity. Although no VPN is infallible, choose the service that passes the tests outlined in this article for the best privacy protection.
The main function of a VPN connection is to help keep your online activity private, secure, and anonymous, while giving you the full freedom on the internet. The private connection works to deal with various possible threats from hackers and other unscrupulous third parties as well as prevent any third parties from monitoring and tracking your activity. Not only that, VPN can also help to prevent anyone from intercepting with your network traffic and steal your private and personal information.
When the private connection works as it should be, it is a powerful tool that you can use to keep you safe in your online activity. However, there are certain occasions when the private connection fails to provide the protection that it should give to you. This is when the data leaks happen, and this is the problem that is commonly experienced by users that are new to the VPN scene and don’t know about what to do to prevent it. Here is why data leak can happen when you use VPN and how to prevent it:
1. Your VPN Might Log Your Activity
One of the most common reasons why you might leak your personal and private information while being connected to the private network is because the VPN logs your online activity and collect data about you without your consent. Among various VPN services that are available on the market today, only a few reputable and good service providers are honest with you regarding data retention. Many other service providers, on the other hand, don’t really care about your privacy while using their private connection, and in fact, they are collecting your data and selling them to the third parties.
How To Prevent It: Choose the VPN service that has an absolute no logging policy and care so much about their user’s online privacy rights.
2. Your Private Connection Might Drop Suddenly
When using a private connection, you are actually masking your regular connection with the private IP address. This private IP address then becomes the IP address that you show on the websites that you visit. While using the private network, there is very little chance for you to reveal your true IP address because you are masking it with another IP address that you get from the VPN server. However, when the private connection drops suddenly, it might inadvertently leak your IP address information to the websites that you visit because it will automatically be switched to your regular network connection.
How To Prevent It: Make sure that you enable the Automatic Kill Switch feature on your VPN settings to kill your network connection temporarily whenever there is a connection drop in your VPN.
3. You Might Have A Mismatch Configuration
Having a mismatch configuration between your VPN service and your device operating system can also create an occurrence of data leak. For instance, if your VPN doesn’t support the IPv6 connection while your operating system is using the IPv6 connection, then it can cause a mismatch in configuration and it can potentially leak your DNS data. Moreover, with the DNS data leak, you can also reveal your IP address and other sensitive information if you are not careful about it.
How To Prevent It: Make sure to install the official VPN app or software from your VPN service provider and follow the setup instruction carefully.
4. You Might Use A Bad VPN Service
Not all VPN services that you can find today will provide the same high quality connection and performance. In the case of a bad VPN service, it might not really protect your privacy, but it will spy on your activity instead. This has been the case with various free VPN apps and service providers that you can find on the market today. They limit their private connection features and instead use the user’s online activity as another type of monetization option for their business.
How To Prevent It: Only use a reputable VPN service that you can trust, which has a good track record and user feedback.
5. You Might Use A Low-Level Encryption Protocol
The encryption protocol that you use will also affect the privacy protection that you get from your private connection. For instance, if you are using SOCKS5 in your VPN, you need to know that this type of protocol doesn’t have any strong encryption available. It only offers speed and good performance for your connection. It is also the same with PPTP and L2TP protocols that only focus on the speed of your data transmission while having a low-level encryption that is vulnerable to hacker attacks. Using such a low-level encryption protocol can result in data leaks.
How To Prevent It: Use at least 256-bit encryption in your VPN, and if possible, stick with OpenVPN protocol for a stable security and privacy protection for your private network.
When it comes to internet privacy we are always thinking to use VPN and be safe, as most of the VPN service providers are commiting to their customers, use our VPN and be anonmous, In our previous article we covered Will a VPN keep You completely private and anonymous online? With this Your VPN is not Leaking Your Personal Information tutorial we comes a way to test your VPN is doing its job properly or no ? whether free or paid VPN.
Step-by-Step Process to Check Your VPN is not Leaking Your Personal Information
Step1:- It’s best to test your VPN in a location you assume to be safe, such as on your home network. With your VPN switched off, go to ipleak.net. Three main privacy threats are covered. At the top, you’ll see your IP address, which is the unique number that identifies your connection to the internet.
Step 2:- Below that is the WebRTC detection, 1 which shows your IP address on the local network. This is a controversial service that deliberately leaks information about a PC’s connection to the internet so that another PC can communicate with it directly, such as when making a video call.
Step3:- Further down is the DNS address. This will be controlled by your ISP unless you’ve changed it to something else, but whoever controls it can see what sites you’re visiting. Unless the DNS owner specifically states that it doesn’t log this information, you should assume that it keeps a record of every site you visit.
