Tips & Tricks: You’re Not Using a VPN? Bad Idea

A PCMag survey demonstrates that most people are aware of the privacy risks on the internet, but most aren’t doing anything about them.

By Max Eddy of PCMag.com

In the past few years, PCMag has seen VPN services go from being fringe security utilities to red-hot, must-have cyber accessory.

The popularity (and necessity) of the once-lowly VPN is certainly due to the ever-growing legal and technological challenges to individual privacy. Virtual private networks are a tool whose time has clearly come. That’s why it’s so surprising that a poll conducted by PCMag found that, despite understanding the threats to their privacy, the vast majority of respondents don’t use VPNs and never have.

Unsecured Traffic

 

Of the 1,000 people polled by PCMag between Feb. 7-9, 71 percent have never used a VPN.

That struck me for two reasons. First of all, the search volume we receive at PCMag for VPN-related articles is enormous. Second, many companies require the use of a corporate VPN when working remotely. That might explain why 15 percent had used a VPN in the past, but don’t currently log on.

Most people, I assumed, would have crossed paths with a VPN at some point. And yet, the vast majority of respondents not only do not currently use a VPN, they have never laid hands on one.

New (and Old) Threats to Privacy

What’s interesting about the recent interest in VPNs is that it hasn’t been tied to a single issue, but rather an avalanche of privacy and security concerns. An awful lot has happened in the last few years, the answer to which has often been “use a VPN.”
One of the first news items that seemed to spur VPN adoption was the decision by Congress to allow internet service providers (ISPs) to sell anonymized user data.

That’s reflected in our survey data, where 25 percent of respondents (correctly) identified ISPs as the biggest threat to their individual privacy.

In our survey, 24 percent of respondents also listed Facebook as a threat to their privacy. This was despite the fact that our survey was in the field back in February, before the Cambridge Analytica scandal raised nascent privacy concerns about the social network to a new level. I imagine that if we ran the same survey now, even more consumers would be concerned about Facebook, and rightly so.

Admittedly, a VPN won’t do much when it comes to the kind of surveillance carried out by Facebook, but it’s still spooky to learn that the company is even tracking users who don’t have Facebook accounts.

These issues haven’t been limited to the US. Russia and China have introduced new rules that make it much harder for VPNs to operate within those countries. Furthermore, Russia recently banned popular encrypted messaging app Telegram, reportedly driving more users to adopt VPNs.

Another threat reflected in the survey is the dangers in using public Wi-Fi networks. There’s no way to know that the network labeled “Starbucks_Wifi” is legit and not a network created for the express purpose of nabbing people’s personal information. Fortunately, 43 percent of respondents said the main reason they would use a VPN was to access public Wi-Fi.

And then there’s net neutrality. Many hoped that the ongoing fight to ensure that ISPs must treat all web traffic equally in terms of speed and accessibility would end with updated FCC rules during the Obama administration. Unfortunately, a new FCC chairman decided (incorrectly) that these rules were unnecessary and successfully dismantled them.

This is where our numbers seem a bit out of step with reality, as we found that 55 percent of respondents who agreed with the concept of net neutrality had never used a VPN. Although 46 percent said they supported it, 32 percent didn’t know what it was. That’s disappointing on its own.

Is Privacy Dead?

Also disheartening were the responses about voluntarily surrendering personal information.

A dismal 62 percent of respondents said they’d willingly hand over personal information for free Wi-Fi. Another 23 percent said they would hand over personal info for exclusive content on video streaming platforms, and 13 percent said they’d do it for exclusive content in video games.

A staggering 7 percent said they would surrender personal info for free adult content. I find this particularly mind blowing, as there is not (last I checked) a dearth of free porn on the internet.

That said, a key caveat of this particular set of questions was the phrase “willingly.” Too often, people aren’t aware of the information they’re giving up in exchange for a free mobile app or what companies can see when they share a post on Facebook. If we’re going to use our personal information as currency, it’s better that we make those transactions willingly.

You Should Definitely Use a VPN

In all my writing about VPNs, I’ve tried to stress their limitations. They won’t make you truly anonymous online (you need Tor for that), and there’s a risk anytime you use a for-profit company for security (you can roll your own VPN with Outline, but I digress).

