Some companies that you have a registered relationship with, who detect your use of VPN / Proxy Services - will impose another authentication process on you - which is highly inconvenient, in some cases downright intrusive and often requires you to submit much more personal information than you were required to provide when you originally registered with the service.
The point is this - if you intend to use VPN / Proxy services then get ready to re-authenticate many of the services that you regularly use as a registered customer.
Very few people want or need Tor, Tails, PGP, Whonix or the host of other helpful TSCM tools to confuse that NSA bogey man or the spook in the corner who is stalking you because of your political views :) - most people just want their traffic protected and avoid having their passwords and emails hacked while using Starbucks wifi.
Enter VPN's (Virtual Private Network) and proxy servers, both of which are handy tools to protect your privacy and security while using the internet. At home, at work or on public Wi-Fi a good VPN will offer you security features and privacy guarantees that make them worth your while using. Not all VPN's are created equal though and many do not deserve your trust, so do your research. For the uninitiated VPNs create an encrypted ‘tunnel’ between your computer and the host server, with the internet traffic going in and out of the host server. An open proxy server is a computer that acts as an intermediary between your computer and the internet. Any traffic routed through a proxy server will appear to come from its IP address, not your computer’s.
You want "plug and play", low to zero learning curve and hands-off ops in your VPN if you are not a power user. Typically you want log free services, zero knowledge (In cryptography, a zero-knowledge proof or zero-knowledge protocol is a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true, without conveying any information apart from the fact that the statement is indeed true), no discrimination based on traffic type or protocols being used, anonymity protection, exit servers to help you get around location-restricted content blocks and trustworthy encryption.
Private Internet Access
One of the best ones IMHO is Private Internet Access who protect both your privacy and security by encrypting all of the traffic between your device (laptop, PC, cell phone) and their servers. In addition the traffic is anonymized. PIA does not log data about your session or connection details, they don't discriminate against protocols or IP addresses, and they don't host any data about their users' activities at all, anywhere. They support a number of different authentication and encryption methods, support virtually every mobile and desktop operating system. They also provide connectivity options for your home router so you can stay constantly connected, connect to your home network when you're away, or customize your solution. They also offer a choice of close to 1000 exit servers in 10 different countries.
But be aware many commercial outfits dislike VPNs and proxy services. In particular, some companies actively discourage and block methods of geolock circumvention. These companies are normally concerned with copyright infringement and the illegal reproduction or distribution of music files, videos, movies, e-books or any other copyrighted digital file.
Hulu and Amazon have actively combated people trying to use their services from other countries and failed miserably. Many other outfits have also been spectacularly unsuccessful in their efforts but there is also a shift occurring in the attitude of companies with whom you have a stated relationship and where your use of a VPN is not to facilitate illegal activity or breach the stated terms and conditions of a service.
In these cases, some companies who you have a registered relationship with, who detect your use of VPN / Proxy Services - will impose another authentication process on you - which is highly inconvenient, in some cases downright intrusive and in a number of cases required much more personal information that you were required to provide when you originally registered with the services. The point is this - if you intend to use these VPN services then get ready to re-authenticate many of the services that you regularly use as a registered customer.
Here are some examples of my experiences with this in the last few weeks:
Dear Graham Penrose,
Thank you for providing as much information to help you with your enquiry. Before continuing, I would like to assure you that any difficulties you have had is acknowledged and your patience is appreciated.
Mr. Penrose, you need to have a UK phone number so you can verify your account. Ensure that you are making your payment from your country of residence.
If possible attempt to complete the payment from your home computer or the computer you most frequently use to access your PayPal account. To help you in completing a transfer, please call our customer service department. Please call us on 0800 358 7911 (freephone from a UK landline. Rates from overseas landlines and mobiles may vary).
We're open from 8am to 10pm Monday to Friday, from 8am to 9pm on Saturday and from 9am to 9pm on Sunday. If you're calling from outside the UK, call 00353 1 436 9004 (international call charges may apply). We appreciate your utmost patience and understanding on this matter.
Thank you for choosing PayPal.
Full Tilt Poker
We are writing to inform you that your Full Tilt account has been temporarily suspended. To protect the integrity of our games, we routinely review accounts and complete player verification. In order to verify your Full Tilt account, please send scanned, clear copies of the following documents to email@example.com:
1) Photo ID: One of the following: valid driver's license, passport, or other government-issued ID that clearly shows your birth date and the ID’s issue or expiry date.
2) Address verification (less than 90 days old): Bank or credit card statement, utility bill, home or auto insurance papers.
3) Digital photo: A digital photograph of you holding your ID document, so that we can compare you to your ID document.
4) Scan of the Card ending 3287.
5) Digital photo with Credit Card: A digital photograph of you holding your Credit Card(s) listed above.
Your PokerStars account has been temporarily suspended as part of a routine review.
It has come to our attention that you are connecting to PokerStars via a VPN, proxy, or similar service. Whilst we do not prohibit the use of such services, we have reason to believe that you may be hiding your true location through them.
All players are required to provide accurate account information as per our Terms of Service:
http://www.pokerstars.com/poker/room/tos/ Please be advised that, on occasion, we may be required to amend the Terms of Service. It is your responsibility to keep up to date with any changes made to the Terms of Service.
Subscribe to New Posts
To be notified as each post is published please subscribe to the blog - over there on the right - yes over there in the right column at the top where it says "Follow by Email".
No new content, no email for you - ever - and we won't sell your email details to the NSA either and we are subpoena proof too so we can't be forced to either.
Labels: anonymity, Encryption, exit servers, full tilt poker, identity, infosec, paypal, PGP, PIA, pokerstars, Proxy, Security, Tails, Tor, TSCM, VPN, Whonix, zero knowledge