VPN services are widely used by users for different reasons, the main one being protect us from possible attacks that they do to us when we are connecting to public WiFi networks. Another use widely used by clients is to evade regional blocks made to us by the different streaming services, in this way, we can “pretend” that we are in other countries and that these blocks do not affect us. Most services promise to protect us from a large number of threats on the Internet, however, there are other services that do not guarantee any type of protection if they carry out some very popular attacks. Next, we tell you which VPN service you should not use because it does not guarantee you protection.
The Man in the Middle attacks they are one of the most popular attacks that any cybercriminal can perform. The objective of these attacks are several, on the one hand, it will be able to “sneak” into the communication between our PC or mobile device and the Internet, in such a way that all traffic can be captured for later analysis. If the traffic is not encrypted then you will be able to see it directly, however if it is encrypted you can perform other types of attacks such as SSLstrip with the aim of “lifting” the protection of the HTTPS protocol on communications. This is where VPNs will protect you the most, except ClarioVPN because it does not guarantee that someone can attack you Man in the Middle and their service will protect you.
ClarioVPN does not guarantee protection
The well-known security researcher Mathy Vanhoef, one of the most important in the field of WiFi wireless networks and all the security related to them, has commented on Twitter that the ClarioVPN service has confirmed to him that the Man in The Middle attacks are vulnerabilities. very common ones that are totally excluded from your Bug Bounty program.
Considering that preventing MITM attacks is one of the goals of VPN services, and this VPN states that these attacks are excluded from its goal, we should not use this service to protect your security and privacy on unsecured networks. It must be taken into account that if we connect with this VPN service, and someone makes a MITM attack on us to try to capture and decrypt the traffic, if they are able to do so, it is not considered to be a security flaw in the VPN service. .
ClarioVPN just confirmed that MITM attacks are “Common vulnerabilities excluded from the scope”, see https://t.co/YRgxaO6GcN Not sure why people would still trust this VPN… @weareclario you realize that preventing MITM attacks is a core goal of VPNs , right? https://t.co/g8lwVUqqDA
May 9, 2023 • 04:59
Also, it seems that when you cancel your ClarioVPN subscription, even if you have several days left until the end of the month, they disable your account immediately and not when the billing cycle actually ends. If you purchase the subscription on the 1st of the month, pay for the entire month, and cancel on the 15th, the other 15 days you will not have VPN service even if you have paid. Based on Mathy’s experience, we do not recommend this VPN service.
The security researcher has also commented that another service called X-VPN also does not consider MITM attacks as a security flaw in their service, so you should not use this service either because it does not guarantee you any type of protection if someone does this type of so common attack
What VPN can I use?
If you are interested in use a completely free VPN, you can use Cloudflare’s WARP or Google’s VPN, in the latter case, you must be a Google One subscriber to have access to this service, otherwise, you will not be able to use it. Both VPNs will work very well for you and they do protect you against the main attacks, the only thing is that you will not be able to evade regional blocks by choosing servers outside your country. Another very interesting service is PrivateVPN in its free version, although logically it has limitations because there is also a premium subscription.
Another alternative is to set up your own VPN server at home, either on the router or on a NAS server you have. In this way, you will be able to access your home VPN from the outside and protect yourself against the main attacks. Our recommendation is that you use OpenVPN or WireGuard, both protocols are very easy to configure and have applications for all desktop operating systems, and also for smartphones and tablets.
In the case of using commercial VPN services, the typical ones like NordVPN, Surfshark, PureVPN and many others work really well. They are all quite similar in this aspect, today they all support both the OpenVPN protocols and also WireGuard. If your router supports a VPN client such as ASUS with Fusion VPN, you will have the possibility to choose which devices you want to go to the Internet via VPN, ideal for easily evading regional blocks.
