By Elmalla A. on March 09, 2018
Originally written for A.
Your online activities are now being tracked and recorded by various government and corporate entities around the world. This information can be used against you at any time and there is no real way to “opt out”.
In the past decade, we have seen the systematic advancement of the surveillance apparatus throughout the world. The United States, United Kingdom, Australia, and Canada have all passed laws allowing, and in some cases forcing, telecom companies to bulk-collect your data:
United States – In March 2017 the US Congress passed legislation that allows internet service providers to collect, store, and sell your private browsing history, app usage data, location information and more – without your consent. This essentially allows Comcast, Verizon, AT&T and other providers to monetize and sell their customers to the highest bidders (usually for targeted advertising).
United Kingdom – In November 2016 the UK Parliament passed the infamous Snoopers Charter (Investigatory Powers Act) which forces internet providers and phone companies to bulk-collect customer data. This includes private browsing history, social media posts, phone calls, text messages, and more. This information is stored for 12 months in a giant database that is accessible to 48 different government agencies. The erosion of free speech is also rapidly underway as various laws allow UK authorities to lock up anyone they deem to be “offensive” (1984 is already here).
Australia – In April 2017 the Australian government passed a massive data retention law that forces telecoms to collect and store text messages, phone calls, location information, and internet connection data for a full two years, with the data being accessible to authorities without a warrant.
Canada, Europe, and other parts of the world have similar laws and policies already in place.
Are VPN safe to use ?
VPNs hide your IP address. Period. But when you interact with a website, the VPN has to hand traffic back to you. If you click on the wrong thing, you can do irreparable damage to your device. That is true regardless of the VPN service. It is true even if that service has some filtering built into it. Key loggers, Bots, trojans, and all means of nasty things can still cause great harm. And then anything I do while in the VPN can be learned.
Additionally, VPN services, are by default a “man in the middle.” When we create intra-company VPNs, there is no man in the middle. We create a point to point or a company client to company server VPN. When you use a service, you do not know who it is in the middle. It might be good today, but compromised tomorrow. Good luck with that.
There is so much you need to disable in your browser to make it truly safe, that most web pages will not display correctly when you lock things down, and lock them down you must, if you really want to be totally safe, even when using a VPN.
The Internet is not a safe place. VPNs were not designed to make it safe. There are good and sound reasons for using VPNs.
A virtual private network essentially is intended to say, you and I are friends who need to share stuff and not let anyone in the middle see what we are sharing. If the other end is evil, then you are most assuredly not safe. If the man in the middle gets corrupted or was always corrupt, or insecure, you are not safe. If you or the other side has been compromised but bad code, you are not safe.
Why do you need a VPN?
Your internet service provider (ISP) handle converting URLs, such as i-awcs.com, into a numerical IP address, such as 188.8.131.52. But this is a very bad thing, because your DNS requests are clear text logs of every website you visit.
Internet service providers log these requests of their users. In the United States, the data can be sold to advertisers that want to target you based on your browsing history. In the UK and Australia, the data is recorded and stored for up to two years and is available to authorities for whatever they want to do with it.
Recommendation: Use a good paid VPN to hide your online activities and encrypt all your information. A few consideration when buying a VPN:
1) Avoid VPN providers located in countries cooperating with any of the 5 counties listed above.
2) Extra caution when using Android VPN application, as vast majority of VPN apps you find in the Google Play or Apple stores are dangerous and insecure. One team of researchers published a study on Android VPN apps that found:
- 84% will leak your real IP address
- 82% attempt to access your sensitive data (user accounts, text messages)
- 75% utilize third-party tracking
- 38% contain malware (malware, trojans, malvertising, riskware, spyware) to steal or damage your information
3) Never trust a Free VPN, they are being used as a tool to collect your data and resell it to third parties (a huge and profitable industry). Most people focus on the word “free” instead of seeing the big picture. Just like with Gmail, Facebook, and other free products, free VPNs are are just another way for companies to profit off your data.
We trust Nord VPN because it is located far from FBI & CIA hands, we explain the details at the bottom section of the page.
