Posted on 07/25/2011 5:58:54 PM PDT by decimon
More anonymous, if you want. You have an encrypted stream between your computer and the VPN you log in to. For the rest of the world, you appear to be that VPN computer. Your browser will still have cookies and the like but you can erase those without worry.
Basically, no one knows what you're talking about to the VPN, and for all other hosts you appear to be the VPN computer. However, data you sent that needs to be send unencrypted (cookies, some logins, and the like) would still go out AFTER the VPN as unsecured. But in the coffee shop, you would be secure.
The timing of this thread is, well, timely. Just this afternoon, I was in a bookstore with an open to all Wi-Fi connection. I was reading FR and checking a few other websites. A friend who is a retired computer engineer came in and I asked him if I needed to be concerned about being hacked while I was online. His answer was “no”. I didn’t think that was right.
Basically, I want to be able to protect my computer, myself from identity theft as well as to not give out passwords, etc. Any suggestions? Thanks.
Unless you are on a HTTPS (SSL) connection then anything you send or receive is open for someone to intercept. IF they have access to the network equipment or whatever server you are being routed through.
The risk is usually fairly low as long as you observe some basic precautions. Don’t do any banking or credit card transactions even though those are secured. Be very careful in large public areas like airports.
A common technique is to set up a laptop to accept internet connections so they can record the data. People connect to the laptop thinking its the airports network. Make sure you are connecting to the correct network and not another PC or rogue network.
Get the Tor browser bundle.
Very easy to use.
It’s a modified version of Firefox browser
that automatically handles the details of
browsing via multiple proxies.
The link to the wifi connection when using Tor
browser will be encrypted.
https://www.torproject.org/projects/torbrowser.html.en
Thanks to all who replied. Be it prudence or paranoia, there seems to be a growing concern over online privacy.
bump
If the website is using SSL (https:) then it’s encrypted. If you join a wi-fi hotspot, and then connect to a corporate network (or your home network) via VPN, then the wi-fi hotspot see’s nothing but encrypted traffic, even if you go to an HTTP website (like Free Republic). That’s because all data is then encrypted, sent over the VPN, and actually exits to the internet from your end-point.
Typically, if I’m on a public wi-fi network (hotel, convention, Starbucks, etc), I join my corporate VPN, to ensure all data is encrypted.
bump
First you have to get a connection. In most public places that requires to you accept a terms of use agreement. This means clicking on the ‘I agree’ button. If the server has been compromised that is all thats needed to insert malware into your laptop.
Then it doesn’t matter if you use VPN, SSL or any other encryption. Those only protect the transport layer.
While I agree, if Starbucks, Marriott, or other provider has been hacked, it doesn’t matter what you do.
I run a pretty standard Anti-Virus/Malware software package, am pretty untrusting with my connectivity, and in the years I’ve been either ON the internet, or working as a network geek, I’ve never been infected with a virus, nor malware (unintentionally, I’ve run a few honeypots that did that on purpose, of course).
Everytime I search for a network in airports I see a PC broadcasting. I think its more common than you realize. These days criminals aren’t looking to destroy your PC with a virus. They are looking for information worth stealing.
> If someone is on your network then you have rights to see anything they put on the network.
The relevant laws have not been tested in court but there are laws that say you CANNOT see/monitor/record anyone’s network activity without their permission except during temporary diagnostic periods. My company’s lawyers don’t want to be the ones who test the laws, so we (I’m in IT) are required to make users agree to monitoring before they access a wireless hotspot, vpn, or physically login to a machine. I have discussed it with our lawyers many times since there are places it makes sense and other places where it’s inconvenient for some users with their remote tools. There are contradictory laws since some also say you must record activity.
I’ll admit our lawyers are even more paranoid than what I’m used to in previous companies. But I agree with them that when we find someone hacking in we want to be sure that any evidence we collect is completely legal and admissible in court. By getting users’ permission we can be sure that they don’t have a challenge in criminal court (where they’ed likely fail since it wasn’t law enforcement collecting the data) or in civil court (where the jury may decide we did them harm by violating the network privacy laws)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.