Hi all, I am an admitted newbie on the subject. I’ve read on the net, but wasn’t able to find a clear answer to the following questions:

1) Can betternet (a free VPN app I use on my iPhone) “see” my usernames and passwords? I don’t care so much that it’s tracking me anonymously, but I don’t want accounts to any sites to be tracked in any way. For example, I don’t care that it can see I’m on Facebook, but I do care if it sees my username and/or password

2) There’s a feature on the iPhone where I can toggle the VPN on/off. If it’s on the off setting, and the app is closed, can it still track me anonymously or “see” anything?

Thanks so much in advance for your help!

The first poster who answers the above questions with some evidence, proof, or logic of his claims will get the option between:

A) 200 fg sent directly to you
1000fg bet on an nba game of your choice, on the team of your choice with the spread. If the bet wins, you’ll get 500fg. If it loses, then I bear the cost and you get nothing.

1) The VPN can see all of your traffic to every website you see. You are sending all of the data to them to be relayed. However, if you're visiting websites which are secure (HTTPS) all of that traffic will be encrypted. That means if you're visiting Facebook, which is secure, they cannot see your username or passwords because a secure connection is established before any data is sent over the wire. However, there is one scenario where this is not true and that is if you installed a certificate onto your device for betternet. In that case it can decrypt your HTTPS sessions.
2) No it will not be able to see your traffic if it is closed AND the background process is terminated.

A plz

This post was edited by waraholic on May 25 2018 07:36am

Thank you!

Helpful, but a bit more info would be appreciated for a complete answer, as you’re describing any vpn and not specifically betternet.

Does betternet install that certificate? Is there a way I can check post installation? Also, what if I’m using the mail app? Can it see that?

Some apps are always running in the background, even though they don’t show up after double tapping home. How can I check what apps are running in the background?

I want no reward, but I'll share what I know:
-waraholic is correct, that as long as the site you are using has encryption (https) you are covered with your logins, whereas any plaintext logins through (http) should be considered compromised.
-I don't have I don't have or use an iPhone, but as far as tracking, it totally depends I would assume on what permissions the app has... Any app that you give permission to access your location/contacts/etc can use that information as they see fit, not necessarily as you would intend them to.
-The true proposition comes down to how much you care about your security/privacy... free vpn's don't provide their service out of the goodness of their heart, and you best believe they are reaping some benefits (whether it be from selling your information, earning money off of built in ad campaigns, or some other means of monetization) ... most of them you shouldn't even entrust to not disclose logs just because they say they won't

Only you can decide the task in which you are looking to perform and how much privacy/security you want that task to have... I honestly feel that free VPNs are not the way to go, unless you are just trying to mask something minor like something embarrassing (pr0n maybe?), and if you are just trying to use a vpn for pr0n, I think that pr0n hub is implementing free vpn service through PIA (Private Internet Access) which you may as well use for those purposes.

Again, a lot of this is based on use-case, but if you are asking jsp regarding this matter, you likely don't actually care about hardened security/privacy.

Goodluck!

Thanks sofakingdom!

The context is that I’ll be traveling to a country with some strict firewalls. I don’t want to change my internet consumption too much, and since it’s temporary I was looking at free VPNs. I don’t care that they can see where I go, they can sell that info if they want. I give them aggregate level anonymous data, they give me a vpn to use. Seems fair. I only care about the security of my various accounts and logins.

depending on where you are traveling to and the depth of their firewalls you may run into issues with the free vpns, just fyi... again it may depend on usage, but I believe most vpns have to regularly recycle ip addresses to enable things such as netflix and other streaming services, but this same level of care will likely be needed to subvert national firewalls. May be better off going with a paid vpn that isn't the most recommended (like 3-5 slot) and use a free trial and then cancel when you are done if you really don't want to pay the 1 month fee or whatever.

enjoy your travel and stay safe.

Betternet shouldn't be able to install that certificate without you approving it or manually installing it. You can follow these instructions to look at and remove certificates: https://www.imore.com/how-remove-root-certificates-your-iphone-or-ipad .
If you're using the VPN it will have access to everything you send including mail. If not, it should not be able to read sent mail.
Double tap the home screen should do it.
Depending on where you're traveling betternet won't work. It won't in China because they have the most sophisticated firewall.

Thanks. I didn’t see any profiles so I guess I’m good with the certificates. I do remember allowing betternet to set something up in the beginning...probably just the vpn itself?

Gold sent.

I want to add that if you have additional relevant and/or critical information regarding this issue, I’d be happy to also give a fg reward for it

A VPN should not be able to read usernames/passwords if you are using HTTPS. Those are encrypted between your web browser and the web server, so intermediate routers can not decrypt them. Any reputable site will require HTTPS for username/password fields.

If the VPN app is closed, I do not believe it will be able to "see" anything. There are some weird wonky situations where it could create a new network interface on your device and set it to default, but I doubt any modern mobile OS would allow that.