Ever since reporting earlier this year on how easy it is to trick an agentic browser, I've been following the intersections between modern AI and old-school scams. Now, there's a new convergence on the horizon: hackers are apparently using AI prompts to seed Google search results with dangerous commands. When executed by unknowing users, these commands prompt computers to give the hackers the access they need to install malware.
The warning comes by way of a recent report from detection-and-response firm Huntress. Here's how it works. First, the threat actor has a conversation with an AI assistant about a common search term, during which they prompt the AI to suggest pasting a certain command into a computer's terminal. They make the chat publicly visible and pay to boost it on Google. From then on, whenever someone searches for the term, the malicious instructions will show up high on the first page of results.
Huntress ran tests on both ChatGPT and Grok after discovering that a Mac-targeting data exfiltration attack called AMOS had originated from a simple Google search. The user of the infected device had searched "clear disk space on Mac," clicked a sponsored ChatGPT link and — lacking the training to see that the advice was hostile — executed the command. This let the attackers install the AMOS malware. The testers discovered that both chatbots replicated the attack vector.
As Huntress points out, the evil genius of this attack is that it bypasses almost all the traditional red flags we've been taught to look for. The victim doesn't have to download a file, install a suspicious executable or even click a shady link. The only things they have to trust are Google and ChatGPT, which they've either used before or heard about nonstop for the last several years. They're primed to trust what those sources tell them. Even worse, while the link to the ChatGPT conversation has since been taken off Google, it was up for at least half a day after Huntress published their blog post.
This news comes at a time that's already fraught for both AIs. Grok has been getting dunked on for sucking up to Elon Musk in despicable ways, while ChatGPT creator OpenAI has been falling behind the competition. It's not yet clear if the attack can be replicated with other chatbots, but for now, I strongly recommend using caution. Alongside your other common-sense cybersecurity steps, make sure to never paste anything into your command terminal or your browser URL bar if you aren't certain of what it will do.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/hackers-tricked-chatgpt-grok-and-google-into-helping-them-install-malware-185711492.html?src=rss
ExpressVPN, one of the best VPNs, is launching two brand-new features that sound confusingly like things it already does. Users on Android, Mac and iOS (but apparently not Windows, Linux or smart TVs) can now use Fastest Location to automatically pick the VPN server with the fastest download speed and lowest latency. Mac users are also getting an overhauled ExpressVPN app designed to work natively with MacOS.
If you've used ExpressVPN before, your first reaction probably went something like "Wait, didn't it already have a Fastest Location button and a Mac app?" You're not wrong, but there's still a meaningful difference with these new features. In the past, ExpressVPN didn't technically pick the fastestlocation, but the Smart Location, which picks the best available server using "metrics such as download speed, latency, and distance" (emphasis mine). Those are the same metrics as the new feature, but the such as makes me think there are, or were, other ingredients in the "smart location" algorithm.
My guess is that ExpressVPN is rebranding "smart" to "fastest" in response to customer complaints that "smart" was picking sub-optimal server locations. That's not a behavior I noticed when I last reviewed ExpressVPN — the smart location was always plenty fast for me — but I'm just one user. Only testing can show whether they actually changed the algorithm or just the name.
The new Mac app is a more straightforward upgrade. While ExpressVPN has always had a client for Mac, it's thus far been a port of an app originally developed for iPad. This makes its otherwise-excellent interface feel a bit like, well, a phone app you use on your desktop. In contrast, the new app was built using Project Catalyst, which lets Mac developers turn their iOS apps into desktop-native software. The new interface looks a lot richer, using the screen space a lot like Proton VPN does. And being more like Proton VPN is rarely a bad thing.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/expressvpn-adds-a-fastest-location-button-and-launches-a-new-native-mac-app-205837728.html?src=rss
Engadget staffers love our hardware, from high-end gaming headsets to powerful heaters to the fabric shaver you never knew you needed. Cyber Monday has brought discounts to many of those things. I'm going a different route, though, since I'm a little too dreamy for most physical appliances. The deal I'm most interested in is on an app that ensures online peace of mind with little intervention — so it's perfect for me.
I'm talking about DeleteMe, which lets you reclaim some of your privacy while sharply reducing the amount of spam you receive on every channel. Through December 5, it's offering 30 percent off all subscriptions with the coupon code BFCM30OFF25.
Chances are you've seen at least one public-facing "people search" site. You know the ones: they usually have names like 411.info or Find.people, and scrape technically public info like your address, phone number and other contact information. If you search your own name, it's hard to avoid immediately running to the kitchen to make yourself a tinfoil hat.
The most annoying thing is that these "data broker" sites are legal to run and use, but that's also their biggest weakness. To operate in the open, brokers have to include an option to remove yourself from their database. Most of them make it as aggravating and time-consuming as possible, but the possibility is there.
That's where DeleteMe comes in. All you have to do is sign up and enter all the data you want removed from brokerage sites. DeleteMe handles the rest. It searches for your information on people database sites, automatically sends opt-out requests, bugs the broker if they don't comply quickly enough and gives you a weekly report on how it's doing. You do have to be OK with DeleteMe itself having your data, but I trust them way more than the randos over at violate.privacy.
It's so much faster than handling all the opt-out requests yourself, which — if you've ever tried it — rapidly becomes a full-time job. Since I've been using DeleteMe, I almost never get spam calls or texts anymore, except in short bursts before its crawlers catch my name on another site. And yes, it doesn't work on shady data brokers who don't follow the rules, but it's still a massive reduction of your online footprint.
The only problem is that it's pretty expensive, so I strongly recommend jumping on this Cyber Monday deal. A few months on DeleteMe should be long enough for you to see if it reduces spam for you — and I'm betting it will.
This article originally appeared on Engadget at https://www.engadget.com/deals/deleteme-is-30-percent-off-for-cyber-monday--and-its-the-most-effective-anti-spam-tool-ive-ever-used-203041958.html?src=rss
If you've ever wanted to hear the drummer coughing on your favorite songs or the actors chewing in your favorite shows, Cyber Monday is the time to upgrade your audio. Some of the best speakers our audiophiles have ever tested are down to as low as we've seen them all year, or ever, in the case of some older models.
The deals on this list range across brands, with offerings from Ultimate Ears, Bose, Beats and more, plus Sonos and Amazon Echo smart speakers and soundbars from Sony and JBL. We've been curating it all month and this is the final result — and your last chance to get ahold of most of the best deals. Some of them may last through the week, but we can't always predict which ones, so don't sleep if there's a speaker you're eyeing.
Best Cyber Monday speaker deals under $50
Anker Soundcore 2 for $29 (35 percent off): It's incredibly rare to see a full-size Bluetooth speaker selling this cheaply in 2025, especially one we'd actually recommend using. The Soundcore 2 is Anker's latest audio effort, getting you 24 hours of battery and 12 watts of output, with bass ports designed to heavily boost the low ranges. It all works through a simple set of highly visible and tactile buttons on top of the speaker box.
JBL Go 3 for $30 (25 percent off): The Go 3 is JBL's most affordable bluetooth speaker, but it comes with the same IP67-rated ruggedness as the more expensive models. It's waterproof, dustproof, lasts for five hours and can easily clip onto a bag, bike or belt. It also sounds good and comes in lots of different colors. In short, no matter how long the adventure or where it's going, the Go 3 can probably get there with you.
JBL Go 4 for $40 (20 percent off): You might expect a speaker as small and portable as the Go 4 to sound tinny at the higher frequencies and weak at the lower ones, but JBL has worked its magic to make this model sound great at both ranges. Weighing less than half a pound, made partly from recycled materials and including a convenient carabiner hoop, this is one of our favorite speakers to take on treks.
Best Cyber Monday speaker deals for $50 to $100
Ultimate Ears Wonderbook 4 for $60 (40 percent off): The Wonderboom 4 is the little barrel that could, an adorable 1.2-pound portable bluetooth speaker that stays charged for 14 hours and keeps on playing after a five-foot drop. Outdoor Mode is a standout feature, amplifying the higher frequencies so you can hear from farther away. There's even a USB charger so your other devices can take advantage of that long battery life.
Tribit StormBox Micro 2 for $53 (24 percent off): The StormBox Micro 2 gets you the two things you need out of a portable speaker — it's light (weighing about a pound), and it's loud. Tribit hasn't changed the game on portable sound quality here, but with this on your bike or in your backyard, you'll be having so much fun you won't care. And the fact that you only spent 50 bucks will definitely help your mood.
Roku Streambar SE for $75 (25 percent off): This is the least you'll pay for a worthwhile soundbar this Cyber Monday season. We had a great experience with the Roku Streambar in our hands-on review, finding it to be compact and affordable while blowing built-in TV speakers out of the water. If you're looking to make an upgrade, this is the best economy choice, especially if you're already a Roku user.
