Rolling your own VPN server from freemexy's blog

With the news that internet service providers may soon start scanning all your personal data and using it to target ads, I decided it was time to investigate setting up a virtual private network (VPN) server. I’ve mentioned this in a couple places, including recently on Clockwise, and had more than a few people asking if I’d document my experience.unblock websites

Why VPN?

There’s been a lot of talk about VPNs in the wake of this recent news, everything from which provider you should pick to why a VPN doesn’t necessarily solve the problem.

Overall, though it’s true that VPNs can help by encrypting the traffic that flows through your ISP (or whatever network you’re on), they are hardly a panacea. For one thing, VPN traffic is not end-to-end encrypted: it eventually emerges, decrypted, somewhere else. That means a third party—in this case, the company providing your VPN—may still be able to keep an eye on your traffic. Those companies may keep logs that can in turn be sold to or accessed by third parties (including the government), depending on their own privacy policies. In effect, you’re moving the problem downstream.

Where VPN?

With all of those caveats in place, I still thought it would make for an interesting experiment. I’d previously set up a VPN on my Mac mini, but that doesn’t help at all in this case, because the data is only encrypted going to my Mac mini…which then sends it all out via my home ISP. (It’s more helpful when I’m working out of the house and want to secure my connection on, say, a public Wi-Fi network.)

So instead I turned to the Linode server that I use to host my website. (Full disclosure: Linode is a regular sponsor of Clockwise, but beyond having signed up using the same discount code that we offer to all listeners, I pay for my own Linode account.) The good news is that, as with so many other tasks, Linode provides extensive guides to setting up a VPN on its service.

The advantage to using Linode is that since it’s a virtual server, rather than a VPN service, I’m completely in charge of the setup and configuration of the VPN server. Again, this isn’t foolproof, because my traffic is only encrypted between my Mac and the Linode server, meaning that if Linode decided it wanted to track my outbound traffic, then I’d be in much the same boat as before. (Essentially, Linode becomes my de facto ISP.) Given, however, that Linode’s main business is hosting, and that they have their own pretty strong privacy policy, I’m not particularly concerned on that point. But, again, that’s subject to the vagaries of business.

However, keep in mind that since now all my traffic would effectively originate from my Linode server, which has a static IP address, this again is mostly just shifting the problem. Because if I’m logging in to unencrypted web servers (i.e. those not using the HTTPS protocol), I’m still transmitting information that can then be tied back to a single IP, allowing advertisers (if not my home ISP) to build a targeted advertising profile. Granted, that IP is no longer connected to my geographic location, since my Linode is in New Jersey, but if I’m still looking for information about businesses or locations near where I actually am, it’s still not too hard to suss out. In other words, a VPN like this still isn’t a good way to anonymize your connection.When comes to the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN.Qwer432 ion/ -on-the-internet/

Previous post     
     Next post
     Blog home

The Wall

No comments
You need to sign in to comment

Try Nasseej Now ...

Try Nasseej Now ...