Personal VPN

It’s a truth universally acknowledged that public Wi-Fi hotspots aren’t secure, but they’re so convenient that most of us use them anyway. That’s why there was something of a panic last year when Eric Butler showed everyone how easy it is to hijack Facebook, Twitter and PayPal accounts on open Wi-Fi networks via his FireSheep Firefox add-on.

Of course, not everything you do in an open Wi-Fi environment can be picked up by digital eavesdropping. Secure HTTPS servers are great, but it’s likely that your e-mail account and many social networking sites don’t use HTTPS servers, or maybe just use them for logging in. Or worse, have you submit your user name and password from an HTTP page to get to an HTTPS server. {There is at least one add-on for Firefox that offers HTTPS protection, but only for certain sites.}

In the end, online transactions are only as secure as their most open link, and the most open link of all is the gap between the laptop and the wireless access point. The technology that can really close that link is a tunneling virtual private network (VPN). VPNs establish a secure tunnel between your device and the first server you connect to.

Theoretically, if you’re employed at a company that uses a VPN, you could use that corporate VPN to secure your coffee-shop connection — but most companies frown on such use of their resources. So the obvious choice is to rent a connection from a personal VPN provider.
3 personal VPNs

Introduction
HotSpotVPN
StrongVPN
WiTopia
Conclusions

Personal VPN services have been marketing themselves as hotspot security measures for almost a decade. Once you get past the initial learning hump, it’s a relatively simple and inexpensive way to lock down your communications. I looked at three of the more established players: HotSpotVPN, StrongVPN and WiTopia.
Choosing a VPN

The first step is to understand what these providers offer. For a fee, personal VPN providers provide an end-to-end secure connection to one of their servers, which can be located in a variety of places. Personal VPN providers offer some choice of servers, so you can pick those nearest to you for better response time, but some charge extra for wider choice. In addition to security, this can provide you with anonymous browsing and a virtual regional presence (so that if you’re abroad, you can appear to be logging on in the United States and retain access to regionally restricted sites like Hulu or Netflix On Demand).

The personal VPN providers reviewed here offer two basic flavors of VPN. The most basic (and slightly cheaper) is built into the operating systems of practically every computing device: point-to-point tunneling protocol (PPTP). VPN providers give you settings for their servers to plug into your operating system. It’s robust enough for most people, but is blocked in certain regions and by certain service providers. It also requires mucking around in your operating system for configuration and selection of a separate network device, which might not be feasible if you’re on the road using a company laptop for some personal surfing.

A more robust and recent development is an SSL-based technology from OpenVPN, which uses client software to manage connections. This works on Windows, Mac and various Linux and Unix platforms.

Once configured, these services all work the same way: You turn on the OpenVPN client software when you’re ready to connect to a public hotspot and make sure the OpenVPN software isn’t showing a red (not connected) or yellow (attempting to sync up) color. If it’s green, you’re connected to a VPN server that’s either owned or leased by your VPN provider, and can enter passwords in a public Wi-Fi hotspot with confidence.

Leave a Reply