JBL Flip 5 for $80 (20 percent off): We've loved almost every entry in the JBL Flip line (you'll see the Flip 7 highlighted in the next section). While the Flip 5 is a bit dated at this point, it's still extremely solid. The battery lasts for 12 hours, it's IPX7 waterproof and it weighs about 1.2 pounds so you can take it anywhere. The sound quality is as consistently high as we've come to expect from JBL, though it does have the standard limitations of a portable unit.
Marshall Emberton II for $90 (50 percent off): We're huge fans of the Emberton II, Marshall's affordable new-age retro speaker. It looks great, but it's much more than a visual throwback, featuring 360-degree sound, IP67 proofing and 30 hours of battery life. Since the deal cuts the price in half, you can even by two and chain them together for a surround sound setup.
Bose SoundLink Micro for $99 (17 percent off): If the Home isn't small or cheap enough for you, Bose has gone even smaller and cheaper with the SoundLink Micro, a tiny, portable speaker in the vein of the JBL Clip. It's waterproof, dustproof and surprisingly good at taking hits, all while staying charged for around six hours. The sound quality isn't intense, but it's cleaner than it has any right to be.
Beats Pill for $100 (33 percent off): Beats jumping back into portable bluetooth was one of the happiest surprises of 2024. As we noted in our full review at the time, the Beats Pill isn't content to coast on its brand name or luxurious design. Its re-engineering speaker improves volume while reducing distortion, it can survive dropping into three feet of water and it even works extremely well as a speakerphone. We found that mid-to-high range music showcases its potential best, though the bass also hits hard.
Best Cyber Monday speaker deals for $100 to $200
Bose SoundLink Flex for $119 (20 percent off): Of all the Bose on this list, the SoundLink Flex may be the most balanced, much cheaper than the Home and a lot more powerful than the Micro. Other speakers may be louder, but few have such good range; we've yet to find a track that sounds muddy or tinny coming through the Flex's speakers. The design is also outdoor-friendly, with a light-but-tough exterior and 30-foot bluetooth range.
JBL Charge 6 for $130 (35 percent off): It's a little more expensive than the Flip line, but the extra cost of the Charge 6 pays off — it boasts almost twice the battery life of the Flip 7, with the same convenient design, built-in USB-C charger and wide sound range. If you're looking for a speaker that balances sturdiness with portability and will last you a while, the Charge 6 is a very good investment. (Take note that only some colors are discounted.)
Bose SoundLink Home for $179 (18 percent off): The SoundLink Home is small for a high-quality speaker, but it packs everything it needs into two pounds and about 10 square inches. Nothing about the sound is diminished thanks to two passive radiators. Though we haven't gotten to test it directly, given Bose's record with other compact speakers like the Flex, we're confident it'll be loud enough to satisfy anyone.
Sony ULT Field 5 for $198 (43 percent off): Sony's recently rebranded ULT lineup has impressed us so far, especially their 90s-style bass boost buttons. The ULT Field 5 is a pretty traditional bluetooth speaker with a ton of options, including Party Connect to link multiple speakers together, a 10-band equalizer for finding the exact sound balance you want and even a shoulder strap that makes it way more portable.
Bose TV Speaker soundbar for $199 (29 percent off): Bose's entry into the world of soundbars does not disappoint. For a price lower than some Bluetooth speakers, you'll get a compact two-foot speaker bar that amplifies dialogue while conjuring a balanced, realistic soundscape from any movie or show. It's suitable for audio neophytes, too, with no complex adjustments necessary — just plug in the HDMI and start watching.
Sonos Era 100 for $200 (9 percent off): Two years after launch, the Era 100 is still a smart speaker more than worth your time. It's sleek and simply designed, making it clear Sonos's engineers put their work into sound quality and features rather than just looking the part. Touch controls have never worked better, and setup takes five minutes, though you will have to use the Sonos app. Once you start playing music, the Era 100 can get as loud as you like, while never sacrificing audio quality.
Samsung HW-B650/ZA 3.1 Channel Soundbar for $200 (50 percent off): Samsung's mid-range soundbar is pretty simple, but it does what it needs to do: pump out Dolby 3.1 with enough volume and range to make you forget you aren't in a movie theater. It's versatile, improving both music and dialogue, and keeps everything balanced. The only real drawback is that it lacks wireless connection options other than bluetooth.
Best Cyber Monday speaker deals over $200
JBL Xtreme 4 for $280 (26 percent off): Xtreme is the largest and highest-end that JBL goes, and the Xtreme 4 is a luminary of the line. At 4.6 pounds, it's on the outside edge of portability, but that weight means it puts out appropriately heavy bass, along with clear treble. It's fully weatherproof and — unless it's in a completely open space — can get loud enough that all your party guests will enjoy the full effect.
Bose SoundLink Max for $279 (30 percent off): The SoundLink Max, Bose's biggest speaker that isn't a soundbar, is more affordable for Cyber Monday than we've seen for a while. Frankly, it's worth more than this, with two radiators and three transducers that make it sound larger than it is. Indoors or outdoors, it's great for anyone who wants to be able to pick out individual elements of their favorite music.
Marshall Acton III for $285 (5 percent off): The Acton III is one of the speakers Marshall redesigned and updated in 2022, and it still sounds great today (and looks it too). It's less portable at 6.3 pounds, but can hit high volumes with little or no distortion. The upgrade angled Acton III's tweeters outward so the soundscape is wider, making this one speaker very capable of filling a room with sound on its own.
Marshall Stanmore III for $299 (21 percent off): The Stanmore III is the top-tier Marshall discount of the year, giving you the best of Marshall's 2022 redesign. It's got the same widened soundscape as the Acton III, with an additional 5Hz on the low end and an RCA input alongside its 3.5mm aux input. This retro-designed speaker also features bluetooth, pair play and a construction with 70 percent recycled plastic.
Sony Bravia Theater Bar 8 for $798 (20 percent off): In our review of the Bravia 6 this year, we called out its full sound and special talent for enhancing dialogue, but were frustrated that it didn't support AirPlay or Spotify Connect. The Bravia 8 works with both services, making it a clear choice for your next premium soundbar. It's got a tight, low-footprint design that fits any aesthetic, and hits a maximum output power of 495 watts.
JBL Bar 1300XMK2 for $1,200 (29 percent off): If you're going to drop $1200 on a soundbar, you need to know it's going to deliver — and the 1300XMK2 does. Its key design element is two detachable speakers that recharge when plugged into the main unit, but can spend up to 10 hours unplugged. The audioscape does an excellent job of separating and clarifying details, which really enhances the sense of a theatrical experience.
This article originally appeared on Engadget at https://www.engadget.com/deals/cyber-monday-speaker-deals-for-2025-are-still-available-save-up-to-50-percent-on-bluetooth-speakers-smart-speakers-and-soundbars-213017218.html?src=rss
A lot of people think Cyber Monday subscriptions are just about streaming, but that's not true. Although there are some incredible discounts to be had on the likes of Stars (Outlander and Spartacus) and Paramount+ (Yellowjackets and Star Trek), there's more to the story. We've also found great deals on exciting learning platforms like MasterClass and Rosetta Stone, cord-cutting services like DirecTV and Fubo and useful privacy services like Proton VPN and ExpressVPN. Read on to see which deals are still active.
Best Cyber Monday streaming deals
Paramount+ (2 months) for $6 ($20 off): Paramount+ is doing its Cyber Monday deal a little differently. Instead of a reasonably cheap long-term plan, you get an incredibly cheap short-term deal — two months for less than a Starbucks run costs these days. That's more than enough time to binge Yellowjackets, Dexter: Resurrection or Star Trek: Lower Decks, along with weeks of NFL games through CBS Sports.
Fubo Pro (first month) for $55 (35 percent off): Fubo is the live TV service that helps sports lovers cut the cord. When you sign up, it asks you your favorite teams, then automatically records every game they play. Fubo Pro includes 249 channels, covering everything from your local NFL and NBA networks to real ESPN8 (The Ocho) content like PowerSports World. There are even plenty of non-sports channels, and with 10 allowed screens per subscription, your whole family can enjoy the selection at once.
DirectTV (first month) for $50 (44 percent off): If you're a cord-cutter with a more general taste in TV, DirectTV is the perfect way for you to keep enjoying live channels without cable. This deal only applies for your first month, but it's great for seeing if DirectTV will work for you long-term. Better yet, any DirectTV subscription also comes with free access to Disney+, Hulu and ESPN Unlimited.
