I'm using secure browsing with HTTPS, why do I need Private Tunnel?

Virtually all secure websites (like banks and other financial institutions) already support secure browsing using the HTTPS protocol. Even popular sites like Facebook, Yahoo and Gmail encourage people to use the secure version of their sites, to protect against having usernames and passwords stolen.

While browsing using just HTTPS is relatively safe, there have been some recent research showing weaknesses in the HTTPS protocol, as described in this article:http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/

With Private Tunnel, we encrypt your traffic with a second layer of encryption that is not vulnerable to this BEAST attack (it is an attack targeted towards stealing your browser session cookie). While OpenVPN currently uses the same TLS protocol that HTTPS uses, it does not use session cookies or other browser features required by this attack.

The OpenVPN protocol also does not use the default SSL/TLS renegotiation process, rather, it always starts a new TLS session from scratch.

In short, Private Tunnel and OpenVPN do not have the same vulnerabilities of HTTPS/SSL, they protect your secure browsing with another layer of encryption, assuring your security even if HTTPS fails.

Furthermore, Private Tunnel uses additional network protections to protect you against malicious threats such as exploit kits or common support scams that are only found in enterprise-grade networks. We do so in order to provide our users a world-class VPN they can enjoy at their convenience whenever they may be.

  • 3
  • 11-Feb-2017
  • 3588 Views