Should You Setup Your Own VPN Server?
In this post, I am going to go through the different ways a VPN can be hosted.
I am just going to talk about VPNs in the context of people using them to secure their connection and/or hide their IP address (not about using a VPN for connecting two company networks together).
Should you setup your own VPN server? Only if you just require security not privacy. Otherwise I recommend going with a reputable VPN service.
Self-Hosted VPN
This is when you run your own VPN server from your home/office. The main advantage of going this route is that you control your network, and you completely control your computer that runs the VPN server.
The Good: You get the advantage of extra security when connecting over a potentially hostile network (e.g., coffee shops, hotels, etc.).
The Bad: You get no privacy what so ever, since your online activity is under the IP address you have been assigned by your ISP (Internet Service Provider).
VPN on a Virtual Private Server
Many online companies offer virtual server hosting solutions. Many of these companies allow their users to setup their own OpenVPN server. You technically are running your own VPN server, but the server itself is being hosted elsewhere.
The Good: You get some privacy since the IP address of your server is owned by your web hosting company, not your ISP. In addition, you still get the extra security when connecting over a potentially hostile network.
The Bad: Since you are the only one using the assigned IP address from the web hosting company, there is very little “wiggle room” in-case someone wanted to track you down for some reason (e.g., for posting “offensive” comments or something).
In addition, since you do not operate the network your server is on, you can never be sure if your web hosting company is spying on you (always assume that they are). They can even spy on your virtual server too.
VPN via a VPN Service
This is when you go to an actual VPN service and pay to make use of their vast array of servers that they have specifically setup for people to use for privacy.
I am not going to recommend any particular VPN service. You must make that decision for yourself.
The Good: Going this route is usually quick and easy to get setup. Most VPN companies focus on your privacy (that is what they are supposed to be in business for anyway). This is the best way for someone to get started with using VPNs when they have never used one before.
In addition, since many other people are using the same VPN server you are on (hence, the same IP address), you “blend into the crowd”.
The Bad: VPN servers can get overloaded, since VPN companies usually have thousands of customers using their services at any given time. In addition, not all “no logging” VPNs are really doing what they say. I am not going to point any fingers, but just be careful when choosing a VPN service.
The following chart is my opinions for each type of VPN hosting.
Security Level – Determined by how much control you have over the VPN server and its network.
Privacy Level – Determined by how much the VPN hosting will protect your privacy.
Self-Hosted at Home/Office | VPN on a Virtual Private Server | VPN Service | |
Security Level | High | Low | None |
Privacy Level | None | Medium | High |
Things to Keep in Mind
- VPNs cannot keep you completely anonymous. All you are doing by using a VPN is making the VPN your “new” ISP. They can potentially mess with your data that you are sending through their servers. In addition, someone could be tapping the Internet link that your VPN provider is using. This may compromise your privacy.
- Doing something malicious. No VPN will completely protect you if your are doing something to attract the attention of a large, well-connected organization (e.g., a government agency).
- Using a VPN because of “no logs” is not a good idea. I am sure there are some that really do not log, but even if they didn’t at some point, how do you know that they will not start logging without your knowledge?
- A VPN will not protect you from viruses. A virus (e.g., from a file download) can still infect your computer even if your are using a VPN.
- A VPN will not completely protect you from hackers either.
( Click here to read my “Popular Misconceptions About VPNs” article. )
Posted in Computers, Internet and Servers, Security, Software, VPN
Good and Bad Reasons to Use a VPN
Everyone who is security conscious online has probably heard about VPNs. To those who do not know, a VPN is a way to connect two separate networks over the Internet as if they were in the same building. The connection is usually (and should be) encrypted so that third-parties cannot easily snoop on your data.
Other people use VPNs for the purposes of securing their connection / hiding their IP address when they surf online by sending all of their Internet traffic over a company’s VPN server. There are several companies that offer VPNs for a low cost to their users.
In this post, I am just going to talk about VPNs in the context of people using them to secure their connection and/or hide their IP address. I am not recommending any particular VPN service. You must make that decision for yourself.
Online privacy is important to many people. While people can (and do) use VPNs for malicious reasons, there are many people who legitimately use VPNs for privacy.
Good Reasons for VPNs
- VPNs can secure your connection over risky Internet links (e.g., coffee shop, hotels, airports, etc.).
- Access websites that only serve a particular country (e.g., someone in the UK could use a US VPN to access US-only content on a website).
- Prevent websites (and online advertisers) from knowing who is really accessing their content. Please note that browser fingerprinting makes it much harder to prevent websites from knowing who you are, and a VPN will not prevent a website from fingerprinting your web browser.
Bad Reasons for VPNs
- VPNs cannot keep you completely anonymous. All you are doing by using a VPN is making the VPN your “new” ISP. They can potentially mess with your data that you are sending through their servers. Also, someone could be tapping the Internet link that your VPN provider is using. This may compromise your privacy.
- Doing something malicious. No VPN will completely protect you if your are doing something to attract the attention of a large, well-connected organization (e.g., a government agency).
- Using a VPN because of “no logs” is not a good idea. I am sure there are some that really do not log, but even if they didn’t at some point, how do you know that they will not start logging without your knowledge?