Walmart+ (one year) for $49 (50 percent off): No, Walmart hasn't started its own streaming platform, but it would probably have some pretty great drama. What you do get with Walmart+ is free shipping on carts over $35, exclusive deals, drone delivery in some cities and more. And if you did come here for streaming, Walmart+ also comes with your choice of Peacock Premium of Paramount+ Essential (we recommend Peacock Premium because it's more expensive on its own).
Best Cyber Monday subscription deals
Audible (three months) for $3 (80 percent off): For literally $1 per month, you can get access to Audible's enormous library of published audiobooks, podcasts and Audible Originals (which can be anything from never-before-heard books to live performances). It's only three months, after which you'll have to cancel or renew at the regular price, but an audiobook lover can cram a lot of listening into the 90 days after Cyber Monday.
Quicken Simplifi (one year) for $36 (50 percent off): We named Quicken Simplifi the best budgeting app this year because (true to its name) it's the cleanest budgeting app on the market, with an interface designed to welcome newcomers and no key information more than a scroll away. It's also cheap, especially with this Cyber Monday deal, and very good at detecting and categorizing your important transactions.
Rosetta Stone Lifetime Unlimited subscription for $149 (60 percent off): Rosetta Stone was pioneering visual language courses back when software still came in boxes, and it's still one of the best language learning apps. Today, its method works as well as ever, with patient learning based on pictures, terms and recordings. This deal gets you a full lifetime subscription with access to all 25 languages in the library.
Medium (one year) for $40 (20 percent off): Medium is a social site designed as the anti-Twitter, featuring deep thoughts and long-form essays from great writers. Not all its best work is locked behind a paywall, but a lot of it is — and we've all had the feeling of being frustrated that we can't read the latest drop from a thinker we really respect. This deal isn't a very big cut, but it is a noticeable savings over the monthly plan, which will cost you a full $120 for the same length of time ($150 without the discount).
Headspace (one year) for $35 (50 percent off): Out of all the meditation apps available, Headspace is our favorite. It doesn't just help you relax and de-stress, but also teaches you to practice meditation as a skill, with sessions building on each other in organized courses. There's a massive library of standalone guided meditations with all kinds of instructors, and it's easy to search for the ones that work best for you. This deal gives you half off a full year.
Calm Premium (one year) for $40 (50 percent off): Once you've finished your Headspace meditation, head over to Calm for every other stress-relieving activity you can think of. This subscription lets you relax amid a massive content library, from music and restful soundscapes to "sleep stories" with celebrity narrators telling bedtime stories for children and adults alike. If you've ever wanted to be lulled to sleep by Jonathan Bailey, Matthew McConaughey or Idris Elba, this app is for you.
AdGuard personal (lifetime) for $44 (45 percent off): AdGuard was recently in the news for automatically blocking Microsoft's Recall AI surveillance app, which is a great indication of its mission — it fights threats to your privacy, no matter where they come from. This lifetime subscription blocks all annoying third-party ads and trackers on any website while keeping its functionality otherwise unchanged, so everything loads faster and easier.
LastPass Premium (one year) for $18 (50 percent off): LastPass is another great password manager. We briefly stopped recommending it after a couple of data breaches early last year, but it's patched up its security and seems to be firing on all cylinders again. Whether it suits you better than 1Password will come down to personal preference, but LastPass's deal is slightly better this year.
Adobe Creative Cloud (one year) for $389 (50 percent off): Adobe Creative Cloud is half off for one year right now, coming out to $389 for one year when you pay upfront. (There's a discounted $35 monthly rate as well, working out to $420 for the year.) Creative Cloud is Adobe's most comprehensive design package, including InDesign, Illustrator, Photoshop, Premiere and over 20 other apps. Whip up a website with Dreamweaver, paint on a digital canvas with Fresco or edit photos in Lightroom. It's a pretty steep cost for an individual, but puts a one-year subscription well within reach of a creative business.
The Wall Street Journal (one year) for $12 (90 percent off): Let's get really old-school for a moment. If you want to add some classic journalism to your diet (and you're OK with ignoring a right-leaning opinion page), one of America's "papers of record" is cutting annual subscription costs by 90 percent. That's enough to get you financial, US and world news all the way to the next Cyber Monday, when they'll probably do this again. Infinite money glitch!
Best VPN deals for Cyber Monday
ExpressVPN Basic (28 months) for $97.72 (73 percent off): ExpressVPN may be the most user-friendly VPN for sale right now, with fast download speeds (only 7 percent losses in our last test), quick connections and apps designed to stay out of your way. It's not the most feature-rich, but it excels at any bread-and-butter VPN task, staying leak-free and unblocking Netflix everywhere. You also get access to server locations in 105 countries. It also basically never drops the price this low, so if you're at all interested, now's the time to board the Express train.
Surfshark Starter (27 months) for $53.73 (87 percent off): According to the tests we ran for our latest review, Surfshark is the fastest VPN right now, with its download speeds, upload speeds and latencies all beating out competitors. It has more to offer beyond speed, too, as it's able to constantly rotate your IP address and generate double VPN paths between any two servers you choose.
NordVPN Basic (27 months) for $80.73 (74 percent off): NordVPN got very positive marks in our last review, where we called out its fast internet speeds, wide network of server locations and selection of exclusive features. It comes with a range of dedicated servers for obfuscation, onion routing, torrenting and more. Plus, it's one of the first VPNs getting a jump on post-quantum encryption.
CyberGhost VPN (28 months) for $56.94 (84 percent off): CyberGhost is always cheap — in fact, we named it the best budget VPN — but it's never behaved like an economy option. Its Smart Rules automation controls are the deepest in the industry, and its server network reaches 100 countries. Speeds are also quite good, though connections occasionally take a moment to establish.
Private Internet Access VPN (40 months) for $79.20 (83 percent off): Although we weren't wholly positive about Private Internet Access (PIA VPN) in our recent review, we can't deny it's a worthwhile choice for an affordable VPN. Although speeds can fluctuate, it comes with lots of desirable features on all platforms, like port forwarding (which makes torrents more stable) and two kinds of split tunneling.
This article originally appeared on Engadget at https://www.engadget.com/deals/cyber-monday-subscription-and-streaming-deals-you-can-still-get-big-discounts-on-starz-masterclass-headspace-and-more-174507557.html?src=rss
If you've ever wanted to know what you're missing in your favorite songs and shows, now is the time to upgrade: Black Friday and Cyber Monday have some of the best speakers on the market down to their lowest prices of the year. We've dug up savings on everything from tiny portable speakers like the JBL Go 3 to behemoths like the UE Hyperboom, not to mention soundbars and smart speakers. Everything on the list is an investment you won't regret if you ever listen to anything digital — those who can afford to hire a string quartet for their kitchen can keep scrolling.
Best Black Friday speaker deals under $50
Amazon Echo Pop for $22 (45 percent off): If you're excited about the more conversational and capable Alexa+ but have been holding off for budget reasons, breathe a sigh of relief. The latest Echo Pop is Amazon's smallest, cheapest smart speaker that still comes with Alexa+ early access. It may not fill a whole house, but it's great for listening to music or podcasts in a bedroom, office or small kitchen.
Anker Soundcore 2 for $28 (38 percent off): This is the absolute cheapest you'll probably see a full-size Bluetooth speaker go for in 2025 — the Soundcore 2, the latest effort by Anker to expand from charging components into portable audio. This model gets you 24 hours of battery and 12 watts of output, with bass ports designed to heavily boost the low ranges. It all works through a simple set of highly visible and tactile buttons on top of the speaker box.
JBL Go 3 for $30 (25 percent off): The Go 3 is JBL's most affordable bluetooth speaker, but it comes with the same IP67-rated ruggedness as the more expensive models. It's waterproof, dustproof, lasts for five hours and can easily clip onto a bag, bike or belt. It also sounds good and comes in lots of different colors.
Amazon Echo Dot 5th Gen for $32 (36 percent off): The fifth-generation Echo Dot is cheaper than ever, and it was already the best smart speaker under $50. Its genius spherical design lets it pack a lot of audio into a compact space, and it can be controlled with both hands-free Alexa commands and on-device buttons. The latest release comes with early access to the Alexa+ AI upgrade.
JBL Go 4 for $40 (20 percent off): You might expect a speaker as small and portable as the Go 4 to sound tinny at the higher frequencies and weak at the lower ones, but JBL has worked its magic to make this model sound great at both ranges. Weighing less than half a pound, made partly from recycled materials and including a convenient carabiner hoop, this is one of our favorite speakers to take on treks.