Many of you have concerns about using VPNs in general, such as what kind of impact a VPN will have on internet speeds (37 percent), whether or not it will work with a particular online service (15 percent), and if it can be used to access Netflix (28 percent). Those are legitimate concerns, and ones that have only been partially solved by VPN companies.

But the last few years have shown that an economy based around gathering user data has real consequences. Between data breaches, foreign election influence, and the sheer volume of data being gathered by seemingly innocuous services, it’s never been more urgent to take control of our privacy online. A VPN won’t solve all those issues, but it’s a start and one that only 29 percent of you have so far used.

 

Do you use a VPN for your personal network? Sound off in the comments below!

Tales From The Orchard: What Happened to Apple’s Moral Backbone?

 

 

By Joseph Holt of Fortune.com

Last year, Apple was on a moral high in its defiant standoff with the FBI over whether the company would help the agency unlock the iPhone of one of the San Bernardino shooters. The company was hailed as a hero in the fight against government intrusion.

But the company is no longer being hailed as a privacy rights hero. In January 2017, China’s Ministry of Industry and Information adopted a new regulation requiring virtual private network (VPN) developers to obtain a license from the government. VPN apps are one of the few ways that someone living in or visiting China can bypass the “Great Firewall” that restricts access to foreign websites—including perennial favorites like Google, Facebook, Twitter, and Instagram. In response, on July 29, Apple announced that it was removing all major VPN apps—which help Internet users circumvent censorship systems—from its App Store in China (the apps remain available in all other markets).

I can personally attest to the effect of this change. I am writing this piece from a hotel room in Beijing, where I was unable to access my Gmail account for the first two days here, even with a VPN connection. I eventually found a work-around, but the experience has left me sensitive to the importance of readily available means for getting around laws that unduly restrict the availability and flow of information.

Apple has explained that it is legally required to remove some of the VPN apps that do not meet this new regulation. But critics charge that Apple’s removal of many VPN apps from the App Store in China is inconsistent with its defiant stance against the FBI last year. On Tuesday, Apple CEO Tim Cook responded to this critique. He correctly explained that the two situations are not the same, because, “ In the case of the U.S., the law in the U . S . supported us. It was very clear.”

But Apple’s argument—that submission to censorship laws in China is necessary and that the company has to follow local law wherever it operates—is flawed.

The argument is presented as if a company has no choice but to follow local law. History shows that not to be true.

During the apartheid regime in South Africa, for instance, some U.S. companies committed to the Sullivan Principles—corporate codes of conduct developed by Rev. Leon Sullivan that became a framework for dismantling apartheid—and engaged in what Sullivan called corporate civil disobedience.

These companies integrated their workforces and appointed blacks to supervisory positions in a way that defied apartheid laws. And as Sullivan explained, “Once we changed the practices in the workplace, then changes in the laws followed.”

Corporate civil disobedience is probably not the right way for Apple to go in China now, but it remains a viable option should the privacy situation worsen.

Similarly, Yahoo lost a great deal of respect from human rights groups, news organizations, and American political leaders—and its stock shares plunged—when it offered the same defense for providing Chinese government authorities information that was used in a legal case against Chinese journalist Shi Tao in 2005.

Shi was convicted of sending to a Chinese-language website based in New York a message from Chinese censorship authorities warning Chinese journalists not to report on pro-democracy demonstrations on anniversary of the 1989 pro-democracy demonstrations in Tiananmen Square. He was sentenced to 10 years in prison.
Yahoo Co-Founder Jerry Yang sounded very much like Cook in explaining that his company had no choice but to comply with Chinese law: “To be doing business in China, or anywhere else in the world, we have to comply with local law.

I am not equating Yahoo’s actions in China in 2005 with Apple’s recent VPN app removal. But I am saying that there are times when the legal argument is morally inadequate.

How do you feel about American Tech companies compromising American beliefs in order to sell more of their products? Let us know in the comments below.

T&T: Tips for keeping strangers off your Wi-Fi network

 

 

Give digital trespassers the boot.

