Cybersecurity before, during, and after your moveJanuary 29, 2019 / by Aimee O'DriscollHow to Use Offensive Techniques to Enrich Threat IntelligenceJanuary 29, 2019 / by David BalabanHow to use Tor country codes on Windows, Mac & Linux to spoof your locationJanuary 17, 2019 / by Josh LakeHow to spot and avoid Ponzi schemes onlineJanuary 14, 2019 / by Steve AdamsWhat’s the best popup blocker? We put 12 to the testJanuary 1, 2019 / by Sam Cook
HTTPS is a powerful tool that everyone should use because it helps keep sensitive browsing private at no extra cost to the people using it. But like most security standards, it has its own problems too. That little lock icon in your browser bar, which indicates the HTTPS connection, relies on a certificate “signed” by a recognized authority. But there are hundreds of such authorities, and as the EFF says, “the security of HTTPS is only as strong as the practices of the least trustworthy/competent CA [certificate authorities].” Plus, there have been plenty of news stories covering minor and even major vulnerabilities in the system. Some security professionals have worried about those least-competent authorities, spurring groups to improve on the certificate standards and prompting browsers to add warnings when you come across certificates and sites that don’t withstand scrutiny. So HTTPS is good—but like anything, it isn’t perfect.
Think about it this way: If your car pulls out of your driveway, someone can follow you and see where you are going, how long you are at your destination, and when you are coming back. They might even be able to peek inside your car and learn more about you. With a VPN service, you are essentially driving into a closed parking garage, switching to a different car, and driving out, so that no one who was originally following you knows where you went.
Using a Virtual Private Network (VPN) when you're online is becoming increasingly important these days. While the internet is a public space, a VPN acts like an invisibility cloak and makes your online activity virtually anonymous, making it hard for someone to track you when you're online — whether you're concerned about your internet service provider, the government, or malicious hackers.
ProtonVPN is one of the newest VPN services, and it boasts some star-studded founding members. The company was founded at CERN, the birthplace of the internet, and grew out of the ProtonMAIL service that’s been protecting the email of activists and journalists for years. The service acts as a Swiss company and is thus free from the laws of the U.S. and the European Union. It’s also not a member of the “fourteen eyes surveillance network,” and user traffic isn’t logged and passes through privacy-friendly countries, so you needn’t worry about your true IP address being revealed.
Other features include a kill switch, which will shut down your Internet connection if you lose access to the VPN for whatever reason, and the ability to share encrypted connections as a secure wireless hotspot, if your router supports the feature. Windscribe also supports anonymous payment via Bitcoin and gift vouchers, and you don’t to provide an email address in order to sign up.
VPNs can be either remote-access (connecting a computer to a network) or site-to-site (connecting two networks). In a corporate setting, remote-access VPNs allow employees to access their company's intranet from home or while traveling outside the office, and site-to-site VPNs allow employees in geographically disparate offices to share one cohesive virtual network. A VPN can also be used to interconnect two similar networks over a dissimilar middle network; for example, two IPv6 networks over an IPv4 network.
The app likewise prevents websites from collecting users’ private data, allowing for safer and more secure web browsing. To make things even better, the solution automatically connects whenever an unsecure Wi-Fi connection is detected, ensuring constant protection. It connects to the nearest server, resulting in optimum speeds. But one can also connect manually and be able to choose a preferred server.
Mobile VPNs are designed and optimized to ensure a seamless user experience when devices are switching networks or moving out of coverage. It generally has a smaller memory footprint, and because of that, it also requires less processing power than a traditional VPN. Therefore, it enables your applications to run faster while the battery pack is able to last longer.
Mobile Apps: If you’re going to spend money on a VPN service provider (or even if you use a free one, frankly), you should be able to get a consistent experience across all of your devices. Most prominent providers offer desktop and mobile solutions for individual users, and while corporate and school networks may be a bit behind the curve here, they’re catching up too. Make sure you don’t have to use two different VPNs with two different policies and agreements just because you want to secure your phone along with your laptop.
The number and distribution of those servers is also important. The more places a VPN has to offer, the more options you have to spoof your location! More importantly, having numerous servers in diverse locales means that no matter where you go on Earth you'll be able to find a nearby VPN server. The closer the VPN server, the better the speed and reliability of the connection it can offer you. Remember, you don't need to connect to a far-flung VPN server in order to gain security benefits. For most purposes, a server down the street is as safe as one across the globe.
DNS servers are a bit like the phone books of the Internet: You can type in “thewirecutter.com,” for instance, and one of the many DNS servers behind the scenes can point you to the IP address of a server hosting the site. Most of the time, your DNS requests automatically route through your ISP, giving the ISP an easy way to monitor your traffic. Some VPN services rely on third-party DNS servers, but the best ones keep DNS servers in-house to prevent your browsing history, or your IP address, from getting out.
A good VPN will have plenty of servers spread out over a large number of locations and countries, and you generally want a service that's based not in your own country or in a country that's good friends with the one you live in. Support for OpenVPN, the current standard for VPN protocols, is preferred, and you want to be able to connect multiple devices simultaneously.
In 2011, a LulzSec hacker was arrested for his involvement with an attack on the Sony Pictures website. Cody Kretsinger used HideMyAss VPN to conceal his identity, but the company complied with a court order to hand over evidence that led to his arrest. This occurred in spite of the company’s pledge not to keep any logs of user activity. HMA says it does not log the contents of its users’ internet traffic, but it does keep detailed metadata logs that include users’ real IP addresses, which was enough to charge Kretsinger with a crime.
The IVPN app’s default settings are great for most people, who should be happy just smashing the Connect button and not fiddling with settings. The desktop app defaults to a secure OpenVPN connection with AES 256-bit encryption (what we consider the standard at this point), and the mobile app can (and should) be toggled to OpenVPN as well. Our budget pick, TorGuard, defaults to the weaker (but also acceptable) AES 128-bit encryption unless you manually change it, and hasn’t added OpenVPN support on its iOS app.
While a VPN can aid privacy and anonymity, I wouldn’t recommend fomenting the next great political revolution by relying solely on a VPN. Some security experts argue that a commercial VPN is better than a free proxy such as the TOR network for political activity, but a VPN is only part of the solution. To become an internet phantom (or as close as you can realistically get to one), it takes a lot more than a $7 monthly subscription to a VPN.
The more locations a VPN provider houses servers, the more flexible it is when you want to choose a server in a less-congested part of the world or geoshift your location. And the more servers it has at each location, the less likely they are to be slow when lots of people are using the service at the same time. Of course, limited bandwidth in and out of an area may still cause connections to lag at peak times even on the most robust networks.
Oh, heck no. A VPN can help make sure you're not snooped on when connecting between your computer and a website. But the website itself is quite capable of some serious privacy violations. For example, a VPN can't protect you against a website setting a tracking cookie that will tell other websites about you. A VPN can't protect you against a website recording information about products you're interested in. A VPN can't protect you against a website that sells your email address to list brokers. Yada, yada, yada.
IPVanish operates hundreds of servers in 60 countries, including 12 in APAC. It owns all of its own physical servers resulting in some of the fastest download speeds available from any VPN. Those speeds cannot be put toward streaming Netflix, however, as IPVanish is currently not able to unblock Netflix. It’s a good option for P2P filesharers. Torrenting traffic is allowed on all servers. The company is based in the US but has a strict no logs policy.