Summary | Choosing | Configuration |
References: General | Android | Government | iOS |
Products/Reviews | macOS | Windows
Summary
- [1] Choose and Configure a Virtual Private Network (VPN) to connect to the Internet:
- To keep info extra private or secure:
when your device (or remote site) lacks the latest security updates
-- https: (normally secure) might be vulnerable,
or when communicating insecurely with a site via plain (unencrypted) http:
-- block ad injections/tracking by ISPs,
or when you're on an open, public, insecure non-WPA Wi-Fi network
(including Wi-Fi with a widely distributed password, e.g., coffee shop -- though https: is usually enough)
-- avoid MITM (man-in-the-middle) attacks from nearby,
or when using a foreign cell carrier or SIM card (whose encryption might be compromised),
or when plugging into a public ethernet jack, e.g., hotel cabling and/or switches may have been compromised. - If travelling, esp. internationally -- avoid monitoring and bypass content/service blocking,
e.g., [1] location-based "geofencing", e.g., streaming services, banks? [2] government censorship of sites/apps - Potential disadvantages: configuration, slower, sites may detect/block VPN access
- How much of connection is encrypted / anonymous?
{Figure 4. TCYOP-4: 60; TCYOP-3: 48} - Connection between you and the VPN uses your IP address
-- everything is encrypted. - Connection between VPN and destination site uses VPN's IP address
-- content still encrypted, if https: used initially - Site does not see original IP address -- however, anonymity not guaranteed
if government or hacker can obtain VPNs server logs - [1] Reduce monitoring/logging by network providers (ISPs, cell companies) and governments
- If not using a full VPN, at least encrypt web address (DNS) lookups?
- "1.1.1.1 Faster Interet" (free Cloudflare app; iOS, Android) uses a VPN
to enable faster more secure DNS lookups (only) -- not content) (section: WiFi: DNS) - [2] If working remotely -- company info very attractive to hackers/spies
- [2] Reduce recording of your searches by search engines, e.g., Google
-- there are easier ways, e.g., see :Browsing:Search Privately - [3] For more anonymity (IP address), see Browsing:Anonymity, e.g., Tor, TAILS
- [3] If you're a high-profile target: dissident, whistleblower, executive, celebrity, wealthy, cryptocurrency speculator, ...
- [3] Supplement your firewall protection
- References
Choose a VPN Service
- paid version vs. free (ads, limits)
- performance -- it can be somewhat -- or a lot -- slower
- company experience, longevity, privacy policy, trustworthiness
- anonymity decreased by server logs?
- network reliability, availability
- bandwidth/transfer limits
- configuration ease & support
- trustworthiness & accuracy of product reviews
-- there are many mediocre or bad services; don't choose only because of an 'incredible' (life-time) price. - country of company's servers and operations?
some believe their government can't obtain their logs if a VPN company is based 'offshore';
if ownership and security policies of a VPN are not transparent, can you trust that it isn't run by a government agency, or ? - Joe's recommendations {TCYOP-4: 60-61; TCYOP-3: 49-50} -- all platforms, unless otherwise noted
- [1] Free, ad-supported, usage caps, e.g., Hotspot Shield; privacy risk?
- [1] Free, specific browser, e.g., Opera; Mac, Win
- [1] Paid services/subscriptions:
- Cargo VPN (Mac-only)
- Encrypt.me (formerly Cloak)
- Disconnect Premium; browser only? includes other privacy and security features
- IVPN
- personalVPN / WiTopia* (also: jumpthewall.net);
Why Use a VPN?; Why We're the Best VPN;
[1] And, iOS, Mac, Win; [2] others -- on right: "Quick Connect" screen;
*if you subscribe to personalVPN, please use this referral link (or code: Q8Hg3YRM)
-- you'd receive an immediate 15% discount, and Steve receives a similar credit! - Private Internet Access (PIA)
- [3] NordVPN; also routes your connections through Tor
- [3] Hardware VPN router, e.g., WiTopia Cloakbox Pro, e.g., for all home devices
Configure and Use a VPN Service
- Example personalVPN (Witopia): all platforms: apps & manual setup
- personalVPN apps available: Android; iOS; macOS, Windows
- others (manual setup): Chromebook, Fire, Linux, Surface, etc.
