Tag Archives: VPN

News

Tech Insight : How To Check Your VPN

In this article, we take a look at some of the ways users can assess how good their VPN really is.

What Is A VPN?

A ‘Virtual Private Network’ (VPN) is used to keep internet activity private, evade censorship / maintain net neutrality and use public Wi-Fi securely (e.g., avoid threats such as ‘man-in-the-middle’ attacks). A VPN achieves this by diverting a user’s traffic via a remote server to replace their IP address while offering the user a secure, encrypted connection (like a secure tunnel) between the user’s device and the VPN service. This should mean that your Internet Service Provider (ISP) or anyone else cannot read what you’re doing while using your VPN.

VPN services apps are downloaded to devices and connected when they are needed, for example, for security when using public Wi-Fi and/or when working remotely.

Other VPN Uses

In addition to security, VPNs can also be used for:

– Hiding where and how you browse from your ISP so the details can’t be sold to advertisers or accessed in a data breach of your ISP.

– Accessing the latest film or series in a country where there are content restrictions in place.

Performance

A VPN should be fast and easy to operate and, obviously, secure, as well as being the right price (free ones are available).

Possible Issues With VPNs

Some of the possible issues with VPNs that could affect their performance include:

– Not being fast enough.

– Leaking a user’s IP address and/or DNS requests when the user goes online.

– Having broken features that may not secure a user’s true Internet Protocol Version 6 address (IPv6), which could expose the user’s details to third parties.

– Not having a good VPN ‘kill switch’ (Network Lock), thereby not keeping data secure if the connection drops for any reason.

– As highlighted by a 2019 VPN Pro study, almost one-third of the most popular VPN services are secretly owned by Chinese companies that may be subject to weak privacy laws.

Checking

Ways you find out if your VPN is satisfactory include:

– Using speed test tools such as the new open-source speed-test tool from NordVPN that allows users to compare the speeds of different VPN services. See: https://nordvpn.com/vpn-speed-test/ for details. Other VPN speed test tools include SPEEDTEST online https://www.speedtest.net/ or app – SPEEDTEST VPN (https://www.speedtest.net/apps/vpn), or by checking online rankings e.g., CNET’s comparison (speed and privacy) https://www.cnet.com/tech/services-and-software/fastest-vpn/.

– Check for DNS leaks / perform a DNS leak test to help discover if your VPN is private. For example, see https://www.dnsleaktest.com/, https://ipleak.net/, or https://surfshark.com/dns-leak-test. Connect to a VPN server and load ipleak.net in your internet browser, manually (disconnect) while the VPN client is running and then load some test websites while the VPN is reconnecting. This may identify brief reconnection leaks.

– Check for IP address leaks such as DNS IP leaks (see dnsleaktest.com or dnsleak.com), Torrent IP Leaks – if using Torrent( see http://checkmyip.torrentprivacy.com/), WebRTC IP Leaks from the web browser (use a Chrome extension e.g., such as WebRTC Leak Prevent or WebRTC Prevent Shield), or an email IP leak (see https://emailipleak.com/).

– Check whether censorship can be bypassed e.g., the user switching their VPN on and off while trying to access restricted content.

Limitations With VPN Testing Tools

It should be remembered that VPN testing tools may not be entirely reliable due to limitations such as a lack of transparency in how speeds are measured, their reliability and the verification of their results, and whether they work for a wide range of different VPN providers.

Reviews and Trusted Brands

For many people, a little online research of reviews, rankings, comparisons, and opinions is the most effective way of assessing the comparative effectiveness of a VPN. Also, many people may simply prefer to go with personal recommendations or go with well-known trusted brands when it comes to allaying fears about making the wrong choice or tackling feelings of post-purchase dissonance.

What Does This Mean For Your Business?

A VPN is one of several security tools that are now widely used by businesses/organisations and individuals. There is a wide choice available, and although it seems a fairly simple operation to sign up to one and start using it, making the wrong choice of VPN tool could potentially have serious consequences. Assessing just how good a particular VPN can, in reality, be quite complicated and time-consuming. Online measuring tools and apps can provide a reasonable idea, although they can also lack transparency and reliability. For many users, it’s a case of looking at different online comparisons or sticking with/switching to trusted, paid-for brands, or going with personal recommendations.

News

Tech Insight – What Is A VPN?

In this article, we take a brief look at what a VPN is, how it works, its advantages, plus its disadvantages.

What Is A VPN?

A Virtual Private Network (VPN) is a service that allows you to create a secure connection to another network over the Internet, thereby creating a secure, protected, encrypted ‘tunnel’. A VPN is a private, secure, way to send and receive data across shared or public networks as if your computing devices are directly connected to the private network.

How Does a VPN Work?