By David Nield of Popular Science

You don’t want neighbors or passers-by stealing your Wi-Fi any more than you want them stealing your water, electricity, or carefully curated collection of Blu-ray movies. In fact it’s more serious than that—if someone can hook on to the same network as you, it becomes easier for them to snoop on your browsing and your locally stored files.

So how do you go about locking things down? Thankfully, keeping unwelcome visitors away from your Wi-Fi isn’t difficult and doesn’t need an IT qualification. Here’s what you need to do.

Keep changing your password

By far the easiest way to boot freeloaders off your wireless network is to change the Wi-Fi password. You need to do this through your router’s settings—either dig out the manual or run a quick web search to find the instructions for your particular make and model.

Change the password to something very hard to forget (for you) and impossible to guess (for everyone else) and you’ve got a clean slate as far as access to your wireless network goes. You do have the inconvenience of then reconnecting all of your devices and computers, but it’s a small price to pay for a clean Wi-Fi slate. Pick something that’s important to you, like a date or a name, but that no one else would think of, so it’s both simple for you to enter and secured against unwanted visitors.

 

The router’s initial password is often printed on a sticker that’s attached to the device itself, so changing it will prevent guests like party goers from spying on the security code. If the password’s only in your head or somewhere secure then no one else can connect up until you tell them what it is.

Actually, that’s not quite true—some routers feature one-touch WPS (Wi-Fi Protected Setup) connectivity, so connecting to Wi-Fi can be done with a push of a button on the router itself. If you’re worried about someone doing this to get on the web, you can usually disable it through the router settings.

Check your router settings

While we’ve got your router configuration page open, a few other settings are worth looking at. First, change the default password used to access the router settings page to something else—this stops anyone who might gain access to your network from changing the Wi-Fi password themselves. As you’ll have realized when you accessed your router settings for the first time, you need a password to get into the menus, and a separate one to connect to Wi-Fi, so changing them both gives you maximum protection.

It’s also worth applying any pending firmware updates, which ensures your router is running the latest and most secure version of its own basic operating system. Again, with so many router makes and models on the market we can’t give you instructions for each one, but it should be simple to do—find the instruction booklet or a guide on the web for your device and it will only take a couple of minutes.

 

Elsewhere in your router’s settings you should find a screen listing the devices connected up to your Wi-Fi: Is there anything there you don’t recognize? You often have the option to disconnect a device, depending on the type of router you’ve got, though you might need to do a bit of detective work to identify the devices your router lists.

Finally, you should be able to find a setting that ‘hides’ your network (the technical term is the SSID or service set identifier) from view, so it won’t appear when your neighbors or visitors scan for Wi-Fi on their devices. If you need to connect a new device, you need to enter the SSID manually. It’s not a huge improvement in Wi-Fi security, but it’s a neat trick that can help you stay under the radar of hackers and Wi-Fi freeloaders.

Other security tips

If you want some extra help spotting who’s on your network who maybe shouldn’t be, beyond what your router offers, try Fing for Android or iOS, Acrylic Wi-Fi for Windows, or Who Is On My Wi-Fi for macOS. All those apps are free (for non-commercial use), and are easy to navigate around no matter what your level of networking know-how. Various other apps are available to do the same job too.

 

Installing a VPN on your computer doesn’t do anything extra in terms of stopping people from connecting to your Wi-Fi, but it does add an extra layer of encryption between you and the web—so that anyone who does manage to gain access to your network is going to have a much harder time trying to snoop on your activities (which websites you visit, the data you’re sending and so on). While a VPN might slightly slow down your connection speed, it keeps you a lot safer—just be sure to choose a reputable, paid-for service.

Finally, if your computer is close enough to the router to wire it up directly, and you’ve got strong cellular reception on your phone, you could turn off Wi-Fi on your router every once in a while, which can be done through the router settings on all modern boxes. No one’s going to be able to hook up to your Wi-Fi network if it’s switched off.

Do you have any tips for securing your home wifi network? Share them with us in the comments below!

Create a website or blog at WordPress.com

Up ↑

%d bloggers like this: