Open WiFi Privacy and VPNs

On Laptops

So i’ve been looking into securing my internet browsing lately. Thinking of sure ways to avoid man-in-the-middle attacks and falling victim to things like Firesheep since I use a lot of public wifi. I had recently discovered the VPN service HotspotShield.com (free) which encrypts your internet browsing from point to point thus avoiding any sort of WiFi snooping. It is a very good solution but didn’t seem reliable as of late and its ads got a bit annoying. But if free is what you are looking for I seriously recommend it.

I then invested in a year’s worth of PrivateInternetAccess.com’s VPN ($40 a year). It’s great if you set it up using your system’s native VPN abilities. Sometimes it disconnects when you put your computer to sleep (which some might see as obvious though it rarely disconnects for me when I do that.) Regardless it is still very nice and reliable, especially when you set up a script (Mac) that automatically turns it on upon boot. : )

Script:

tell application "System Events"
	tell current location of network preferences
		set VPNservice to service "My VPN's Service Name"
		if exists VPNservice then connect VPNservice
	end tell
end tell

Source: http://macscripter.net/viewtopic.php?id=22992

So VPN services seem like a great way to protect yourself on open networks and even to keep your ISP from peeking at your data and selling it off to the RIAA, ad networks, data miners, governments, etc. It is important to keep in mind that most of these company’s terms of service specifically say that they do not condone using their VPN for illegal activities.

On Mobile Devices

During my venture I did run into a problem; my phone would not let me connect to my VPN service. Many of us use smartphones most our day and what good is it encrypting your laptop’s traffic when you mostly surf the web on your phone? And can you even be sure your bank apps and other sensitive apps connect to their remote websites via SSL/ Secure Sockets Layer (protocol which encrypts your traffic on a per site basis)? There is no easy way of knowing.

So the problem I faced and many have faced is that some wireless carriers seem to block the ability to use VPNs on phones. For example my Droid X on Verizon can’t seem to successfully use my VPN no matter what I try. I even tried the rooted route, nothing. After much googling I came to the conclusion that there is nothing I can really do about it, my carrier has it’s firewall set up to disallow it, hopefully for security reasons and not because they want you to purchase a business account *cough*.

One thing I do know is that VPN connections actually seem to work on Apple iOS devices seamlessly. Maybe it’s because the device has been untouched by the carrier and works the way manufacturer means for it to work (+1 for Apple).

Update: After two weeks I decided to try to VPN from my Droid X again and it worked. Was something down when I tried it last or did Verizon see this post? Something was probably down. Anyways VPN now works on my Droid X on Android 2.3. Like on the iOS devices it disconnects after a few minutes so you can’t live on it like I wanted to. : (

My Conclusion

After purchasing a VPN service for a year and trying to hook up all my devices to it. I Came to a realization that complete security is almost impossible. Computers (and smartphones) don’t always stay connected to the remote VPN like one would like. In my opinion VPN is good if you frequently use open coffee shop WiFi to avoid lurking ‘hackers’ from getting their sticky hands on your info. And if that costs $40 a year then I think it is well worth it. As for your Android phone that doesn’t work with VPN because your carrier hindered it, keep it on 3G as much as you can! Or…*sigh* get an iPhone. Ouch that hurt.