Securing Your Connection With A VPN & Tunnelblick
A lot of the time, I am working in some location other than my trusted office network. Even when I am on my home network, I believe that a secure connection is just as important as all the other safety axioms we all are supposed to adhere to like password strength and not clicking on links in email from African royalty.
When I am not in my office, and many times when I am too, I use a VPN to encrypt my internet connections. This is mainly used to prevent data capture by anyone that is snooping. Now the likelihood of someone worrying about my banking information or Facebook account is minimal but being a security conscience person, I don’t mind taking the extra step just to be safe. So personally, I use a VPN, many others use a proxy instead. Although a proxy has some strengths, there are also a lot of weaknesses and I I think the problem is the general public who are using them are not sure of the difference between the two.
A Proxy Server (open proxy) is a computer that acts as an intermediary between your computer and the internet. All traffic that passes through the proxy server will appear to have come from that proxy server instead of your computer. This is based on the IP address of the proxy server. Proxy servers usually communicate with the internet using one of 2 different protocols; HTTP or SOCKS. Unlike a VPN as you will see below, proxies do not devote any resources to encrypting all the traffic that passes through them. Because of this, they can have connections (usually in the tens of thousands) at a time.
- Usually free
- Hides your IP address from basic checks
- Only useful for visiting websites
- HTTP traffic is not encrypted, only obfuscated
- Every browser must be individually configured to use the proxy
VPN or Virtual Private Network
A VPN creates an encrypted “tunnel” between your computer and the server that hosts the VPN. This means that all traffic passing through the VPN onto the open internet is unreadable by your internet service provider as well as the government. They can only see that you have a VPN and not what is being done with that VPN. These are generally encrypted with at least 128-bit encryption but are more common with 256-bit now. The VPN server can see what you do while connected which is why a good VPN provider will keep no logs. If it does keep logs, its users’ activities may be compromised making the VPN pointless. Although setting up VPN does usually involve downloading and installing a VPN client, or otherwise configuring your computer or mobile device, the computing skills needed are minimal, and most providers supply detailed step-by-step setup guides in any case. One good thing is that once set up, all your internet activity, no matter which program you use, is now safely routed through the VPN.
- Strong levels of encryption (128-bit up to 2048-bit)
- All internet activity is encrypted
- More expensive than a proxy
- If the VPN provider keeps logs, then it is pointless
- Can be slow at peak hours
What VPN Do I Use?
I have tried a couple and I have come to the conclusion that BTGuard is by far the best available right now. They charge $9.95 a month for their VPN that runs on 256-bit AES encryption which is more than enough to keep prying eyes out of your data.
- Simple download & install
- No records of usage stored
- 256-bit AES encryption
- Unlimited download speeds, 10Gbit servers
- VPN includes OpenVPN & PPTP
- Servers in Canada, Europe and Asia
Taking It A Step Further With TunnelBlick
Having a VPN is great, but it only works if you remember to turn it on. This is where TunnelBlick comes into play. Tunnelblick is a free, open source graphic user interface for OpenVPN on OS X. It provides easy control of OpenVPN client and/or server connections.
It comes as a ready-to-use application with all necessary binaries and drivers (including OpenVPN, easy-RSA, and tun/tap drivers). No additional installation is necessary, just add your configuration and encryption information. The great thing about it is it defaults to being turned on at all times. So once set up, it actively looks for an internet connection and once found, secures all your traffic.
VPNs are superior in almost every way compared to proxies. They protect your data as well as your location. Additionally because ISPs cannot monitor your activity, it is very effective at bypassing data throttling.
The only reason to choose a proxy over a VPN would be the price but with the average VPN costing around $10 per month, it is a small price to pay for your security. Try to skip 1 meal out at a restaurant each month and you are covered.
One word of caution: Nothing in this world is ever absolutely 100% secure. Although I wouldn’t worry about anyone breaking the encryption on your VPN, recent news from the Edward Snowden leaks point to the fact that the NSA/CIA might be able to decrypt data from VPNs. However at this point, they probably have a few other security issues to be worried about (i.e. ISIS, Snowden) other than your relationship being changed to “Its complicated” on Facebook.