December 1, 2013
Anonymous and private, the way the internet was meant to be.
I know this idea is not for everyone. There are some people with whom this idea and topic really click and there are others feel those who feel that anything can be cracked and there is really no point to worry about privacy or encryption. I hope that whichever camp your in, you will be able to glean something from this blog post.
Why a Virtual Private Network (VPN)
For me, it all started with the security orientated podcast like Security Now and some of the more everyday tech podcasts like LifeHackers. They all had one thing in common, the foolishness of using free wifi at the proliferation of hotspots like café, restaurants, malls and airports without some sort of protection. Even Target and Walmart now advertise their free wifi as you enter the store. There are more tech reports every day about identity and password theft leading to hacking into our everyday accounts like Facebook, twitter and other sites. These initial inroads lead hackers to far greater account access which in the end could mean our bank accounts or credit cards costing us real time and money to clean up after these assaults. This can happen easier then you think because many people use the same password (or only with minor variation) from site to site. I will be discussing this point in a future blog covering “Hackers dictionary expands to make use of Wikipedia and other common phrases”. This a got me thinking while we were traveling this summer how many times we were making use of those free hotspots. I never really thought about how much information was being sent over the air. Much of this data is encrypted, but there are also other sites that may not use SSL authentication until after you log in and with those you are sending you id and password unencrypted over the wifi. Doing some google searches I’ve found out that even someone who does not have a strong understanding of the http protocol or packet sniffing can use their laptop and free software to intercept the packets of information as they go from my devices to the local wifi. This made me very uncomfortable.
As the blog subtitle suggests, I do believe that, even if I have nothing to hide and I am not doing anything wrong, what I do in the privacy of my internet surfing should be just that anonymous and private. I have never understood the group think that if you have nothing to hide you should feel compelled to open your life to everyone and anyone. Even Sen. John McCain in a November 10, 2013 interview with the German magazine Spiegel said that the NSA has gone too far with too little oversight and the head of the NSA should resign or be fired.
Closer to home our internet service providers have move from net neutrality to more information gatherers, tracking surfing, uploads and downloads. Websites have taken to noting and logging your IP address (which is like your street address for your computer) and other browser information. Via cookies left on your system this can help then identify where you’ve been surfing so they can customize the content they provide or target advertising. Even if you check the no cookies option they have found ways around this. Information can be stored in the “cute website icon” you now see in the URL bar and used to identify you when you return to that site.
In addition, some website block access to some or all of their content based on your geographic location, known as geographic restrictions. This involves not being able to view some content if you do not reside in that country. This would be the case, with the BBC and those of us who do not reside in the UK. It is also my understanding from Canadian friends that Netflix limits the movie options if your IP address is from Canada verses those available to US members.
I have found that using a Virtual Private Network (VPN) addressed these points:
- A VPN secures your internet connection.
- It encrypts (scrambles) the packets from my computer through the tunnel to the Internet gateway.
- Using a VNP anonymize or IP cloaking (changes your IP address the number that identifies your computer on the network as it is presented on the Internet). For example I appear to be a user with an IP address of 50.112.x.x out of Chicago instead of 67.115.x.x from Royal Oak
- This can also help when encountering geographic restrictions. You can appear from Holland, England, Switzerland, the United States or even Romania. These options depend on the VPN service provider.
One last thing to keep in mind is that a VPN does not protect you from a virus, malware or trojans. Please use https whenever possible and keep up to date with your virus software definitions.
Selecting a VPN
There are a couple of ways to setup a VNP. I have friends who have setup their own virtual private networks by buying the hardware and software and configuring it. For me, when I started looking into this I wanted a simple solution and one that was easy to setup with a low initial cost. I also wanted something that would be cross platform (PC and Mac, as well as mobile). It was also important that after setting this up it would be un-intrusive for everyone in the family. Another consideration was that the VPN did not log the data concerning my surfing (that would be ironic after all). With this in mind I ended up going with a service provider solution. There are several well respected ones Private Internet Access, proXPN and WiTopia to name a few.
After some research I went with Private Internet Access (PIA). Paying for a year in advance ($39.95) breakdown to only $3.33 a month. Private Internet Access installs on PC, Mac, Linux, iOS and Android devices. There is no limit to the number of installations of the PIA client or the number of mobile devices you can configure to the VPN connection. They limit the number of concurrent connections to 5 devices. Meaning that 5 separate devices can connect to the VNP through a single account at the same time.
I was very impressed with their excellent online (live chat) customer service. They were able to resolve my couple questions during that chat session.
Setting up the VPN
For my PCs (desktop and laptop) and MacBook I installed the PIA client, which was a very simple installation. During the setup I choose to have the client run at system startup (for each user on the two systems). This addressed my concern that it be un-intrusive for everyone in the family. As anyone logs on the PVN client starts behind the scenes without any actions necessary on the user’s parts. I don’t have to worry about the “oops I forgot” moments. During the installation of the PIA client I selected the Midwest gateway (this can be changed to any location world wide at any time) and everyone is ready to go. This way I don’t have to think about it when I launch the browser and start surfing. As a note, I am not noticing any slowness or bandwidth issues since using this setup.
As far as the mobile devices (iPhones and iPads) I needed to setup the VPN option on each device and point the configuration to the PIA server of choice and enter the account user id and password. Another note at this point is you can choose from OpenVPN, IPSEC/L2TP or PPTP. For the mobile devices the PVN is not automatically engaged. After the one time configuration it is as simple as flipping the VPN option to on when we are going to use a free wifi hotspot. For the iPhone and iPad this means going to the setting menu and turning on the VPN option.
Setup the VPN to work with my UTorrent download software was also very easy. In the configurations I set the same proxy setting that I used for the mobile device setup. The downloads and uploads work as expected. Again I don’t think I’m noticing a download speed reduction with the addition of the VPN proxy. As I’ve stated earlier this has the benefit of anonymizing my IP address and encrypting the data.
One of the side effects I did notice were notifications from Gmail that my email account was being accessed from an IP address they did not recognize when I tested using different PIA servers. This was very easy to address. Gmail provides a list of IP address and I was able to verify the listed IP addresses were ones I tested with PIA and I confirmed that they were ok and the notifications ended.
I have been very happy with my choice of using a VPN service provider and the provider I chose. As well as the piece of mind it provides when I am surfing out in public, logging into my online banking or when anyone in my family is buying something online. There are a vast number of podcasts and blogs out there addressing this topic including the ones mentioned above, Security Now and LifeHacker. I’d suggest anyone interested in using a VPN doing your research and making an informed decision. Please feel free to post or email me (firstname.lastname@example.org) any questions you have and I’ll do my best to answer them in this forum and via my blog email.
As always, I’d also like to see any comments the readers have concerning this blog post as well as suggestions for upcoming blogs.