Hola Extension – Is Hola a VPN and is it Secure?

Mandee Rose |  Posted on | Leave a comment on Hola Extension – Is Hola a VPN and is it Secure?

Hola - Problems, Threats and Alternatives

To net freedom campaigners and techie enthusiasts, Hola seems to be a technological marvel. Whether or not you understand the technology that lies behind this Virtual Private Network (VPN), you will probably appreciate one thing about it – it’s absolutely free. Hola says it enables people to get around the regional restrictions of media websites, and can also offer you privacy from identification as you go about your activities on the web.

The innovative methodology that lies behind this free-to-use privacy system is fascinating. In order to understand the technology that created Hola, you need to learn a little about protocols such as peer-to-peer (P2P) networks, Skype, Tor, and the systems of encryption that create VPNs.

Given that Hola creates anonymity, uses a creative blend of new technologies, and is absolutely free, why would anyone complain about it? As with anything in life, if it seems too good to be true, it probably is. The critics of this seemingly idealistic system of internet usage are starting to raise their voices. This report explains how Hola works and what could be the matter with it.

What is a VPN?

The Hola website is entitled “Hola! VPN.” So, what is a VPN? A Virtual Private Network creates privacy for network transmissions that cross the shared resources of the internet. The procedures of VPNs are meant to provide the same level of privacy for data that information crossing private networks enjoys. “Privacy” is one level up from “security.”
In a secure transmission, you would expect that the data you send over the internet cannot be read by anyone snooping on the line. The HTTPS protocol is the most common method of internet security used on the web. This methodology encrypts the data that travels between computers and keeps the details of you credit cards and bank accounts protected from disclosure during transport.

Surprisingly, keeping your data safe across the net doesn’t quite afford you total privacy. This is because the structure that carries the data travels unencrypted. This administrative data has to be legible to routers because it tells them where your message is going to and where it has come from. Addresses tell more about your activities that you might care to disclose, and the ability of just about every computer along the route to read this information creates problems for many.

Workplaces and colleges can block you from accessing certain websites from their networks by looking at these addresses. Internet Service Providers (ISPs) can reduce the quality of service that they offer to certain applications just by reading the admin information in the messages that pass through their computers. Governments can ban people from accessing foreign news sites by examining address information. They can also track down transgressors. Entertainment websites read the origin of arriving requests and refuse to serve those from abroad.

VPNs confound all of these bans and blocks by encrypting the admin information on messages that pass over the internet. Thus no one along the way can interfere with the journey. The VPN company acts as a proxy and presents your request with its own return address on it, so your traffic can appear to originate in the right country to get around regional restrictions.

Tor, Skype, and P2P

Hola isn’t really a VPN, because it does not encrypt your messages across the net. Instead, the system uses a configuration that works like peer-to-peer networks and mimics the Tor system.

P2P networks revolutionized data communications. In regular internet contact, one computer approaches another and asks for a connection. The requesting computer is called a client and the responding computer is called the server. In P2P networks, there is no central computer involved. The computers of individuals discover each other and share files or information. Torrenting works like this. With P2P networks, participating computers identify their availability by posting their addresses on some central register, like a message board. Computers that want to make connections refer to that record and then contact the peer directly. Each peer can be connected to many other peers all at once.

Skype uses an architecture that is very similar to P2P, because it routes calls through the computers of service subscribers. This means that each Skype user is actually routing traffic for other users while they have the Skype program turned on.

Tor creates a path across the internet that uses the computers of volunteers as routers. The originating computer plans a route and entirely encrypts each data packet, just like a VPN does. It then addresses that packet to the last computer in the route. The packet gets re-bundled with a layer of encryption for each router on the path. The encryption used for each layer can only be decrypted by the intended node on the journey. This means that each node can only know the address of the previous and next nodes in the route. This makes it difficult to trace the packet’s origin.

The Tor network only covers part of the journey of a connection, and is intended to obscure the origin of a request, rather than keep the connection completely private. The route includes nodes that are selected at random, so they may not be geographically close to each other, and the exit node may be far from the destination server. Once the packets of a connection leave the Tor network, they continue to their destination unencrypted.

How Does Hola Work?

Hola routes connections through the computers of other users. This is the same philosophy that drives Skype. Also, like Skype, the architecture relies on a peer-to-peer system, so routes are not controlled by one central computer. This is like an informal agreement between computer users, and it enables the origin of a connection request to be obscured.
Like with the Tor network, the packets of a connection leave the Hola network at an exit node. The request arrives at the destination with the exit node’s return address on it. This means that the responding server is tricked into thinking that the request comes from the exit node.

