Privacy and the Internet - Part 2 - Easy and Free

As with all things free, you shouldn't expect the support of paid services. Since the Opera VPN services are available to many people, it may be a choke point. On top of that, your cell phone will need to handle encryption duties it doesn't normally handle. Here's the difference on my (admittedly underpowered) Nexus 5x.

Certainly serviceable for surfing on a cell phone, and would provide enough speed for most video streaming applications.  But let's compare to speed with the VPN off.

The download speed is obviously much faster, but the real difference is in the upload speed, over 12 times faster! This has to do with network choke points, the processing needed to encrypt the information and possibly the limited RAM in my system.

One of the biggest concerns about the free VPNs is always a question of how do they make money.  In some cases "free" VPNs are limited to a lower amount of data, hoping you'll pay for more once you hit the limit and are happy with the service.  This is how Windscribe works (a system I tried for a while and found was rather speedy and had plenty of data for basic browsing, social media, etc).

Some insert advertising into your browser or as pop-ups.  I still use the Opera browser on my phone because it drastically reduces data usage and blocks ads.  Once every few dozen pages I get one ad, but by that point its blocked dozens, so I consider it a win.

The real concern are the ones who may be selling your traffic data to third parties.  I suspect these are not common, but we don't know.  What we do know is you wind up in the same situation you were in with your ISP; namely that one company knows about all of your online history. 

If I had to give advice I'd say a safe browsing VPN from a known company like Opera is safer than open browsing on public wifi.  Not a great solution but definitely the lesser of two evils.  If however you plan on going VPN full time, its worth considering a paid solution.  I've bit the bullet and use NordVPN, but that will be the next blog post.

Privacy and the Internet - Part 1 - What's at stake?

Let's face it, you do a lot on the internet now. It's no longer a hobby or a luxury; access to the Internet is a utility in this country. Not only do most homes have internet access, but it has become expected that many bars, restaurants, and coffee spots are hot spots where "free" wifi can be accessed.

But now that we're comfortable with using the web for everything from chatting with distant (and not so distant) friends, banking, shopping, searching for doctors, and researching day care centers, we need to ask who else is aware of our movements on the web.

Most people don't understand how the Internet works. This isn't surprising. Much like the rest of our reliable utilities, we take their function for granted. The details of how the electricity or natural gas actually gets from the supplier to the house are boring and seemingly not relevant to our lives.

Right up until there is an outage.

Two Factor Authentication

The recent public discussions about the FBI and Apple and iPhone security has caused many people to ask themselves more serious questions about privacy.  Who has access to our correspondence and what can they do with that knowledge? Along those lines we also need to consider security.  This post will not be about whether or not I side with Apple or the FBI, or my thoughts on encryption.  Instead I want to talk about something more important: securing your online accounts. And the best way to do that is two factor authentication.

What is two factor authentication? It is a system that requires you to have two pieces of information in order to log into an account. In general, it’s “something you have, and something you know.” For example, when I log into a Google Account I put in my user name and password as usual. However if it is the first time I’m logging into my account from a computer (say at a hotel, or a friend’s house) I then get a text message sent to my phone with a six digit number I need to enter. If someone has my user name and password, they still can’t log into my account unless they also have my cell phone and are able to unlock it as well. 

Something I have: my cell phone

Something I know: my password

This is a strong means of securing a system. I've been using it for several years and it is neither time consuming, nor confusing.  It does however give me much stronger piece of mind about my accounts,.

Many businesses use two factor authentication, especially in the world of national defense. Employees are issues access cards and a PIN. Its not good enough to just know the PIN without also having the card. Some other business use a rotating access number and give you a hardware FOB (often like a key chain), others may send an email to confirm you are who you say you are.

Many common email providers now offer two factor authentication, including GMail, Outlook, and Yahoo! mail. When you consider that your email address is the means you reset passwords for banks and credit card accounts, your email needs to be as secure as possible.

For a more complete and updated list of providers of two factor authentication, please see this website: https://twofactorauth.org/