VPNs and You – An Introduction To Covering Your Arse Online

On Tuesday the 13th of October, mandatory data retention laws become enforceable in Australia. Australian ISPs will be forced to record all your Internet activity and make it available to law enforcement authorities. Pirate Party Australia has a good dossier of what’s going on. Crikey has a summary of why this is such an infringement on our privacy for so little gain.

If you’re worried about this intrusive mass surveillance being used against you, either directly or indirectly (never underestimate incompetence), using a VPN to cover your tracks on the Internet is pretty straightforward. For a lot of people this will be the first time they’ve ever dabbled in Internet security, but have probably heard of VPNs from the news where nerds say that simply using one will thwart the efforts of the government to record all your online activity. But what is a VPN? What does it to and how do you set one up? And what’s the catch with using a VPN?

The premise of using a VPN is to create a private link between your computer to a server somewhere else that all your Internet traffic is funnelled through. Instead of your computer communicating directly to websites and your ISP logging all the sites you went to, all the ISP will see is a lot of chatter between you and the VPN. The ISP can’t see which websites you visited, what data you sent to those websites or what the websites sent to you. Between your computer and the VPN server, nobody can see what’s sent because it’s encrypted. All that’s visible is the fact you are communicating with a VPN and the ISP is oblivious to what you’re up to on the Internet. Using a VPN renders any ISP attempts to log your movements on the Internet futile.

On the VPN server itself, there may be records kept of who did what, but any good VPN provider will not keep these logs and be run in a country where doing so isn’t illegal. Using an Australian VPN server is useless, as the VPN server would be required under law to record what its users did while on the server and so would the VPN provider’s ISP, creating a way for someone to figure out what you were doing. So picking a decent VPN provider is important. Luckily, TorrentFreak has a great list of VPN providers who will keep your traffic anonymous. I won’t recommend one in particular, but read those and choose the one you think has the best answers to those questions.

The next decision is at what part of your network will the link to the VPN server live? You probably actually need to install VPN software on each of your computers, smartphones and tablets, as well as on your router. Why on both? Well lets say you take your laptop out of your home network where the VPN link is installed at the router level, and then you connect to some wi-fi or use mobile broadband – your Internet activities are suddenly exposed as you’re no longer connected to the VPN! If you don’t install the VPN link at router level, you might forget to turn on your VPN client on your computer and suddenly you’re leaking data everywhere.

Installing the VPN software on a desktop computer is very easy – most VPN providers have an app that you install and away you go. Ditto for smartphones and tablets. Private Internet Access for example, have easy to use client apps where you just enter your username and password and the network config is all taken care of.

If you want to set up a VPN on your router things get a little trickier. Each router has a different way of setting it up and also the types of VPN protocols it will support. Not many off the shelf routers support the OpenVPN flavour for example, just IPSEC/L2TP. Your router’s manual will explain how to put in the VPN settings your provider supplies. Not all routers even support VPN, so you may need to buy a new one.

Now there is a downside to using a VPN – your Internet speeds will suffer. Adding a middleman between you and the Internet slows things down. Having all your traffic sent to say, Paris, then back to Sydney, for every single thing you do, is going to be painful in terms of latency. Things will take longer to load as every request you make,even to an Australian site, will have to go half way around the world. Bandwidth however, shouldn’t be impacted too much if you’re on ADSL. Chances are the VPN server has more bandwidth than your ADSL connection, so download speeds won’t change. If you’re on cable or NBN however, expect your download speeds to drop as the bandwidth between your ISP and the country your VPN is in isn’t going to be as large as going directly to the server you’re downloading from directly. Any geolocated content (i.e: ABC iView) won’t work anymore as your connection no longer appears to be in Australia.

The Pirate Party and Crikey have good info on getting around the other sorts of surveillance the government wants telcos to do, like SMS and phone call logging. The next few months are going to be fascinating to see how people react to having their information logged by the government and how the government inevitably stuffs up its use and makes a big bad mistake.