Urban VPN is a particularly bad offender. It intercepts all your conversations with ChatGPT, Claude, and other AI bots (glad I don’t use any), and sends them to the VPN vendor for resale. This is nuts.
I’ve always been told to beware of “free” VPNs for reasons like this
If the free VPN provides an OpenVPN / Wireguard configuration, then you’re mostly safe from this particular attack. Most sites use TLS, so the VPN provider won’t be able to see shit.
In this particular case, it’s a browser extension, which is actually able to access the contents of visited webpages.
Yup, as the old adage says: “if the service is free, you are the product.”
I can’t get past how deeply addicted the author is to AI. They seem to be wholly dependent on AI. Just read the article up until the first time Urban VPN is mentioned. It seems like this person manages their personal and emotional life via AI and their “research” (as they proclaim themselves a “security researcher”) primarily consisted of, you guessed it, asking AI.
I’d developed a level of candor with my AI assistant that I don’t have with most people in my life.
What a sad way to live.
Psychotherapists, best friends, financial advisors, emotional support, all personal problems, etc. Yes, too many people have given AI control over their lives with so much information that could be used for blackmail.
This appears to be a bad article. See: https://piefed.social/post/1573197
Basic digressive victimization tactic. Nothing wrong with Urban VPN, but everything wrong with kod.ai.
Just once I want that kind of headline to read “sold at a loss”
I’m mostly surprised that there are companies interested in “conversations” between
bullshit generatorsLLMs and mentally unwell people that “converse” with them.
If a security researcher is installing on their browser a free vpn browser extension, I assume they are a moron and can’t do their job.
Seriously, not only your first question should be “how are these people paying for 6 millions people using their VPN?”, but your second one should be " why they don’t provide a client of a wireguard/ipsec/openvpn configuration file? So they don’t have access to my webpages?"
When an article relies on a clearly bs premise (like a security researcher using a free vpn), you should assume the article is fake. Which it is, in this case: https://piefed.social/post/1573197#comment_9269001
