PDA

View Full Version : Lockdown: How I went "thermonuclear" on my security



yogi
04-28-2016, 05:33 AM
Hello trusted Mac-Forums community

Ever since the Apple-FBI spat that erupted beginning of this year, I spent a lot of time thinking about my own device security and wanted to share this story and all the actions I've taken. I possibly have gone overboard, but I think many of these "tips" may be useful to the community. The point of this post is to collect my own measures, and maybe get your feedback and own suggestions to add to the list.

A basic point before diving in is that 1Password for Families lies at the center of my entire security model. I store passwords, credit cards, documents, but also encryption keys within 1Password, which itself is secured with a long diceware-style password. What should be said is that in many of the measures taken, you are faced with managing your encryption keys yourself, meaning that if you forget or lose your key (really, a complex password), your data is lost.

I started off by looking at my device landscape, as well as the threat models involved.



Attacker obtains physical access to device
Attacker intercepts website traffic
Attacker intercepts local traffic (Starbucks, Home Wifi)
Attacker gains access to cloud storage
Attacker intercepts or gains access to messaging / e-mail


Let's look at how I tackled each.


Attacker obtains physical access to device



Device Passcodes: I use long, diceware-style device passcodes for my Mac, iPhone, Apple Watch and iPad. This is the first line of defense and in the case of iOS devices, these codes also encrypt the disk. Using Touch ID makes having these long passcodes bearable. On Apple Watch, I have a 7-digit code.
File Vault: On the Mac, I have FileVault enabled, which encrypts my startup disk.
Reduced privileges: I never use my Mac as an Admin. I use it with a newly created, regular non-Admin user, and enter the Admin password when required. This is the second line of (minimal) defence if the attacker were to obtain physical access with the objective of installing malicious software or doing anything malicious with the file system.
Touch ID-enabled apps: I enable Touch ID for almost all apps that contain sensitive data when available. This applies to my banking app, my messaging (more below), cloud storage apps, Day One Journal, 1Password, MyFitnessPal, Stocard, etc.
Disable Lock Screen Access: I've disabled Siri, Notification Center and Control Center from the Lock Screen of my iOS devices. Siri has known to have certain bugs that allow access to the system, and I don't want an attacker to be able to turn off wifi, execute workflows from notification center or even just read my messages.

Attacker intercepts website traffic



Watch SSL: I always ensure that websites I use enforce SSL by watching the green lock.
Enforce SSL: I use the HTTPSEverywhere Plugin (https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp/related?hl=en) for Chrome
1Password: I also use 1Password when filling out forms exclusively, as it basically warns you when credentials are being sent unencrypted


Attacker intercepts local traffic (Starbucks, Home Wifi)


WPA2: I've enforced WPA2 on my Time Capsule home network and also hidden the network so it cannot be found by scanning.
Timed Access Control: I've enabled Timed Access Control on the Time Capsule, which means I have to add any device to a list of MAC addresses on the router manually, before that device can find and access the network.
VPN Services: When I'm at Airports or Public Wifi hotspots, I always have ExpressVPN (http://www.expressvpn.com) enabled. They have very solid iOS apps, and a large network of servers. Unfortunately I have come across various places in Asia where their service is blocked, so I couldn't actually connect to the VPN server - another sign that a network may be prone to malicious activity - why would anyone block your from encrypting your traffic unless they want to look at it?
Increase usage of ethernet: I am trying to move to Ethernet as is convenient, as devices plugged in directly aren't exposed on the WiFi - however if the attacker has full access to the network, these devices are exposed too, so ideally Ethernet devices would get their own segregated network.
Separate passwords for disk, network and base station: I made sure to generate and keep separate passwords for the encrypted Time Capsule disk, the base station access, and the WPA2-protected network itself.


