Jump to content

VPN: really secure connection to the I-net


kamui

Recommended Posts

I was thinking about about a really secure connection to the internet for some time. Secure means: I connect to every page I want, download every data I want without that *any* other any party will be able to to trace me, or that hackers are being able to get hold of personal data (passwords e.g.).

 

Current situation: My ISP (internet service provider) records my personal IP address, and theoretically my ISP can record *any* data coming from or going to my PC. And of course downloading movies etc. is a major concern for me, since specialized companies can record my IP and ask my ISP to forward my name and physical address for to sue me.

Also some Youtube videos and other US based services e.g. are blocked in Germany.

 

And to make it worse, now any PC user can snoop into your I-net connection when you use public WiFi, using Firesheep.

:down:

 

For to avoid those of the problems I already tried a free solution: Hotspot Shield, but it is extremely slow and filled with annoying adverts. Also I tried to install a personal VPN solution, but couldn't get it to work.

 

Yesterday I made the jump and signed up for a paid VPN (virtual private network) service, which offers an encrypted tunnel into the internet. Now when I go online every party recording my movements gets a fake IP address and the information that I am in Amsterdam (or the USA). And since the internet connection is encrypted no other party can snoop my connection when using public WiFi (at airports, Starbucks. e.g.).

 

I use the premium service of VyprVPN for 20 USD a month. And after installing a small piece of software on my Mac it runs absolutely smooth without a visible slowdown. And when necessary I can switch on VPN on iPhone as well.

:up:

 

PS: Paid VPN services are very different in pricing and details. Some for example of servers on different continents which is important for speed, but prohibit P2P or multiple users... Some offer just a PPTP connection (less secure) others offers PPTP, OpenVPN (more secure) and L2TP (extremely secure). See Five Best VPN Service Providers

Link to post
Share on other sites

Unless you have our stuff... there is none.

 

You can buy your own sat uplink... but with out military grade stealth packages that require almost weekly updates and cost about $50k just in parts (that you cant get)... you can have no 100% secure uplink.

 

They can always find you. And they prove it every day.

Link to post
Share on other sites
Unless you have our stuff... there is none.

 

You can buy your own sat uplink... but with out military grade stealth packages that require almost weekly updates and cost about $50k just in parts (that you cant get)... you can have no 100% secure uplink.

 

They can always find you. And they prove it every day.

 

Of course, if an intelligence service is after me, they will get a lot of information about me in less than 30 seconds. Just googling my name brings up a lot of information about me.

 

Using elaborate search method as described in a recent German computer magazine will probably bring up details I never thought that they would be available on the I-net.

 

And if a hacker (private or governmental) is going to attack me, I guess that it wouldn't take long to infiltrate my email e.g.. Last weeks story how an anti-pirate company was hacked is a shining example.

 

Anyway, that is not what I am talking about. I am just talking about a secure connection to the internet, secure from random hackers trying to steal my passwords, identity or bank data at public places like cafes with free WiFi. And from lawyers asking for thousands of USD from people who download pirated movies or software. Also it will prevent *all* websites from geo-locating me (even on my blog I have installed Google Analytics which exactly does this).

-------

 

 

By the way, I just saw that NYT had an article about this topic this week:

 

New Hacking Tools Pose Bigger Threats to Wi-Fi Users

By KATE MURPHY

You may think the only people capable of snooping on your Internet activity are government intelligence agents or possibly a talented teenage hacker holed up in his parents’ basement. But some simple software lets just about anyone sitting next to you at your local coffee shop watch you browse the Web and even assume your identity online.

 

“Like it or not, we are now living in a cyberpunk novel,†said Darren Kitchen, a systems administrator for an aerospace company in Richmond, Calif., and the host of Hak5, a video podcast about computer hacking and security. “[color:red]When people find out how trivial and easy it is to see and even modify what you do online, they are shocked[/color].â€

 

Until recently, only determined and knowledgeable hackers with fancy tools and lots of time on their hands could spy while you used your laptop or smartphone at Wi-Fi hot spots. But a free program called [color:red]Firesheep[/color], released in October, has made it simple to see what other users of an unsecured Wi-Fi network are doing and then log on as them at the sites they visited.

 

Without issuing any warnings of the possible threat, Web site administrators have since been scrambling to provide added protections.

