3.
Secure communications
So far, we have seen how an IP address can become a dangerous track to
leave behind when you surf the web; any server in the world can log and store
visitors IP addresses and match them to any action performed. Hiding an IP
Address (technically, spoofing an IP) is not enough to mask Internet users
activities online: for example, non encrypted requests can be tracked down by
governments and
ISPs (
Internet Service Providers), as
well as other services and
intruders lurking the web.
We previously introduced the
HTTPS protocols as a new communication
method for the computers connected to the web. As data encryption is getting
more and more crucial in the IT scenario, secure protocols are replacing the
weaker ones (
SSH -> TELNET, SFTP -> FTP, HTTPS -> HTTP and so on).
Unless the program or the proxy we are using is not explicitly encrypted, all our
Internet operations will be easily traceable.
One note about WWW navigation: if privacy and anonymity are your
priorities, just forget
Google and similar forever; choose search engines that
won’t track you, like DuckDuckGo
[15]
or StartPage
[16]
, instead. Why? Let’s see
an example:
YouTube is a service acquired and managed by Google and, as we
know, it tracks everything.
YouTube reads your IP and the video you’re watching
and creates a user profile, called fingerprint, making
predictions about what
you’d like to watch next or, perhaps, what you’re going to purchase while you
visit websites with
Google Ads. A pain chain.
3.1 VPN (Virtual Private Network)
We’ve seen that proxies are useful tools, but can’t ensure a proper balance
between safety and speed for several problems. Furthermore, navigating with an
open
proxy is virtually impossible, and dangerous as well! Unbelievable lag and
sudden downs make it unsuitable for operations requiring more than 5 minutes!
VPNs are considered by many as the tomorrow’s proxies. Is it true? Let’s find
out!
VPNs (acronym of
Virtual Private Network) are encrypted “tunnels” acting
like an intermediary between a client and a server, just like proxies, so that all
the Internet traffic passes through that
encrypted tunnel, blocking anyone from
monitoring your connection.
VPNs were originally designed to create a
LAN network of computers
connected via Internet, exactly like a physical network, but without all the
related costs (device location, real world connections, etc.) and with all the
proper arrangements, like Firewalls, Proxies and so on.
Using a VPN, you won’t
have to concern about finding active lists or certain protocol types: all the traffic
passing through a VPN is usually routed and encrypted with a 128bits quality
standard at least.
Compared to a
proxy, VPN ensure higher responsiveness; its architecture and
server
geolocation allow to optimize Internet network requests. Furthermore,
you don’t need to reconfigure browser and tools to stay anonymous, because the
tunneling is generally provided for the entire system.
3.1.1 VPN Types
We can find at least three types of VPN in the market:
Trusted VPN,
Secure
VPN and
Hybrid VPN.
In
this chapter, we will cover Secure VPNs, because the Trusted ones require
special agreements with ISPs and are not easily applicable to common cases –
they are almost exclusively designed for enterprise networks where information
delivery to recipients must always be guaranteed.
Hybrid VPNs, instead, are the combination of Trusted and Secure ones and,
since we are not going to cover the former, we will exclude the latter as well.
The quality of a VPN in terms of security is determined by the types of protocols
and the safety of the keys provided – in addition to the policies and the service
stability, as we will see at the end of this chapter.
Most commonly, a VPN alone doesn’t ensure
security: i.e.
until a couple of
years ago, the popular VPN provider, iPredator
[17]
offered connectivity only via
PPTP protocol: this kind of protocol was already considered as not fully secure,
since dismissed by Microsoft (which invented and patented it), and now we are
almost certain that governmental spy services can
crack it in short times. This is
just one example of what we found out. Now we’re going to review each
protocol and sum up their features and quality.
3.1.1.1 PPTP,
for the speed seekers
PPTP (acronym of Point-to-Point Tunneling Protocol) was developed by
Do'stlaringiz bilan baham: 
