Is your usage of VPN a response to the recent release of Firesheep,
and the relative lack of built-in SSL security on sites like Facebook?
I ask because it's likely that while technically savvy audiences may
know about this, not everyone even knows that there's a potential
problem for those who use open wifi networks.
Thanks for the tips re: possible VPN services - it's been on my radar
as a situation to get handled in the near future :)
There are a few reasons for that:
* Less brittle connection, the SSH tunnel will be maintained even when
there's extended connection problems
* More secure: when the tunnel is broken, it will stop sending data, vs
most VPN clients, which will simply send your data unencrypted if the
tunnel goes down
* Access to the local network: a VPN disables bonjour and other local
net resources whereas using a SOCKS proxy doesn't
If you're on a Mac, setting up using a SOCKS proxy is simple. Simply
create a 'Network Location' in the Network System Preferences and change
the Wifi to using a SOCKS proxy (localhost 1080). When you switch your
network location you will globally switch most Mac apps to require a
proxy (works w/ web browsers, Adium, Thunderbird, anything that respects
system level proxy settings)
And then using a tool or terminal, you can initialize the proxy tunnel
like so (alias as preferred):
ssh -N -p 22 -c 3des -D 1080 [ssh account/server]
I wrote a little doc on this a few years ago:
I've started using Perfect Privacy - Openvpn.
I'm using it under Ubuntu - which doesn't (I don't think) have the
simple setup that Windows has, so needed to get the Perfect Privacy
people to help me set it up. They also offered PPtP - an alternative to
OpenVPN... which is (apparently) easier to set up, but slightly less
secure (still more than enough for casual use though)
It's marginally slower than a naked connection, but this is more than
compensated for by the way I can simply route around messages that say
"not available in your territory" - and added peace of mind that I'm not
being spied on. It's slower, but I can still stream videos - and here in
NZ, that was always an iffy proposition to start with.
I chose Perfect Privacy because it's run by activists etc - which seemed
to me a little more trustworthy than a company that could quite easily
be bought by another company etc etc.