Tribit StormBox Micro 2 for $50 (29 percent off): The StormBox Micro 2 gets you the two things you need out of a portable speaker — it's light (weighing about a pound), and it's loud. Tribit hasn't changed the game on portable sound quality here, but with this on your bike or in your backyard, you'll be having so much fun you won't care. And the fact that you only spent 50 bucks will definitely help your mood.
Amazon Echo Spot for $50 (38 percent off): The Echo Spot looks like an Echo Dot sawed in half, which is a surprisingly effective design. It's designed to work best as a bedside alarm clock, but you can customize the screen to show things other than time, including a weather forecast, smart home controls or the current song on your playlist. It's Alexa-capable, and like the latest Echo Dot, will let you give Alexa+ AI a try.
Best Black Friday speaker deals for $50 to $100
Roku Streambar SE for $75 (25 percent off): This is the least you'll pay for a worthwhile soundbar this Black Friday season. We had a great experience with the Roku Streambar in our hands-on review, finding it to be compact and affordable while blowing built-in TV speakers out of the water. If you're looking to make an upgrade, this is the best economy choice, especially if you're already a Roku user.
JBL Flip 5 for $80 (20 percent off): We've loved almost every entry in the JBL Flip line (you'll see the Flip 7 highlighted in the next section). While the Flip 5 is a bit dated at this point, it's still extremely solid. The battery lasts for 12 hours, it's IPX7 waterproof and it weighs about 1.2 pounds so you can take it anywhere. The sound quality is as consistently high as we've come to expect from JBL, though it does have the standard limitations of a portable unit.
Amazon Fire TV Soundbar for $85 (29 percent off): Amazon's soundbar supports Dolby surround sound, works straightforwardly through a single HDMI cable and can be upgraded with an optional Alexa voice assistant. It works with more than just Amazon products, too, being compatible with all smart TVs. It's even capable of pulling double duty as a bluetooth speaker.
Marshall Emberton II for $90 (50 percent off): We're huge fans of the Emberton II, Marshall's affordable new-age retro speaker. It looks great, but it's much more than a visual throwback, featuring 360-degree sound, IP67 proofing and 30 hours of battery life. Since the deal cuts the price in half, you can even by two and chain them together for a surround sound setup.
Amazon Echo Dot Max for $90 (10 percent off): The Echo Dot Max just dropped this month, and our reaction was mixed, but there's no denying the leaps forward in this brand-new addition. Not only does it feature better sound than the vanilla Echo Dot, but Alexa+ makes is a much more equal conversation partner. The Echo Dot Max features a similar spherical design to the Dot, but with forward-facing physical buttons on the surface of the sphere.
Bose SoundLink Micro for $99 (17 percent off): If the Home isn't small or cheap enough for you, Bose has gone even smaller and cheaper with the SoundLink Micro, a tiny, portable speaker in the vein of the JBL Clip. It's waterproof, dustproof and surprisingly good at taking hits, all while staying charged for around six hours. The sound quality isn't intense, but it's cleaner than it has any right to be.
Beats Pill for $100 (33 percent off): Beats jumping back into portable bluetooth was one of the happiest surprises of 2024. As we noted in our full review at the time, the Beats Pill isn't content to coast on its brand name or luxurious design. Its re-engineering speaker improves volume while reducing distortion, it can survive dropping into three feet of water and it even works extremely well as a speakerphone. We found that mid-to-high range music showcases its potential best, though the bass also hits hard.
Best Black Friday speaker deals for $100 to $200
Bose SoundLink Flex for $119 (20 percent off): Of all the Bose on this list, the SoundLink Flex may be the most balanced, much cheaper than the Home and a lot more powerful than the Micro. Other speakers may be louder, but few have such good range; we've yet to find a track that sounds muddy or tinny coming through the Flex's speakers. The design is also outdoor-friendly, with a light-but-tough exterior and 30-foot bluetooth range.
JBL Charge 6 for $130 (35 percent off): It's a little more expensive than the Flip line, but the extra cost of the Charge 6 pays off — it boasts almost twice the battery life of the Flip 7, with the same convenient design, built-in USB-C charger and wide sound range. If you're looking for a speaker that balances sturdiness with portability and will last you a while, the Charge 6 is a very good investment.
Ultimate Ears Megaboom 4 for $150 (25 percent off): The UE Megaboom line is venerable at this point, dropping first in 2015, but its fourth iteration still tops our audiophile lists. It puts out 360-degree sound with an emphasis on bass, can work up to 147 feet away from the music source, and literally floats in water (though you probably shouldn't leave it in the pool all night). It can even pair with any other UE speaker through PartyUp — combining it with a couple of Wonderbooms pays off in spades.
Sonos Era 100 for $169 (15 percent off): Two years after launch, the Era 100 is still a smart speaker more than worth your time. It's sleek and simply designed, making it clear Sonos's engineers put their work into sound quality and features rather than just looking the part. Touch controls have never worked better, and setup takes five minutes, though you will have to use the Sonos app. Once you start playing music, the Era 100 can get as loud as you like, while never sacrificing audio quality.
Bose SoundLink Home for $179 (18 percent off): The SoundLink Home is small for a high-quality speaker, but it packs everything it needs into two pounds and about 10 square inches. Nothing about the sound is diminished thanks to two passive radiators. Though we haven't gotten to test it directly, given Bose's record with other compact speakers like the Flex, we're confident it'll be loud enough to satisfy anyone.
Marshall Acton III for $180 (40 percent off): The Acton III is one of the speakers Marshall redesigned and updated in 2022, and it still sounds great today (and looks it too). It's less portable at 6.3 pounds, but can hit high volumes with little or no distortion. The upgrade angled Acton III's tweeters outward so the soundscape is wider, making this one speaker very capable of filling a room with sound on its own.
Sony ULT Field 5 for $195 (44 percent off): Sony's recently rebranded ULT lineup has impressed us so far, especially their 90s-style bass boost buttons. The ULT Field 5 is a pretty traditional bluetooth speaker with a ton of options, including Party Connect to link multiple speakers together, a 10-band equalizer for finding the exact sound balance you want and even a shoulder strap that makes it way more portable.
Bose TV Speaker soundbar for $199 (29 percent off): Bose's entry into the world of soundbars does not disappoint. For a price lower than some Bluetooth speakers, you'll get a compact two-foot speaker bar that amplifies dialogue while conjuring a balanced, realistic soundscape from any movie or show. It's suitable for audio neophytes, too, with no complex adjustments necessary — just plug in the HDMI and start watching.
Ultimate Ears Everboom for $200 (26 percent off): We gave the Everboom a full review when it first dropped last year, and found it stuck to the general Ultimate Ears plan — nothing earth-shattering in the audio quality, but rugged reliability and fantastic extra features. Everboom users can connect it to the UE Boom app, which lets you control the volume remotely, use the speaker as a megaphone to make announcements, import your playlists and pair Everbooms through the PartyUp chaining feature.
Best Black Friday speaker deals over $200
JBL Xtreme 4 for $280 (26 percent off): Xtreme is the largest and highest-end that JBL goes, and the Xtreme 4 is a luminary of the line. At 4.6 pounds, it's on the outside edge of portability, but that weight means it puts out appropriately heavy bass, along with clear treble. It's fully weatherproof and — unless it's in a completely open space — can get loud enough that all your party guests will enjoy the full effect.
Bose SoundLink Max for $299 (25 percent off): The SoundLink Max, Bose's biggest speaker that isn't a soundbar, is more affordable for Black Friday than we've seen for a while. Frankly, it's worth more than this, with two radiators and three transducers that make it sound larger than it is. Indoors or outdoors, it's great for anyone who wants to be able to pick out individual elements of their favorite music.
Sonos Era 300 for $378 (21 percent off): The Era 300 is Sonos's big (and largely successful) swing at a truly space-filling smart speaker, combining spatial audio with support for both Alexa and its own assistant. The Trueplay feature detects the environment around the speaker and adjusts its setup to reach every corner. Spatial audio can be hit-or-miss on older tracks, but it's transcendent with modern ones.
Sonos Move 2 for $399 (20 percent off): Move is Sonos's high-end portable smart speaker, with more heft, power and features than the smaller Roam line. With the Move 2, Sonos improved the Move's sound quality, boosted its battery life to well over 24 hours, jacked up the volume and redesigned the outer hardware for greater durability. It also works with both Alexa and the Sonos assistant, but it's more portable than the Era 300.
Sony Bravia Theater Bar 8 for $798 (20 percent off): In our review of the Bravia 6 this year, we called out its full sound and special talent for enhancing dialogue, but were frustrated that it didn't support AirPlay or Spotify Connect. The Bravia 8 works with both services, making it a clear choice for your next premium soundbar. It's got a tight, low-footprint design that fits any aesthetic, and hits a maximum output power of 495 watts.
