The PureVPN Review: A Top Performing VPN?

PureVPN ReviewLooking for a review of the PureVPN service? You’ve got it! As you may know using a VPN is a popular way to increase your security online especially when using WiFi in public places like hotels, coffee shops or libraries.

While a VPN does not eliminate all risk it is probably enough for most people and is certainly a must-have service if you do a lot of web browsing, work or play over wireless or wired networks that you do not have control over (i.e. anywhere outside your home and even there if you have an insecure router).

Read on to find out how you can increase your security online (and enjoy services like Netflix regardless of your location).

About a month ago I heard from the team at PureVPN who had seen my review of the Witopia PPTP VPN service and were interested in hearing what I thought of PureVPN.

I’d just renewed my Witopia service and it was working pretty well for the most part although not quite as well as it had over my DSL connection back in the United States.

I’m now running over a 2 Mbps cable Internet connection in Central America and Witopia’s PPTP service was dropping it’s connection a bit more than I liked to see. It also wasn’t quite as fast connecting all the way from Central America to servers in the U.S.

A PureVPN Review Opportunity

When I heard from PureVPN I was pretty curious to learn more about their service because of the minor issues I’d been running into with the VPN I was using. They offered to give me a year of basic level service if I would be willing to share my experience with others.

I warned that I might have to write the truth even if I didn’t like using PureVPN but that didn’t seem to be a problem :) Guess they were confident enough in the product.

They also signed me up for their affiliate program so if you decide to use PureVPN and sign up through one of the links here I do get a commission.

You can go straight to the their website if you’d like of course but those of you who decide to click through one of my links here have my thanks!

So…now that we know about all that let’s see what there is to know about this Virtual Private Network.

The PureVPN Packages

There are three service levels you can get through the company:

You can pay on a monthly basis too ($9.95, $18.00 and $15.00/mo) but you will end up paying 20-26% more over the course of one year than if you just pay for a year upfront.

The Pure Gold plan gives you a dedicated IP address if that is something that you need. Most users will probably be best served with the Standard plan which is the one I’ve been using for the past month. The pricing is comparable to other services out there.

Using the PureVPN Service

While you can use the PureVPN service on Windows, Linux and Mac operating systems I’ve been running it only under Windows XP. Some of the work I’ve been doing requires the Windows OS so despite experience with Linux I haven’t been using it much lately.

Setup is extremely easy and if you can install programs on your PC you can get the VPN up and running without trouble.

PureVPN provides a handy connection dashboard program you can download that let’s you select the server you would like to use as well as the protocol (L2TP or PPTP). Once you choose both and enter your username and password you simply hit the big green “Connect” button and you are logged on in a matter of seconds.


PureVPN Dashboard

I’ve occasionally had problems connecting to a specific server (I usually use the Florida USA server because of it’s speed) and get an error message telling me the log in failed. If that is the case I simply choose another option such as Las Vegas, Los Angeles or Chicago and connect without further problems.

There are many other servers around the world in places like Singapore and Switzerland but I often want to appear to be based in the United States to the websites I visit so I usually run through the U.S. servers for convenience.

I don’t believe I’ve ever experienced a disconnect that wasn’t caused by a failure in my cable connection but sometimes it does seem like the VPN stalls so-to-speak which amounts to about the same thing especially if you are in the middle of downloading a large file.

I think the stall in connection I’ve experienced only occurs when I’ve been connected to the same server for more than 8 hrs. I haven’t tested this rigorously since I typically just disconnect and reconnect to a different server if a stall out occurs.

This seems to be the type of thing you have to deal with in relation to VPN services. Like I mentioned before the Witopia PPTP VPN had a tendency to just disconnect on it’s own recently. Perhaps there is a service out there that has a 100% reliable connection but I have my doubts.

PureVPN Speed Test

Of course no one is going to use a VPN for Internet security if it slows there connection so much that it is unusable.

Fortunately my experience with the PureVPN standard level plan is that it delivers some pretty good speed figures. My cable connection is currently rated at 2Mbps and performs at that level most of the time.

Running through the VPN I will usually get ~1.4Mbps when using the Florida USA server. I’ve tried a few and the Florida connection seems to have a slight edge over the others for me although Los Angeles also performs quite well and with low ping times (typically about 110 ms).

You can see a screen shot of my results below as well as see the video of the speed test in progress. As I mention in the clip this is a below average reading for me since I usually get over 1Mbps and a much lower ping number.