Is it legal to use a VPN?
Yes. In most countries citizens have a legal right to privacy, and as far as I know simply using a VPN service is illegal pretty much nowhere. vpns_for_beginners
More repressive countries such as China and Iran, who understandably do not like the unrestricted and largely unaccountable access to the internet that VPN allows,do ban VPN services from operating in their country, and attempt to block users from accessing overseas VPN services.
Even in China, however, which has the most sophisticated internet censorship system in the world, such blocks are only partially successful (and we have yet to hear of anybody getting into trouble just for using VPN).
In Europe the threat of terrorism has been seized on by a number governments to introduce wide-ranging surveillance laws, and in many countries (such as France and the UK) VPN providers are required to keep logs of users’ activity. VPN users looking for privacy should therefore avoid any services based in such countries, and use servers located in countries where logs are not legally required.
Is a VPN more secure?
VPN protects your data using encryption. Use OpenVPN (or maybe IKEv2) wherever possible. L2TP/IPsec is fine, but PPTP should be avoided at all costs (in my view it is irresponsible for a provider to even offer customers PPTP as an option!).
As a point of reference, the minimum default settings for the OpenVPN protocol are:
Hash authentication: SHA-1
This is more than sufficient for most users, but if you are the sort of person who worries about the NSA, then my minimum recommendation for a “secure” VPN connection that should be resistant against any known form of attack for the foreseeable future is:
VPN Protocol: OpenVPN with Perfect Forward Secrecy enabled
Hash authentication: SHA256
If your VPN is working properly then it should completely hide your IP address from any website you visit. Unfortunately, for a variety of reasons, this is not always the case. If a website can somehow detect your true IP address even when using VPN, you have what is known as an IP leak.
To determine if you are suffering an IP leak, visit ipleak.net. If you are connected to a VPN and you can see your true IP address (or even just your ISP’s name) anywhere on this page then you have an IP leak. Note that ipleak.net does not detect IPv6 leaks, so to test for these you should visit test-ipv6.com.
A related issue is VPN dropouts, as every VPN connection will occasionally fail. With a good VPN provider this should not happen very often, but it occasionally happens even to the best. If your computer continues to remain connected to the internet after a dropout, then your real IP will be exposed.
The solution is a “VPN kill switch” which either monitors your internet connection and shuts it down when it detects a VPN dropout, or uses firewall rules to prevent any internet traffic leaving your computer outside of your VPN connection.
Many VPN providers include a kill switch as part of their VPN software, but third party options are available. Alternatively, if feeling brave you can configure your own using firewall rules. Please see here for more discussion on kill switches, including how to configure OpenVPN for Android as a kill switch.
Using VPN does meaningfully improve your privacy and security, but it is important to understand what it will not help with:
VPN does not provide anonymity – as already discussed. If the NSA is after you, VPN will not help, and we consider any VPN provider that says VPN will make you “anonymous” (as many do) to be highly irresponsible.
VPN does not prevent tracking by websites – hiding your IP address with VPN helps a bit, but most tracking performed by websites and by marketing & analytics companies is performed using tracking technologies such as cookies and worse (including browser fingerprinting), which VPN will not help with. The best defense against this form of tracking is to use various browser add-ons and tweaks.
Recommendation: We recommend using a Nord VPN , and make sure that all your computer programs/services doesn't support auto-reconnect in case the VPN client timed-out or vpn service get disconnected. Many hackers were exposed due to this.
We chose Nord VPN because they are located in Panama, a country that don't have a history of cooperation with any of the 5 Eyes countries list above. And based on recommendation from well established pen-testers.
A cheaper option is to go for PIA VPN but don't expect a complete privacy specially from the 5 eyes specially they are located in UK. PIA do allow paying using Bitcoin.
Use a Zenmate (German company) chrome extension to act as a proxy for you to connect to websites from countries other than yours.
An exclusive VPN offer for 3 years for our readers.
Sources: Sven Taylor (Restore Privacy), Quora, Wiki, SymbianSyMoh, Best VPN