 

“I released Firesheep to show that a core and widespread issue in Web site security is being ignored,†said Eric Butler, a freelance software developer in Seattle who created the program. “It points out the lack of end-to-end encryption.â€

 

What he means is that while the password you initially enter on Web sites like Facebook, Twitter, Flickr, Amazon, eBay and The New York Times is encrypted, the Web browser’s cookie, a bit of code that that identifies your computer, your settings on the site or other [color:red]private information, is often not encrypted[/color]. Firesheep grabs that cookie, allowing nosy or malicious users to, in essence, be you on the site and have full access to your account.

 

More than a million people have downloaded the program in the last three months (including this reporter, who is not exactly a computer genius). And it is easy to use.

 

The only sites that are safe from snoopers are those that employ the cryptographic protocol transport layer security or its predecessor, secure sockets layer, throughout your session. PayPal and many banks do this, but a startling number of sites that people trust to safeguard their privacy do not. You know you are shielded from prying eyes if a little lock appears in the corner of your browser or the Web address starts with “https†rather than “http.â€

 

“The usual reason Web sites give for not encrypting all communication is that it will slow down the site and would be a huge engineering expense,†said Chris Palmer, technology director at the Electronic Frontier Foundation, an electronic rights advocacy group based in San Francisco. “Yes, there are operational hurdles, but they are solvable.â€

 

Indeed, Gmail made end-to-end encryption its default mode in January 2010. Facebook began to offer the same protection as an opt-in security feature last month, though it is so far available only to a small percentage of users and has limitations. For example, it doesn’t work with many third-party applications.

 

“It’s worth noting that Facebook took this step, but it’s too early to congratulate them,†said Mr. Butler, who is frustrated that “https†is not the site’s default setting. “Most people aren’t going to know about it or won’t think it’s important or won’t want to use it when they find out that it disables major applications.â€

 

Joe Sullivan, chief security officer at Facebook, said the company was engaged in a “deliberative rollout process,†to access and address any unforeseen difficulties. “We hope to have it available for all users in the next several weeks,†he said, adding that the company was also working to address problems with third-party applications and to make “https†the default setting.

 

Many Web sites offer some support for encryption via “https,†but they make it difficult to use. To address these problems, the Electronic Frontier Foundation in collaboration with the Tor Project, another group concerned with Internet privacy, released in June an add-on to the browser Firefox, called Https Everywhere. The extension, which can be downloaded at eff.org/https-everywhere, makes “https†the stubbornly unchangeable default on all sites that support it.

 

Since not all Web sites have “https†capability, Bill Pennington, chief strategy officer with the Web site risk management firm WhiteHat Security in Santa Clara, Calif., said: “I tell people that if you’re doing things with sensitive data, don’t do it at a Wi-Fi hot spot. Do it at home.â€

 

But [color:red]home wireless networks may not be all that safe either[/color], because of free and widely available Wi-Fi cracking programs like Gerix WiFi Cracker, Aircrack-ng and Wifite. The programs work by faking legitimate user activity to collect a series of so-called weak keys or clues to the password. The process is wholly automated, said Mr. Kitchen at Hak5, allowing even techno-ignoramuses to recover a wireless router’s password in a matter of seconds. “I’ve yet to find a WEP-protected network not susceptible to this kind of attack,†Mr. Kitchen said.

 

A WEP-encrypted password (for wired equivalent privacy) is not as strong as a WPA (or Wi-Fi protected access) password, so it’s best to use a WPA password instead. Even so, hackers can use the same free software programs to get on WPA password-protected networks as well. It just takes much longer (think weeks) and more computer expertise.

 

Using such programs along with high-powered Wi-Fi antennas that cost less than $90, hackers can pull in signals from home networks two to three miles away. There are also some computerized cracking devices with built-in antennas on the market, like WifiRobin ($156). But experts said they were not as fast or effective as the latest free cracking programs, because the devices worked only on WEP-protected networks.

 

To protect yourself, changing the Service Set Identifier or SSID of your wireless network from the default name of your router (like Linksys or Netgear) to something less predictable helps, as does choosing a lengthy and complicated alphanumeric password.

 

[color:red]Setting up a virtual private network, or V.P.N.[/color], which encrypts all communications you transmit wirelessly whether on your home network or at a hot spot, is even more secure. The data looks like gibberish to a snooper as it travels from your computer to a secure server before it is blasted onto the Internet.

 

Popular V.P.N. providers include VyperVPN, HotSpotVPN and LogMeIn Hamachi. Some are free; others are as much as $18 a month, depending on how much data is encrypted. Free versions tend to encrypt only Web activity and not e-mail exchanges.

