This is typically a blog centralized around virtualization but with several posts on Facebook amongst friends discussing this ruling, I thought it’d be worthy of a blog post and a few of my cents on the matter.
Now that the Senate and House have both passed the controversial overruling of the FCC allowing ISP’s to use your browsing habits for targeted ads (we’re going to ignore the other obvious, possibilties), the only person to stop this from becoming official is President Trump. Reports have said that he is being advised to sign S.J.Res 34, so buckle up and let’s go over a few ways you can limit what is exposed in your households.
This is the most obvious way to try and keep your anonymity online while you browse. If you do a search for a VPN provider, you’ll see hits for a slew of different ones offering up all kinds of price points and packages. The problem here is that not all VPN providers are created equal. Some keep transaction logs of when you connect, what external IP you used, and what internal IP they assigned you. Sounds like a quick subpoena away from having all your “private” information sent in a nice, neat PDF to the asking parties. The likelihood of this happening to someone simply shopping Amazon or checking e-mail is nil but paying for a form of privacy that isn’t all that private seems like a waste to me.
I’ve been using TorGuard for a few years now without issue. No logging, kill switches, and DNS leak protection are a few of the features they offer along with a wide connection footprint to connect to a location of your choosing, no matter where you reside.
TorrentFreak did an extensive VPN review and the companies on their list have been vetted by a group of people who like to keep their internet access as private as possible… pirates! You can take a look at the review here: 2017 VPN Review
I know most people have used a VPN by now and if you’re reading this, you more than likely used it to connect to an employer’s network to access internal materials and didn’t do it for reasons like personal security. A personal VPN isn’t worth a damn if it’s not properly protecting you while browsing. Thankfully if you use a VPN on that above list, you’re good to go. But a habit I always make is to check for DNS leaks upon connecting to the VPN. Simply go to DNSLeakTest.com and the IP and location displayed should match your VPN client connection status. If not, you may have a lacking VPN and should look into switching providers.
Now, a VPN is only useful if it’s connected and routing your bits and bytes through it. We all have a ton of connected devices in our homes in the form of laptops, tablets, phones, and perhaps even some IoT so how do we VPN all of that at the same time? You could install the VPN app of your provider for quick setup but that’s a fair bit of maintenance if you ask me, so let’s get into part 2…
AlwaysOn VPN Routers
These type of routers allow you to plug in the VPN provider credentials for your account which then keeps all traffic on your network private without the need for connecting each time, on each device.
I’ve been a huge proponent of routers that support DD-WRT, which is an open source, feature-rich firmware you flash on a consumer router. This isn’t the only option though, several lower-end enterprise routers have the ability to setup an always-on VPN as well. Some of my favorite network gear is made by Ubiquiti who has a line of edge routers that support this type of setup along with a ton of awesome enterprise grade features at a consumer price point. Their Edgerouter-X starts at about $35 and for a simple setup, takes only 15 minutes to get up and going. If you are a Verizon FiOS customer like myself, you have to set the FiOS router in bridge mode to allow passthrough to your personal router unless you want to deal with double-NAT’ing. There are a handful of guides out there on how to do this, depending on your model. If you have cable internet and didn’t “rent” the all-in-one wireless router from your provider, all you need to do is a re-cabling and powercycle of your cable modem to introduce your new router into the mix.
Everything I’ve discussed above has a monetary cost associated with it. This section will outline a few free options you can add to your Firefox or Chrome to make it a bit more secure. At the end of the day, a combination of tools is going to be the safest way to go about keeping you secure.
HTTPS Everywhere : Chrome | Firefox This extension will auto-forward your URLs to known SSL enabled URL’s of the same shit. For instance, if you type in ebay.com, it will automatically send you to https://www.ebay.com instead of http://www.ebay.com
As long as you are on a SSL enabled website, your privacy and transactions are kept safe. The only thing your ISP can log is that you requested a certain URL of say, your bank. All data and information after you get to your bank’s website, is fully encrypted and protected. Of course the ISPs could get really shady and put SSL packet de-crypytors and try to pull apart all of their customers’ information but that is a huge investment and not entirely practical at this point.
U-Block Origin : Chrome | Firefox U-Block Origin has become pretty much the defacto blocker for browsers these days. It’s lightweight and does a great job of weeding out unnecessary tracking and ad displays during your browsing sessions. You will sometimes run into certain websites not displaying properly due to some objects being blocked but it is quick to pick and choose which objects to see or hide.
This has gotten pretty long winded at this point so I will wrap it up as quick as possible. This bill, soon to be law, isn’t good for anyone beyond the ISP’s and elected representatives who supported it but thankfully there are ways we can make their attempts to procure our privacy and flash targeted ads across our screens a bit more difficult. Security isn’t free and neither are some of these options I’ve outlined above. But $50/year for VPN and $150 in networking gear isn’t too big of an ask for a greater sense of security.