Sign in with
Sign up | Sign in
Your question

VPN For Security-noob

Last response: in Networking
Share
July 8, 2012 6:03:20 AM

Hello Everyone,

I was doing some surfing and somehow randomly stumbled on the articles about how isp have given up info. For example, one was a story where this guy was going through a divorce and for the custody hearings her lawyer got all of his browsing history. Another story about tax audits using web history and purchase history. Regardless of the merit of these stories, it really made me think about online privacy.
I am thinking about subscribing to a paid vpn (BTguard or Ipredator or others). I was wondering how hard this is to use, and if it is actually worth it, as they are so many opinions online. Would these keep my anonymous? Which is best?
Also, how hard is it to set up. I am completely confused about networking so any links or how to guides talking about the different types ports and connections etc.
Thanks!

More about : vpn security noob

July 8, 2012 9:21:59 PM

The basic concept is that by using a VPN, you establish a secure tunnel between you and the VPN provider within which your traffic flows, free from the prying eyes of others. A simple idea, and an effective one under the right circumstances.

So let’s say you use a VPN (e.g., http://strongvpn.com ). Now your ISP is unable to eavesdrop on your traffic, if indeed that is the problem you’re trying to solve. But what’s to prevent the VPN provider from gathering and using your information too? And even if they don’t, what’s to prevent some lawyer from getting a subpoena to force the VPN provider to turn over any information he may have collected (e.g., logs)? In fact, in some jurisdictions, he may be REQUIRED BY LAW to collect and retain such information.

So the VPN is not a magic bullet. It protects you from specific threats, but not all threats. The use of a VPN assumes you can and should trust the VPN provider. But that’s a presumption no one should take lightly. Anyone can setup a VPN, and I mean literally ANYONE. Heck, I run a VPN here on my own network for remote access purposes. It would take me only minutes to publish it and get customers if I wanted to. And spy on them if I was so inclined.

Even if you trust the VPN provider, your data ultimately has to end up somewhere in unencrypted form to be usable. And at that point somebody else sees it, probably stores it, and can be forced legally to turn it over should it prove necessary.

Just to complete the VPN picture, there are special VPNs called “onion routers”. A popular one is TOR. Because a traditional VPN is not intended to promote anonymity (it can be easily backtracked to you if necessary by reviewing the VPN provider’s logs), an onion router creates a “nested chain” of secure connections called “relays”. At no point is it possible for any of the relays in the chain to know BOTH the originating and destination IPs. Therefore, backtracking to the originating IP for any given traffic is much more difficult (if not impossible). However, even this has vulnerabilities. The last relay in the chain can always see your traffic (just like the VPN provider, it has to be able to unencrypt your data in order to pass it on to the destination IP). So anything in the data stream that might reveal who you are and what you’re doing can be seen. In the worst case, you might accidentally pass your originating IP as a data element or in some header, thereby undermining all your efforts to hide it! Also, all those relays come at a price in terms of performance – onion routers are not very fast.

So the bottom line is, it’s all very tricky and there is no easy/perfect solution. It’s better to know how stuff works so you appreciate all the ways in which you remain vulnerable, despite all the claims to the contrary, esp. by anyone trying to sell you something.
m
0
l
July 9, 2012 1:57:19 AM

Thank you for the response! I do use Tor browser bundle on occasion. thank you for explaining more about the vpn. I was doing some research and most said that they do not keep logs. I am not to concerned with getting subpoena'd and having to give me info, I am not really hiding anything but it still creeps me out how much my isp actually knows (I hate them so much for the policies, ie my internet went out on finals week for 3 days and when I called to complain that I still had to pay for full service they basically said to bad). So it is really just added protection I am looking for. So any ideas on what vpn?
I would like it be fairly simple to set up, able to work with torrent clients ( I hear thats trickier), and come from a reputable company.
Does anybody have any first hand experience with btguard, strongvpn as eibgrad stated, IPREDator, etc? It seems like their are wildly conflicting reviews and opinions about these.
thanks!
m
0
l
!