Sonos Arc Ultra for $879 (20 percent off): The Sonos Arc Ultra is the best premium soundbar, bar none (pun intended). As we cover in our full review, it delivers full-throated bass without needing an extra sub, and has added more mid-range drivers and tweeters to make dialogue pop. Its software features are also solid, with Trueplay sound tuning, Speech Enhancement and a new Night Sound mode to tone down the boom for your roommates' sake.
JBL Bar 1300XMK2 for $1,200 (29 percent off): If you're going to drop $1200 on a soundbar, you need to know it's going to deliver — and the 1300XMK2 does. Its key design element is two detachable speakers that recharge when plugged into the main unit, but can spend up to 10 hours unplugged. The audioscape does an excellent job of separating and clarifying details, which really enhances the sense of a theatrical experience.
This article originally appeared on Engadget at https://www.engadget.com/deals/black-friday-speaker-deals-for-2025-are-still-live-save-up-to-50-percent-on-bluetooth-speakers-smart-speakers-and-soundbars-091904782.html?src=rss
We like our hardware here at Engadget, from high-end gaming headsets to powerful heaters to the fabric shaver you never knew you needed. For Black Friday, we've found great deals on all of it. However, since I ascended to the software plane years ago and now swim in the digital aetherium, my favorite product of the year is an app — and not even one you use yourself.
DeleteMe will boost your quality of life, no matter where you are or what you're doing, by sharply reducing the amount of spam you receive on every channel. From now until December 5, it's offering 30 percent off all subscriptions with the coupon code BFCM30OFF25.
Chances are you've seen at least one public-facing "people search" site. You know the ones: they usually have names like 411.info or Find.people, and you can type in a person's name and find all the info the site has been able to scrape on them. If you search your own name, it's hard to avoid immediately running to the kitchen to make yourself a tinfoil hat. The most annoying thing is that these "data broker" sites are perfectly legal to run and use.
However, that's also their Achilles' heel. If they want to operate in the open, brokers legally have to include a way for you to remove yourself from their database. Most of them make it as aggravating and time-consuming as possible, but the option is there.
That's where DeleteMe comes in. All you have to do is sign up and enter all the data you want removed from brokerage sites. DeleteMe handles the rest. It searches for your information on people database sites, automatically sends opt-out requests, bugs the broker if they don't comply quickly enough and gives you a weekly report on how it's doing. You do have to be OK with DeleteMe itself having your data, but I trust them way more than the randos over at violate.privacy.
It's so much faster than handling all the opt-out requests yourself, which — if you've ever tried it — rapidly becomes a full-time job. Since I've been using DeleteMe, I almost never get spam calls or texts anymore, except in short bursts before its crawlers catch my name on another site. And yes, it doesn't work on shady data brokers who don't follow the rules, but it's still a massive reduction of your online footprint.
The only problem is that it's pretty expensive, so I strongly recommend jumping on this Black Friday deal. A few months on DeleteMe should be long enough for you to see if it reduces spam for you — and I'm betting it will.
This article originally appeared on Engadget at https://www.engadget.com/deals/deleteme-is-30-percent-off-for-black-friday--and-its-the-most-effective-anti-spam-tool-ive-ever-used-190526056.html?src=rss
These days, Black Friday is the longest day of the year. We're only halfway through November, but amazing deals are already popping up for some of our favorite subscription services. This is a great time to lock in a long-term deal on a streaming platform, but there's even more to explore beyond that, from a big discount on Quicken (which you can use to chart all the money you're saving) and one of the best offers I've ever seen for DeleteMe (which cleans your personal data off the internet while you kick back with your new Amazon Prime Video subscription). We'll update this list for the rest of the month as new deals go live.
Best Black Friday subscription deals
Audible (three months) for $3 (80 percent off): For literally $1 per month, you can get access to Audible's enormous library of published audiobooks, podcasts and Audible Originals (which can be anything from never-before-heard books to live performances). It's only three months, after which you'll have to cancel or renew at the regular price, but an audiobibliophile can cram a lot of listening into the 90 days after Black Friday.
Monarch Money (one year) for $50 (50 percent off with code MONARCHVIP): Monarch Money, our other favorite budgeting app, is giving new users half off for Black Friday. It's a little more complex than Quicken Simplifi, but it also gives you finer-grained control, including detailed reporting, balance sheets and instant graphs. The standout goals feature lets you establish savings and wealth baselines that feel amazing when you hit them.
Quicken Simplifi (one year) for $36 (50 percent off): We named Quicken Simplifi the best budgeting app this year largely because it lives up to its name. This is the cleanest budgeting app on the market, with an interface designed to welcome newcomers and no key information more than a scroll away. It's also cheap, especially with this Black Friday deal, and very good at detecting and categorizing your important transactions.
Rosetta Stone Lifetime Unlimited subscription for $149 (60 percent off): Rosetta Stone was pioneering visual language courses back when software still came in boxes, and it's still one of the best language learning apps. Today, its method works as well as ever, with patient learning based on pictures, terms and recordings. This deal gets you a full lifetime subscription with access to all 25 languages in the library.
Medium (one year) for $40 (20 percent off): Medium is a social site designed as the anti-Twitter, featuring deep thoughts and long-form essays from great writers. Not all its best work is locked behind a paywall, but a lot of it is — and we've all had the feeling of being frustrated that we can't read the latest drop from a thinker we really respect. This deal isn't a very big cut, but it is a noticeable savings over the monthly plan, which will cost you a full $120 for the same length of time ($150 without the discount).
Headspace (one year) for $35 (50 percent off): Out of all the meditation apps available, Headspace is our favorite. It doesn't just help you relax and de-stress, but also teaches you to practice meditation as a skill, with sessions building on each other in organized courses. There's a massive library of standalone guided meditations with all kinds of instructors, and it's easy to search for the ones that work best for you. This deal gives you half off a full year.
Calm Premium (one year) for $40 (50 percent off): Once you've finished your Headspace meditation, head over to Calm for every other stress-relieving activity you can think of. This subscription lets you relax amid a massive content library, from music and restful soundscapes to "sleep stories" with celebrity narrators telling bedtime stories for children and adults alike. If you've ever wanted to be lulled to sleep by Jonathan Bailey, Matthew McConaughey or Idris Elba, this app is for you.
AdGuard personal (lifetime) for $44 (45 percent off): AdGuard was recently in the news for automatically blocking Microsoft's Recall AI surveillance app, which is a great indication of its mission — it fights threats to your privacy, no matter where they come from. This lifetime subscription blocks all annoying third-party ads and trackers on any website while keeping its functionality otherwise unchanged, so everything loads faster and easier.
LastPass Premium (one year) for $18 (50 percent off): LastPass is another great password manager. We briefly stopped recommending it after a couple of data breaches early last year, but it's patched up its security and seems to be firing on all cylinders again. Whether it suits you better than 1Password will come down to personal preference, but LastPass's deal is slightly better this year.
DeleteMe (all services) for 30 percent off with code BFCM30OFF25: DeleteMe scrubs your information from people search sites and other public-facing data brokers, dramatically reducing your online presence. It's a time-saving and user-friendly automation of a process that can be a real hassle without it. Since using it monthly, we've noticed a sharp decrease in the amount of spam emails, texts and calls to our personal addresses.
Adobe Creative Cloud (one year) for $389 (50 percent off): Adobe Creative Cloud is half off for one year right now, coming out to $389 for one year when you pay upfront. (There's a discounted $35 monthly rate as well, working out to $420 for the year.) Creative Cloud is Adobe's most comprehensive design package, including InDesign, Illustrator, Photoshop, Premiere and over 20 other apps. Whip up a website with Dreamweaver, paint on a digital canvas with Fresco or edit photos in Lightroom. It's a pretty steep cost for an individual, but puts a one-year subscription well within reach of a creative business.
Best Black Friday streaming deals
Disney+ and Hulu bundle with ads (one year) for $60 (61 percent off): Disney took its time announcing its Black Friday deal on the newly merging Disney+ and Hulu, but the wait was worth it. This steep discount saves you more than 60 percent over the regular monthly price. Just in time for family gatherings, you'll have free access to Encanto and Moana 2 for the kids, The Bear and Only Murders in the Building for the adults, and Marvel and Star Wars adventures for everybody.
Apple TV+ (6 months) for $36 ($42 off): Apple TV+ has another of the best Black Friday streaming deals this year, offering a six months of access for only $36, which comes out to only $6 per month. The deal is live now for new and returning subscribers. Through December 1, you've got a great chance to stream shows like Severance, Ted Lasso, The Morning Show and For All Mankind for less — just remember the deal only applies if you subscribe directly through Apple and not through a third-party service.