Attacker gains access to cloud storage


Turn off iCloud Backups: As we saw again in the Apple-FBI case, Apple has the decryption keys to iCloud backups and can therefore access the data therein. If those keys were compromised, iCloud data would be too. The alternative...
Use encrypted iTunes backups: I backup my iOS devices monthly to my Mac Mini, using an encrypted iTunes backup. The encrypted backups are on the Mac Mini, which is itself encrypted with FileVault, and backed up to my Time Capsule, also encrypted at disk level.
Use zero-knowledge encryption services: I moved away from Dropbox / Google Drive / Onedrive and use Tresorit (http://www.tresorit.com) instead. They have excellent iOS apps that integrate well (using the document provider API and share sheet) and encrypt your documents before leaving the device. An alternative, but with much worse apps, is SpiderOak. Tresorit is key for me as data is not stored in the United States.
Enable 2FA for services: For all services, not just storage, I have Two-Factor Authentication activated. I select services that have 2FA available (https://twofactorauth.org/).


Attacker intercepts or gains access to messaging / e-mail


Use a secure messenger: The EFF has a good list (https://www.eff.org/secure-messaging-scorecard) of messaging services, but I personally use Threema (https://threema.ch/en). It has servers in Switzerland, encrypts all messages end-to-end, shows verification levels and has Touch ID protection. It also still trounces WhatsApp on a number of counts (apart from the fact that WA is owned by FB). I don't use iMessage as the decryption key mappings are stored on Apple's servers and could be compromised. However I am considering a move back to iMessage as the integration with devices is pretty great, and I am hoping for some improvements to the architecture to be announced soon.
Use a secure mail service: I currently have switched to FastMail, which provides basic security and has a solid business model, however e-mail is notoriously insecure by design. That said, alternatives such as ProtonMail (http://www.protonmail.com) exist but they force you to use their apps and cannot provide IMAP at this point due to the technical nature of their system. I would like to move to ProtonMail as they are Swiss-based.



Some Random Privacy Notes



I deleted my Facebook account, mainly due to the noise it produced in my life. But the elimination of the Safe Harbour agreement between the EU and the US should be cause for concern.
I barely use other social media, mostly again due to noise.
I use Ghostery and AdBlockPlus
I have very minimal permissions set in the "Privacy" section of your iPhone


Looking forward to your comments and happy to elaborate and evolve this post with suggestions, fixes, tips and links!

IWT
04-28-2016, 08:30 AM
@yogi

Go one stage further. Don't use a computer at all, nor any interactive electronic device.

At first reading this may look like blatant sarcasm. I do not mean that at all. What I'm arguing is that risk is inherent in all aspects of human life and endeavour. No exceptions.

The trick is to balance risk adversity with utility.

This will differ from person to person depending on their location on this planet; the confidentiality of their data; their perception of their individual risk and how far they wish to go in minimising it; and so on.

What you have set out above is probably the most comprehensive and scholarly summary I have ever read. I can't think of anything you have left out; but it wouldn't suit me because the complex and intrusive nature of your protection systems would stifle the utility of my devices to the point where paranoia would replace enjoyment.

You asked for comments. Mine may not fit in with what you were expecting; they're just my thoughts.

Thank you for the huge effort you have put into your post.

Ian

yogi
04-28-2016, 08:52 AM
@IWT - fully appreciate these thoughts, and my aim is to raise awareness. As you may have noticed, I stroke a specific balance of measures, as to me I can continue to use my devices without much hassle.

I'd argue that most of my suggestions are easy to do and don't stifle the utility of our technology.

That said, my wife's salient comment on my recent efforts was: "It'd be nice if you invested as much thought into the security of our front door."

Kenney
04-28-2016, 09:52 AM
This is good advice. Don't need to implement all of them for what I do but I like that this information is now in one place. Thanks

toMACsh
04-28-2016, 01:56 PM
"It'd be nice if you invested as much thought into the security of our front door."

2X6 cut to 1/4" less than the distance from the door to the stairway (wood base). Handles on top for ease of moving to storage when not wanted as a door stop. To get in, you need a power saw.

pm-r
04-28-2016, 04:16 PM
@yogi

Go one stage further. Don't use a computer at all, nor any interactive electronic device.
… … …
Ian


All jokes aside, I was thinking the same thing, but probably unlike others we don't have anything that could be of value to anyone on any of our Macs or iPads and we don't use any "smart" cellphone with anything that couldn't be found elsewhere publicly.

