Last month, the Brazilian government shut down WhatsApp, effectively limiting the freedom of information to its citizens. Within a couple of days, 269,000 people turned to Hola, a popular VPN service, to continue using the messaging app despite the censorship.
WhatsApp had been accused by a local judge of refusing to communicate with a court in a criminal case. After not responding to the court request, the app was ordered to be blocked in Brazil for 48 hours by the telecommunications companies, until the order was overturned by a higher judge 12 hours later.
While many Brazilians downloaded alternative messaging apps, such as Telegram, others preferred to rely on VPN services to continue their WhatsApp service. Most VPNs cost between five to ten dollars a month. In a country as Brazil, where the average monthly wage is $778, a VPN approaches 1% of monthly family income, a disproportionate amount of money to spend on such service. VPNs are so expensive because they need to pay for the costly servers through which their users’ traffic pass, and they ought to make a profit from it, as well.
The reason why hundreds of thousands turned to Hola is probably that the service is free of charge.
Hola’s peer-to-peer (P2P) nature, in fact, does not rely on any server, so there is no underlying cost of service. Its users surf the internet anonymously by securely routing through other users’ computers when these are not in use. Hola is free for non-commercial use only — in the meanwhile, Hola profits from Luminati, the same proxy service offered to businesses for commercial use. This enables Hola to provide the non-commercial service free of charge.
Such practice didn’t present any issues, until May 2015, when a group of hackers found a series of vulnerabilities in the system, which they exposed on a website called “Adios, Hola!” Multiple media outlets covered the event, claiming Hola was an unsafe solution for VPN users.
Users were urged to uninstall the service. A Twitter user shared, “I just saw the news about Hola and had to uninstall it I’m so sad now but what can you do.” See tweet
Founder Ofer Vilenski released a statement assuring that the vulnerabilities found in the system had been promptly fixed. Shortly after, the company launched a bug bounty program, offering rewards to hackers who could find and report bugs in the application.
“Hola became popular so quickly that as we were busy making the technology scalable we had some security oversights on the way,” said Vilenski. In the statement, he wrote: “We have since done internal and external security audits, overhauled our security and our internal processes. We have not seen a similar event since, but remain vigilant.”
Months after the event, Twitter users went back to sharing how useful the service is.
Since its launch in 2008, the service has been used by 60 million people in multiple countries to democratize the Web. In March 2014, for instance, surfers located in Turkey installed Hola to access popular social networks Facebook, Twitter, and YouTube, blocked by the government after allegations of corruption.