A VPN works by routing your device’s internet connection through your VPN provider’s private server rather than your internet service provider (ISP). This creates an encrypted virtual tunnel. Also, the fact that your traffic is exiting the VPN provider’s server means that your true IP address is hidden, thereby hiding your identity and location.

Why Use A VPN?

There are many reasons why people use VPNs including:

– A general wish to keep data secure, keep online activity private, and feel safer.

– Protection from the risks of using public Wi-Fi networks (e.g. while out and about).

– Maintaining security when working remotely/from home (as many have done during the pandemic).

– As a good way to protect all devices in one go (for example, most paid-for VPNs provide multiple simultaneous connections).

– To escape bandwidth throttling.

– For those living in countries where there are repressive regimes, VPNs can help users stay in touch with the outside without being detected. However, VPNs and proxies have been banned in Russia for several years now, and China has regulated Virtual Private Networks (VPNs) through the country’s Ministry of Industry and Information Technology, and required developers to seek a license from the government before creating VPNs.

Choosing a VPN

Things to consider when choosing a VPN service include:

– A service with no logging (no keeping of logs) can provide greater privacy.

– Find out where the VPN operator is geographically based.  For example, a VPN company in some countries may be subject to control and interference (enabling logging and adding tracking) by the state.  Many VPN services, for example are based in China.

– Google the VPN service to see if there has been any history of incidents and problems with the service.

– Read reviews about different VPN services (however, you should appreciate that that some may be unreliable, paid-for reviews).

– Make sure that the VPN service you choose has enough ‘exit nodes’ in the location you want to connect from in order to get better speed and service.

– Check whether the service disallows certain protocols e.g., P2P traffic, thereby potentially negatively affecting the service levels at certain times.

Advantages

Some advantages of VPNs include:

– Getting around geo-locking of content.  For example, a VPN can make a user look like they are in a region where content is available, thereby giving the user access to their favourite content wherever they are.

– VPNs provide safety, security, and anonymity e.g., they hide details such as location.

– VPNs are a good way to provide a secure connection for remote workers.

– Convenience. Having a VPN that can easily switched on (e.g., while using a device in public place such as a café) offers a very convenient mobile security and privacy solution.

– If shopping online, using a VPN can help save money by getting around different prices for services based on region.

– VPNs can represent a very cost-effective security measure when compared to the costs of some security software (licensing fees) and firewalls.

Disadvantages

Some of the disadvantages of VPNs include:

– Since a VPN is a virtual connection inside a physical network, slow connection speeds can sometimes be the result. VPN service providers are, however working on ways to minimise this problem.

– VPN blockers can be used by companies looking to charge users based on their geographic location.

– Setting up some VPNs can be complicated, and poor configuration from poor setup could lead to information leaks.

– Dropped connections can be a problem with VPNs. This can mean that a user’s true network information is displayed and can also lead to problems with a user’s ISP if sites have been visited that violate the ISP’s terms of service.

– VPNs may make it more challenging for activities that require bandwidth (e.g. gaming), however this can be easily enabled and disabled.

Popular VPNs

Popular VPN services promoted in the UK include ExpressVPN, NordVPN, Surfshark, IPVanish, CyberGhost, Hotspot Shield, ProtonVPN, and Private Internet Access.

What Does This Mean For Your Business?

A VPN is a convenient and effective security and privacy tool that has become particularly relevant for remote workers over the last year. Choosing a trusted, paid-for VPN solution with a good reputation is advisable for maximum peace of mind and VPNs offer benefits beyond just security (e.g. getting around geo-locking of content). It should always be remembered, however, that a VPN is one of many different tools and tactics that businesses can use as part of a much broader business and cyber security strategy.

News

Featured Article – How To Browse Privately

This article takes a brief look at what private browsing actually means with popular browsers and software, and how genuinely private browsing could be achieved.

Why Browse Privately?

Over 80 percent of websites use one or more tracking tools (Epic) and reasons for private browsing may be to avoid having your browsing history recorded, perhaps being on a shared or public computer (to avoid being tracked by your browser), or to avoid downloading cookies (to avoid being tracked by websites), or to be able to sign into multiple accounts simultaneously.

Tracking

The different ways that you can be tracked include:

– IP address. This string of numbers, set by the ISP, is a way for each computer using the Internet Protocol to communicate over a network. The IP address is necessary for accessing the Internet so that web servers know where to send the information that’s being requested.

– Cookies. These are text files loaded into a folder on the user’s web browser by the sites they visit. Cookies record details such as users’ preferences, and the last time they visited the website. Session cookies are used when a person is actively navigating a website but tracking cookies can be used to create long-term records of multiple visits to the same site. From the user point of view, cookies can serve a useful purpose (e.g. for logins) or can be used for targeted advertising.  Google recently announced an end to its third-party (tracking) cookies within 2 years for its Chrome browser following similar, earlier announcements by Safari (Apple), Mozilla’s Firefox (Mozilla) and Brave.

