UR Blog

Privacy and security | UR Browser

Tag: security (page 1 of 2)

Small team, great achievements and even bigger ambitions for 2019!

privacy browser vpn

2018: Guerrilla Anti-Tracking and Embedded Virtual Private Network Shielding

We are still a start-up and even though we are a small team, and do not always get to address all your messages and needs, they do concern us and we do listen to them! Thank you for that!

We are sharing all of them with our product team who is prioritizing each of those along with our planned features and improvements, so that they will be eventually addressed.

For the past year, we had to reduce the communication efforts in favor of focusing more on the product and achieving some major milestones:

  1. Improve stability and security with UR 61 release, (do we want to link to an old version in this post vs. just having a reference to it in plain text?) adding anti-fingerprinting capabilities and improving the HTTPs enforcing;
  2. Introduce a unique feature in the browser: a full VPN client with UR 62, not only to protect the browser traffic but all your device’s traffic;

We will not talk about the first one as we already have on the blog and it’s already too old, we are already working to bring UR to Chromium 71.

We do want to share with you more about the latest VPN feature and why we considered it such an import part of the puzzle.

Why does a browser need a VPN?

For those of you who are not aware of what a VPN is and why you should use one here is a short intro.

By its’ meaning a Virtual Private Network is an internet security service that allows users to access the Internet as though they were connected to a private network. This encrypts the Internet communications as well as providing a strong degree of anonymity. Some of the most common reasons people use VPNs are for location anonymity, the right to online privacy, to protect against snooping on public Internet connections, to circumvent Internet censorship, or to connect to a business’s internal network for remote work purposes.

Generally, when users create an Internet connection to visit a website or to access an online service, most Internet traffic is unencrypted and very public. The device that initiates the request through a browser or another app, will connect to their Internet Service Provider (ISP), and then the ISP will connect to the Internet to find the appropriate web server to fetch the request website or service. Information is exposed with every step of the Internet request. The IP address is exposed throughout the process, the ISP and any other intermediary can keep logs of the user’s browsing habits and interests. Moreover, the data flow between the user’s devices and the webservers is unencrypted, which creates opportunities for malicious actors to spy on the data or perpetrate attacks on the user, such as a man-in-the-middle attack.

When using a trusted VPN service to connect to the Internet, users gain a higher level of security and privacy by:

  • The VPN client connects to the ISP by creating an encrypted connection
  • The ISP connects the VPN client to the VPN server, maintaining the encrypted connection
  • The VPN server decrypts the received data from the user’s device and then connects to the Internet to access the web server in an unencrypted communication, exposing only the IP address of the VPN server and masking users’ IP

How VPN works. What is a VPN.

This is known as a ‘VPN tunnel’ the encrypted connection between the VPN Client and VPN server passes through the ISP, blocking the ISP and/or malicious actors from seeing a user’s activity.

 

Beware, VPN and Proxy extensions are not enough!

In the past UR explored, as did other competitors, the so-called ‘VPN extensions’ or ‘proxy-extensions.’ They offered a similar service as a VPN but with a few important drawbacks like: not fully encrypted communications and solely browser request protection, excluding by its tech limitations the requests issued by any other apps running on the device.  A potential negative effect of this lack of coverage could be – the location was masked while surfing websites w

ith UR, yet other local apps/services would expose user’s location when communicating with their servers on the Internet. To avoid such scenarios users would have had to subscribe in addition, to other VPN services, requiring the installation of an additional software: a VPN client.

We stopped that type of service a while ago when such weaknesses surfaced.  However, many players in the space continue to proposes ‘proxy-like’ features advertised as VPNs, while not offering true VPN protection.

Leveraging open-source, with the power of Open VPN and a great partnership (don’t want to promote another solution and took out the links), we have built a powerful and multi-faceted privacy took that combines the utility of a browser with the protection of a VPN.

In addition to standard private browsing features, UR Browser now offers the same level of protection as other stand-alone VPN clients. And as usual, we’ve made it extremely simple to use so that not only tech savvy users can benefit from it.

If this solution is appealing to you, check it out now ! (currently available only for Windows)

2019: Let the real privacy battle begin!

Still in beta but improving rapidly, here are some key updates you can expect from UR in 2019:

  • The latest Chromium patches (on Windows, and as soon as possible on Mac too)
  • Upgraded privacy and anti-tracking features
  • An improved browser anti-fingerprinting technology (more on browser anti-fingerprinting here)
  • A bunch of under-the-hood and functional fixes (for example online streaming services and translations services had been disabled due to privacy concerns, now will become optional)
  • A VPN build for Mac
  • New features like secure account synchronization, improved bookmarks and offline web content management
  • Integrated private Search engine

We are considering opening our source code too while mobile and Linux versions are in planning as well, and should go into development later this year.

