Upgrade to Pro — share decks privately, control downloads, hide ads and more …

VPNs

 VPNs

Ec25d046746de3be33779256f6957d8f?s=128

luke crouch

January 08, 2021
Tweet

Transcript

  1. VPNs Luke Crouch

  2. About Me • Privacy & Security Engineer, Mozilla • Board

    Member, Techlahoma
  3. Disclaimer: I work for a VPN company • Mozilla VPN

    • We partner with Mullvad • (more details later)
  4. What’s a VPN?

  5. Virtual Private Network

  6. restoreprivacy.com/vpn

  7. How to pick a VPN?

  8. Easy, right?

  9. Oh wait

  10. The dreaded question from tech support …

  11. What are you trying to do?

  12. What are you trying to protect?

  13. What are you worried about?

  14. Mozilla Research “Thinking about an average day in your life

    what risks or threats seem important to look out for in your world, whether online or not?”
  15. Top 5 Answers • Malicious software (spyware, viruses, ransomware) •

    Someone getting my password and taking over my accounts • Scams that trick me into giving up personal data (online, email, or phone) • My personal data being stolen when it’s sent between my computer and the internet • Someone hacking a service that I use and stealing my personal data from the service
  16. Top 5 Answers • Malicious software (spyware, viruses, ransomware) •

    Someone getting my password and taking over my accounts • Scams that trick me into giving up personal data (online, email, or phone) • My personal data being stolen when it’s sent between my computer and the internet • Someone hacking a service that I use and stealing my personal data from the service VPNs are designed for this one
  17. restoreprivacy.com/vpn

  18. Let’s dig into that a bit …

  19. https://www.eff.org/pages/tor-and-https

  20. None
  21. None
  22. None
  23. None
  24. None
  25. None
  26. protects user/pw & data

  27. None
  28. None
  29. None
  30. None
  31. If you’re only worried about a hacker stealing your password

    over WiFi, https is probably enough* * attacks against https are possible, but harder than http
  32. If you’re worried about … • A hacker on WiFi

    attacking https • A hacker on WiFi seeing which sites you visit • Your ISP seeing which sites you visit • Your government seeing which sites you visit
  33. Then you want a VPN

  34. So what does a VPN do?

  35. None
  36. VPN connection VPN Provider

  37. VPN

  38. VPN VPN VPN

  39. A VPN protects ~all the data from “local” hackers and

    your ISP
  40. But … once your data leaves the VPN …

  41. VPN VPN

  42. The VPN is only hiding your location* * more on

    this later
  43. VPN VPN VPN VPN

  44. So what you really like is VPN AND https

  45. VPN VPN

  46. VPN VPN VPN VPN

  47. Now, almost all VPNs solve the “local hacker” and ISP

    problems (or they’re not really a VPN)
  48. When you use a VPN, you’re basically using a different

    ISP
  49. VPN

  50. But some VPNs are as bad or worse than your

    ISP
  51. Again: how to pick a VPN?

  52. You probably don’t want a free one

  53. VPN > 💰

  54. So, how to pick which VPN to pay for?

  55. Well, if they all protect from local hackers and your

    ISP, what else are you trying to do?
  56. What else are you trying to do? • Bypass geographic

    restrictions on websites or streaming services • Hide your true location • Bypass internet censorship • Avoid online tracking • Downloading media
  57. Not everyone wants to know about everything, so …

  58. let’s talk about 3 main features

  59. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN log your data?
  60. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN keep logs of its data?
  61. How fast is the VPN?

  62. Because if it’s great at privacy but terribly slow, you

    won’t use it
  63. restoreprivacy.com/vpn/fastest

  64. fast.com

  65. show more info

  66. What affects speed • Your physical connection: WiFi or wired

    Ethernet • note: wired Ethernet also most secure • The physical distance between your computer and your destination • The bandwidth of the network between your computer and your destination • The networking protocol used
  67. 2 kinds of speed • Ping/Latency • Bandwidth/Speed

  68. 2 kinds of speed • Ping/Latency • Lower is better

    • Important for fast web browsing, gaming • Bandwidth/Speed • Higher is better • Important for streaming, downloading
  69. Ping/Latency has a lot to do with the 2nd main

    feature
  70. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN log your data?
  71. If there’s a server close to you, you’ll get better

    speed
  72. Most VPNs show you where they have servers

  73. If you care about security but not privacy, you might

    be able to stop paying attention now
  74. Next, you might want to see where the VPN company

    is based
  75. privacytools.io/providers

  76. Basically, these countries may be sharing data with each other

  77. And corporations in these 14 countries may be sharing data

    with each others’ governments
  78. So if you’re worried about hiding your traffic from your

    government …
  79. You may want a VPN provider who is NOT based

    in one of “5 eyes” countries US, UK, Canada, Australia, New Zealand
  80. privacytools.io/providers/vpn

  81. 3 main features • How fast is the VPN? •

    Where is the VPN based, and where does it have servers? • Does the VPN keep logs of its data?
  82. restoreprivacy.com/vpn-logs

  83. Types of VPN logs • Usage logs - mostly free

    VPN apps, which are basically spyware • Connection logs - used to optimize and trouble-shoot the VPN network • Some VPNs do this while claiming to be … • No logs - don’t log anything • Makes it hard for the VPN operator to enforce some restrictions
  84. 3 main features • Main Security Feature • How fast

    is the VPN? • Where does it have servers? • Privacy Features • Where is the VPN based, and where does it have servers? • Does the VPN keep logs of its data?
  85. Here comes the shameless promo for Mozilla VPN …

  86. privacytools.io/providers/vpn

  87. privacytools.io has the highest standards for recommendations I’ve seen on

    the ‘net
  88. and they recommend Mullvad

  89. Mozilla VPN uses Mullvad!

  90. We also use WireGuard for speed

  91. We’re actually cheaper than Mullvad $5/mo vs. $5.50/mo

  92. How?

  93. Mullvad gives us a discount because we can help them

    reach so many Firefox users
  94. Speaking of Firefox …

  95. If you already have a Firefox Account (of course you

    do) …
  96. Signing up is super easy!

  97. vpn.mozilla.org

  98. And speaking MORE of Firefox …

  99. Live Demo!

  100. Questions? • What is a VPN? • How a VPN

    works? • How to pick a VPN? • How is a VPN different from HTTPS? • How fast is a VPN? • Where does a VPN have servers? • Where is a VPN based? • How do I give you cash-money for this awesome Mozilla VPN?
  101. Location? How?

  102. IP Addresses

  103. IP Numbers

  104. kinda like Phone Numbers …

  105. This is your IP address https://iplocation.com

  106. This is your IP address on a VPN https://iplocation.com