This source address replacement is similar to the trick that VPNs use to get around regional restrictions on entertainment streaming sites. The main marketing drive of Hola stresses the advantages of the system for those who want to get around regional restrictions and stream video from servers in other countries.

Is Hola Private?

Despite labeling itself as a VPN, Hola doesn’t encrypt the packets that it carries – a methodology that all VPNs use, which is known as “tunneling.” This presents a problem for those sending data over the system, because all of the routing is handled by computers owned by other people.

Who are the other users of Hola? The website for the system explains that there are 116 million people participating in the network all over the world. Were these people vetted? A free, open, anonymous network is a hacker’s dream come true. Having lofty ideals and community spirit isn’t enough to ward off malevolent usage. The creators of Hola made no attempt to introduce anonymizing procedures into their services.

Integrating VPN technology into their non-VPN would have cost very little. The main system used by most VPNs is an open source library of procedures that are free to use and simply plug into the standard code of session establishment for a connection.

Since its launch in 2012, Hola has rung alarm bells all over the internet, with network specialist warning users of its lack of security procedures. Despite this bad press, the controllers of Hola have done nothing at all to introduce security measures into the system.

One more thing that they don’t want you to know is that, by engaging in Hola, you are making the bandwidth of the internet service that you pay for available to Hola Networks Limited for nothing. The company obscures the fact that it is selling that bandwidth on for profit by channeling its subscription service through a company with an entirely different name – Luminati.

Why Hola is Free

You might think that by using Hola, you are getting something for nothing. Actually you aren’t. For one thing, you aren’t getting any anonymity, because there is no packet encryption involved in the system. The people who get something for nothing out of Hola are the people that run the enterprise. They get the bandwidth that you pay for and they give you nothing for it. The “something” that they get out of it is a very fat profit margin on their sales.

Is Hola Secure?

A growing problem on the internet is a type of cyber-threat called a “distributed denial of service” attack, or DDoS for short. These attacks block access to websites and other internet services by flooding the servers that deliver them with hundreds of thousands of fake requests. With the servers busy dealing with that flood, genuine requests get pushed to the back of the queue and time out before they can get to the server.

These fake requests are triggered by hackers who have put a malicious piece of software on millions of computers around the world. The group of computers that can be commanded to send out requests all at once is called a botnet. Essentially, this is what Hola creates.

The members of Hola don’t all need to be certified angels. You don’t know who owns the computers that your communications pass through, and unsurprisingly many of those owners are hackers. A number of Hola members report that shortly after using the network to access subscription streaming services, their membership details get hacked. So, rather than protecting you from hackers, Hola actually directs your internet traffic towards them.

Crime Syndicates

Hackers use botnets to make money. They extort payments from businesses by threatening DDoS attacks. They also operate “attack for hire” services to enable a competitive business to bring down the website of a rival. Remember that when you sign up for Hola, you participate in the network, channeling traffic through your computer. Any computer in the network can be an exit node and it doesn’t take much figuring out to see that you don’t actually need to route through a series of computers to get out to a target server.

Hackers can use Hola to send out attack packets from any or all members of the network. When your computer acts as an exit node from the Hola network, the packets that arrive at the target server have your return address on them. That means that anyone investigating the attack won’t be able to trace the hacker who commanded it. Instead, they will read your IP address and blame you. Your quest for a free VPN winds up getting you into a criminal gang.

Hola Alternatives

If you want privacy while surfing the web, avoid Hola. Fortunately, Hola points the way to where you should be looking, by masquerading as a VPN. VPNs avoid blocks by network owners, ISPs and governments on access to websites. They also defeat the efforts of ISPs to reduce the service levels allotted to applications such as video streaming (this dirty trick is known as “throttling”).

Some governments are very draconian and not only try to stop you from accessing certain sites, such as WhatsApp, Google, and Facebook, but even try to stop you from using a VPN. Thus you need to select a top-of-the-range VPN that can mask its own existence with cloaking technology.

It is important that you only install a VPN that is supplied by a traceable and reputable company. Check out the feature panel in this article, because all of the services listed there are top VPNs provided by decent companies. The VPNs in our recommendation panel will get you around regional restrictions on streaming services. Despite the claims on the Hola website, that system can’t really get you in to most video delivery websites.
If you are considering Hola VPN, think again. Ditch the “Hola” and stick with a VPN.

For cheap alternatives take a look at our 5 cheapest VPN Providers page.

Leave a Reply

Your email address will not be published. Required fields are marked *