Tag: VPN

Check your smartphone now — these apps are dangerous and should be deleted.

You should read that sentence again and then open your phone. Check your apps. Check what permissions they've been allowed. The FBI has just issued a public warning about mobile applications — especially those developed and maintained overseas — that can quietly collect and leak personal data. Check your smartphone now — these apps are dangerous and should be deleted. This is not fearmongering; it's a practical reminder that our pocket computers hold the keys to our contacts, location, photos, messages, and sometimes banking tokens.

Why the FBI warning matters

Over the last few years, governments and security agencies have flagged concerns about certain foreign-developed apps that request broad device permissions, persistently collect data, or route information through infrastructure in countries with different national security laws. The FBI’s recent public service advisory highlights three recurring risks:

• Apps that ask for access to contacts, SMS, storage, and location can harvest data about people who never installed the app.
• Some apps persistently collect information even when they aren’t actively used.
• Apps that host or hide malware can exfiltrate data or enable surveillance.

The advisory doesn’t ban specific mainstream brands by name in every case, but it does nudge users to be extra cautious about apps that maintain infrastructure or data stores in foreign jurisdictions where local laws may compel that data be handed over to state authorities.

Transitioning from awareness to action is the point: if an app on your phone requests sweeping permissions and you don’t trust its origin, treat it as a red flag.

Which apps you should watch for

The FBI’s message is broad rather than a neat list of offenders. That’s intentional: the risk isn’t just one app, it’s a pattern in how some apps behave and where they store data. Still, coverage from security outlets and tech sites highlights common categories to scrutinize:

• Free VPNs and “lite” streaming or downloader apps that ask for device-wide access.
• Lesser-known social or utility apps that request contact lists, SMS, and storage access on install.
• Apps hosted outside official stores (sideloaded APKs on Android) or unofficial versions of popular services.
• Apps that solicit device admin rights, accessibility privileges, or persistent background access.

If an app is obscure, newly published, or from a developer you can’t verify — and it asks for broad permissions — it’s safer to delete it and find a well-reviewed, reputable alternative.

What to do right now

• Open your phone’s Settings and review app permissions. Revoke anything that looks unnecessary (camera, mic, contacts) for apps that shouldn’t need them.
• Uninstall apps you don’t recognize, don’t use, or that you installed outside Apple’s App Store or Google Play.
• Update your OS and apps to the latest versions so security patches are applied.
• Only download apps from official stores and check developer details and reviews.
• Change passwords for sensitive accounts and enable multi-factor authentication where possible.
• If you suspect an app has stolen data or behaved maliciously, reset the device and reach out to your bank or services you use — and file a report with the FBI’s IC3 or your local authorities if you’re in the U.S.

These steps reduce the attack surface and limit persistent data collection even if an app is trying to overreach.

How real is the risk?

A follow-up question is fair: how likely is your app to be an active surveillance tool versus just a privacy-invasive tracker? The answer is: both are possible. Some apps are simply greedy for advertising and analytics data. Others — whether through negligence or design — may process and store data in ways that expose it to foreign legal orders or hostile actors. Security researchers and agencies have repeatedly found malware-laden or trojanized apps on third-party stores and even within official marketplaces.

So while the worst-case scenarios are rarer, the cost of inaction is high: identity theft, account takeover, and privacy compromise. Treating your smartphone like a personal device that needs periodic audits is smart hygiene — not paranoia.

Navigating nuance: don’t throw the baby out with the bathwater

Not every app developed abroad is a threat. Big, reputable companies with clear transparency reports, independent audits, and local presence are different from small, opaque developers. Context matters:

• Look for transparency: where is data stored, how is it encrypted, and what do the privacy policies say?
• Prefer apps with independent security reviews or a track record of responsible disclosure.
• Remember that removing permissions or uninstalling apps may break functionality — weigh that against the information at stake.

In short: be skeptical, not reflexively fearful. Make decisions based on permissions, provenance, and behavior.

My take

Smartphone security is a habit, not a one-off action. The FBI’s advisory is a timely nudge reminding us that convenience often comes with trade-offs. A regular five-minute check of permissions, coupled with a quick uninstall sweep for unused apps, will dramatically improve your safety. We can enjoy modern apps while still insisting they earn our trust.

Final thought: think of your phone like your home — you wouldn’t give a stranger permanent access to your house keys or bathroom drawers. Treat app permissions the same way.

Sources

• FBI Public Service Advisory summarized by Forbes — "FBI Warns iPhone And Android Users—Do Not Install These Apps" (Forbes).
  https://www.forbes.com/sites/zakdoffman/2026/04/04/fbi-warns-iphone-and-android-users-do-not-install-these-apps/

• "FBI warns against using Chinese mobile apps due to privacy risks" (BleepingComputer).
  https://www.bleepingcomputer.com/news/security/fbi-warns-against-using-chinese-mobile-apps-over-to-data-security-risks/

• "Many of the most downloaded… are developed and maintained by foreign companies" (TechRadar coverage of the FBI advisory).
  https://www.techradar.com/pro/security/many-of-the-most-downloaded-and-top-grossing-apps-in-the-united-states-are-developed-and-maintained-by-foreign-companies-fbi-urges-users-not-to-download-chinese-mobile-apps-over-privacy-risks

