After being caught with its hand in the internet cookie jar, effectively selling its users’ idle bandwidth without being upfront about it, VPN service Hola has vowed to be more transparent about its dealings and what the bandwidth is being used for in a lengthy blog entry posted earlier today.
Beginning with a self-congratulating boast regarding the “innovation” and “freedom” the company has helped achieve since its inception, complemented by an inspirational Steve Jobs image and quote about admitting mistakes quickly and moving on, Hola CEO Ofer Vilenski has done just that – admitted his company’s recent failings and suggested that it will all be fixed immediately.
“There have been some terrible accusations against Hola which we feel are unjustified. We innovated quickly, but it looks like Steve Jobs was right. We made some mistakes, and now we’re going to fix them, fast. Since May 28, our people have been working literally 24/7,” said Vilenski.
Vilenski flat out denies that Hola makes its users part of a botnet, stating that the small amounts of user data that’s used (on average about 6MB per day) is sold for “legitimate commercial purposes, such as brand monitoring, self test and anti ad fraud,” among other things.
P2P service with all the fixin’s
Hola’s first order of business, is to let its users know exactly what they’re getting into when signing up with the service, stating that “We have changed our site and product installation flows to make it crystal clear that Hola is P2P, and that you are sharing your resources with others.
“This information is now “in your face” - and no longer appears only in the FAQ,” further stating that customers who don’t want to share their bandwidth can instead opt for a Hola Premium package – ”purchase one month of Hola premium until end of June, and get 2 months free.”
Stating that many big companies and services, like Apple iCloud, Snapchat, Skype, Sony, Evernote and Microsoft, have also found themselves vulnerable to attack, Hola has assured its users that it has fixed the two vulnerabilities in its system “within a few hours of them being published” and that it will be “undergoing an internal security review, as well as an external audit we have committed to with one of the big 4 auditing companies’ cyber auditing team.”
The company will also be appointing a Chief Security Officer “in the coming weeks.”