Starz (one year) for $12 ($58 off): Pay upfront for one year and you can get more than $50 off a Stars annual subscription. There's a month-to-month option too, which costs $3 per month for the first three months if you don't want to commit to the full year. Either option gives you access to the entire Starz TV and movie library, including Outlander and Spartacus, with offline viewing and no ads.
Paramount+ (2 months) for $6 ($20 off): Paramount+ is doing its Black Friday deal a little differently. Instead of a reasonably cheap long-term plan, you get an incredibly cheap short-term deal — two months for less than a Starbucks run costs these days. That's more than enough time to binge Yellowjackets, Dexter: Resurrection or Star Trek: Strange New Worlds, along with weeks of NFL games through CBS Sports.
Fubo Pro (first month) for $55 (35 percent off): Fubo is the live TV service that helps sports lovers cut the cord. When you sign up, it asks you your favorite teams, then automatically records every game they play. Fubo Pro includes 249 channels, covering everything from your local NFL and NBA networks to real ESPN8 (The Ocho) content like PowerSports World. There are even plenty of non-sports channels, and with 10 allowed screens per subscription, your whole family can enjoy the selection at once.
Plex (lifetime pass) for $150 (40 percent off): Plex offers personal media servers you can use to organize your digital collection — imagine your own curated Netflix homepage that nothing ever vanishes from. It's also a streaming platform in its own right, with movies and TV from all genres and eras. Plex did just raise its prices, so now's your chance to get a lifetime pass for close to what it used to cost.
Walmart+ (one year) for $49 (50 percent off): No, Walmart hasn't started its own streaming platform, but it would probably have some pretty great drama. What you do get with Walmart+ is free shipping on carts over $35, exclusive deals, drone delivery in some cities and more. And if you did come here for streaming, Walmart+ also comes with your choice of Peacock Premium of Paramount+ Essential (we recommend Peacock Premium because it's more expensive on its own).
Fox One (six months) for $20 (50 percent off): Fox One is the newest streaming service on this list, launching just this August. It provides access to everything in the Fox catalog, including its sports and entertainment TV. Six months for $20 isn't quite as good a deal as Paramount+ is giving out, but it may still be a bargain if you're worried about losing Fox channels from your YouTube TV subscription.
Best VPN deals for Black Friday
ExpressVPN Basic (28 months) for $68.40 (81 percent off): ExpressVPN may be the most user-friendly VPN for sale right now, with fast download speeds (only 7 percent losses in our last test), quick connections and apps designed to stay out of your way. It's not the most feature-rich, but it excels at any bread-and-butter VPN task, staying leak-free and unblocking Netflix everywhere. You also get access to server locations in 105 countries. It also basically never drops the price this low, so if you're at all interested, now's the time to board the Express train.
Surfshark Starter (27 months) for $53.73 (87 percent off): According to the tests we ran for our latest review, Surfshark is the fastest VPN right now, with its download speeds, upload speeds and latencies all beating out competitors. It has more to offer beyond speed, too, as it's able to constantly rotate your IP address and generate double VPN paths between any two servers you choose.
NordVPN Basic (27 months) for $80.73 (74 percent off): NordVPN got very positive marks in our last review, where we called out its fast internet speeds, wide network of server locations and selection of exclusive features. It comes with a range of dedicated servers for obfuscation, onion routing, torrenting and more. Plus, it's one of the first VPNs getting a jump on post-quantum encryption.
CyberGhost VPN (28 months) for $56.84 (84 percent off): CyberGhost is always cheap — in fact, we named it the best budget VPN — but it's never behaved like an economy option. Its Smart Rules automation controls are the deepest in the industry, and its server network reaches 100 countries. Speeds are also quite good, though connections occasionally take a moment to establish.
hide.me VPN (26 months) for $99.95 (61 percent off): hide.me is currently our favorite free VPN, but its paid upgrade is just as competitive. The best thing about this deal is that you're guaranteed to get renewed at the same price and duration, which isn't always certain, even with otherwise reliable VPNs. hide.me gives you servers in 91 locations, all of them rated for up to a gigabyte of traffic per second.
Private Internet Access VPN (40 months) for $79.20 (83 percent off): Although we weren't wholly positive about Private Internet Access (PIA VPN) in our recent review, we can't deny it's a worthwhile choice for an affordable VPN. Although speeds can fluctuate, it comes with lots of desirable features on all platforms, like port forwarding (which makes torrents more stable) and two kinds of split tunneling.
This article originally appeared on Engadget at https://www.engadget.com/deals/black-friday-subscription-and-streaming-deals-you-can-still-get-today-discounts-on-apple-tv-hbo-max-disney-proton-vpn-and-more-180000005.html?src=rss
A VPN, or virtual private network, is a tool you can use to protect your identity online, change your virtual location, evade censorship, check out foreign streaming services and more. They mostly take the form of commercially available subscription apps, often so simple to operate that all you need to do is press a button to turn them on and off.
While using a VPN is easy in practice, there's a lot going on under the hood. Knowing what's really happening can help you decide which VPN is right for you, then use it more effectively once you've got it. In this guide, I'm going to delve into what a VPN really is, how it works and what you might need one for.
If this article convinces you that you need a VPN — and I hope it does! — I curate a collection of the best VPN deals that I update at least once a week. Head over there to get your VPN shopping started.
What is a VPN?
The name "virtual private network" comes from the initial use of the technology to access restricted networks from off-site — if you work remotely, you probably still use a VPN this way. Those are corporate VPNs, though, from providers like Cisco. Here, we're talking about commercial VPNs sold for individual use.
These services came about when people realized that if you connected to the public internet through a VPN, every server you contacted would see the VPN server instead of your personal computer. The VPN effectively becomes a mask that interacts with the web on your behalf. That's the simple principle underlying every commercial VPN you've seen advertised.
Sam Chapman for Engadget
VPNs like Proton VPN and ExpressVPN operate servers in various locations around the world. When you use their apps, you've got access to all the servers in their network. After you connect, communications between your device and your chosen server are encrypted so nobody can trace your activities back to you. This is called tunneling, and is the main difference between a full VPN and a simple proxy server.
How does a VPN work?
Questions like the above can get into the weeds fast, so I'll be oversimplifying here. VPNs handle encryption in two steps. First, they establish a secure tunnel to your computer or phone, then they send information through it.
The first step — establishing the connection — is called a handshake. It uses asymmetric encryption, where each party has a public and a private key. In a handshake, two parties use public keys to confirm that they are who they say they are, then exchange the keys they'll use for simpler symmetric encryption.
Sam Chapman for Engadget
Once the handshake has confirmed the path between your device and the VPN server, the tunnel is complete. From then on until you disconnect, every packet of data you send will be encrypted before it leaves your device and not decrypted until it reaches the VPN. The same is true in the other direction. Website requests and other data sent between the VPN and your internet service provider (ISP) will not be encrypted, but that's OK — without the information on the first step, it's impossible to identify you behind the VPN.
This is a complicated process, but VPNs use sets of instructions called VPN protocols to run through it near-instantly. A VPN protocol covers encryption and transit using several sets of ciphers. The most common protocols these days are OpenVPN, WireGuard and IKEv2/IPSec, though many VPN services have their own proprietary protocols as selling points.
What are the benefits of using a VPN?
Although the above process happens mostly in the background, it does tax your internet connection a little. The best VPNs keep impacts to a minimum, but you may notice a drop in speed, plus higher latencies when connecting to servers far away. So, what benefits do you get in exchange for all that?
Anonymity
The first and biggest boon is near-total anonymity. In 2021, the Federal Trade Commission (FTC) put out a comprehensive report on everything your ISP knows about you — confirming that nearly every ISP gets a second profit stream from selling information on your online activities. In essence, they're making you pay them for the right to hose your own privacy. But a VPN lets you strike back.
Since you connect to the VPN server before your ISP ever clocks you (let alone your destination websites), your computer and modem broadcast no information about who you really are. Anyone can see what you're doing, but they'll only see the VPN server doing it. And hiding your IP address is vital — lots of people (not just ISPs) can deduce a shocking amount about you with no other information, including your real location.
Prevent ISP speed throttling
Speed isn't normally one of the benefits of a VPN, but in some specific cases, you might get faster internet. ISPs occasionally throttle the speeds of certain users they perceive as using too much bandwidth. This can happen to you, whether or not the charge is accurate. Using a VPN can get around the slowdown, since the ISP can't identify you to throttle you. Just note you still can't go faster than your unprotected internet speed.