Step4:- Switch on your VPN and reload the site. You should see a different picture. The first thing to check is the IP address. It should be different to the actual IP address shown in Step I, and may also be giving you the appearance of being in another country. This is particularly important if you’re using your VPN to access geoblocked sites.
Step5:- The WebRTC detection isn’t strictly controlled by your VPN, though some will block it. Here, your internal IP address should be displayed n but within a Private Use box, with no reference to your ISP. If your ISP’s name appears here, there’s a good chance that your privacy is being compromised.
Step6:- If you find that your WebRTC is leaking, you could change your VPN. Voidsec (voidsec.com), the organisation that discovered and first highlighted the problem, has information about it at https://voidsec.com/vpn-leak/ , where you’ll also find a link to a spreadsheet of all the VPNs they’ve tested. Choose one with a green cell in the Leak/Vulnerable column.
Step7:- If you prefer, you can plug this security hole manually in your browser. In Chrome, you can download Google’s own WebRTC Network Limiter .
In Firefox, go to about : config and double-click ‘media.peerconnection .enabled’ to set it to False. This might stop some video services operating, though.
Step8:- Back in ipleak.net, at the bottom, you’ll find the DNS Address. This should make you appear as if you’re in the same country as your IP address. The address of the DNS server should also be different from the one shown in Step 3.
Step9:- Below the DNS info is ‘Torrent Address detection‘. If you use Bit Torrent software to share files, click Activate to see whether your VPN is allowing your torrent software to expose your IP address. Click the Activate button under ‘Geolocation detection’ to check whether your browser asks permission before revealing your whereabouts.
Step10:- If you’re interested to know what further information is slipping out about you, your browser and your PC, keep scrolling down the page. You should see a map (hopefully, showing your VPN’s location, not yours) as well as information about your hardware and browser add-ons.
A report calls into question the providers’ security practices and dismisses their claims of being no-log VPN services
Seven Virtual Private Network (VPN) providers who claim not to keep any logs of their users’ online activities recently left 1.2 terabytes of private user data exposed to anyone who comes looking. The data, found on a server shared by the services, included the Personally Identifiable Information (PII) of potentially as many as 20 million VPN users, said researchers at vpnMentor, who uncovered the leak.
Besides the personal details, which included the users’ email and home addresses, clear text passwords, and IP addresses, the server was also found to store several instances of internet activity logs, which casts doubt on the providers’ claims about strict no-logs policies.
UFO VPN, FAST VPN, FREE VPN, SUPER VPN, Flash VPN, Secure VPN, and Rabbit VPN are all implicated in the incident. The report suggests that all these Hong Kong-based services have a shared developer and app and are assumed to be white-label solutions that are repurposed under different brands for other companies. This assumption is based on the services sharing the same Elasticsearch server, being hosted on the same assets, and on the fact that the services share a single recipient for payments.
The researchers ran a series of tests using one of the VPN services, UFO VPN. After downloading and using the mobile app to connect to servers around the globe, their activities were recorded in the database, comprising their personal details that included an email address, IP, address, device, and the server they connected to. Beyond confirming their suspicions, they also found that the database logged their username and password used to create the account.
The database even contained technical data about the devices on which the VPNs were installed, such as the origins’ IP addresses, Internet Service Provider, actual location, device model, type and ID, as well the user’s network connection. “The VPN server users connected to was also exposed, including its region and IP address. This makes the affected VPN service virtually useless, as the user’s origin IP address can be connected to their activity on the target server,” explained vpnMentor.
In a nutshell, all the details that were logged and exposed by these self-proclaimed “no-log” VPN services could spell problems in different orders of magnitude to their users. VPNs are used for several main reasons, including to add an extra layer of security and privacy, access content that may not be strictly legal in specific countries (some outlaw pornography), bypass geo-restrictions, or by political activists.
Depending on who is targeted by a malicious actor, the VPN users could end up getting targeted by phishing campaigns, become victims of fraud, or face blackmail, arrests and persecution.
Adhering to responsible disclosure guidelines, the researchers disclosed the security lapse to the VPN providers on July 5 th and contacted the Hong Kong Computer Emergency Response Team on July 8 th . The server was closed on July 15 th .
The users of any of these seven VPN providers would be well advised to consider switching to another service and change their login information on any other online accounts. This report should in no way discourage you from using a VPN, but may instead be a reminder to choose your VPN provider carefully.
So you’re using a VPN to stay safe and private online. That makes sense because when a VPN works as it should, it masks your IP and creates an encrypted virtual tunnel between your device and the online destination you want to reach.
But is your VPN really working? Are you truly protected and not leaving a trace online?