 

However, Mr. Palmer at the Electronic Frontier Foundation blames poorly designed Web sites, not vulnerable Wi-Fi connections, for security lapses. “Many popular sites were not designed for security from the beginning, and now we are suffering the consequences,†he said. “People need to demand ‘https’ so Web sites will do the painful integration work that needs to be done.â€

 

Link

 

 

 

 

Link to post
Share on other sites

Anyway, that is not what I am talking about. I am just talking about a secure connection to the internet, secure from random hackers trying to steal my passwords, identity or bank data at public places like cafes with free WiFi. And from lawyers asking for thousands of USD from people who download pirated movies or software.

 

 

Not possible again with out serious expense.

 

1) Hackers are too good. You will never be as good as your 14 year old counterpart.

 

2) There are entire industries devoted to being able to find you for downloading pirated film, ect. The only current safety is living in a country that does not prosecute such things. (Thats why 90% of all serious viruses no longer come from the US.)

Link to post
Share on other sites

Anyway' date=' that is not what I am talking about. I am just talking about a secure connection to the internet, secure from random hackers trying to steal my passwords, identity or bank data at public places like cafes with free WiFi. And from lawyers asking for thousands of USD from people who download pirated movies or software.

[/quote']

 

 

Not possible again with out serious expense.

 

1) Hackers are too good. You will never be as good as your 14 year old counterpart.

 

2) There are entire industries devoted to being able to find you for downloading pirated film, ect. The only current safety is living in a country that does not prosecute such things. (Thats why 90% of all serious viruses no longer come from the US.)

 

I disagree. Of course *almost* anything can be hacked, but hacking secure connections takes a serious amount knowledge, time and/or PC power. This is usually aimed at high value targets which I am not. My security measures are aimed against random attacks, which can happen every second. For example my (not very high profile) blog is being attacked frequently and after a defacement I have learnt to harden it against common threats.

 

In regard to piracy: the only legal method all the anti-pirate outfits can use is connecting your IP address with your name and physical address.

But all those anti-pirate outfits go the easy route: They only attack people whose IP can be immediately traced back to it's owner via a lawyer's or court request to your ISP. When I use OpenVPN my IP is invisible to them. And even if it would be possible, they would not go after me, because my VPN provider, my IP and I are located in different countries. No anti-pirate lawyer goes after ISP's outside their country. It's too expensive and complicated.

 

 

Link to post
Share on other sites

 

I disagree. Of course *almost* anything can be hacked, but hacking secure connections takes a serious amount knowledge, time and/or PC power.

 

 

You secound sentence contradicts your first.

 

However, you are incorrect I believe. What it takes to get you is you clicking on the wrong link, or downloading the wrong file.

 

If you were right that it is easy to protect yourself as you say then...

 

1) It would not be expensive to do

 

2) everyone with any money at all would be doing it.

Link to post
Share on other sites

 

I disagree. Of course *almost* anything can be hacked' date=' but hacking secure connections takes a serious amount knowledge, time and/or PC power.

[/quote']

 

 

You secound sentence contradicts your first.

 

However, you are incorrect I believe. What it takes to get you is you clicking on the wrong link, or downloading the wrong file.

 

If you were right that it is easy to protect yourself as you say then...

 

1) It would not be expensive to do

 

2) everyone with any money at all would be doing it.

 

I think you are confounding different things: I am talking about a secure connection to the internet not about threats from malware placed on my PC through infected websites or infected downloads. That's a complete different topic.

 

Why, people don't use VPN?

1.) I guess that 99% of the users don't know that the solution exists.

2.) Most people are cheap. You don't get a _visible_ advantage from using VPN, moreover using a free VPN service like Hotspot Shield will even slow down your connection visibly.

3.) In countries like France with new hard anti-piracy laws, torrent users are flocking to VPN services .

 

 

Link to post
Share on other sites
http://torrentfreak.com/

 

...is a really interesting link that follows the legal side of of copyright issues.

 

Most of the court cases in the UK and US have not worked out for the law firms. Yet..

 

 

But most cases don't go to court and by now hundreds of thousands of people in Western countries have paid a lot of money to the anti-piracy companies.

Link to post
Share on other sites

kamui,

 

I thought so to. Actually know someone who got a letter demanding money.

 

There have been a few very high profile cases in the US and in a few the people lost badly in court. Wiped out with huge amounts of money owed.

 

So far it seems to be mainly for music and it is very few people.

 

I thought the numbers were huge as well and have been following the link for a while now. About a year.

 

It seems the strategy is to generate maximum publicity of those getting fried. A site being taken off line without any sort of a court case is much more likely.

 

 

http://torrentfreak.com/file-sharers-start-handing-over-1000-each-in-bizarre-amnesty-program-110217/

 

 

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...