 PureVPN Speed Test Results


I don’t know if the slow results for today were based on a slow down with the VPN or with my local cable which has been unreliable lately.

Should You Use PureVPN?

The decision is up to you but I can tell you that I’ve been pretty happy with the service in the month that I’ve used it and am glad to have another 11 months of service left. I expect I’ll be renewing it as a paid subscriber when my initial year is up.

I can only compare it with Witopia so there may be other top of the line VPNs out there I haven’t tried but I do prefer PureVPN and even though I could use both at this point since I have a year’s worth of service in each I still connect to PureVPN every time I log on.

The do have a 3 day money back guarantee so you have a chance to reverse course if you try it and find that it doesn’t work well for your situation.

My call is that it is worth your while. The price is pretty standard, the software is very nice to use and the reliability has been good.

If you want to secure your Internet connection or just get access to U.S. only services like Hulu, Netflix and others you can get PureVPN service for yourself by clicking here.

If you’ve found this review helpful why not share it with others via the Facebook, Twitter or +1 buttons below? You can also check out my PC security guide right here.

Posted in Virtual Private Networks | Leave a comment

The Complete Witopia Review: Is the Personal VPN PPTP Service a Good Choice?

witopia-reviewI wrote a brief review on Witopia’s PPTP personal VPN service a few months back and thought now might be a good time to revisit it with an updated review not only because

I’ve had a chance to use the service for several months but also because it’s one of the top search terms leading to this site. That tells me some folks out there are trying to get an idea of the quality of service Witopia provides.

We’ll break this review into three sections:

  • About Witopia’s PPTP VPN service
  • Based on my experience with it could the service be a good choice for you?
  • How to set it up on your own PC

So, if you’re a “witopia review” Googler here’s a welcome to you! I’m assuming you know the basics of what a VPN will do to help you protect your privacy online but if not you might want to read the first couple paragraphs of my original Witopia review which give a brief look at what it’ll do for you.

About the Witopia personalVPN PPTP Service

By the way I’m not currently affiliated with Witopia in any way other than being a customer. I did look into becoming an affiliate but it seems they don’t have an open affiliate program at the moment so that didn’t go anywhere. On to the info…

Witopia offers three different Virtual Private Network services:

  • PersonalVPN – SSL/PPTP Combo
  • PersonalVPN – SSL
  • PersonalVPN – PPTP

Since I was trying to be frugal I went with the PPTP (Point to Point Tunneling Protocol) option which is the most affordable at $39.99/year.

If you’ll be connecting from many different locations and want a VPN protocol that is less likely to be blocked you may want to go with their top tier service (the $69.99/year SSL/PPTP combo) since it provides the most alternate connection options.

The personalVPN – PPTP service doesn’t require any third party software and works on many different platforms including:

  • iOS devices (iPhone, iPad, iPod Touch)
  • MacOS X
  • Windows 7
  • Windows Vista
  • Windows XP
  • Linux
  • Android OS
  • Symbian OS
  • Windows Mobile

One of the things that attracted me to Witopia for VPN service was the huge number of servers available worldwide. The list is too big to include here but you can check it out on Witopia’s product page.

How Has It Performed?

What we really care about is how well the service performs for us, right? I’ve been very happy with it overall.

My connection speeds are always quite fast and I never feel as though I’d be better off speed wise if I didn’t route my traffic through the VPN.

Here’s a screenshot of my latest speed test which topped out at 1.4Mbps on my DSL line limited to 1.5Mbps.


I do occasionally experience trouble connecting to the server in one city but can usually resolve that by using another of the connection options (i.e. connecting through Dallas if the Los Angeles server fails to connect).

This is not what I’d call a frequent occurrence but it has happened perhaps 5 times in the past four months. Just setup a couple different connections to different servers and all it’ll take is a couple clicks to get online if you find your connection to one server isn’t successful.

Getting disconnected from the VPN server in the middle of web browsing is a rare occurrence indeed which is a good thing…obviously.

I haven’t had any need to contact Witopia for support so I can’t evaluate their customer service but of course the best customer service is a trouble free product.

How To Set Up the Witopia VPN

Getting your system set up to use the PPTP personal VPN service is super easy. I don’t have every platform that it is compatible with but I’m guessing many folks will be using it on a Windows system.

I’m running Windows XP (hard to believe it’s about a decade old isn’t it?) so the set up video I include will demonstrate a Windows XP set up however the steps are very, very similar for Vista and Windows 7 so don’t be scared off.

