Farewell, hello! – Why should you uninstall Hola immediately
π¨βπ»
1. It allows you to be tracked online, no matter what you do
Wait, we’re checking if you can be tracked…
For example, this is you:
These values ββare unique and always remain the same, Even via reboots. They allow sites to track you like a cookie does – except that you can’t remove it like a cookie. There is nothing you can do about it.
And that’s not all…
- Installation guide: …
- The operating system: …
- Device (on Android): …
- …and much more.
This site is not featured – Which The website can see and collect this data.
Good news, it looks like you can’t be traced back by (your copy) Hola!
Do you want to know what it would have looked like if you could? click here!
2. They send strangers traffic through your internet connection
Hola is a “peer-to-peer” virtual private network. This may sound cute, but what it actually means is that other people are browsing the web through it for you Internet connection. For a website, it looks like it You are Browse the site.
It might not sound bad to you. However, imagine that someone downloaded child pornography through your connection, for example. To others, it looks like it is for you The computer that did it, and you can’t really prove otherwise.
The operators of the “exit nodes” of the anonymous Tor network have encountered similar problems. Being a Hola peer is more or less equivalent to running Tor out of the house – something the EFF explicitly recommends against it.
And even if you can Prove your innocence, you can still be attacked and involved in a lengthy legal process. And as a bonus, you’ll be using your own bandwidth – which is totally undesirable if you have a slow connection, or a low data cap.
this Unfixable problem, which Hola does not disclose transparently. It’s how Hola was designed to work, and it couldn’t work without it.
3. They sell access to third parties, they don’t care what it is being used for
Hola also operates another company, Luminati, that sells access to the Hola network to anyone willing to pay up to $20 per gigabyte for it.
[14:13:19] Luminati Sales Representative: Luminati is the trademark of Hola.org – a massive peer-to-peer network of consumers who search anonymously. This enables you to have an almost unlimited number of real IP addresses for your use.
[14:13:51] Luminati Sales Representative: Our pricing model is Pay As You Go, per GB, with no setup fees and no cost per IP ranging from $1.45 to $20 per GB.
Now according to Hola founder, Ofer Vilenski, Luminati users are being “vetted” before they are allowed to use it, and the person who attacked a site called 8chan through it simply “hashed through the network”.
According to him, “modifications” were made.
But we didn’t find that to be true; We haven’t had any trouble signing up for a ‘Free Trial’, and they obviously don’t really care what you do with it:
[14:28:29] we: I’m just wondering about an item
[14:28:31] we: from your TOS
[14:28:35] we: You may not upload, post, or otherwise transmit any User Content that: (i) violates any law or engage in activity that may constitute a criminal offense or give rise to civil liability; (ii) infringes or otherwise infringes the rights of others, including any intellectual property rights or making statements that may denigrate, harass, stalk or threaten others; (iii) abusive in any way, including blatant, racist expressions, abuse, vulgarity, profanity, pornography, child sexual exploitation, incest, bestiality or Obscene in any other way; (iv) advocate or provide instructions regarding illegal activity or discuss illegal activities or encourage illegal activity (envy) incites terrorism (6) contains advertising or promotional materials or any solicitation relating to products or services; (vii) is not generally related to the specific subject matter or subject matter; (8) contains software or other material that contains a virus or other harmful or disruptive component;β
[14:28:39] we: How do you enforce this?
[14:29:08] Luminati Sales Representative: We do not
[14:29:18] Luminati Sales Representative: We have no idea what you’re doing on our platform
[14:39:31] we: Can you say force desktop/tablet/mobile etc, or force a specific ISP?
[14:39:49] Luminati Sales Representative: number
[14:40:01] Luminati Sales Representative: Why are you asking?
[14:40:12] Luminati Sales Representative: The concept is simple
[14:40:13] we: I’m just wondering, this post might be useful to me
[14:40:18] we: In the future
[14:40:28] Luminati Sales Representative: This is for you to find out
[14:40:40] Luminati Sales Representative: We simply provide you with a proxy platform
[14:41:07] Luminati Sales Representative: What you do with it is up to you
4. They allowed Anyone Executing programs on your computer
If you don’t believe it, just click the button below. The calculator app will open. If it doesn’t work, here’s a video of it in action.
important note: This will Always Broken VLC functionality in Hola. While that shouldn’t be a problem – you be Uninstall Hola then, right? – We figured we should tell you about it anyway.
