声称零日志的香港UFO VPN暴露数百万条用户隐私日志数据

总部位于香港的VPN提供商UFO VPN在网络上公开了用户日志和API访问记录的数据库,而无需密码或任何其他身份验证即可访问它。公开的信息包括纯文本密码和可用于识别VPN用户并跟踪其在线活动的信息。虽然UFO VPN声称不保留任何日志,但仍暴露了有关其服务用户的数百万个日志文件,包括其帐户密码和IP地址。点击此处查看UFO VPN的隐私政策


查看详情:10Beasts 新闻

已邀请:

larry 【熟练级】 - I'm a network engineer that currently lives in China.

赞同来自: band_in_china juniorant Barry 芥末 ass 陀思妥耶夫斯基更多 »

Wow, WOW, Just WOOOW, How did that even happen? This is like one of the most ludicrous event I have ever witnessed, The whole situation is absolutely insane.
Let me elaborate on this, The leaked data includes

"Accounts/Passwords in PLAIN TEXT". Yeah, did you hear that right? PLAIN TEXT.  Any network engineer even with a CCENT should know that you absolutely need to encrypt the password data of your users, that's literally the first class of network security. HOW in the world did a company not know that.

"VPN session secrets and tokens." Okay This VPN provider also claims to be "Zero log" Why the f you're collecting VPN session tokens?????


"IP addresses of both user devices and the VPN servers they connected to" Okay I don't give a damn about your "Zero log" BS but WHY??? why in the world are you collecting your user IP address? what for? A VPN is suppose to protect user's IP address, NOT collecting it? Just why?


"Geo-tags"  WOW, Are you mad? In most countries collecting geolocation without consent is absolutely illegal, especially for minors, I don't see anywhere that this company acknowledges that their service cannot be used by a minor without parental consent.
Also If you use this service, You're what we call "royally fucked" sorry for my poor choice of words but that word sums up it perfectly, Your Geolocation Your IP addresses are completely collected by this provider.


"Device and OS characteristics" Yeah they even collect data on what devices and OS you're using. totally insane.


"URLs that appear to be domains from which advertisements are injected into free users" This is just gross, there is no other words can describe.

Overall. If you're using this service, Run from it like you would run from a hurricane. This is literally the worst VPN provider I've ever seen.

--------------------------------------------------

哇,哇,只是哇,这是怎么发生的?这就像我见过的最可笑的事件之一,整个情况绝对是疯狂的。


让我详细说明一下,泄漏的数据包括
纯文本中的帐户/密码。是的,你没听错吗?纯文本。任何具有CCENT的网络工程师都应该知道,您绝对需要对用户的密码数据进行加密,这实际上是网络安全的第一流。世界上没有一家公司不知道这一点。



VPN会话机密和令牌。好的,这个VPN提供商也声称是“零日志”,为什么您要收集VPN会话令牌?



“用户设备和它们连接的VPN服务器的IP地址”好吧,我不对您的“零日志” ,但是为什么?您为什么要收集您的用户IP地址?做什么的? VPN是否应该保护用户的IP地址,而不是收集它

“地标”哇,你疯了吗?在大多数国家,未经同意收集地理定位绝对是非法的,尤其是对于未成年人,我看不到该公司承认未经父母同意不能由未成年人使用其服务的任何地方。


另外,如果您使用此服务,,您就是我们所说的“ royally fucked”(抱歉),但是该字词完美地概括了该字词。您的地理位置您的IP地址完全由该提供商收集。



“设备和操作系统特征”是的,他们甚至收集有关您正在使用的设备和操作系统的数据。完全疯了



URL似乎是将广告从中注入免费用户的域”

总体。如果您正在使用此服务,请像逃避飓风一样逃避它。从字面上看,这是我见过的最糟糕的VPN提供商。



Freenet 【新手级】

赞同来自: 芥末 ass

简直是一场大灾难。GA法通过了以后,我们有必要重新审视香港这个基地了,人身安全是我们的首要法则!

匿名用户

匿名用户

赞同来自: ass

可恶至极

fanqianglt 【新手级】

赞同来自: 陀思妥耶夫斯基

就是说,港区GA法颁布后,香港的梯子,对于内地翻墙网友尽量远离。万一北京会钻一国两制和港区GA法的空子进行收买数据并偷偷上传给北京进行记录。

要回复问题请先登录注册