These are some of our resolutions for 2019, wish us good luck to achieve the most!

 

 

May you have a happy, successful and more private year!

Browser, VPN, privacy, security, internet browsing, internet security, digital identity

We should all be aware by now that 2018 was a watershed year for digital privacy and data protection, marked by one Facebook or Google scandal after another.

Leading with Facebook Cambridge Analytica fiasco, Mark Zuckerberg’s congressional testimony, a massive hack, and revelations of corporate smear campaigns were only the tip of the iceberg. (Refer also to: A bug may have exposed the unposted Facebook photos of millions ; Facebook is using your two-factor-authentication phone number to target ads ; Facebook has been collecting call history and SMS data from Android usersUK Parliament publishes Facebook secret documents showing ‘whitelisting’ firms in return for access to data)

The Facebook privacy issues revealed last year should not overshadow other important revelations like: Strava’s heat map exposing military locations; The giant Marriott hack or Google’s already obsolete Google+ bug that may have exposed private data from millions to its third-party apps;

It’s important to acknowledge the above and understand that some tech companies, and unfortunately some of the most trusted ones, not only harvest gazillions of users’ data but also employ flawed systems to use, share and profit from it. The zenith of privacy invasion played out in a report that alleged both Facebook and Google partnered with banks and bought financial data in secret, trying to get access to yet another sensitive category of private user information.

The aforementioned tech companies, and many other less well known, put their profits before your privacy, and actually built business models that demanded it. In addition, there is nothing FREE and we the users are often the product being monetized.  By itself there is nothing wrong with a consumer getting a free service and enabling profit for the service provider through some element of behavior and/or identity, as long as the profiting entity makes disclosures around business practice, doesn’t abuse the user’s trust by violating their own terms, and has no hidden tradeoffs that a user only finds out about after the fact.

So, what is next for 2019? It could continue with other giants like Microsoft, Amazon or Apple, especially with the latest digital assistant trend, but at this point it would only be speculation.

In any case, we should keep protecting our devices and be aware of which free or paid services we use. Put simply, we must be aware of and take action around our own digital identity.

To that end, great things happened as well, in the context of privacy, during 2018. Moreover, we salute and support initiatives like Europe’s GDPR law, trying to get back more privacy for consumers, but currently far from perfect in practice. It is still worth supporting and following how it will succeed in combating the most sophisticated tracking methods, like browser fingerprinting. Besides the European Union, many publications and organizations, such as the Electronic Frontier Foundation, started drawing attention to the ways Google, who owns the most used browser and largest tracking network in the world, uses its power to protect its own interests rather than protecting its users.

 

The good and the bad around privacy, in 2018, further validated the need for privacy awareness and tools, therefore fueling our conviction around UR Browser, including the addition of more simple-to-use privacy features.

If your computer is slower than usual, it may be the fault of your browser …

If you constantly use your internet browser (especially Chrome), you will probably notice that the more tabs you open, the slower your machine gets. Each open tab consumes resources from your processor.
There are ways to pause unused tabs, such as The Great Suspender, but these are extensions that can cause other issues, even at the security level. Continue reading

Browsers are two-way windows.

browsers are open windows

For most of us, web browsers are an open window to the endless twists and turns of the internet. But these two-way dormers also allow the outside world to intrude, at times, sneakily into our privacy, record our every move on the web so as to understand our aspirations and influence our behaviour, not to talk of simply infecting our machines, by pure desire to harm or to sell us a cleaning solution. Continue reading

Questions We Are Commonly Asked About UR

There are several recurring questions we receive about the validity or privacy of UR, and we’d like to address them here today.

computer hard at work

Continue reading

‘WannaCry’ Wakeup Call For Online Security

 

Ransomware - paying for access to files

A massive cyber attack struck the globe last Friday, affecting 150 countries and over 250,000 computers including those of major government organizations and corporate operations. This ransomware dubbed ‘WannaCry’ is fearsome because once it is activated on a device, it encrypts all the files so that they are inaccessible. At that point, it instructs the computer owner to pay a ransom in Bitcoin in exchange for unlocking their files. 

So what can you do to make sure you’re protected against this vicious ransomware?

