Mailing List Archive
tlug.jp Mailing List tlug archive tlug Mailing List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Date: Tue, 12 Jun 2018 17:53:59 +0900
- From: "Stephen J. Turnbull" <email@example.com>
- Subject: [tlug] VPN?
- References: <1528618310.1210498.1402669344.48BE87D7@webmail.messagingengine.com>
David J Iannucci writes: > So I'm currently using PIA for VPN service, but thinking that I > need to make a change. I realize VPNs are far from being > one-size-fits-all, but does anyone have any recommendations? I don't really see why you think a change is a good idea. Your post suggests it's pure paranoia based on an inconsequential fault on a free wireless network. On the one hand, free WiFi services are frequently unreliable for various reasons, and on the other, OpenVPN Tech's programs seem to be competently-designed and well-maintained. My first take would be to ask the company and/or development community if they're aware of such problems. If you really want to change, I would recommend trying the new provider at all the locations you have used PIA before committing to spending money, although it's not all that much. > Incidentally, the main reason I want to leave PIA is that I cannot > use them on the free wifi offered at Apple Stores. Which means what? Does the VPN app issue warnings or error messages? If so, what? Does the VPN app appear to start and say nothing, but some other app that uses the VPN fails? What is that other app? What does it say about the problem? Have you tried with OpenVPN on a different platform (Android, Linux)? > (i.e. most secure). That makes me glad that I'm using it with PIA > now, but there's a weird limitation with iOS - it seems Apple will > not allow app developers to make their own OpenVPN clients and > offer them on App Store, but force you to use their "OpenVPN > Connect" app. I don't understand. A search for "openvpn" on the App Store and 5 minutes browsing the results finds at least 3 apps that connect to OpenVPN providers, and several more that find access points near you (if I understand the Japanese correctly). I didn't bother to look more. > A different free VPN that I found _does_ work at the Apple Store. What does "different free VPN" mean? A different provider? Or a different app? Or both? If PIA provides different endpoints to attach to the service, you could try a different endpoint (IP address or port) from the Apple stores. > Maybe it's the protocol used? I would think that the provider-supplied .ovpn would give the right configuration of the VPN app, so it's probably something to do with the underlying network. VPNs necessarily involving multiple layers of Internet protocols, the VPN using too large an MTU seems like a quick guess, although the docs suggest that you would see the connection "stall under active usage" rather than be completely unusable. > Finally, I do want to ask if anyone has any info about http://proxy.sh, Can't help there. BTW, like Curt I wonder why you're using a commercial VPN service for "security" in the first place. In almost all of my use cases, I'll be transmitting over HTTP (which is locked down with HTTPS) or an SSH tunnel (eg, git or a shell session). So the VPN encryption provides little, if any, additional security, but does impose costs (time, CPU and memory use, money). With a commercial service, a serious antagonist can probably see you going into the tunnel at the service, and maybe coming back out at the other end (if it's the NSA ;-), and they know you're trying to hide. It adds multiple points at which a MITM exploit can occur, unlike a direct TLS (HTTPS or SSH) connection. On the other hand, the point may be to provide "internal" IPs to roaming terminals, which is a common use of VPNs (ie, the "privacy" provided isn't security, but rather "internal" routing -- as far as your hosts are concerned, traffic between them is never routed through the public Internet). Steve -- Associate Professor Division of Policy and Planning Science http://turnbull.sk.tsukuba.ac.jp/ Faculty of Systems and Information Email: firstname.lastname@example.org University of Tsukuba Tel: 029-853-5175 Tennodai 1-1-1, Tsukuba 305-8573 JAPAN
- Re: [tlug] VPN?
- From: Curt Sampson
- [tlug] VPN?
- From: David J Iannucci
Home | Main Index | Thread Index
- Prev by Date: Re: [tlug] VPN?
- Next by Date: Re: [tlug] VPN?
- Previous by thread: Re: [tlug] VPN?
- Next by thread: Re: [tlug] VPN?
Home Page Mailing List Linux and Japan TLUG Members Links