- In app, login using separate VPN username and password
-- different from main account credentials. - iOS:
Settings > VPN
; right: configurations: "1.1.1.1" & personalVPN - Instead of default (Quick) connection, change to
a gateway/server in a different country or specific city,
e.g., on right: iOS and Mac screens - [2] comparison of protocols;
setup: IPsec; L2TP; IKEv2;
[3] OpenVPN/OpenSSL most secure/customizable;
[3] PPTP older, not recommended
References
- {TCYOP-4: 59-66; TCYOP-3: 47-57; Recommendations, Beware VPN Review Sites, The Problem of End-to-End Privacy, Using a VPN Router, SSL Implementation Bugs and Issues, Avoid DNS Mischief}
- sections: Refs: Android; Government; iOS; Products/Reviews; macOS; Windows
- topics: censorship, China, IPSec, L2TP, PPTP, OpenVPN
- Wikipedia: VPN; proxy server
- Wikipedia: Tunneling Protocol; Internet Protocol Security (IPsec); Point-to-Point Tunneling Protocol (PPTP); Layer 2 Tunneling Protocol (L2TP); OpenVPN
- table: PPTP vs L2TP/IPSec vs OpenVPN
- HowStuffWorks: How VPNs Work
- dnsleaktest.com, ipleak.net check if IP address private
- Think you need a VPN?
This simple guide will help you decide if you do; TC; 11/15/2024 - How to Use a VPN: Everything You Need to Know CNet; 11/15/2024
- Is a VPN Worth It? How to Decide if You Need a VPN CNet; 9/13/2024
- Don't Fall for These 7 VPN Myths
1. VPNs are mostly for illegal activity
2. VPNs make you completely anonymous
3. Free VPNs are just as good as paid VPNs
4. VPNs speed up your internet
5. VPNs can bypass any geo-restrictions
6. VPNs are too complex to use
7. VPNs protect against malware and viruses
CNet; 11/9/2023 - 5 Reasons to Use a VPN CNet; 9/29/2023
- VPN Obfuscation: What It Is and Why You Might Need It CNet; 8/17/2023
- Why You Should Use a VPN When Booking a Hotel it's travel industry standard to use dynamic pricing, location is one of the many factors that affect prices
-- one of the few you can control; LH; 8/9/2023 - Browser-Based VPNs: 3 to Try if You Want to Improve Online Privacy
easier and speedier to use than typical VPNs (router, apps), these lightweight privacy boosts are handy to have around;
Brave Firewall + VPN; Firefox Private Network; Chrome w/ a VPN extension; CNet; 10/7/2022 - What You Need to Know About Google's VPN
if you pay for Google's cloud storage, you might be able to take advantage of it; Giz; 2/25/2022 - 3 companies control many big-name VPNs: What you need to know
Kape Technologies Plc (Formerly Crossrider Plc): CyberGhost VPN (Crossrider), ZenMate VPN, Private Internet Access, ExpressVPN;
Ziff Davis (Formerly J2 Global, Inc.): IPVanish, Strong VPN (Encrypt.me, ibVPN, SaferVPN);
Nord Security (Tesonet): NordVPN, Atlas VPN, Surfshark;
CNet; 2/5/2022 - Here's why you probably don't need to rely on a VPN anymore
the widespread use of encryption has made public internet connections far less of a security threat, cybersecurity experts say; NBC; 12/31/2021 - A New Report on VPNs Shows They're Often a Mixed Bag for Privacy
Consumer Reports white paper; Giz; 12/8/2021 - iCloud+ Private Relay explained: Don't call it a VPN
'public beta' feature this fall for paid iCloud accounts;
VPN differences: works only w/ Safari, not all traffic;
easily identifiable as a 'proxy server' (VPNs usually aren't);
can't hide your region; MW; 11/17/2021 - It’s Time to Stop Paying for a VPN
more sites use https: and/or support MFA; NYT; 10/6/2021 - NSA, CISA Release Guidance on Selecting and Hardening Remote Access VPNs 9/28/2021
- Can ISPs, Websites, and Your Boss Tell If You're Using a VPN? LH; 9/10/2021
