Is there a 100% free VPN for Chrome?

There are certainly free virtual private networks (VPN) for Chrome, however as you are well aware they all have one thing in common - security compromises. What are the most up to date security checks that people do on a browser? Does their certificate authority allow you to validate the certificate chain? Google uses their own certificate authority, does it check that your browser will accept the certificate chain from them and will not reject the connection? Can the proxy use man in the middle attacks to change the IP, username and password details? This is easily done by some rogue websites which can be disguised as the 'Google' site. Any VPN that makes use of such web-based exploits has serious security flaws and the customer data can be intercepted. You're safer with a paid for account where these holes in the system can be fixed without you being able to tell where the data went or not.

It's also important to check if it has been hacked (eg. Infected with malware), and check for vulnerabilities like Heartbleed.

Is their website secure? Is their server behind a firewall, and are there no known open ports on their router or ISP? This is why a client cannot access the 'official' sites for most VPN services. What should I do? I believe one of the key things to consider when choosing a VPN is how well it keeps your browsing safe - so it must protect against attacks by web based proxy and man in the middle attackers and at the same time also allow you to access the official website securely. For my needs I use TunnelBear, a paid for account with a good web based security system, that I can access through VPNs from Chrome/Firefox that have been reviewed for security and I have confidence. My internet service provider is too strict and prevents any other web browsers on the same WiFi network from accessing the internet with my VPN accounts, so the only thing that can be done about that is to buy a second PC, turn off Wi-Fi in the first one, connect it to the service, switch network cards and use two different browsers on that second PC.

How do I add Browsec to Chrome?

The Chrome Browser now has built-in support for Browsec: the first of its kind browser extension.

It's not perfect, and it's more of a proof of concept, but it works fairly well and does add one more layer of security in a time when the security industry is getting caught up with security fatigue and fighting the good fight to prevent an overburdened, overloaded system from collapsing under its own weight.

To get Browsec on Chrome, you'll need to get the Google Chrome browser that supports extensions (or you can use the mobile versions of Chrome), download the Browsec browser extension, and install it just like you would install any other extension. After you do that, the Browsec extension icon appears at the bottom right of the browser. (See the following figure.) Just click on it and select the "Browse anonymously and privately" option.

Browsec for Google Chrome. Once installed, Browsec has a "Not supported" message at the top of the extension toolbar. This should only appear once, and it's very likely that it will vanish completely if you follow the instructions above to enable Browsec for Chrome.

If it doesn't vanish, though, it's a good sign that you've installed Browsec properly. You can visit your favorite web sites through Browsec, and then use the "I'm a spy" option at the bottom right to send a message to your Browsec contact person.

As you may know, the goal of Browsec is not to make the web browsing experience less enjoyable. Browsec has nothing to do with blocking content or monitoring your online behavior. All it does is create a secure browsing environment in which you can anonymously upload information using your encrypted connection.

What Browsec does not do is give you any real privacy because there are not enough people out there spying on you. Also, the servers of the sites you visit are not capable of watching you. They can log your IP address, but the data you submit to those servers is encrypted using private keys that only you know. You have the ability to delete all of your data from the server, but that doesn't mean that the data you sent is gone from the site itself. No one at the site can read it.

This is the way of the future.

Does Browsec work on Chrome?

I've had the idea for a while, but can't be bothered to put together an implementation, as you know there is such a thing as a bit too much security and a lot of people just don't need it.

Now that I have this idea, I thought I'd use the idea to build an idea that is actually pretty cool. Here's the idea: there are two web pages. The first is a page where people put in their bank details so that Browsec knows what they look like. The second is a page which has a big random number generator that is only accessible once people have clicked on the first page. I've just typed up some code and I think it should work.

Now, I know that we're not using browser-based IDSs, we're using servers that we have root access to. It seems likely that the servers would be running under a browser. So, when the user goes to Browsec.org they hit Browsec.org/getuserdetails.php?uid=123456. The server checks that this has been approved, checks if the user has been given a valid email address and creates an account if they haven't, and sends a verification email. This user details page then sends the uid to the Browsec website, and this is what causes the big number on the other page to appear. This means that even if someone was to hack into Browsec.org and change the uid value, this wouldn't affect Browsec.php because it uses a GET parameter. The big random number could then be used to log in, but any data sent from that point onwards would be intercepted by the browser, thus the server wouldn't be able to access anything.

So, does anyone know whether this will work? If so, I guess that would mean that Browsec.org wouldn't have to run on Chrome at all, as it would be a fairly trivial project to port it over to Firefox.

If not, I guess that would mean that I'd have to find a way to create something that didn't rely on Google's servers, and I'm going to see about that. What do you think? Edit: For clarity, this is the bit of code I wrote so far. It's not completely finished yet, but you get the idea.