– Signed-in accounts. The accounts a user is signed-in to (e.g. Google or Facebook) can also track what a user has viewed, liked and more.

– Agent strings. When a user sends a request to a webserver to view a website, the request comes with information about the user attached to the User-Agent HTTP header.  This ‘agent string’ contains information such as the browser (type and version) and operating system being used.

Browsers – Private Browsing / Incognito Mode

Different browsers have different names for private browsing mode, e.g. InPrivate browsing (Edge), ‘Private’ for Firefox (Mozilla) and Safari, and Incognito for Google Chrome. 

Switching to this browser mode loads a news private window. This means that the new window is not signed to any accounts so can’t be tracked by them, cookies are not used, and any browsing is not added to the browser history. In this mode, however, the user’s IP address can still be tracked.

Do Not Track

‘Do Not Track’ (DNT) is a web browser setting that requests/asks that a web application to disable its tracking of an individual user. For example, switching the ‘do no’ track’ setting sends a signal to websites, analytics companies, ad networks, plug-in providers, and other services a user encounters while browsing.  However, due to a lack of consensus (or enforcement) most sites still track users despite the request not to.

Extensions For Browsers

Another option for users to try and maintain private browsing is to use an additional private browsing extension/add-on.  Examples include:

– Privacy Badger. This is a free extension that gradually learns to block invisible trackers.

– Ghostery. This is a free, open-source privacy and security-related browser extension and mobile browser app that blocks ads and stops trackers.

– Cookie AutoDelete.  This is an extension for erasing cookies for a browser tab when it closes.

– HTTPS Everywhere.  This free, open-source browser extension automatically switches thousands of sites from “http” to secure “https” thereby protecting the user from many different types of tracking/surveillance and account hijacking.

Whole Private Browsers/Search Engines

Users can opt for a whole browser that’s designed to be private, anonymous and to guard against tracking. Popular examples include:

– DuckDuckGo. This search engine, which is also available as a Chrome extension, doesn’t save the user’s browser history, forces sites to use encrypted connections, blocks cookies and trackers, and stops a user’s searches being sold to third parties for profiling and advertising.

– Epic Privacy Browser.  This is a secure web browser that blocks ads, trackers, fingerprinting, crypto mining, ultrasound, signalling, and offers free VPN (servers in 8 countries).

– Tor.  This browser uses a distributed network (randomly selected nodes) to anonymise the user’s IP address. Tor also encrypts traffic.  This makes it incredibly difficult for a user’s web traffic to be traced and very difficult for users to be tracked unless they reveal their IP address by enabling some browser plugins, downloading torrents, or opening documents downloaded using Tor.

– Brave. This is a free, open-source web browser, based on Chromium that blocks ads and trackers and allows users to use a Tor in a tab to hide history, and mask location from the sites a user visits by routing a user’s browsing through several servers before it reaches its destination.

VPNs

Many users now opt for a virtual private network (VPN) to allow them to make a secure connection to another network over the Internet, encrypt traffic, and hide their IP address. Since a VPN routes a user’s internet through another computer, where many other users of the VPN are using the same IP address, tracking is made very difficult. VPNs, however, don’t protect a user from being tracked, from cookies, from user-agent strings, or through the accounts they’re logged in to (e.g. Google), or from any VPN’s that keep logs of user activity and could sell those logs to third parties. Also, some services discourage the use of a certain VPN, and VPNs can slow down the user’s Internet connection dues to the re-routing and encrypting through the VPN server.

What Does This Mean For Your Business?

What this all means depends upon what level of privacy, for what purpose, and when users require it.  For most daily use, Private/Incognito browsing functions provide a fast way to access a reasonable amount of protection from normal tracking. Additional extensions /add-ons may add a convenient route to greater privacy. For times when users may feel that more security is needed, they may decide to opt for a VPN or for a more complete private browsing solution such as the Tor browser. It may also be the case that some business users, as a matter of preference and security, may choose to only use the private services (e.g. DuckDuckGo, Brave, or Tor), thereby always working with a privacy level that they feel comfortable with.  For many businesses, it’s more likely to be a case of a combination of privacy solutions used as and when required in a way that is compatible with daily working practices, authorised, approved, and recommended by the company and other relevant stakeholders. With popular browsers now stopping tracking cookies and news that the next Apple iPhone software update, iOS 14.5 will include an AppTrackingTransparency requirement where whereby all apps will need to request permission to track a user’s activities across other companies’ apps, pressure is now mounting on advertisers to come up with other ways to track and target users and maintain revenue streams.