My 8/19/07 Missoulian column: Virtual Private Networks for everyone.
So you’re a work-for-yourself businessman, tourist or vacationer and you want to be sure your email and websurfing is safe when using free Wi-Fi in town and everywhere in between. What do you do?
Last week I mentioned Virtual Private Networks, and they are a good solution to the problem. A Virtual Private Network (VPN) is pretty much what it sounds like: your own private tunnel for your encrypted data in the world of the internet. When you connect up to free Wi-Fi, your laptop or PC establishes a connection with the wireless router and your data is transmitted back and forth, and, as I’ve pointed out, lots of it is in the clear.
A VPN establishes a private tunnel through the wireless access point to the VPN server and the internet as a whole. The VPN also encrypts your data to a much stronger degree than an average home wireless router. Someone with a packet sniffer can see there’s a tunnel and maybe the encrypted data inside, but they really can’t do anything with it. All your traffic travels in the tunnel: web, email, even Voice over IP phone calls.
VPNs build on secure internet protocols. As an example, Secure Socket Layers (SSL) is one of many internet protocols that exists side-by-side with all other traffic on the internet. HTTP is another protocol; it sends the websites you read, and that’s why website addresses begin with “http”. HTTPS is the secure form of HTTP; the “S” means secure and depends on SSL. With a VPN, you use something like SSL for everything, not just secure webpages like banking and ecommerce sites use.
The VPN server is the key component, and as an individual that’s the reason why you need a VPN service. A corporation or large organization will have their own VPN server, set up by their own technicians for their employees to connect to the home network.
One local example of an organization using a VPN is The University of Montana, where the campus Wi-Fi requires the use of a VPN. If you’re associated with UM – as a student, staff or faculty – you must go through their specially configured VPN to the internet as a whole.
So as an individual, how do you get your own VPN? There are three web providers that seem to be the most popular: JiWire Hotspot Helper (jiwire.com/hotspot-helper.htm), WiTopia.net and PublicVPN.com. These web-based services seem to me to be the easiest solution for the individual user.
To use any of those VPN services, you need to be familiar with installing software on your Mac or Windows laptop. (If you’re not, find your local teenager and ask for help). Each companies software will install what’s necessary to use their service – either their own software or different settings to the software you already have. Each has a monthly or yearly fee for their service.
The first of the VPN providers is JiWire Hotspot Helper. Their VPN service secures your website viewing and gives you the ability to send email from your regular email program like Outlook and Apple Mail without changing settings. Part of the software includes a Wi-Fi locater that helps you locate any of what they claim are 120,000 legitimate Wi-Fi hotspots in 128 countries.
But JiWire Hotspot Helper is only for WIndows XP. Support for Vista is not complete, but is coming soon, they say. There’s no support for Macs at all. I found the Wi-Fi Hotspot locater interesting, but I also found I didn’t need it. If you pay for JiWire’s VPN service, it’s $24.95 per year for unlimited use. They offer a ten day free trial.
The second provider out there is called WiTopia. Their software is a bit simpler than JiWire and it works with Windows 2000, XP and Mac OSX. The Windows Vista version is in Beta (which means it isn’t quite working perfectly). WiTopia secures your email and web traffic like jiWire, but unlike JiWire, you might have to change the mail server settings in your email program like Outlook or Apple Mail or you’ll be unable to send email.
The good part about WiTopia is that their system is built with what’s called open source software, code that has been written and evaluated by hundreds of programmers around the world and isn’t secret like much of WIndows and Macintosh code is. But I actually didn’t fully try WiTopia for Windows as I was warned on the installation that two of the drivers weren’t properly signed by Microsoft. WiTopia runs $39.99 a year.
PublicVPN.com is different from JiWire and WiTopia in that they use the built in networking capabilities of Windows and Mac OSX for their VPN. There’s no extra software to download or install. Their website instructions are clear and easy to follow. To send normal email through PublicVPN means changing your mail server settings, but you can use Mac OSX 10.2 and up, as well as Windows 95, 98, ME, 2000, XP, and Vista. PublicVPN costs $59.95 a year.
If I can voice a preference, it’s for PublicVPN. They require no extra software to download, their VPN doesn’t have any extra bells and whistles, the instructions are good and the website isn’t flashy. It’s slightly more expensive than the other two services, but still works out to only $5 a month. Changing mail settings is a small inconvenience to pay.
The caveat of all these services is trust. They are all private businesses providing the service of a VPN. But because your data is encrypted before it leaves your PC, it’s difficult for someone at the business end to decrypt your data. Their business depends on your trust, and it appears they work hard to establish and keep it.
An extra note: using a VPN isn’t limited to wireless; you can use one all the time over your wired network, too, for full security. Some VPNs will also anonymize your travels on the internet, though using other proxy services work better for that.
Links:
JiWire Hotspot Helper