A pleasant surprise in your toolbar: Firefox now has a free built‑in VPN with 50GB monthly data limit

Firefox just got a privacy upgrade that’s hard to ignore: a free, built‑in VPN that gives users up to 50GB of monthly traffic. This addition lands in Firefox 149 and is delivered as a browser‑level VPN — no separate app required — which makes privacy easier for casual users and gives power users another tool in their kit. (firefox.com)

Why this matters now

Browsers have become battlegrounds for user trust. As adtech and cross‑site tracking grow more sophisticated, companies like Mozilla are trying to regain ground by leaning into privacy features. Adding a built‑in VPN is a clear, visible signal: Firefox isn’t just blocking trackers — it’s offering to hide your IP and mask location from sites you visit. Mozilla’s rollout of this feature with Firefox 149 marks a shift from optional, paid VPN products toward making privacy a default, discoverable browser capability. (firefox.com)

• It’s a browser‑only VPN — it protects web traffic inside Firefox, not all traffic on your machine. (ghacks.net)
• The free tier caps usage at 50GB per month, enough for typical browsing, light streaming, and everyday anonymity. (firefox.com)
• The rollout is phased by region, and account sign‑in may be required to track the 50GB usage. (firefox.com)

What Firefox’s built‑in VPN actually does

This is a browser‑level proxy that routes your Firefox web requests through Mozilla’s VPN backend, obfuscating your IP address and encrypting the connection between the browser and the VPN server. It’s not a system‑wide VPN, so apps outside Firefox (like games, email clients, or torrent clients) won’t use it. That makes it less of a catch‑all privacy tool, but also simpler and less intrusive for users who mainly want private browsing without installing extra software. (ghacks.net)

The practical tradeoffs:

• Pros: Quick setup, no third‑party client, easy to toggle, and generous 50GB monthly allowance for a free offering. (firefox.com)
• Cons: Browser‑only protection, potential performance variance depending on server load, and limitations compared with paid, system‑wide VPNs. (ghacks.net)

How Mozilla’s move fits the larger browser landscape

Mozilla isn’t inventing the wheel here — other browsers (Opera, Vivaldi, Brave) have offered integrated VPN/proxy features for years. But Mozilla brings something different: a long track record of privacy messaging and an independent non‑profit ethos that many users trust. That trust matters, because "free VPN" has a fraught history; shady providers have been caught collecting data or inserting trackers under the guise of privacy. Mozilla’s approach—integrated, account‑managed usage and transparency about how usage is measured—aims to avoid those pitfalls. (techradar.com)

At the same time, the move looks strategic. With Firefox’s global market share small compared to Chromium‑based rivals, a high‑profile privacy feature gives Mozilla a marketing hook to woo users who prioritize privacy but don’t want to fiddle with extensions or third‑party services. (techradar.com)

Practical tips if you want to try it

If you see the feature in your Firefox toolbar or settings, here’s how to treat it:

• Sign in with your Mozilla account if prompted — the account tracks the 50GB allowance. (firefox.com)
• Remember it’s browser‑only: if you need system‑level privacy (e.g., protecting a torrent client or a game), keep using a full VPN app. (ghacks.net)
• Expect gradual rollout: not every Firefox 149 install will see the VPN right away; Mozilla is enabling it by region and in phases. (firefox.com)

Safety and privacy: what to ask before trusting any “free VPN”

A free VPN can be a huge convenience, but privacy is not just about a locked padlock icon. When evaluating the new Firefox option, consider:

• Logging policy: what connection metadata is recorded and for how long? Mozilla has historically published transparency details for services; look for those statements. (theregister.com)
• Who runs the servers? Some privacy services partner with third parties for infrastructure. Knowing the operator helps when assessing jurisdiction and data risks. (ghacks.net)
• Is the protection audited? Independent audits and technical writeups increase confidence in a VPN’s claims. (theregister.com)

The user experience — a quick read

The beauty of a built‑in, browser‑level VPN is simplicity. Toggle it on, surf with a masked IP, and the browser handles the rest. For many users, that will be "good enough" privacy without extra installs or subscription signups. For power users, it won’t replace a full VPN, but it’s a welcome tool in the privacy toolbox. And the 50GB monthly cap is far more generous than many free VPNs’ paltry allowances, making the feature practical for real use. (firefox.com)

My take

Mozilla’s built‑in VPN is a smart, pragmatic step. It lowers the barrier to stronger browsing privacy and aligns with Firefox’s brand. It also signals a shift in how browsers compete: not just on speed or features, but on trust and default protections. If you’re an occasional user who wants better privacy without complexity, this is worth exploring. If your needs include system‑wide traffic or heavy streaming and downloads, keep a dedicated VPN on standby.

Sources

• Firefox 149.0 Release Notes — Firefox (Mozilla).
  https://www.firefox.com/en-US/firefox/149.0beta/ (firefox.com)

• Mozilla is experimenting with a free, built‑in VPN in Firefox — TechRadar.
  https://www.techradar.com/vpn/vpn-services/mozilla-is-experimenting-with-a-free-built-in-vpn-in-firefox-but-you-might-not-be-able-to-try-it-yet (techradar.com)

• Mozilla recruits beta testers for a built‑in Firefox VPN — The Register.
  https://www.theregister.com/2025/10/14/mozilla_firefox_vpn_beta/ (theregister.com)