2.3 Putting VPN to work
This section is part of the amber and green pathways.
VPN technologies have a range of applications in the real world.
Please complete Quick poll #18 now.
Open the poll in a new window or tab then come back here when you’re done.
Activity 2 VPN applications
Find out about some VPN applications. What are the potential security problems associated with some of the applications?
Use these articles as starting points:
- https://www.pcmag.com/ roundup/ 296955/ the-best-vpn-services
- https://www.forbes.com/ sites/ waynerash/ 2020/ 06/ 17/ your-vpn-may-be-your-greatest-security-risk-during-covid-19/
- https://searchsecurity.techtarget.com/ answer/ Preventing-VPN-security-risks-for-mobile-employees
- https://www.ncsc.gov.uk/ collection/ mobile-device-guidance/ virtual-private-networks
- https://www.kaspersky.com/ resource-center/ definitions/ how-does-vpn-keep-me-safe-online
- https://www.techradar.com/ vpn/ most-secure-vpns-best-encryption
- https://www.techradar.com/ news/ 8-reasons-to-replace-your-vpn-client-with-openvpn
- https://www.vpnmentor.com/ blog/ understanding-five-eyes-concept/
- https://community.openvpn.net/ openvpn/ wiki/ OverviewOfOpenvpn#OpenVPNOSS
Note down your thoughts in the space below.
The TOR browser
The TOR Browser is a web browser designed to maximise the user’s security against attacks on the communications between the user and the wider Internet. TOR stands for ‘The Onion Router’, which is a protocol where the user’s traffic is encrypted and routed through three random TOR relays that could be anywhere in the world, and these relays are changed every few minutes. The third TOR relay then sends the traffic as normal HTTPS traffic without revealing the original source.
TOR can offer security over public wi-fi. An attacker monitoring wi-fi can detect you are using TOR, but that is all.
You can use the TOR browser to access secure sites over public wi-fi. In fact, using random public wi-fi sites and the TOR browser is one of the safest ways for a journalist to send communications in a hostile environment.
By using TOR browser to access ProtonMail and send or receive an encrypted email, an attacker won’t be able to see that you are using ProtonMail to send and receive messages.
When using TOR, you should keep the following points in mind:
- only download the TOR browser from: https://www.torproject.org/
- don’t add any ‘addons’ to this browser, they may break the security
- don’t use a VPN as well as TOR as this may also break some aspects of security.
Once you begin to use TOR, you will also notice some host/domain names that read like the following:
These are used in the context of the TOR network and what are termed as ‘Onion Services’, which are typically ‘hidden’ in the TOR network.
You can refer to this TOR blog post for more information on the Onion Services.
The Darknet is a component of the Web that is shielded from normal web surfing, and it can only be accessed through TOR. When referring to sites on the Darknet, people are generally talking about TOR Services. TOR Services allow you to create your own web server and have it accessible only to users of TOR.
TOR Services look like this: http://xizazy2kz32bo3ko.onion
These are not routable on the standard Internet, and cannot be opened using a normal browser.
You may like to watch this interesting YouTube talk on the Darknet by ‘Eli the computer guy’.
Activity 3 Network Security Solutions
Drag and drop to match each security solution to its purpose:
Using the following two lists, match each numbered item with the correct letter.
Firewalls and VPNs
a.Keeping the data you exchange on the internet completely private, even from your internet service provider
b.Browsing on the ‘Darknet’
c.Permitting or denying network connections based on rules
d.Helping users to feel their networks are secure
- 1 = c
- 2 = d
- 3 = a
- 4 = b