Privacy, act one.

Based on a recent article over at CNET I guess I am on the NSA’s list of people to track. And all I was doing was reading up on TOR to see if it might suit one privacy need.

Basically, it comes down to being cheap frugal. I’ve got a smartphone for which I don’t want to pay an outrageous monthly fee for. So I have data turned off 99% of the time and rely on open WiFi connections for most of my email, web access and VoIP telephone calls. Using open unencrypted WiFi from untrusted providers is, of course, opening you up to a bunch of privacy and security issues. A bunch of sites I visit don’t have SSL/TLS so the account information goes “in the clear” and can easily be captured by a third party sitting at the next table sipping their coffee and “working” on their laptop.

So I was curious if setting up my phone to always use TOR would be a way around the problem.

In the end, I decided to use a Virtual Private Network (VPN) setup instead. Basically it encrypts all traffic from your computer or smartphone and sends everything to a trusted computer somewhere else before dumping it into the Internet at large.

Selecting a VPN is more difficult that it ought to be. First there are multiple flavors of underlying technology: PPTP, L2TP/IPSec, IPSec, OpenVPN, etc. Each has proponents and supporters.

And then you need to pick a provider. Since you are in the mindset of being cynical and untrusting when you are picking a VPN provider you are likely to be suspicious of anyone who wants to help you with all your private communications. And the cheaper they are the less you want to trust them. After all, they have to make money somehow and if they aren’t making it directly off your monthly fee then how are they making it? So find yourself looking at the higher priced offerings.

But if you pay a bunch for a VPN you defeat the purpose of being cheap frugal. What good is it to be paying only $8/mo for mobile service if you end up paying $50/mo for a VPN to compensate for it? Might as well buy a decent mobile plan and be done with it.

So who is cheap that you can trust? Yourself of course.

I ended up setting up OpenVPN on a machine I control. It is a fairly easy cookbook thing to set it up. I did do a couple of non-standard things. OpenVPN uses SSL/TLS as its transport mechanism, the same thing that web sites use when you have a link that starts with “HTTPS://”  so I ended up using port 443, the HTTPS port, on my server for the VPN. And I use TCP instead of UDP even though it does not do as well for streaming services like VoIP telephone calls (my other way of being cheap frugal on mobile services).

So when I’m connected to to the Internet via my VPN it looks to that nefarious person at the next table in the coffee shop like I am simply on a protected web site with encrypted data. Works well enough that I’ve set up the same setup on my laptop and use it when accessing the Internet through hotel WiFi connections too.