  • Be a conscious clicker: an email or some other form of message can contain infectious attachments and links that can spread malware onto your device.You can simply hover your cursor over email links to reveal the URL’s destination. If you are not sure, do a search on the sender to find out more and stay on alert.
  • Don’t be forgetful about updates: immediately install updates to your operating system and to all your software as they become available. Such updates for your device’s system are designed to fix vulnerabilities which ransomware can target. 
  • Backing up your files is key: ransomware works with a hacker first encrypting your hard drive, which makes your computer still operable, but the catch is that you can’t access any of your files. If you already have your important files backed up on an external drive, you would not have to pay a hacker to decrypt them if you get attacked.
  • Remain aware on social media: social media is all about connecting and sharing with others. Therefore, it is essential to remain in a security headspace to avoid clicking on infectious downloads when on Facebook, Instagram, or even Snapchat.
  • Always stay official: remember to only download apps from official application stores. This will reduce the probability of downloading a pirated versions of apps that contain infectious malware.

All in all, staying vigilant on the web is the most crucial wisdom. Hackers around the globe are always looking for new ways to make trouble in return for their almighty dollar, so don’t make their lives easy.  Always think twice before clicking and make sure you are using updated versions on your system. If your device becomes affected, get in touch with Europol for assistance in your native language.

Sources

Fortune, http://fortune.com/2017/05/14/ransomware-wannacry-faq/

Owl Detect, https://www.owldetect.com/uk/stay-safe-online/archive/nhs-cyber-attack-what-steps-have-you-taken/

ABC News, http://abcnews.go.com/US/simple-things-protect-ransomware-attacks/story?id=47410339

5 Frequent Types of Malware: Explained

Types of malware hackers use

You may have heard malware thrown around, but do you know what it means? Learn more about the largest types of malware we come across on the web.

What is malware?

Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise, cause harm to the host computer. Here are explanations on the five most observed types of malicious programs to watch out for:

1. Adware 

Adware is a form of financially-supported malware that usually presents itself in the form of unwanted advertisements displayed to a user. The Internet is filled with these types of programs that can hijack your PC for profit. Most of them are hidden inside so-called “free” downloads and pop-up ads that forcibly install software on systems with active vulnerabilities.

2. Spyware

This type of malware covertly collects information and transmits it to interested parties. Information gathered includes web sites visited, browser and system information and IP address. Spyware does not have any infection mechanisms and is usually dropped by a Trojan. A hacker uses spyware to track your internet activities and steal your information without you being aware of it. Credit card numbers and passwords are the two most common targets.

3. Trojan Horses 

Just like the trojan horse from ancient greek mythology, this type of malware is disguised as a safe program designed to trick users, so that they unwittingly install it on their own system, and later are sabotaged by it. Normally, the hacker uses a trojan to steal both financial and personal information. It can do this by creating a “backdoor” to your computer that allows the hacker to remotely control it.

4. Viruses

Like a virus that can infect a person, a computer virus is a contagious piece of code that infects software and then spreads from file to file on a system. When infected software or files are shared between computers, the virus then spreads to the new host.

5. Worms

Similarly, worms also replicate themselves and spread when they infect a computer. The difference, however, between a worm and a virus is that a worm doesn’t necessitate the help of a human or host program to spread. Instead, they self-replicate and spread across networks without the guidance of a hacker or a file/program to latch onto. 

 

Surf safe with UR: all downloads are automatically scanned for viruses and if you arrive on a suspicious website, you will immediately be alerted.

Rate A Website In Two Clicks

shield-rate-sites

Shield – Rate a website and contribute to the community

Click on the shield icon in the upper right-hand corner to rate a site and see its current rating. It’s just like traffic lights!

  • Green = you find this site safe
  • Orange = you would proceed with caution on this site
  • Red = you find this site suspicious

The more users that rate websites, the safer we all are, and the bigger the community becomes!

 

UR is a web browser created specifically to keep your online data private and safe. Learn more about our security features.

Phishing vs. Pharming

fish-in-fishbowl

What is phishing?

Though phishing and pharming attacks are related, they both happen by different means. For example, phishing attacks usually involve an email that appears to be from an e-commerce company prompting you to take action and log in to your account with the link provided in the email.

The website you visit is not the real site but a well-designed imposter site. It may seem authentic to you, so you will enter your username and password, which is then obtained by the attacker. 

What is pharming?

On the contrary, pharming is different in that it can happen when you are going to a legitimate website, even when you have typed the URL of the site yourself. In a pharming attack, the criminal “hijacks” the intended site’s DNS (domain name system) server.

The end result is that you are redirected an imposter site that looks like your intended site. Most people can not tell the difference and will enter their username and password as usual, only to be captured by the attacker. 

 

UR has an integrated Safe Browsing feature which alerts you of sites that are suspected of phishing or pharming. Learn more about UR’s safety features.

Shield: Look For the Colors to Stay Safe

With Shield, use the colors to protect you while you browse!

Older posts

© 2019 UR Blog

Theme by Anders NorenUp ↑