Douglas Crawford

Douglas Crawford

June 1, 2015

Here at BestVPN we have always been wary of recommending free VPN services. Old adages such as ‘there is no such thing as a free lunch,’ and ‘if you don’t pay for the product then you are the product’ are not always true. Remember, there is some great community developed open source software out there. Unfortunately, when it comes to commercial services, they often are.

A top-rated free VPN service is Israeli-run Hola. It  boasts 7 million users of its Chrome extension alone. Following a DDoS attack last week, the owner of imageboard website 8Chan, Fredrick Brennan, did some investigation, and did not like what he found!

Beware Hola!

Although most users probably do not realize it, Hola works much like Tor. Every user of Hola also acts as a potential exit node for every other Hola user.

When a user installs Hola, he becomes a VPN endpoint, and other users of the Hola network may exit through his internet connection and take on his IP. This is what makes it free: Hola does not pay for the bandwidth that its VPN uses at all, and there is no user opt out for this.

This is likely to be something many users will be very uncomfortable with, as it exposes them to the same kinds of risks that a Tor exit node user is vulnerable to. Because the apparent IP address of any Hola user is the IP address of another user, that user can be held responsible for the actions (criminal, hacking, DDoS attacks etc.) of users. As Brennan observes:

‘On the other hand, with the Tor onion router, users must specifically opt in to be exit nodes and are aware that completely anonymous traffic can pass through their connections, which means they should be ready for abuse reports for child porn, spam, copyrighted content and other ills that come with the territory.

Co-founder of Hola, Ofer Vilenski, has defended this setup. He explained that Hola has never hidden how the service works:

We have always made it clear that Hola is built for the user and with the user in mind. We’ve explained the technical aspects of it in our FAQ and have always advertised in our FAQ the ability to pay for non-commercial use.

Luminati VPN

However, what was never made clear (until its FAQ was quickly updated last Wednesday as news spread of Brennan’s findings), is that Hola sells its users’ bandwidth through its sister company, Luminati (an archived version of the older FAQ is available here.)

Luminati Hola VPN

This means that Hola is selling the bandwidth of every one of its almost 10 million users. Most almost certainly without either their knowledge or consent. A Brendan notes,

‘[Hola boasts] more than 9,761,015 exit nodes on their website, and based on what I saw in the past week I have no reason to doubt it. The only silver lining is their greed: they charge $20/GB to use lines that cost them nothing, their software simply mooches off of the unfortunate users who have installed the proprietary Hola software… Hola is the most unethical VPN I have ever seen.

This lack of ethical business practice was also pointed out by Lantern founder Adam Fisk, who told Motherboard that,

The bottom line is they’re trying to figure out how to run a profitable business, and they’re essentially selling out their users to try to figure that out.

Security researcher Raphael Vinot also chimed in with a similar opinion,

If it works the way it is explained, it’s a terrible idea to use it. Because you end up being responsible for what the other users of the service are doing… Honestly, that level of trickiness is art.

Hola users desperate for a free alternative VPN service can check out our 5 Best Free VPN.

However, is a few bucks a month too much to pay for a great VPN provider, that will not sell you out for sheer greed?

We think not!

Douglas Crawford
May 22nd, 2018

I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. You can now follow me on Twitter - @douglasjcrawf.

20 responses to “Beware free VPN service Hola

  1. To Mr Douglas
    Hi Mr Douglas your website was very informative thanks a lot, i just wanted to ask you about something. Today morning i installed the hola app on my samsung s7 edge through the play store. I had it installed in my phone for about 2 hours before uninstalling it. Is my IP address at risk of being stolen and misused because i used my WI-FI to download hola? thank you

    1. Hi Jason,

      The Hola app hijacks some of your bandwidth so that Hola can re-sell it. Once you have uninstalled the app you should have no further problems.

  2. Will Hola create any problem if i use it for downloading small files which are blocked in my country.
    My point is, can I enable Hola whenever I require it and disable it later, will that create any problem, and the files which i am talking about is in kb’s size.

    1. Hi Harry,

      As long as you are aware of the issues involved (as discussed in this article), then it should not cause any problems using it for your limited purposes.

Leave a Reply

Your email address will not be published. Required fields are marked *