A VPN (Virtual Private Network) is a discrete network of computers and servers that you can connect to through a public network. When you connect to a VPN you do so usually by launching a small VPN software client on your computer, login with your username and password, and your computer exchanges secret keys with a server located somewhere else in the world. Once both computers have authenticated each other, your internet communication with the server is and encrypted and secured from eavesdropping. This results in a new (temporary) IP address which is desirable for many number of reasons. After your traffic leaves the VPN server, it is no longer encrypted, but seems to originate from the VPN server. Done. Not really.
Choosing a VPN
How do we maintain our privacy when we are forced to give up control of our private information and we know that we cannot trust the entities to whom we give the information? If and when you include VPN in your set-up, get an activist account on an autonymous server or one that you can pay for with:
- anonymous coupons
- cash payments by mail – with a valid return address not associated with you and mind what printer you use: List of Printers Which Do or Do Not Display Tracking Dots, use only cash given anonymously as change and avoid making fingerprints.
- bitcoins – read the research – buy with cash from private sellers by mail and use blockchain wallet or MultiBit client (secure as long as the Java browser plug-in is not installed, use multiple sending and receiving addresses, multiple wallets), mix services, …
Avoid choosing a VPN server in the United States, United Kingdom and France. Germany and the Netherlands are considered ok by many, but despite net neutrality (or maybe because of it) the Dutch government hires companies for the dirty work. If you are in Europe or the US, it’s probably good to avoid countries like Eastern Europe, Russia, and China too, for it might attract attention.[linkview show_cat_name=”0″ cat_name=”Choosing VPN”]
Some of the Autonomous infrastructure: servers also provide VPN services.
How To[linkview show_cat_name=”0″ cat_name=”VPN”]
DNS (Domain Name System) services log your IP address, location, what you are browsing, when you are browsing and your ISP. Most VPN providers do not offer their own DNS servers and all of your DNS requests are sent to 3rd party DNS servers, over 3rd party networks. As soon as your query leaves the DNS server it can be monitored, logged, and manipulated: Phishing, pharming, censorship …[linkview show_cat_name=”0″ cat_name=”DNS leaks”]
Block connection when the VPN connection drops:[linkview show_cat_name=”0″ cat_name=”VPN firewall”]
Chaining with virtual machines
Sometimes, under certain circumstances, you not only want protection from tracking and profiling and leaks and exploits that circumvent VPNs or Tor, but also from traffic analysis. A relatively easy way to achieve this is to run nested VPN gateways inside separate Virtual Machines. Virtualisation requires installing an application like VirtualBox on your computer.[linkview show_cat_name=”0″ cat_name=”Chaining”]
Mirimir created an excellent guide for setting up VM’s for chaining. The below are some HowTo’s snapped from that guide, with images and notes added. The challenge is to improve it with each actual installation with problems encountered and comments made by the sisters on what is clear and what is not. The below posts are an ongoing effort. 😀