Surfshark, TurboVPN and more are secretly undermining security

Six major Virtual Private Network firms have been shown to be installing root certificates that could open up users' computers to surveillance.

In a similar way to Apple's iCloud Private Relay, VPNs are intended to protect users by routing all data through a trusted service that encrypts personal information. Six of the best-known VPN firms, however, have now been shown to be doing this in a way that could be compromised.According to TechRadar, the six were uncovered by security research firm AppEsteem. Each installs a trusted root certificate authority (CA) on users devices, and it's this that can be risky.

Read more...