Update (May 30, 2015): Hola has pushed an update that breaks the exploit used by this button, by disabling the “move” command altogether. You are Still vulnerable Through a second method (as described in the technical advisory), but this method is not indicated by the button below.
As far as we know, Hola hasn’t made any official statement, and there’s a good chance this update will also break Hola’s “real” functionality. We suspect that this “patch” was merely an attempt to damage our credibility, not to actually fix any security issues.
You can still watch the video to see how the exploit works.
They are taking advantage of me!
plan…
Something is wrong. We were unable to run the vulnerability on your system. Either your system isn’t vulnerable, or there’s something special about it that we didn’t know. You still have to immediately Uninstall Hola if you have it installed, it is very likely that the exploit is still working in a modified form!
do it! The calculator application must be running. It could have started in the background; In this case, check the taskbar or application bar.
Calculator still not showing up? On some systems, the calculator app starts invisibly; That is, it works, but you can’t see it at all. Check if there is a “calc.exe” process running on your system. It doesn’t matter true Malware, of course, because it tries to run invisibly anyway.
We are good people, so we created a button that opens a calculator for you. Someone with more malicious targets could easily do the same, but invisibly, automatically and with a piece of malware instead of a calculator. They can take over your entire computer, without even your knowledge.
And it gets worse in some systems; Hola will gladly run whatever you feed it as a ‘SYSTEM’ user. What this means in simple terms, is that someone can completely Your system has been compromised, beyond any repair. It allows installing things like a rootkit, for example.
In fact, you should assume that this has already happened. This security issue has been around for a while, at least since 2013. Although we don’t realize this has been exploited “in the wild”, it’s certainly a possibility. You should run an antivirus scan, or even better, reinstall your operating system ASAP.
This problem is not just an “omission”. It’s not something where you say “well, mistakes can happen”. This kind of security issue can only happen if the developer is either grossly incompetent, or simply Does not care about the security of its users. It is negligence, plain and simple, and there is no excuse for it.
5. They are trying to rewrite history
A few days ago, some issues with Hola and Luminati were revealed by 8chan. As a result, a journalist contacted them with a request for a statement.
Instead of making an honest statement, Hola decided to try to quietly rewrite history.
Hola FAQ, what it looked like before disclosure, and afterwards (click for originals):
And the same for the Luminati website:
Suddenly, all claims of “anonymity” and “crawling” disappeared. The new version of the FAQ was presented to reporters as if it had always been this way.
Hola clearly cares more about getting her out of the situation than she does about properly informing her users.
So what should I do?
If you have installed Hola on your system, Uninstall it now. The attacks that we have shown and explained here can be carried out Anyone, employment Which site without your knowledge. Even visiting a single website can be dangerous.
We have made a set of uninstall guides for you to make sure that you remove Hola properly. It can be found here.
It is not enough to disable the extension! Several versions of the extension will run the Hola process in the background. you will Still Be vulnerable, even with the extension disabled!
If you don’t have Hola installed at all, you’ll be fine.
So, what should I use instead?
If you need a strong anonymity, Tor is the right choice.
If you simply want to get around geo-restrictions, there are many other services that offer similar functionality to Hola, but safely. We do not make any specific recommendations.
Why did you post this?
Hola has clearly shown by their actions that they do not care about the safety of their users, and that they are probably not qualified enough to develop this kind of software. Even if These issues have been ‘fixed’, and it will only be a matter of time until similar new issues pop up.
For this reason, we have decided to publish these issues immediately to the general public. Anything else will only cause Hola to try to make it look “less bad” than it really is, as they did before, and put its users at constant risk.
The Hola architecture is likely beyond repair. The only reliable solution to the problem is Completely uninstall Hi, whether it’s “fixed” or not.
Who is behind this research?
the team:
We can be contacted collectively at hola@adios-hola.org.
[ad_1]
Don’t forget to share this post with friends !