Public Wi-Fi safety
A VPN can also keep you safe when using public Wi-Fi. On an unsecured Wi-Fi network — the sort you often find in cafes, hotel lobbies and other public buildings — hackers can spy on you through various vulnerabilities, or even set up fake networks (called "rogue hotspots") to capture your information. If your connection with the network is encrypted, the criminal's window of opportunity slams shut.
Get around content blocks and firewalls
The other most important thing a VPN can do is to change your virtual location. IP addresses are keyed to specific locations — some to countries or regions, and some to networks as small as one building. Authorities can use this to restrict internet access on the networks they control. This can vary in scale, from your school or workplace blocking certain content, all the way up to the nation-level firewalls in China, Saudi Arabia and other countries.
Remember, though, that your internet goes to the VPN before it goes anywhereelse. If your school's internet blocks some sites, you could get on a VPN server and the school's firewall won't know you're connecting from inside. This even works with countries (though not always). By connecting to a server outside the sphere of oppression, you can organize activism online even when the government doesn't want you to.
Sam Chapman for Engadget
Of course, you can also use this trick for fun by checking out other countries' streaming libraries, viewing local exclusive events or protecting you while you download a torrent file. The key takeaway is that VPNs are versatile, and can be used for casual entertainment, life-and-death anonymity or both at once.
Will a VPN keep me completely safe online?
VPNs are a huge positive for individual privacy rights, but just having one doesn't mean you can ignore your online safety. It's better to think of VPNs as one part of a comprehensive strategy.
A VPN keeps you anonymous, prevents you from being tracked and changes your location to bypass censorship. However, it can't directly protect you from downloading malware, falling for a phishing scam, oversharing information on social media, using an easily guessed password or getting your phone stolen in real life.
There's one key difference between threats a VPN can prevent and those it can't: A VPN only protects you from being spied on without your consent. If all you're doing is browsing on a network, a VPN keeps you concealed. But today's malefactors have all sorts of tricks to get you to give your consent. Websites spam message windows until you click "allow cookies." Hackers send phishing emails and make you click links that download malware. And so on.
Can VPNs be trusted?
There's also one other critical point. Even if a VPN keeps you completely anonymous, the VPN itself can still tie your identity to what you do online. That's why VPNs all claim to have "strict no-logging policies" or something similar — they're promising not to abuse their access.
Naturally, some do anyway. A VPN can be sued if it breaks its own privacy policy, but many escape liability by leaving just enough leeway that they technically aren't in violation. The best way to determine if you can trust a VPN is to look at its history. How long has it been operating? Has it ever mishandled or profited off customer data in that time? On the other hand, has it ever been raided by police who then found nothing, bolstering its claim to not keep logs?
An excerpt from the privacy policy of Private Internet Access.
Sam Chapman for Engadget
Some of the most trustworthy VPNs take technical steps to guarantee that they aren't logging user activity. Many use RAM-only or diskless servers that automatically delete any logs. Proton VPN goes even farther, using full-disk encryption to render any logs unreadable (even if they did exist). These services back their claims up with independent audits from reliable firms.
Bottom line: A VPN is no substitute for common sense, threat awareness and a suite of strong security tools. It'll work best alongside a password manager, virus scanner and two-factor authentication.
Are VPNs legal?
VPNs are legal in every free country on Earth. While the UK recently suggested that a VPN ban was "on the table" to enforce its age verification laws, and the US states of Wisconsin and Michigan are considering bans in various forms, no democracy has yet outlawed VPN usage.
The countries that do ban VPNs are the ones you'd probably expect — those with deep-rooted internet censorship regimes that VPN use might threaten. Belarus, Iraq, Myanmar, North Korea and Turkmenistan have made all VPNs illegal. In China, Russia, the United Arab Emirates, Oman, Uganda and Iran, only state-approved VPNs are permitted, and services that get approved tend to have government backdoors.
Other countries heavily restrict VPNs without banning them altogether, including Turkey and Pakistan. In India, VPNs are legal, but the law requires them to keep logs of user activities. The law's passage in 2022 led many VPNs to pull their servers from India and replace them with virtual locations.
Finally, there are countries like Egypt where using a VPN is legal, but you'll face extra penalties if you're caught using one to commit a crime. Also, it should go without saying, but VPNs don't make crime legal. If something is illegal without a VPN, it's illegal with a VPN, even if VPNs themselves are allowed in your state and country.
Are VPNs free?
Some of them are, but many of them are dangerous. If you've just been faced with a new threat to your online freedom — like, say, the UK's new age restriction laws — it can be tempting to jump to a free VPN to solve the problem quickly.
But free VPNs are easy to hack together, and app stores rarely probe them for violations before listing them. I frequently see free VPNs that either don't work, track you for ad sales or even sneak malware onto your computer. Another big problem is that many of these shovelware VPNs are all secretly run by the same monolithic entities.
Sam Chapman for Engadget
The best free VPNs are free plans offered by paid services. With subscription fees supporting the free tier, you don't need to worry that the real money comes from selling your information to advertisers. Proton VPN, hide.me, Windscribe, TunnelBear and PrivadoVPN all fall into this category. None of them show you ads, but they're all restricted in other ways, whether by the amount you can use the VPN per month, the speeds you'll get or the servers you can access.
Do I need a VPN?
If you use the internet — which you must, if you're reading this — you'll benefit from a VPN. To determine what you'll need it for, though, ask yourself the following questions. If you answer yes to any of them, think about subscribing to a VPN to address the problem in question.
Do you feel strongly about whether your ISP and other third parties can see what you do online and use that information for profit?
Do you live in a place where the law prevents you from freely using the internet and/or forbids certain platforms?
Have online freedoms been temporarily suspended in your country because of unrest?
Are you planning to travel to a country with restrictive internet laws?
Do you normally use the internet on a network that restricts access to certain sites?
Do you use the internet for any tasks that would risk your own safety or someone else's if exposed?
Do you often get online through public Wi-Fi networks or networks without passwords?
Are you concerned that your ISP is throttling your internet speeds?
Do you want to watch TV shows and movies that aren't available in your country on the streaming services you're subscribed to?
Do you want to watch events that are limited to specific regions, such as local sports?
Do you enjoy looking in various regions for better deals on products you want?
Are you an online gamer concerned about doxxing and/or DDoS attacks from sore losers?
Different VPNs have features that make them better at various tasks from the lists above. However, the providers on my best VPN list are good at just about everything. Proton VPN is my favorite for its balance of speed, design and anonymity, but ExpressVPN is another excellent choice if you're willing to pay more for fantastic ease of use. Surfshark is the fastest VPN I've tested this year, while NordVPN has a great set of features.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/what-is-a-vpn-and-what-can-you-do-with-one-161549146.html?src=rss
There's a fundamental question you can ask of both the internet and real life: "How do I enjoy my time here without taking unnecessary risks?" In grass-touching meatspace, you can cut out processed foods, carry pepper spray and avoid skydiving without a partner.
But the best methods for staying safe online aren't as intuitive. The internet is a massive town square where people are constantly bellowing deeply personal facts about themselves. It's no surprise that it's become a breeding ground for scams, theft and other criminal activity.
Given the breadth of dangers, it may feel easier to throw up your hands and say that whatever happens will happen. I'm here to tell you, though, that cybersecurity doesn't have to be complex, difficult or time-consuming. You don't need to be a hacker to foil a hacker — you only have to take advantage of simple tips and free apps designed to make you safer online. Whether you commit to all 12 detailed here or only focus on one, you'll be much more secure for it.
1. Install security updates immediately
One of the most important things you can do to ensure your digital security is to install all software updates as soon as they become available on your devices. When you see the notification, don't wait — train yourself to download the update immediately.
Not all software updates are about security, but the ones that are form your best line of defense against technical hacks. When developers discover a flaw that can be exploited, they ship an update to fix it. By the time the flaw gets patched, chances are very high that hackers also know about it, so any time lost means you could be the next to get exploited.
As you go down this list, you'll learn that cybersecurity threats are less technical than you think. To counter the ones that are, however, there's nothing more important you can do than install security updates.
2. Use strong passwords
Weak, easily guessed passwords are one of the most frequent causes of data breaches and malware attacks. If a password is one of the ten or so most common, an attacker may be able to guess it with no other information. If it's connected to you — your birthday, say, or mother's maiden name — it may be guessable from information anyone can look up online.
Even if your password is a random string of characters, it might still be guessable if it's too short. Hackers can use programs to guess all possible combinations and try each one on a target account. The longer a password is, the more exponentially difficult it is to guess.
SEAN GLADWELL via Getty Images
That means you need passwords that are both long and meaningless to you. You might rightly complain that these are bastards to remember, but you're in luck: password managers can do that for you. A password manager app or browser extension can create passwords when you need them, store them securely and fill them in automatically. All you have to remember is the one master password that unlocks all the others.
3. Set up two-factor authentication
Even the strongest password might get revealed through no fault of your own, like if it's stored without encryption and leaked in a data breach. That's why it helps to have two-factor authentication (2FA), also known as multi-factor authentication (MFA), as a second secure layer on every account.
You probably already know 2FA as the irritating extra step that makes you go get your phone — but that's not the only way to do it. Many apps, including Google and Apple, now let you log in through passkeys. These not only don't require you to enter a code or password, but use asymmetric encryption, sharing credentials between your device and the service that runs the passkeys. It's a lot quicker for you, and leaves nothing to steal.
4. Back everything up
Ransomware and its cousins are a growth industry within the cybercrime economy. These attacks corrupt your files or lock you out of them until you pay a fee to get them back. The easiest way to foil a ransomware attack, or to clear any other kind of malware off a device, is to restore the entire system from the most recent backup.
To make sure you actually have a backup, experts recommend the 3-2-1 rule: three different backups, on two different types of storage, with at least one physically distant from the main system. For example, you could have one backup on another device in your house, one in the cloud and one on a portable hard drive. Automatic backup services can save disk images for you at set intervals so you don't have to remember to do it yourself.
5. Learn to spot social engineering
Despite all the technobabble flying around the cybersecurity world, a great many scams and hacks are accomplished through methods a 19th-century con artist would recognize. Scammers pose as experts or authority figures to gain your trust, and use frightening language to bypass your critical thinking. Ticking clocks, emotional manipulation and fake identities are all in the toolbox.
Alex Cristi via Getty Images
Take phishing, in which hackers trick you into giving up your information willingly. A typical phishing email might pose as a bank, credit bureau or other authoritative service. In red letters, it may demand your bank password or social security number to immediately fix an irregularity with your account. Other common approaches include warning you about speeding tickets you never incurred or sending receipts for subscriptions you never bought.
Social engineering attacks are constantly evolving, but they often fall back on the same strategies. The best way to foil them is to take a deep breath every time you receive a frightening email or text message, then research it in detail: look up the email address, check the visual design to make sure the sender is who they claim to be, and ask yourself if there's any way the message could be true. I highly recommend working through this phishing quiz — it's tough, but fair, and extremely educational.
6. Always check links before clicking
This is a companion to the previous tip. Social engineering scams don't always try to get you to give up information yourself. They also get you to click on links that put secret malware on your device — like keyloggers that watch you type your passwords or ransomware programs that corrupt your files.
If you're ever not sure about an email attachment or a link you're being asked to click, copy the link (without opening it) and paste it into a URL checker like this one from NordVPN. These free tools can tell you if a link is associated with any known malware domains.
Sam Chapman for Engadget
You can also mouse over any link, then look at the bottom-left of your browser to see what URL it will take you to. If an email is from your bank, any links within it should go to your bank's website. If it's going anywhere else, especially to an unidentifiable string of characters, be suspicious.
A related tip is to never copy and paste something into your URL bar if you aren't absolutely sure of what it will do. Social engineering doesn't always get you to click the link — sometimes attackers leave it un-hyperlinked so mousing over it doesn't reveal anything. This also goes for the command modules on desktop and laptop computers. In a recent documented attack, hackers convinced AI chatbots to suggest a command that gave them root access to the victim's device. Never copy-paste anything into the command window without verifying it first, especially if an AI told you to do it.
7. Don't overshare
Over the last two decades, lots of us have gotten into the habit of dumping all sorts of personal information on social media. This trend has supercharged the scam economy. It may seem harmless to broadcast the names of your kids or the dates you'll be on vacation, but every piece of data you put into the world makes it easier for a stranger to get hooks into you.
For example, "grandparent scams" are on the rise right now. Grifters contact a target, usually a senior, pretending to be their grandchild. They'll claim to be in a crisis and need money fast. The more information they have on their target, the more convincing their tale of woe will be. Social media is a prime place to study a potential victim.
Oversharing can also be a compounding problem. If you use weak passwords, your public information can be used to guess your credentials or answer your security questions. So, if you don't have a password manager yet, think twice before you engage with that quiz post on Facebook that asks for the name of your childhood pet.
8. Use a VPN
I'm a big booster of virtual private networks (VPNs), but it's important to be realistic about what they can and can't do. Even the best VPNs aren't total cybersecurity solutions — you can't just set one and assume you're safe forever. A VPN can't protect you if you use easily guessed passwords, for example, or click on a malware link. It's about hiding your identity, not making you invulnerable.
So what can a VPN do? In short, it replaces your IP address (a fingerprint that identifies you online) with another IP address, belonging to a server owned by the VPN. The VPN server does business with the internet on your behalf, while its conversations with your device are encrypted so it can't be traced back to you.
Sam Chapman for Engadget
This means no third party can connect your online actions with your real-world identity. Nobody will be harvesting data on the websites you visit to sell to advertisers, nor building a file on you that an unscrupulous government might misuse. VPNs also protect you from fake public Wi-Fi networks set up by cybercriminals — even if a hacker tricks you with a man-in-the-middle attack, they can't do much without your real IP address.
Many top VPNs, including my top pick Proton VPN, include ad blockers that can also keep cookies and tracking pixels from latching onto you. So, even if a VPN can't do everything, you'll be far safer and more private with one than without one. If you don’t want to pay for a new subscription right now, I've also compiled a list of the best free VPNs that are actually safe to use.
9. Run regular virus scans
The most important time to look for malware is when you're downloading a file from the internet. Not only can unwanted apps hitch rides on seemingly safe files, but links can start downloads in secret, even if you don't think they're meant to be downloading anything. A solid antivirus program can catch malware as it arrives on your system, and if it's uncertain, can lock suspicious files in quarantine until it knows whether they're safe or not.
Dedicated antivirus apps are sometimes even capable of catching malware that hasn't been seen or used yet. AV software uses machine learning to identify the common patterns of malware, filtering out new viruses that behave like old ones.
But what about malware that's already gotten through the perimeter? An antivirus app can also check your computer at set intervals in search of unwanted apps, including those that might be masquerading as system files. Windows computers now come pre-installed with Windows Defender, which is enough to handle most of these tasks, but I recommend at least one anti-malware program on any device.
10. Use email maskers and private search engines
If you're concerned about your information being misused or mishandled, remember that the less you put out into the world, the less danger you're in. Keeping your private data off social media is one important step, but there are other ways your data gets disseminated — and other options for responding.
For example, you often need an email address to sign up for an online account. If you use your real email, your contact information is now floating around online, increasing the chance of someone using it to scam you (or at least adding you to mailing lists you never signed up for). To stay safe, use an email masker. These services give you a fake email address you can use to create accounts, which automatically forwards messages to your real address.
Sam Chapman for Engadget
Search engines, especially Google, are also notorious for building profiles on users by watching the terms they search for. You can dodge that by switching to a private search engine like DuckDuckGo, which doesn't track anything you do — it's funded by non-targeted ad sales on its search results pages, not by selling your data to brokers.
11. Use a data removal service
Speaking of data brokers: unfortunately, if you've been on the internet at any point in the last 10 years without taking intense precautions, your data is probably in the hands of at least one business that makes money by hoarding and selling it. These data brokers range from public-facing, people-search sites to private backend dealers.
Data brokers are poorly regulated and lax about safety. The longer one has your personal information, the more likely it is to leak. The good news is that most brokers (though not all of them) are legally required to delete your data if you ask them to.
However, there are a lot of data brokers out there, and they really want to keep your data. Each one makes opting out harder than uninstalling a Norton product — and hundreds of them may have files on you. To make the process easier, you can use a data removal service like DeleteMe or Surfshark VPN's partner service Incogni.
12. Practice physical security
Let's close out the list by getting a little old school. I've already discussed how many online scams depend on classic con artistry to work. By the same token, physical infiltration and smash-and-grab tactics still pose a threat to cybersecurity.
It doesn't take too much imagination to see how this could work. If you leave your laptop or phone unattended in public, for example, someone might insert a flash drive that loads malware onto the system. In one illustrative case, a thief in the Minneapolis area would loiter in bars, watch people unlock their phones, then steal those phones and unlock them himself.
I'm not saying you need to be paranoid every second you're in public. Just use the same level of caution you'd use to protect your car. Lock your phone with a biometric key so only you can open it, and make sure not to leave any device lying around if it can access your online accounts. And at work, be careful not to let anyone into a secure area if they don't have the proper credentials.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/12-steps-you-can-take-right-now-to-be-safer-online-130008335.html?src=rss