UR Browser Blog

Privacy and security with UR Browser

Month: January 2019

Small team, great achievements and even bigger ambitions for 2019!

privacy browser vpn

2018: Guerrilla Anti-Tracking and Embedded Virtual Private Network Shielding

We are still a start-up and even though we are a small team, and do not always get to address all your messages and needs, they do concern us and we do listen to them! Thank you for that!

We are sharing all of them with our product team who is prioritizing each of those along with our planned features and improvements, so that they will be eventually addressed.

For the past year, we had to reduce the communication efforts in favor of focusing more on the product and achieving some major milestones:

  1. Improve stability and security with UR 61 release, (do we want to link to an old version in this post vs. just having a reference to it in plain text?) adding anti-fingerprinting capabilities and improving the HTTPs enforcing;
  2. Introduce a unique feature in the browser: a full VPN client with UR 62, not only to protect the browser traffic but all your device’s traffic;

We will not talk about the first one as we already have on the blog and it’s already too old, we are already working to bring UR to Chromium 71.

We do want to share with you more about the latest VPN feature and why we considered it such an import part of the puzzle.

Why does a browser need a VPN?

For those of you who are not aware of what a VPN is and why you should use one here is a short intro.

By its’ meaning a Virtual Private Network is an internet security service that allows users to access the Internet as though they were connected to a private network. This encrypts the Internet communications as well as providing a strong degree of anonymity. Some of the most common reasons people use VPNs are for location anonymity, the right to online privacy, to protect against snooping on public Internet connections, to circumvent Internet censorship, or to connect to a business’s internal network for remote work purposes.

Generally, when users create an Internet connection to visit a website or to access an online service, most Internet traffic is unencrypted and very public. The device that initiates the request through a browser or another app, will connect to their Internet Service Provider (ISP), and then the ISP will connect to the Internet to find the appropriate web server to fetch the request website or service. Information is exposed with every step of the Internet request. The IP address is exposed throughout the process, the ISP and any other intermediary can keep logs of the user’s browsing habits and interests. Moreover, the data flow between the user’s devices and the webservers is unencrypted, which creates opportunities for malicious actors to spy on the data or perpetrate attacks on the user, such as a man-in-the-middle attack.

When using a trusted VPN service to connect to the Internet, users gain a higher level of security and privacy by:

  • The VPN client connects to the ISP by creating an encrypted connection
  • The ISP connects the VPN client to the VPN server, maintaining the encrypted connection
  • The VPN server decrypts the received data from the user’s device and then connects to the Internet to access the web server in an unencrypted communication, exposing only the IP address of the VPN server and masking users’ IP

How VPN works. What is a VPN.

This is known as a ‘VPN tunnel’ the encrypted connection between the VPN Client and VPN server passes through the ISP, blocking the ISP and/or malicious actors from seeing a user’s activity.

 

Beware, VPN and Proxy extensions are not enough!

In the past UR explored, as did other competitors, the so-called ‘VPN extensions’ or ‘proxy-extensions.’ They offered a similar service as a VPN but with a few important drawbacks like: not fully encrypted communications and solely browser request protection, excluding by its tech limitations the requests issued by any other apps running on the device.  A potential negative effect of this lack of coverage could be – the location was masked while surfing websites w

ith UR, yet other local apps/services would expose user’s location when communicating with their servers on the Internet. To avoid such scenarios users would have had to subscribe in addition, to other VPN services, requiring the installation of an additional software: a VPN client.

We stopped that type of service a while ago when such weaknesses surfaced.  However, many players in the space continue to proposes ‘proxy-like’ features advertised as VPNs, while not offering true VPN protection.

Leveraging open-source, with the power of Open VPN and a great partnership (don’t want to promote another solution and took out the links), we have built a powerful and multi-faceted privacy took that combines the utility of a browser with the protection of a VPN.

In addition to standard private browsing features, UR Browser now offers the same level of protection as other stand-alone VPN clients. And as usual, we’ve made it extremely simple to use so that not only tech savvy users can benefit from it.

If this solution is appealing to you, check it out now ! (currently available only for Windows)

2019: Let the real privacy battle begin!

Still in beta but improving rapidly, here are some key updates you can expect from UR in 2019:

  • The latest Chromium patches (on Windows, and as soon as possible on Mac too)
  • Upgraded privacy and anti-tracking features
  • An improved browser anti-fingerprinting technology (more on browser anti-fingerprinting here)
  • A bunch of under-the-hood and functional fixes (for example online streaming services and translations services had been disabled due to privacy concerns, now will become optional)
  • A VPN build for Mac
  • New features like secure account synchronization, improved bookmarks and offline web content management
  • Integrated private Search engine

We are considering opening our source code too while mobile and Linux versions are in planning as well, and should go into development later this year.

These are some of our resolutions for 2019, wish us good luck to achieve the most!

 

 

May you have a happy, successful and more private year!

Browser, VPN, privacy, security, internet browsing, internet security, digital identity

We should all be aware by now that 2018 was a watershed year for digital privacy and data protection, marked by one Facebook or Google scandal after another.

Leading with Facebook Cambridge Analytica fiasco, Mark Zuckerberg’s congressional testimony, a massive hack, and revelations of corporate smear campaigns were only the tip of the iceberg. (Refer also to: A bug may have exposed the unposted Facebook photos of millions ; Facebook is using your two-factor-authentication phone number to target ads ; Facebook has been collecting call history and SMS data from Android usersUK Parliament publishes Facebook secret documents showing ‘whitelisting’ firms in return for access to data)

The Facebook privacy issues revealed last year should not overshadow other important revelations like: Strava’s heat map exposing military locations; The giant Marriott hack or Google’s already obsolete Google+ bug that may have exposed private data from millions to its third-party apps;

It’s important to acknowledge the above and understand that some tech companies, and unfortunately some of the most trusted ones, not only harvest gazillions of users’ data but also employ flawed systems to use, share and profit from it. The zenith of privacy invasion played out in a report that alleged both Facebook and Google partnered with banks and bought financial data in secret, trying to get access to yet another sensitive category of private user information.

The aforementioned tech companies, and many other less well known, put their profits before your privacy, and actually built business models that demanded it. In addition, there is nothing FREE and we the users are often the product being monetized.  By itself there is nothing wrong with a consumer getting a free service and enabling profit for the service provider through some element of behavior and/or identity, as long as the profiting entity makes disclosures around business practice, doesn’t abuse the user’s trust by violating their own terms, and has no hidden tradeoffs that a user only finds out about after the fact.

So, what is next for 2019? It could continue with other giants like Microsoft, Amazon or Apple, especially with the latest digital assistant trend, but at this point it would only be speculation.

In any case, we should keep protecting our devices and be aware of which free or paid services we use. Put simply, we must be aware of and take action around our own digital identity.

To that end, great things happened as well, in the context of privacy, during 2018. Moreover, we salute and support initiatives like Europe’s GDPR law, trying to get back more privacy for consumers, but currently far from perfect in practice. It is still worth supporting and following how it will succeed in combating the most sophisticated tracking methods, like browser fingerprinting. Besides the European Union, many publications and organizations, such as the Electronic Frontier Foundation, started drawing attention to the ways Google, who owns the most used browser and largest tracking network in the world, uses its power to protect its own interests rather than protecting its users.

 

The good and the bad around privacy, in 2018, further validated the need for privacy awareness and tools, therefore fueling our conviction around UR Browser, including the addition of more simple-to-use privacy features.

© 2023 UR Browser Blog

Theme by Anders NorenUp ↑