As a brief aside: If you haven’t noticed I recently released a guide that includes HD narrated how-to video and step-by-step instruction not only on how to set up a VPN on your PC but also secure it and your files from thieves, snoops, prying government agents and the like using encryption and other cool tricks. You can read more about the guide here.

Getting back to the matter at hand…

…before you get started make sure you have your username and password created/assigned when you purchased your VPN service. All the other setup information is available through the support wiki on Witopia’s site. I’ll post the steps below the video if you’d like to reference them.


1) Go to Start > Settings > Control Panel

2) Open Network Connections

3) Go to the File menu and select New Connection

4) In the New Connection Wizard click Next & select Connect to the network at my workplace

5) Hit Next and select Virtual Private Network Connection

6) In the Company Name field enter whatever name you want to identify the connection as. It’s up to you and won’t affect the functionality of the connection.

7) Select Do not dial the initial connection

8) Hit Next and enter the server address for the Witopia server you wish to connect through. You can find the list of options here (in the video I use the server address which out of Toronto)

9) Hit Finish to complete the set up. A window will open asking for your username and password. Once you enter those credentials you’ll be connected and should see the little connection icon in the notification area by the clock in the bottom left of the screen.

That’s It!

Once you’ve completed the process once it’s super easy to run through it again to create multiple connections to different Witopia servers worldwide in case you wish to connect via a different server in the future.

Here’s the link to check out the Witopia service options:

Are you a fellow Witopia user? Leave a comment and tell us what your experience has been. Also, if you think this review would be useful to folks you know be sure to share via the Twitter and Facebook buttons up top!

Posted in Virtual Private Networks | Tagged , , , | 25 Comments

How To Hide Your IP Address Using the Free Ixquick Proxy – w/Video

You’ve probably heard about IP (Internet Protocol) addresses and how they can be used to track your activity online but did you know it’s fairly easy to obscure your IP address to cover your tracks?

Since IP addresses are one of the primary identifiers on the Internet the ability to hide your IP address is very important from a web privacy and anonymity standpoint.

There are a few different tools you can use to hide your ip address:

Come to think of it you could say these are all just variants of the proxy server idea. Today let’s look at a quick and easy way to use a free proxy server to mask our system’s ip address. It’s not particularly advanced but it can be handy for a level of anonymity especially for temporary use.

Using the Free Ixquick Proxy Server

The Starting Page search engine by Ixquick is intended for the privacy minded search user and (according to their privacy info page) doesn’t keep logs of your ip address or search keywords.

Another cool feature of the search engine you might not immediately notice is the option to access search results via a proxy server. Why would you want to do that?

When you go to the search engine doesn’t record your ip address however once you enter a search phrase and click one of the results the website you click through to visit can and usually does record your ip address. The third party website can also use tracking cookies to identify you on future visits.

Note: Skip down to see the video how-to…

Here’s what the website sees when I visit it directly without going through the Ixquick proxy:

How to hide your ip address

That IP information, along with the type of web browser I used, is what any other website I visit will see as part of my identifying information.

But suppose I got to and search for “what is my ip address.”

My top result is the website I just mentioned:

how to hide your ip address: search results

Notice the link that says “View by Ixquick Proxy” in the image above? That is what you want to click to access the web site through the proxy server which will hide your ip address.

When we access the site through the proxy server we get the result below. Notice how the IP address and location is different then my original results shown above where I accessed the website directly.

ip address hidden with proxy

Here’s a little video illustration of the Ixquick proxy in action:

Not Perfect, But It Is Free

Using the Ixquick proxy server to hide your IP address isn’t the most advanced and functional way to use a proxy server for Internet anonymity but it is a handy tool for times when you might not have access to your normal computer or software. Perhaps at an Internet cafe or the library.

Give it a shot and let me know what you think. If you have other suggestions for free, easy-to-use proxy servers you can share those as well!

Posted in Anonymous Browsing, Search Engine Privacy | Tagged , , , | 3 Comments

How You Can Get Free Access to the Upcoming Art of Privacy Guide

We have more than that here...

Update: The Art of Privacy is now available for purchase so access for testing is now closed. You can read more about it here. Thanks beta testers for your feedback!


It’s been a little quiet around here lately hasn’t it? Well, there has been a reason for it and I believe it’s not that bad of a reason either.

I’ve been working on The Art of Privacy Guide. I gave it the tag line, “Top Secret Level PC Security for Non-Geeks” to give a little clarity to what it exists to accomplish. I said something about “free access” though didn’t I?

Here’s the deal: I need your help to make sure this product is worthy of sale in the near future so I’m looking for folks willing to test it and give me feedback. This is a highly prestigious position mind you, so I’ll have to limit access to 20 passes for now. The cool thing is that those are 20 free access passes.

Here’s the “sell” and I’ll tell you more about how you can help towards the end. Please have your tin-foil handy for fashioning into a hat of your liking!

About The Art of Privacy Guide

Are you concerned about deteriorating privacy?

Would you like to know your confidential data is safe from prying eyes even if your laptop is stolen or seized?

Perhaps you’ve been wondering how you can surf the Internet safely and privately even while using public Wi-Fi?

These are exactly the problems that are covered in The Art of Privacy Guide: Top Secret Level PC Security for Non-Geeks. I’m not kidding about the Top Secret level security either! Here are some of the things you’ll learn:

-How to prevent your online accounts from being high-jacked (Facebook, Twitter, Amazon etc.)

-Techniques that will help protect you from identity and credit card theft

-An easy, reliable way to use Top Secret approved encryption to keep your personal files locked tighter than Ft. Knox.

-Where to find & download quality, free anti-virus software

-How to bypass many forms of Internet censorship

-How to never lose your irreplaceable documents & digital photos again

-Ways to hide your location & IP address from websites you access

-Simple techniques for private browsing and search engine use

-How to lock un-authorized users out of your PC

I’ve been involved in the IT industry since 2001 and while I’m not an all-knowing, uber-skilled, hacker-turned-security-consultant I have learned about some helpful PC privacy techniques and how to help non-geeks make the most of the technology available to them.

My goal with this course is to help you get your Windows PC set-up for excellent security and privacy with the minimum amount of effort on your part. In fact it shouldn’t take you more than an afternoon to create a greater level of digital security and privacy for yourself than most people ever achieve.

This material is focused on getting you up and running rather than discussing the various minutiae of this or that protocol and other technical information only useful to Information Technology devotees. I know you are looking for effective solutions so you can focus on the things that are important to your life.

Becoming a tech-geek probably isn’t one of them which is why this course contains the following materials specifically to make your life easier:

-A membership format website with 7 steps you should follow to get your PC to Top Secret level security

-Author narrated, 1280x720p HD video tutorial clips illustrating each of the 7 steps towards enhanced privacy (you can follow along to complete the steps on your own PC)

-Specific recommendations for applications and services (most of which are free to use or download)

-Brief, straightforward explanations on why each step is important and how it will help you

BONUS: You’ll also get access to a bonus section of the course with tips and techniques on how to prevent the theft of your laptop or other mobile gear.

How You Can Help

If you’d like to get free access to the Guide as a tester let me know in the comments right here on this site and I’ll get you a login pass (it’ll come to the email address you use to comment). Your solemn responsibility as a test user is to:

  • Let me know of any typos or other errors
  • Assess whether the Guide lives up to it’s billing above
  • If it does not what can I do to improve it

This can all be done via the comment system within the Guide membership site itself.

Many thanks! Looking forward to seeing you on the inside!


Image credit

Posted in Anonymous Browsing, Encryption, Hijacking, Personal Privacy, Search Engine Privacy, Strategy, Theft Prevention, Virtual Private Networks | Tagged , , , , , , , | 4 Comments

Why “I’ve Got Nothing To Hide” Is Such A Fallacy

Nothing To Hide?

One of the first things that seems to come up when privacy is discussed, be it online or off, is that if you don’t have anything to hide you shouldn’t care what is known or can be discovered about you. This argument frustrates me immensely.

It seems to assume at least two things:

  • The party seeking information about you has pure motives and intentions
  • You do absolutely nothing that could ever be construed as suspicious/controversial by anyone

Do You Really Have Nothing To Hide?

It shouldn’t be necessary to explain that not all parties who want to know things about you have in mind your long life, vibrantly good health, as well as a very large pot of gold and are just trying to track you down to hand it all over. Surprising as it may be, this is not the case. In fact information on you may be gathered for any number of reasons be they sinister or not.

  • To suggest products or services you may find useful\desirable
  • For social or political embarrassment
  • To implicate you in a crime either based on truth or fabrications
  • To gain power/influence over you
  • For identification of popular opinion, preferences or other trends
  • To effect a burglary or other crime with the lowest risk:gain ratio for the criminal
  • For more effective censorship or repression

Naturally all this is done by human beings (perhaps assisted by androids and computer technology) but not always in exactly the same way.

The intrusion could come from:

  • Individuals (Stalkers, private investigators, neighbors, curious folks etc.)
  • Groups (Governments, corporations, committees or activists…)

Your situation may be different than mine and the potential privacy intruders will differ. A friend I knew was worried about people from his past finding him on Facebook.

I also know of a family who was tracked by private investigators at the instigation of the kid’s grandparents who disapproved of the parents choices. If I remember correctly they picked a lifestyle that differed from the grandparent’s. This made them unfit to raise the children from the grandparent’s point of view.

My grandparents are generally okay with my life so private investigators don’t seem to be a problem. I’m not particularly worried about stalkers either since I’m not famous and haven’t dated, and subsequently broken up with, any crazy people. However, anti-statist that I am, government surveillance and data collection is often on my mind.

If It Looks Suspicious It Is Suspicious

I’ve mentioned before how I enjoy paying with cash for everyday things (and unusual items as well) unless I have a compelling reason to do otherwise. It’s a sort of miniature victory for independence and personal liberty. If you tend to see it that way also, take note: according to the Dept. of Homeland Security you are a suspicious individual (around the 3:35 mark in the clip).

I bring this up because in a world where simply paying with cash is considered a reason to investigate someone we can count on our Internet activity being analyzed and our mobile devices searched not just by hackers and border agents but by our Internet providers and the local cops. We could take the “I’ve got nothing to hide so who cares” approach.

Alternately we can recognize that we all have things we can and should wish to hide. They aren’t criminal or even controversial. They’re simply personal and shouldn’t have to be revealed to anyone who you don’t wish to be in-the-know. Not even the state -which is simply a group that styles itself at least one level above all others.

Those things will vary depending on whom we’re hiding them from but to pretend that we don’t care at all is like saying you wouldn’t mind living in a glass house. Maybe that person you know who is always sharing Too Much Information or perhaps a nudist woudn’t mind a figurative or literal glass house but most people would mind very much indeed.

Do you really want a laptop thief going through your contact list?

Your bank account information gathered from a dumpster?

Your phone consultation with your lawyer monitored by those involved in your prosecution?

Do you really think those Google searches about violent groups in Somalia will look just as much like a university research project to an FBI counter-terrorism agent as they did to your professor?

Identical pieces of information don’t always mean the same thing to all people. Perspective makes a difference and to say that it doesn’t matter who is watching because you’re only involved in innocent, harmless activity is to ignore that difference.

“If it looks suspicious it is suspicious.” The Dept. of Homeland Security wants you to be a moronic automaton and a snitch.

Don’t do it.

If it looks suspicious it looks suspicious.

Be prepared to think critically and guard your privacy from whomever would intrude on it without your permission. Please avoid DHS educated androids as well when at all possible.


Note: Thanks to Corbett Barr at for influencing this post with his advice on writing what what you really think. Workin’ on it.

Photo credit

Posted in Personal Privacy | Tagged , , , | 1 Comment

How To Keep Your Google Searches Private

How to keep your google searches private

Google knows what's on your mind...

Do you walk around constantly talking aloud to yourself? OK, what I actually meant was do you know that you are constantly walking around talking aloud to yourself.

Like some people, I usually try to avoid spewing my thoughts in verbal form without running them through a bit of a filter and only letting out what I really want to say.

It’s more polite, gets you in less trouble and makes you less interesting. I suppose the last point could be debate-able.

If you stop to think about it using a search engine can be like turning on your own personal Mindless Babble Mode. With that in mind remember that Google -the most popular search engine by far- knows a lot about you. It knows you are trying to learn how to tie a tie, figure out what to name your daughter and that you are trying to lose weight.

Sites you click through to via Google search results know a lot as well. For example: the search words that brought you to the site and often your general geographic location as well. That’s why you see location relevant ads. In my own traffic logs I can see that someone has found this site by searching for “witopia review” and another by looking for information on “mac osx filevault.”

So far we know that:

  • Google knows your thoughts
  • You’re search words/phrases are shared with other websites
  • Google keeps a history of your searches

If this is all of no consequence whatsoever to you that’s alright. Check out Google’s homepage today. It’s the 50th anniversary of his inaugural address. “…We dare not forget today that we are the heirs of that first revolution…” and so on. That reminds me…I wanted to see Oliver Stone’s film, JFK.

But back to the matter at hand. If this does have some significance to you and you’d like a bit more privacy when it comes to search engines there are a couple little tricks to try.

Encrypted Search

If using Google the way millions every day is like broadcasting your thoughts far and wide, then using Google’s encrypted SSL (Secure Sockets Layer) search is like speaking quietly through a soundproof tube.

To get to this more secure version of the search engine you’ll have to type into your web browser. You should see a lock icon somewhere around the address bar at the top and the “s” in “https” indicates you are using the secure version. To simplify it for the future just make yourself a bookmark once you navigate to the site for the first time.

When using Google w/SSL your search information is transferred discretely to Google and the results return in the same quiet manner. Anyone who has access to the network in between your system and Google can’t easily discover what information is being passed back and forth. Or to use our other example, they can’t hear the discussion that’s going on within that soundproof speaking tube.

In addition any websites you visit from the Google w/SSL search results will only see that you’ve arrived via Google’s service but the search words you used will remain unknown to them. Keep in mind that Google itself will still retain search history information so if that’s of concern to you using Google w/SSL won’t help you in that area.

Just to review:

  • Google w/SSL is the discrete way to search with Google
  • Your search words & search results are hidden from potential eavesdroppers
  • Search words/phrases are hidden from third party websites
  • Google still keeps a history of your searches

An Alternative Challenger: DuckDuckGo

Any giant attracts audacious challengers it seems. DuckDuckGo is a 2+ year old search engine I found out about recently that is meant to remedy some of the privacy complaints Google users have voiced.

DuckDuckGo Features:

  • Secure search option (DuckDuckGo w/SSL)
  • Zero-click info (basically a box that shows you the “best” result without clicking the link)
  • More relevant results (pages deemed too spam/ad filled are filtered out to reduce clutter)
  • More privacy (no saved search history)

From a privacy standpoint the biggest difference between using Google w/SSL and DuckDuckGo w/SSL is that DDG doesn’t keep logs on your past searches. Just like with Google if you want to use the secure version you’ll need to type -or bookmark- the link to the encrypted version:

How To Get Started:

Choose one of the sites and create a bookmark/favorite in your browser for the secure version of either Google or DuckDuckGo.  Just click the appropriate link below. Once it’s bookmarked use it whenever you search.

Google w/SSL

DuckDuckGo w/SSL


Image credit

Posted in Anonymous Browsing, Search Engine Privacy | Tagged , , , , , | Leave a comment

I’m Not Paranoid Yet…Just Obsessed With Privacy Strategies


I seriously doubt that I’m paranoid. Of course no one will believe me now that I seem compelled to write about the so called art of privacy. How to encrypt your files, masquerade your way around the Internets -all that stuff. However I think there’s a difference between paranoia and obsession with privacy enhancing techniques.

I actually visited the website of Merriam-Webster via my secure connection and read up on the definition of paranoia. It says it’s a, “tendency on the part of an individual or group toward excessive or irrational suspiciousness and distrustfulness of others.”

Did you see that? It said excessive or irrational. So that means if I’m not excessively suspicious or distrustful, or irrationally so, then I’m fine. I’m a normal, well-adjusted person (whatever that means). No paranoia to worry about.

Excessive is tough because we can argue about what constitutes excess. For me just one TV is excessive so you won’t find one in my house. Maybe someday, but not now. For you maybe 5 is too many so you only have three. Irrational is something we can agree on though, right?! One definition of irrational is: “not governed by or according to reason.” In other words: unreasonable.

Alright, so that means if I’m really worried about something without reason then I am irrational. Ah, got it. Which brings me back to what I was saying about my doubts concerning my supposed paranoia.

Let me tell you a little story:

A few years ago I greatly reduced my credit and debit card use**. I’m somewhat allergic to debt so I had always paid my card balance off on a monthly basis. It wasn’t that I was trying to get out of debt or spend less money, I was just trying to spend less traceable money.

This was around the time of Eliot Spitzer’s downfall -although perhaps it an “upfall” or whatever the positive opposite is since it removed him from power- and I’d heard an interview where the guest explained how banks track cash flows with software and then turn their customers over to the government when they see something “suspicious.”

I can’t recall all the details now so I’ll have to go read up on it when I have a free day but it was enough to make me want to assert my independence and protect my privacy by using cash as much as possible.