- A VPN will not protect you from viruses. A virus (e.g., from a file download) can still infect your computer even if your are using a VPN.
- A VPN will not completely protect you from hackers either.
Posted in Computers, Internet and Servers, Security, VPN
Why Do I Need An SSL Certificate?
This blog post will first try to explain what an SSL certificate is and why you may need one. I will try to keep it plain and simple, but there may be areas that become a little technical.
What is the purpose of an SSL certificate? Well an SSL certificate allows your web browser to make a secure connection to a web service while claiming that you can trust the secure connection.
When you enter a website’s URL into your browser and hit enter, you’re starting a process of establishing a secure connection to that website. This is done through SSL (Secure Sockets Layer) or its successor, TLS (Transport Layer Security).
The process begins with a handshake where the browser and server exchange keys to create a secure connection. The server sends a certificate to prove its identity, and once the browser verifies this certificate, a unique session key is generated for encrypting the data. This ensures that the information you send and receive is protected from eavesdroppers.
While this is a very simple example, it gives you a basic idea of what happens between the web browser and web server during an encrypted browsing session.
Now since we have covered the basics of how SSL works, what are some reasons to use SSL?
- Helps keep data secure. Without encryption, anyone can potentially view the data you transmit over the Internet.
- Helps to give confidence to people using your website. When they see the SSL lock icon in their web browser, it makes your web visitors feel secure (and they should be secure!).
- SSL encryption prevents third parties from modifying a website’s content before it reaches your web visitors. This can be a problem if you are dealing with sensitive information (or any information really). This is why having SSL on a website that technically does not need it can still be beneficial.
- Adding to the above information, some ISPs have inserted their own scripts / notifications into the web pages their customers visit. This makes for a poor experience for the customer, and also makes the website owner look bad, since most customers are going to blame the website owner for the “bad experience”, instead of their ISP.
- Having SSL enabled on your website can help with getting a better search engine ranking from Google.
- Many mainstream web browsers require an SSL enabled website if you wish to use the new HTTP/2 protocol with your website.
- You definitely need one if you are running an online web store. No one will want to shop on your website if your website is not serving content over an encrypted connection.
- SSL encryption also hides the specific location you visited on a website. — For example, if I go to https://example.com/contact, since the website is using encryption, my ISP can only see that I visited the domain example.com. The encryption hides the /contact part of the URL. So my ISP knows I visited example.com, but they have no clue what webpages I visited on that particular website. Pretty neat, huh?
I hope I have helped you have a basic understanding of what an SSL certificate is and why it can be useful to have one for your website.
Posted in Computers, Internet and Servers, Security
What is the Safest Free Email Service Available to the Public?
This is a good question I will try to answer. There really is no “safest, free” e-mail service out there. However, I will discuss the good, bad, and the ugly of using a “free” email service.
Please remember anytime you use a “free” online service, the service itself is not really free. Why? Well because they have your data. Today, data is like a product to sell. People can sell data they collect to people like advertisers and private companies who can make use of it (for good reasons……or bad reasons).
Unfortunately this data is usually personal information you provided through a “free” e-mail account, “free” instant messaging service, “free” video call (e.g., Skype), “free” web hosting account, “free” file storage (who puts their personal files [like photos] on a random, who-knows-who-really-owns-it server anyway?), “free” video hosting service (e.g., YouTube), etc. You get the idea.
These companies that provide free e-mail services are probably selling your data to other companies. This is one way they can make money to pay for hosting those “free” e-mail accounts to begin with. Also, this is why if you do anything personal on your “free” e-mail account, it isn’t really private.
The Good
- No technical knowledge of email needed to get started
- No worry about making backups (if using a reputable provider like Gmail)
- No worry about blocking spam (the provider should be doing this for you anyway)
- No worry about managing your own server to run your own e-mail server
- No worry about others not getting their e-mails to you (reliable providers should be constantly monitoring their servers for issues like Gmail or Yahoo would do)
The Bad
- No control over how much disk space you can have
- No control over who the service provider decides to block e-mails coming from / or going to
- No control over service outages (they probably will just silently fix the issues with little to no notifications about what happened)
- Sometimes you may not get the exact name you want for your e-mail address, since someone else may have previously taken the same name (for example: you want john.doe@example.com, but someone has already taken that name; you then may have to settle for john.doe193@example.com instead…not something that everyone may want)
The Ugly
- No control over your data (they have your e-mails, you do not!)
- No ownership of your e-mails (not only do you not control your e-mails, you technically do not own them either…they do) —- I know you may disagree with me, but let’s face facts, like I said before, they have the data, not you!
- Anyone at the company (or individual hosting free accounts) can snoop into your e-mails that you send or receive.
- Your “free” e-mail service with _all_ of your e-mails could be deactivated and erased with no prior notice for _any_ reason they deem acceptable.
- Your emails may also be stored permanently in backups the hosting service makes, which means when you delete an e-mail, it may not really be deleted!
You may want to consider carefully reading the “Terms of Service” agreement for “free” e-mail providers to see how they deal with their users’ privacy.
Posted in Computers, Internet and Servers, Security