How to use VPN to defeat deep packet inspection
ISPs and other network providers can use deep packet inspection to monitor all the data transmitted to and from your computer; encryption via a virtual private network keeps your data transfers private.
Imagine a technology that can stop spam and malware, identify and block illegal downloads, and allow ISPs to prioritize the data they transmit by content as well as by type. Sounds pretty good.
Now imagine a technology that gives network managers and governments the ability to monitor everything you do on the Internet, including reading and recording your e-mail and other digital communications, and tracking your every move on the Web.
Of course, it's the same technology--deep packet inspection by name. That's how governments around the world are able to spy on their citizens' online activities and control their access to the Internet.
Bills pending in U.S. Congress and Canadian House of Commons propose making it mandatory for ISPs to retain for 12 months the information the companies collect about their customers and deliver it on demand to law enforcement agencies. This information includes IP addresses, credit-card numbers, and other private data.
ISPs have long been able to record every site you visit and track what you do on those sites. They can and do block access to specific sites.
But only recently has it become practical from a bandwidth and resource perspective for network providers to read all the data in the packets sent from and delivered to their customers' computers without slowing their networks to a crawl.
North Korea, China, Iran, and other countries routinely use deep packet inspection to block Internet content and keep tabs on their citizens, according to a synopsis on TechCrunch Europe.
(CNET Crave writer Edward Moyer reports on the Tor Project's attempts to.)
The primary sponsor of theis House Judiciary chairman Lamar Smith (R-Texas), who also sponsored--and recently pulled--the controversial .
While the fate of the proposed legislation is uncertain, many people are rightly concerned about having a record of their Internet activities stored in a huge repository that will likely be the target of data thieves.
The easiest way to cover your Web tracks is to encrypt your data and network connection. The most popular encryption services use a virtual private network.
Free VPN services come with a price
The free HTTPS Everywhere Firefox add-on from the Electronic Frontier Foundation automatically encrypts connections on sites that support the technology. Unfortunately, not all sites support HTTPS, among other limitations.
A more thorough technique for preventing your Web activities from being recorded is to establish a VPN connection. The Tech Support Alert site rates several free VPN services in its guide to anonymous-surfing products.
I tried the free versions of ProXPN and OpenVPN's Private Tunnel, but the first is too slow (and annoying), and the second gives you only 100MB of data transfers. The paid versions of both products remove these limitations, as you might have guessed.
Quick and simple setup, but painful performance in the free version
It took only a few minutes to install ProXPN and sign up for a free account. Click the red lock icon that appears in the Windows notification area or Mac menu bar to establish an encrypted connection.
Once your VPN connection is established, hover over the green lock icon to view the IP address and other information about the VPN server you're linking through.
The free version's slow 100Kbps maximum transfer speed harkens back to the pre-broadband days of dial-up modems. Also, when you open your browser you have to click through an annoying ProXPN "upgrade now" screen to get to your designated home page.
According to the company's site, the ProXPN Premium service has "no bandwidth restrictions, all available ports are open, PPTP VPN enabled (in addition to our standard OpenVPN), full access to all proXPN servers world-wide, and port selection." The premium version costs $10 a month or $50 for six months; the company offers a 7-day free trial.
Not much encryption offered by the free version of OpenVPN's Private Tunnel
Apart from the 100MB data limit, the open-source Private Tunnel service is a breeze to sign up for and use. But most Internet users will burn through the free version's data-transfer allotment in a couple of days. As with ProXPN, Private Tunnel places an icon on the desktop that you click to establish an encrypted connection.
By comparison, the free version of the OpenVPN-based SecurityKiss service provides up to 300MB of encrypted data transmissions per month for free. An account allowing up to 20GB per month costs $3.97 for one month or $31.71 for one year; while the service's unlimited plan costs $13.25 for one month or $119.26 for one year. (Three-month and six-month plans with various data limits are also available.)
Many people will respond to the privacy threat posed by deep packet inspection with a big yawn. After all, if you don't want to be tracked, don't use the Internet. But privacy advocates such as the Electronic Privacy Information Center and the Electronic Frontier Foundation are unanimous in their opposition to indiscriminate online eavesdropping, whether it's done by public or private entities. For the time being, it remains possible to keep the trackers at bay. Use it or lose it.