True to their name, TorrentFreak has published an article worth the weight of the servers hosting it in gold: an article explaining to everyone out there, especially the non geeks, where to go to if they would like to keep themselves anonymous while using the Internet. To be more specific, the article compares different providers of VPN services and discusses their approach to maintaining their users' anonymity.
You can read the article here. The rest of my post represents my attempt to explain the importance of TorrentFreak’s article.
First, what is a VPN, or Virtual Private Network?
You can look at a VPN as a secure tunnel connecting your computer (or smartphone, or tablet) to the servers of the company providing your VPN services. Whatever passes through that tunnel is encrypted in a manner that makes it impractical for anyone to know what passes through the tunnel. No one, not even your ISP, knows what goes on in there; all they can see is encrypted traffic travelling between you and the VPN provider.
Traffic going out of the VPN provider and towards its final destination, say – the Amazon USA website you want to buy a book from – will appear to Amazon as if it originated from the VPN server and not from where you, the end user, are physically located.
Combine the two together, the encrypted tunnel and your new virtual ID, and you can derive what VPN services are good for. For commercial use they represent a good way to keep employees talking to company servers in a secure manner without letting others eavesdrop; but for personal users they allow the following:
- Inability for others to eavesdrop on you Internet activities: Let’s say you’re travelling and you’re using an open wifi network this coffee shop you’re currently eating at provides. Using a good VPN service would ensure none of your dining neighbors are able to snoop your Internet banking password as you surf.
- Ability to change nationalities: To the
rest of the world, a VPN user appears to come from the country where
the VPN server resides. Let us say you’re an Australian and you’re
using the services of an American VPN: through those services you
would be able to enjoy Internet services that are otherwise open to
Americans only. Say, being able to buy Amazon Kindle books from the
huge catalog available to Americans, compared to the measly one on
offer for Aussies; being able to watch the latest TV shows on Hulu;
or enjoying Spotify’s vast music library. Use a British VPN server
instead and you’d open the BBC’s vaults instead. Alternatively, Aussie expats can acquire the services of an Australian VPN server, which would allow them to watch their favorite ABC programs on iView.
In short, with VPN you can unlock many virtual options currently blocked through for no other reason than nationality. And you thought we live in a globalized world!
- Ability to bypass filters: Using VPN services from other countries lets you easily bypass any filters imposed by your ISP or by your government on your Internet surfing. Remember Stephen Conroy great big filter? Well, with VPN at hand you can forget all about it.
- Ability to maintain anonymity: Whatever you do over the Internet while connected to a VPN service appears to that rest of the world as if it is coming from the VPN service. No one, other than the VPN provider, knows anything about you, the person on the other side of the VPN tunnel. In effect, you are anonymous. That’s great if you live in a country that subdues free speech; it is also great if you’re into things like bit-torrent.
That's all great, but is there a catch? Of course there is. Just ask the LulzSec guy who is alleged to have broken into the Sony network and stole my personal details as well as those of seventy million others (see here).
The guy, Cody Kretsinger, is said to have used the aptly named VPN service HideMyAss to perform his trickery. Only that when the FBI identified the hacking came from HideMyAss they subpoenaed the VPN service for the hacker’s info. They got it, and now Kretsinger is under arrest. What has happened there? Where was Kretsinger’s promised anonymity, given his use of VPN?
It turns out Kretsinger wasn’t truly anonymous. To the rest of the world, he was; but not to HideMyAss, who kept logs of all his Internet activities. And when pressed against the wall, HideMyAss had no option but to forward that information to the authorities.
This is where TorrentFreak enters the picture. They called on all VPN providers and asked them to disclose what their privacy policies are. In particular, do they keep logs of their users’ activities? If they don’t then they don’t have anything to hand over to the FBI when they knock on the door asking for usage records, meaning the VPN provider's end users are anonymous.
The results of TorrentFreak's survey are published in the article I would link to yet again – here. Read it to see how you can be anonymous, too. After all, given that the threat of litigation against Australians bit-torrent downloaders is in the air (see here), web anonymity is well worth keeping to many of us.
I do feel the need to add that not all VPN providers are alike. As in, there are many things to consider when choosing your VPN provider other than whether they would turn you to the FBI or not. After all, throughout recorded history there was only one case where a user has been turned in by their provider; never was there anyone turned over by a VPN provider for, say, downloading a newly released movie via bit-torrent.
Take two VPN providers as an example, both of which allow bit-torrent traffic to pass through their servers: BTGuard, which promises never to collect its users’ logs, and StrongVPN, which promises to always log them and advocates the use of its services for legal services alone. First, allow me to point a finger at StrongVPN, a company that supplies a service knowing it would be used to circumvent various laws (including those that prevent Aussies from using Hulu, for example), and then pretending to be law abiding when it comes to copyright laws. We can argue whether StongVPN is two faced or not some other time.
Second, I would like to point at the fact that StrongVPN offers much higher bandwidths and an overall better quality connection than BTGuard. StrongVPN also offers cheaper VPN options, and StrongVPN lets you choose the countries where your VPN server is located (say, the UK today, so you can watch the latest Dr Who episode off the BBC website, or the USA tomorrow, so you can watch stuff on Hulu). In contrast, BTGuard does not let you choose your country, and its servers are located in less attractive countries (at least to this user).
The point this post is trying to make is that:
Image by loppsilol, Creative Commons license
- There is a lot of benefit to be had out of using VPN services.
- Not all VPN services are created the same.
- Most importantly, choose your VPN provider wisely. TorrentFreak’s great service was in allowing us laymen to be able to choose the best VPN service for our needs despite all the unintelligible small letters in the user agreements and privacy statements. For that I thank them a whole lot.
Image by loppsilol, Creative Commons license