On the other hand, there are some no doubt that could use some of the advice given and probably should.

Certainly lots of choices provided there and others as well wen and where needed.




- Patrick
======

yogi
04-28-2016, 04:28 PM
In all honesty, I too could argue that I don't have anything that could be of value to anyone per se - we wall think we may have nothing to hide.

But at the end of the day, all it takes is a savvy burglar to figure out when you're at home (by looking at your activity on a Wifi network), or stealing your banking details, or getting access to documents that would help a phishing attack. Whatever little it is we may have, at scale it's worth stealing, and in cybercrime, scale is what makes it possible and dangerous.

It doesn't take much!

harryb2448
04-28-2016, 07:10 PM
You got too much time for thinking yogi! Take up a hobbt.

pm-r
04-28-2016, 09:31 PM
In all honesty, I too could argue that I don't have anything that could be of value to anyone per se - we wall think we may have nothing to hide.

But at the end of the day, all it takes is a savvy burglar to figure out when you're at home (by looking at your activity on a Wifi network), or stealing your banking details, or getting access to documents that would help a phishing attack. Whatever little it is we may have, at scale it's worth stealing, and in cybercrime, scale is what makes it possible and dangerous.

It doesn't take much!



I really have to chuckle a bit when reading such computer "protection" stuff and then think of all the times that two or more experienced Mac gurus haven't been able to share data remotely even when all parties have the proper setup and any needed passwords etc. that they still often have problems sharing some data or files. And even when they've been given any needed keys etc.

BTW: we just installed some digital deadbolts on our house doors that weren't "smart key" enabled. And no, the electronic code is NOT stored on any of our computers or electronic computer type devices.

Now, where's the tinfoil… just in case… and we are talking about normal personal users I gather. Not the really BIG guys… or potentially susceptible businesses… ;)

Rod Sprague
04-30-2016, 01:16 AM
Firstly I too would like to thank you Yogi for compiling all of the mentioned security measures into one place. I will copy and store for future reference and advice to others.
I was surprised to find I had to tick quite a lot of the boxes as "done that" myself. Others simply do not apply to my situation.
Two things that come to my attention immediately are your use of a password manager and not using social media ie Facebook.
I have recently tried Dashlane and was less than impressed. It takes constant input and tweaking over time which I find both intrusive and distracting. I also had a try of OnePass years ago but I imagine it has improved a little since then. One of my issues with both was the syncing option across devices. I am still (call me paranoid) concerned about that data no matter how encrypted being stored or transmitted remotely. I have refused to store credit card and banking details on these apps despite their claims of security and convenience and constant offers to do so are just plain annoying. At the end of the day I simply do not keep this type of information on my devices at all except in the case of a few iOS banking apps which use Touch ID the rest I have memorised.
I prefer to keep all the rest of my passwords in a password protected encrypted .dmg file on my HD. I create them all with a password generator which does not save history(Doorman). However I also use ClipMenu which stores multiple clipboard entries so I have to clear it's history after copying my generated passwords. My Admin Password is a sentence comprised of all elements of a strong password yet easy to remember.
My HD is cloned onto an encrypted EHD as is Time Machine but I do not use File Vault. The two EHD's are kept in a safe.
I do allow my web browser to remember passwords for some sites (like this one) but generally don't put much info in membership/subscription profiles and always use a secondary email address. I do use HTTPSEverwhere plugin with Firefox.
As to not using social media sites I think that would be very difficult for most if not all of my family, friends and clients. I realize what a security risk they can be but I do limit them. I am overseas after all so I would miss those shots of the grand kids and the rest of my family and friends' postings from around the world.
Since I do use FB I also use FB Messenger for my non Mac user friends and others. It's integration with FB further increases it's convenience. WhatsApp just seems like duplication and FaceTime and iMessage fill in the gaps.
I never use FB to sign into other sites and I encourage others to do the same.
I do not belong to any other of the multitude of social media sites, Pinterest, Google+, Instagram, Twitter, LinkedIn etc all leave me cold. I do however use YouTube and subscribe to that (doesn't everybody) I can even watch it on Apple TV. I know people who subscribe to all of the above and more, I don't know how they manage it, my theory is they don't and therein lies the danger.
IWT, you have got it in one, just being online has inherent dangers, limiting (which really is the best we can do) the dangers is a matter of taking precautions, enabling protective measures, limiting exposure and being suspicious of just about everything.
I do agree with PM-R though, I have very little that anybody would want to steal and the thought of someone breaking into my home to install some sort of spyware program onto my laptop to monitor my activities sounds like the stuff of fiction but I know that my identity is valuable and although I don't have much it's all I have.
My sister in law recently had her PayPal account hacked via an online warehouse sales site which was in turn linked to her savings account for top up. They got away with $6,000.00. I believe that the bank will reimburse her but that was a significant amount of money for her.
As a politician of ours once said, "Be alert, not alarmed.";)

Rod Sprague
04-30-2016, 01:27 AM
By the way, I have recently started using Firefox again. I find it much improved since I last tried it and on it's default quick dial page is this site; https://www.mozilla.org/en-US/teach/smarton/?utm_source=directory-tiles&utm_medium=tiles&utm_content=PrivacyV1&utm_campaign=desktop
For the uninitiated I think it's pretty good.

yogi
04-30-2016, 02:53 AM
Rod

Thanks for that extensive post.
Interesting to hear your experiences with password managers, have you tried 1Password? They are not cloud-based (unless you want them to be) and I find the experience to actually make browsing better - for example, the plugin detects unencrypted forms and phishing sites as you fill passwords online.

The DMG idea is quite interesting - I'd like to add it to the list. Anyone know why I can't edit my posts in this thread?

chscag
04-30-2016, 03:19 AM
Anyone know why I can't edit my posts in this thread?

There is a time limit on being able to edit your post. You exceeded the time limit. Only moderators have the ability to edit posts regardless of how much time has expired.

michelangelo
04-30-2016, 05:42 AM
Great post. Thank you for sharing your ideas with us. One suggestion:

Preventing disaster is fine but can lead to extreme pain as others have stated. Minimizing the impact after disaster has occurred can be a worthwhile supplement. For example:

Back-up is kind of important to me to restore the mac if some preventative measure has failed. Yet FireVault, which you have activated, does not easily permit the automatic maintenance of a clone duplicate over a network. I would add back-up to the list.

Thanks, again.

hana527
04-30-2016, 08:33 AM
Does anyone know how effective LastPass is for storing/generating password? So far it has been very difficult to set up. I also am trying to use Award Wallet for my travel info (it is suppose to store all your travel reward plans in one place). I'm thinking I should check the whole thing and create a Secure Note in Evernote with all my passwords and important information. Thanks.

Cr00zng
04-30-2016, 10:06 AM
Hiding the SSID for the Wi-Fi network and filtering MAC addresses is somewhat useful. It'll stop rookie wanna be hackers, but won't do much for even the script-kiddies. NetStumbler, Kismet, etc., have no problem finding the hidden SSIDs. Running these programs on the Linux platform makes it easy to assign the allowed MAC address to the system as well. And yeas, even the WPA2 pre-shared key can be discovered, there's an app for that.

It's not like the hackers going to roam on your streets to do that. It's a lot easier to exploit systems via malware hidden in browser advertisements, a.k.a. malvertisment. The "nice" thing about malware, it runs in the started up system and the end user already logged in with whatever authentication method. It's not your grandparent's style of hacking, it's much more advanced than that...

Lifeisabeach
04-30-2016, 10:36 AM
Does anyone know how effective LastPass is for storing/generating password? So far it has been very difficult to set up. I also am trying to use Award Wallet for my travel info (it is suppose to store all your travel reward plans in one place). I'm thinking I should check the whole thing and create a Secure Note in Evernote with all my passwords and important information. Thanks.

I wouldn't use LastPass. At all.

http://www.businessinsider.com/security-expert-describes-lastpass-vulnerabilities-posted-to-pastebin-in-2013-2015-6

https://www.grahamcluley.com/2015/11/flaws-lastpass-password-manager-security-researchers/

https://www.theguardian.com/technology/2016/jan/18/phishing-attack-steal-lastpass-password-manager-details

I use 1Password for everything. Storing logins. Software registration keys. Credit Card details. Personal information for auto-filling forms. Secure notes. Bank account details. Everything. The database is encrypted and today they use a stronger version of it than what was default a few years ago. My only beef with them as a service is the limited support for syncing. It's iCloud; DropBox; local wi-fi sync; and that's it. I stopped using iCloud sync even though that would be my preference because it's so unreliable (problem with Apple, not 1P) with frequent delays in syncing. I have issues with DropBox and their weak privacy policies and procedures, but at least my 1P database is encrypted.

vcassist
04-30-2016, 11:39 AM
@yogi
Great post.
I too use 1Password. Do you sync it using Tresorit? Is there any loss of functionality since 1Password is optimized to use Dropbox sync?

yogi
04-30-2016, 12:39 PM
Does anyone know how effective LastPass is for storing/generating password? So far it has been very difficult to set up. I also am trying to use Award Wallet for my travel info (it is suppose to store all your travel reward plans in one place). I'm thinking I should check the whole thing and create a Secure Note in Evernote with all my passwords and important information. Thanks.

LastPass is similar to 1Password however it is fully cloud-based on relies on browser plugins. For something more robust, I recommend 1Password, which can also store your Award membership (albeit not track the balances or notify you, so I see Award Wallet's function very differently and not security-related). You could put all this into an encrypted note in Evernote, which doesn't provide Evernote with the decryption key, but I also recommend 1Password for this, which can store secure notes, membership numbers, and even documents.

yogi
04-30-2016, 12:41 PM
@yogi
Great post.
I too use 1Password. Do you sync it using Tresorit? Is there any loss of functionality since 1Password is optimized to use Dropbox sync?

You can't sync 1Password using Tresorit, as 1Password has Dropbox API functionality baked in. The only options are Dropbox (US-based, Dropbox has encryption keys), iCloud (US-based, Apple has encryption keys), local WiFi sync or 1Password for Families / Teams which provides it's own service (US-based, but protected with an account key that 1Password has and a decryption key that only you have - both are needed to access your data).

yogi
04-30-2016, 01:06 PM
Hiding the SSID for the Wi-Fi network and filtering MAC addresses is somewhat useful. It'll stop rookie wanna be hackers, but won't do much for even the script-kiddies. NetStumbler, Kismet, etc., have no problem finding the hidden SSIDs. Running these programs on the Linux platform makes it easy to assign the allowed MAC address to the system as well. And yeas, even the WPA2 pre-shared key can be discovered, there's an app for that.

It's not like the hackers going to roam on your streets to do that. It's a lot easier to exploit systems via malware hidden in browser advertisements, a.k.a. malvertisment. The "nice" thing about malware, it runs in the started up system and the end user already logged in with whatever authentication method. It's not your grandparent's style of hacking, it's much more advanced than that...

Yes, agreed. As stated in the post, for the really paranoid, Ethernet is probably one step more to go but that too has some drawbacks. It's the combination of efforts (WPA2 key, Timed Access, hidden SSID) which would make it less probable, not impossible.

Information Security is about discrete probabilities applied to threat models, not binary solutions.

vcassist
04-30-2016, 04:04 PM
@yogi

Thank you for clarifying. I've been considering switching to 1P for families. Didn't realize it included its own cloud service.

Cr00zng
04-30-2016, 08:01 PM
Yes, agreed. As stated in the post, for the really paranoid, Ethernet is probably one step more to go but that too has some drawbacks. It's the combination of efforts (WPA2 key, Timed Access, hidden SSID) which would make it less probable, not impossible.

Information Security is about discrete probabilities applied to threat models, not binary solutions.

You are correct about IT Security and it is certainly not a binary solution.

The self-declared thermonuclear security missed addressing the underlying operating system and the hosted application attack vectors. Some of the security protections detailed are just myth, like hiding the SSID, and really don't provide any additional security. In another word, you've done a lot for physical security but little to shield the operation of the protected system. As stated previously, malvertisement based exploits will have no problem with compromising your system, if you don't address the operational security. One way addressing it is as IWT has stated, not using computers...

Utilizing reduced privilege level user account for running the system is useful, but not end all protection. Any semi-good malware will start with a privilege escalation script when it gets on the system via email and/or browser. For example, OSX Yosemite had/has one such vulnerability:

https://blog.malwarebytes.org/cybercrime/2015/07/privilege-escalation-vulnerability-found-in-os-x/

Would you bet on that El Capitan does not have one? Based on the history of the OSX, you should not...

In my view, OSX cannot reliably protect itself and it needs help. There are a number of antivirus products available for this platform and they are getting more and more effective. It'll protect against some of the threats, especially in email, but not all. More and more security products become available for OSX and that's a good thing in my mind. I am waiting for a memory protecting solution that can lend some support for the OSX memory protection.

With my MBP, I like to use TOR browser which is basically a customized version of Firefox. It is also secure, as far as the local network and couple of router hops are concerned. Using SSL connection between the browser and the TOR routers is mandatory. The Firefox plugins work just fine and NoScript is the first one that my TOR browser gets. I don't view TOR browser as a security tool, even if it can be used to protect the system. It's more of a privacy tool for me that throws off most of the sites trying to monitor my internet access and pretty much eliminates most of the ads anyway. Who want to advertise in Moldova in English language for example?

yogi
05-01-2016, 02:03 AM
@yogi

Thank you for clarifying. I've been considering switching to 1P for families. Didn't realize it included its own cloud service.

It does, but however comes with an annual price tag of 48 USD.

Sawday
05-01-2016, 04:47 AM
"In my view, OSX cannot reliably protect itself and it needs help. There are a number of antivirus products available for this platform and they are getting more and more effective."

More and more effective against what exactly?

Rod Sprague
05-01-2016, 08:55 AM
It's that word (virus'). I know we have established that the definition of a 'virus' is that it be self replicating. So by that definition there are no mac virus' but I think we have also established that the manufacturers of these protective apps are going to keep on calling them anti virus applications so insomuch that some are effective at removing (usually after the event) malware then some may have some value but it has been my experience so far that they are overpriced for what they actually do. With the notable exception of Malwarebytes.


Sent from my iPhone using Mac Forums

Cr00zng
05-02-2016, 09:19 AM
"In my view, OSX cannot reliably protect itself and it needs help. There are a number of antivirus products available for this platform and they are getting more and more effective."

More and more effective against what exactly?

Against malware, it's not like Apple platforms are immune to it...

https://www.eset.com/int/mac-malware-facts/

It's not unreasonable to say that "thermonuclear" level of security should account for the threat of malware...

Rod Sprague
05-02-2016, 09:27 AM
Looks like this really is rocket science.

pm-r
05-02-2016, 02:05 PM
Looks like this really is rocket science.


Phew… relief… Here I was thinking it was just me that was thinking the same thing… ;)

McBie
05-02-2016, 03:03 PM
Yogi, good post.
It would be beneficial for the readers if you could explain why you did the things you did.
What was the reasoning behind the steps you took ? Was it because of threats, vulnerabilities, .....

Cheers ... McBie

Lifeisabeach
05-03-2016, 12:12 AM
Against malware, it's not like Apple platforms are immune to it...

You make it sound like there is a platform that is.

yogi
05-03-2016, 07:25 AM
Yogi, good post.
It would be beneficial for the readers if you could explain why you did the things you did.
What was the reasoning behind the steps you took ? Was it because of threats, vulnerabilities, .....

