Subj : CISA warns against VPN us
To : All
From : Mike Powell
Date : Sat Dec 06 2025 09:43 am
US security agency urges Android and iPhone users to stop using personal VPNs
Date:
Fri, 05 Dec 2025 17:00:00 +0000
Description:
CISA warned that many commercial VPNs could be putting your data at greater
risk. But that doesn't mean you should give up on privacy here's what you
need to know.
FULL STORY
The US's top cybersecurity agency has issued a stark warning in its latest
missive: "Do not use a personal VPN."
The advice comes from the Cybersecurity and Infrastructure Security Agency
(CISA), which has cautioned iPhone and Android users that many commercial VPN
services may do more harm than good. According to CISA, "personal VPNs simply
shift residual risks from the internet service provider (ISP) to the VPN
provider, often increasing the attack surface."
The warning suggests that while a VPN can shield your activity from your ISP,
you are placing your trust in the VPN provider, many of which "have
questionable security and privacy policies." This is a significant statement
from a federal agency, suggesting a foundational risk in how many commercial
VPNs operate.
The alert is part of a wider effort to combat the rise of advanced commercial
spyware. Security agencies are increasingly concerned about malicious actors
using sophisticated tools to infiltrate smartphones, and a fraudulent VPN app
is an ideal Trojan horse.
As a recent Google security alert also highlighted, threat actors are adept
at distributing malicious apps disguised as legitimate VPN services to
compromise user security and steal everything from browsing history to
financial credentials.
These warnings are particularly pertinent given the surge in VPN usage to
bypass geo-restrictions or in response to new legislative measures such as
age verification laws . However, as CISA's advice implies, the rush for a
quick privacy fix can lead users to download dubious apps that are, at best,
ineffective and, at worst, outright spyware.
How to choose a secure and private VPN
CISA's blanket warning suggests that all VPNs are untrustworthy, but the core
of the issue lies with questionable providers.
The best VPN services are transparent, audited, and committed to user
privacy. To stay safe, you should look for a provider with a strict and
independently verified no-logs policy , ensuring they dont collect or store
any data about your online activities.
Furthermore, robust encryption protocols such as OpenVPN and WireGuard form
the backbone of secure VPN connections, ensuring that your online traffic
remains private and protected from interception. These encryption standards
use advanced cryptographic techniques to shield your data from hackers, ISPs,
and government surveillance, making it extremely difficult for third parties
to decipher your communications.
When selecting a VPN, its also recommended to look for additional
security-oriented features that strengthen your online protection.
One of such options is a kill switch , which automatically blocks your
internet access if the VPN connection unexpectedly drops. This prevents your
IP address and sensitive data from being exposed in plain text, a common risk
if the safeguard isnt in place.
Other valuable features might include DNS leak protection, multi-hop
connections that route traffic through multiple servers, and perfect forward
secrecy (PFS), which changes encryption keys frequently to minimize data
exposure.
For those seeking the most private VPNs , the key is to choose a reputable
provider that prioritizes user security above all else.
======================================================================
Link to news story:
https://www.techradar.com/vpn/vpn-privacy-security/us-security-agency-urges-an
droid-and-iphone-users-to-stop-using-personal-vpns
$$
--- SBBSecho 3.28-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