- VPN Hacks Are a Slow-Motion Disaster
recent spying attacks against Pulse Secure VPN are just the latest example of a long-simmering cybersecurity meltdown;
Wired; 4/25/2021 - Is your VPN secure? How to make sense of VPN encryption PC; 3/24/2021
- Three VPNs popular with criminals and active for over a decade have had their servers and web domains seized by law enforcement from US, Germany, France, others safe haven for cybercriminals to carry out ransomware attacks, web skimming operations, spearphishing, and account takeovers; ZD; 12/22/2020
- Researchers say seven Hong Kong-based 'no log; VPNs have left 1TB+ of user logs and personally identifiable info exposed on the internet Reg; 7/17/2020
- VPNs: 3 things they can't help you with Let you game at work without the boss knowing; Protect you from viruses and tracking; Get you online during an internet shutdown; CNet; 3/10/2020
- Popular VPN And Ad-Blocking Apps Are Secretly Harvesting User Data Android: Free and Unlimited VPN, Luna VPN, Mobile Data, Adblock Focus; iOS: Adblock Focus, Luna VPN; BF; 3/9/2020
Android
- Best Android VPN CNet; 10/9/2023
- The 5 best VPNs for Android PC; 6/17/2023
Government
- Russians Need VPNs. The Kremlin Hates Them Wired; 3/30/2022
iOS
- All iOS VPNs are worthless and Apple knows it, claims researcher
long-time bug in iOS prevents any VPN from fully encrypting all traffic; ApIn; 8/17/2022 - Security researchers warn of scam VPN apps on iOS Buckler VPN, Hat VPN, Beetle VPN; fake reviews, expensive subscriptions; ApIn; 6/3/2020
- Researcher: a vulnerability affecting iOS 13.3.1 and later prevents VPNs from encrypting some traffic, potentially exposing user data or leaking IP addresses BC; 3/26/2020
- How to View VPN Connect Time on iPhone or iPad OSXD; 2/5/2020
macOS
- How to use a VPN on a Mac MW; 12/7/2022
- Apple has removed a controversial feature in macOS 11.2 beta 2 that allowed its own apps to bypass third-party firewalls, security tools, and VPNs ZD; 1/14/2021
- Apple apps on Big Sur bypass firewalls and VPNs TNW; 11/16/2020
- How to Delete a VPN Configuration from Mac OSXD; 2/2/2020
Products / Reviews
- Best VPN services: Reviews and buying advice for Mac users MW; 10/17/2024
- The Best Free VPN NYT; 9/9/2024
- Best VPN Services: Reviews and Buying Advice PC; 8/27/2024
- Best Mac VPN CNet; 8/20/2024
- Private Internet Access VPN review MW; 8/13/2024
- Best VPN service CNet; 7/1/2024
- Best VPN for Travel CNet; 6/8/2024
- Best VPN Service NYT; 6/4/2024
- DuckDuckGo VPN: A User-Friendly Privacy Boost, but Not for Power Users CNet; 4/19/2024
- The Best Free VPNs LH; 1/12/2024
- The Best VPNs to Protect Yourself Online Wired; 7/9/2023
- TunnelBear 5.0.1 TB; 4/21/2023
- NordVPN review: A great choice for Netflix fans, but who's running the show? NordVPN has good performance, great features, and it suits novices and power users alike. But who is running the show down there? PC; 9/29/2021
- You Should Probably Stop Using ExpressVPN
Kape Technologies (an Israeli technology firm with a controversial past) owns ExpressVPN, Private Internet Access (PIA), CyberGhost, ZenMate; Giz; 9/24/2021 - Which VPN Providers Really Take Privacy Seriously in 2021? 6/14/2021
- Is a free VPN safe? What to look for
Who runs the VPN?
What data does the VPN collect?
What does the VPN do with your data?
How does the VPN make money?
How does the VPN secure your data?
Best free VPNs to start with; PC; 3/15/2021
Windows
- Malwarebytes releases new VPN service for Windows Malwarebytes Privacy. in future: Mac, iOS, Android, ChromeOS versions; BC; 4/23/2020