Of these concerns, just three rose to the level of “medium severity,” while the rest were rated as low severity or “informational observations.” Google has already fixed one of the biggest issues and a few others, but the new report notes that many of the flagged problems haven’t yet been resolved. Google certainly has a decent track record for taking security bugs seriously (and even led the charge on patching up the open source software security industry recently), so we expect them to address these concerns sooner rather than later.

What Are the Google One VPN Security Issues?

Google asked for the report itself, using the third-party firm NCC Group, and the group has just released the entire 52-page public report to all online. Specifically, it’s a technical component analysis and source code review, and the 24 findings can be broken down into three different categories:

Three findings rated medium-severityTen findings rated low-severityNine findings rated as informational observations

Google has addressed one finding from each category, leaving a total of 19 remaining. The report details the top three medium-level security concerns first. The other two medium risk findings still remain. They both relate to the login process for both the Windows and MacOS versions of the VPN, and leave the service open to being denied availability by “local malicious applications” or could leak an OAuth token through temporary local ports.

Should You Use Google One VPN?

There are plenty of reasons why these security issues seem unlikely to pose a huge problem. For one thing, Google is well aware of all of them, having engaged NCC Group to investigate them in the first place, and Google knows it is in its own best interest to patch up all risks when it comes to security and user privacy. Plus, even the more serious security concerns detailed above didn’t rise to the level of high or critical severity. Ultimately, the Google One VPN is about as trustworthy as any other VPN on the market when it comes to security. That said, there is one reason why you may not want to opt for it: Anyone who uses Google’s VPN will be funneling all their internet activity through Google, an internet tech giant with a long, storied history of scooping up data through third-party tracking software. If you’re a privacy-conscious type, keeping your activity hidden from the ad-tech duopoly of Google and Facebook is likely one of your priorities. To explore your smaller VPN options while keeping your internet use safe, secure, and speedy, we’ve rounded up all the top options over here.