While VPNs are so useful, they can sometimes be a bit difficult to configure correctly. If they are not working as they should, you might find yourself exposing more than intended.
Tip: Protect your online privacy with a VPN
We run 15 speed tests every month and help readers to identity the right solution that fits their unique use > Compare & choose best VPN.
Common VPN Leaks
Upon first using your VPN, you need to ensure that your VPN really works and does protect your privacy, giving you that security you want. There are simple ways to do this. But before we dive deeper into that, take note that there are several ways something can go wrong.
Here are some common VPN leaks:
1. IP Leak
The IP address is your device’s address on the internet. If your IP is visible online, it can lead to many bad consequences; just about anyone can track you down. Simply put, if a VPN isn’t hiding your IP, it’s useless. An IP leak is the leaking of your real IP while connected to a VPN service
An IP may leak because of incompatibility between the two major protocols, namely IPv4 (deployed over 30 years ago) and IPv6 (ratified in 2017). IPv6 was created to solve the issue of IP address depletion in IPv4, the protocols are unfortunately not interoperable.
It can also occur in a situation where your computer is unknowingly accessing default servers rather than the anonymous VPN servers assigned by your VPN. Most VPN providers that are good, have built workarounds in their software to minimize the likelihood of an IP leakage.
2. Domain Name System (DNS) Leak
Domain Name System (DNS) are basically web addresses that you can understand and remember. They are translated into IPs that computers use. If you’re not using a VPN, this is typically handled by the ISP but if you are, this information will be hidden by the VPN.
When using a VPN and you experience a DNS leak, your DNS requests are sent to an unsafe DNS server. Your true IP is also exposed to this unsafe DNS server. Somehow your VPN server has been bypassed.
When this happens, this could lead to a DNS hijacking attack where you are purposefully routed to fake websites. This could lead to the possibility of you handing your private information over to criminals.
Good VPNs often have built-in DNS leak protection where their custom DNS servers are used. They use special technology to ensure that your DNS requests are always routed securely, inside the encrypted VPN tunnel.
3. WebRTC Leak
Most popular browsers have Web Real-Time Communication (WebRTC) built in. It is a basic technology that enables peer-to-peer functionalities on your browser without additional plugins or other apps, such as real-time communications applications (voice and video chats). However, this presents a vulnerability for VPN users.
This is because it’s possible to create a program that establishes a WebRTC connection to your browser where your real IP can be obtained via this way. Since this leak originates from the browser, it is possible for those geo blocking websites to find out your real IP even if you’re using a VPN.
Three Tests to Check if Your VPN is Working Properly
You can use the following methods to find out if your VPN is functioning properly:
- Check for IP address leaks
- Check for DNS leaks
- Check for WebRTC leaks
Unfortunately, while these leaks are common and easily tested for, there is no way to do it all at once. You need to check and resolve for them individually.
How to Check for IP Leaks
- First check your real IP (provided by your ISP).
- If you’re using a VPN, turn it off.
- Go to your VPN IP test page or what is my IP?; the test will run automatically.
- Take note of your real IP.
- Turn on your VPN, connect to any server.
- Go to your VPN IP test page or what is my IP?
- Check the results.
- Compare with your earlier obtained IP (real IP).
- If they match, this means your VPN is leaking.
- If they don’t match, rerun this test with different servers to ensure that your VPN is airtight.
How to Check for DNS Leaks
- First check your DNS.
- If you’re using a VPN, turn it off.
- Go to your VPN DNS test page or what is my DNS?; the test will run automatically.
- Take note of your DNS.
- Turn on your VPN, connect to any server.
- Go to your VPN DNS test page or what is my DNS?
- Check the results.
- Compare with your earlier obtained DNS.
- If they match, your VPN is leaking your DNS information.
- If they don’t match, rerun this test by connecting to different VPN servers. You want to ensure that your VPN is truly airtight.
How to Check for WebRTC leaks
- Launch your VPN.
- Connect to any server.
- Go to your VPN WebRTC test page; the test will run automatically.
- It will show your IP, your IP version (IPv4 or IPv6) and whether you have a leak.
- Check to see if the IP address result matches your IP.
- If they’re the same, there is a WebRTC leak.
- If they’re not, re-run the test with different VPN servers to be sure.
If your VPN is susceptible to DNS, IP or WebRTC leaks, you need to take action swiftly and resolve this. The best solution is to switch to a better and more reliable VPN. Choose one that has built-in workarounds to minimize IP leakage.
In general, it’s not easy to choose a truly good, affordable and reliable VPN. But once you have committed to one, you’d want to know if it’s worth its salt. Therefore, it’s a good practice to test yours to see if it’s leaking information about you online.