Cheers ... McBie

Sure, however I think it's best explained on the level of threat vectors, rather than individual measures:



Attacker obtains physical access to device


This one is simple- if my device gets stolen, I want to prevent a thief from accessing any e-mails, messages, photos or details about me as a person that could be used to exploit for other thefts. So the passcode goes a long way here, but I wanted to prevent brute force methods. I also have the 10-wrong-entry-wipes-device setting switched on.




Attacker intercepts website traffic


This is simply because I have personally overseen cases where unencrypted web traffic allowed an IT department to see passwords, spy on banking interactions etc. That said, I don't trust many websites and how they're built. Having managed a range of web development projects, I can say for sure that security was not a priority in many cases before shipping. So I don't trust the operator of a site to put all the safety measures in place for me all the time.




Attacker intercepts local traffic (Starbucks, Home Wifi)


This is due to my travel. I use public Wifi often and use it for sensitive things at times. It could also be the Wifi at a client site (and we have some very high-tech clients) and I want to prevent any sort of monitoring or tracking, or siphoning off of information as much as possible.




Attacker gains access to cloud storage


I live paperlessly. That said, all my crucial documents are stored on my disk and had been on Dropbox. Given the recent legal debate around safe harbor between the EU and the US, combined with the fact that the US has lax privacy laws, I have been looking for alternatives. I also am not comfortable with the fact that someone at Dropbox can see my medical records, my client's documents, personal letters or family photos.




Attacker intercepts or gains access to messaging / e-mail


This one is simple - I simply don't trust Facebook. As a company, they have done nothing to gain my trust, and as such, I don't want to use WhatsApp unless I understand the business model behind it. I accept that WhatsApp is now encrypted, but they are still US-based and could become subject to US legislation requiring backdoors.

papagonz
05-05-2016, 12:55 AM
VPN Services: When I'm at Airports or Public Wifi hotspots, I always have ExpressVPN (http://www.expressvpn.com) enabled. They have very solid iOS apps, and a large network of servers. Unfortunately I have come across various places in Asia where their service is blocked, so I couldn't actually connect to the VPN server - another sign that a network may be prone to malicious activity - why would anyone block your from encrypting your traffic unless they want to look at it?

So expressVPN blocks the URL from showing up in the routers history?

yogi
05-05-2016, 09:14 AM
Yes, ExpressVPN creates a full tunnelm meaning the router can only see the tunnel and it's details, but not what's inside the packets (your URL).

Rebecca james
05-11-2016, 11:27 AM
First of all that was a great threat, I'm just concerned, do you think its safe to buy some VPN to log you instead on making your own VPN connection?

yogi
05-11-2016, 11:34 AM
Well, you would need someone to operate a VPN server for you, otherwise it's not VPN. You can operate it yourself, but I'm not sure what you mean by "own VPN connection".

What you need to look for is a VPN service that does not log you, so-called "logless" VPN. Obviously the tin-foil route would be to operate your own server, but this should be segragated from your local network.

Rebecca james
05-11-2016, 12:21 PM
That's exactly what I'm asking... I got it. what will you recommend if I'm concerned for 0 log ?

yogi
05-11-2016, 12:24 PM
As mentioned, ExpressVPN maintains a logless VPN - so I deem them safe for most users.

Rebecca james
05-11-2016, 12:45 PM
I have used once, it's been a great experience with ExpressVPN. they have mentioned that they are not recording any logs from any user's but I'm not convinced on that policy. In my thoughts, they are logging you (for sure) but they committed to never disclosed it. Like Hidemyass did

yogi
05-11-2016, 01:06 PM
It's possible, though highly unlikely. ExpressVPN is a fairly large provider with thousands of paying customers. From a PR perspective, it wouldn't be worth it. However, as mentioned before, to be extra safe the only route would be to operate your own VPN server.

We also must differentiate security from privacy. While a VPN provides security from the immediate environment, a logless VPN is only a bonus for privacy, not security itself. That said, if privacy is important to you (as it should be), ExpressVPN is a reasonable choice, but could be, as with any service, compromised.

Rod Sprague
05-13-2016, 12:18 AM
I add my vote to Express VPN, here in Indonesia where it really is a necessity and it has an iOS version for your iPhone as well.