Keep in mind this had nothing to do with high-priced female companionship. It was about my scheme to keep the banks and the government from knowing I spent $67.85 on 89 octane fuel at the BP station on Main St. last Thursday. And…some other things…

You have to agree that my privacy concerns weren’t irrational because there was a reason behind them. The reason = banks are known to analyze your habits for neutral actions deemed criminal by the state. So I made cash my privacy screen. I’m weird that way. It just feels so good to think that “they” don’t know what I’m doing with my money. It flows trickles into my account then it slips out the back door and that’s the end of that. I love it.

This did get a little inconvenient though. To fill up your fuel tank you have to go in, give some bills to the cashier. Pump your gas. Go back in for change, etc.

Imagine the thrill I got from discovering Speedway’s prepaid fuel cards. They are truly wonderful little things! You can put up to $999 dollars on the card. You can add to the balance at any time and when you use it at the pump you get a discount. Three cents off 87 octane, five off mid-grade and seven cents off premium fuel. Besides the security cameras it’s completely anonymous.

Why I’m not being irrational:

Was all this obsessing over untraceable money excessive? From a individual level assessment it probably was since I don’t have enemies in high places (that I know of). I’d argue it wasn’t irrational though given that we know:

In a similar way web users can be targeted for what Orwell called “thoughtcrime.” Your web activity can identify you as a thought-criminal.

Have you ever:

There are any number of interests or curiosities which can get you entangled in ridiculous but very serious trouble without any criminal intent on your part. For that reason I think it’s completely rational and rarely excessive to look for ways to protect your privacy. You may have seen them before but I’ll mention a few of my favorites again.

Oh, excuse me…I need to cut this short now! Black helicopters on the horizon…


**I’ve since relaxed a bit on this to take advantage of a few benefits that seemed desirable.

Image credit

Posted in Anonymous Browsing, Strategy, Virtual Private Networks | Tagged , , , , , | Leave a comment

6 Easy Privacy Techniques For Traveling With Digital Gear

Travel evokes different emotions. A vacation or adventure is the kind of thing to get excited about. A business trip might be interesting but it’s usually just fulfilling your job responsibilities and having a few meals out on the company card. Of course you probably have more exciting business trips than I do, right?! One thing you don’t want is fear or worry. In this case fear of privacy loss through theft, spying or confiscation of your digital gear and data.

When it comes to privacy matters a few easy techniques can make a big difference while on the road. When I’m in a new place I’m often more alert but also slightly disoriented as well. The increased alertness is good but the disorientation can cost you if you don’t have a few systems in place to protect your mobile gear and your accompanying data. When you aren’t playing a home game there could be a bit more risk that you’ll be a target for theft and if you travel by air or across borders you can count on prying eyes searching your possessions; digital and otherwise.

I’ll tell you about a few techniques I’ve thought of, read about or used in one form or another. The cool thing is most of them are free or very low cost. They’re also quite easy to put into practice. Here we go!

Lock 'em better than this...

1) Lock-down Your Files

Encryption is a cryptic subject but don’t let it scare you off! It’s truly very easy to use encryption software to secure your confidential data to levels that would make the FBI give up in exasperation, never mind a common thief.

The best way is to encrypt your entire system but individual files can be encrypted on a case-by-case basis if that seems more appropriate.

TrueCrypt is the ultimate free encryption software but some versions of the Windows and Mac operating systems include similar functionality.

Consider using:

For more on encryption check out another post of mine here.

2) Travel Data Free

Just because you need access to your files doesn’t mean you have to carry them with you. You can travel data free, or even device free, by using cloud storage and/or remote access software. One of the biggest losses when your physical equipment is stolen is actually the loss of personal files that were stored on the device as well as the loss of privacy if the files were easily accessible (i.e. not encrypted…see tip #1).

Since I think the risk of anyone searching my equipment and trying to force the password out of me is fairly low I use encryption for my travel however if I were regularly crossing borders I’d highly consider carrying data-free devices. This could be a plus if you’re pressured to reveal your password(s) which would render your encryption pointless. As I understand it the U.K. has particularly nasty legislation under which you can be coerced through government agents and/or court action into revealing your password(s) and various individuals have experienced similar pressure at U.S. borders as well.

For cloud storage services check out:

  • SugarSync (Free 5GB plan. Sign up through this link and get 500MB extra space!)
  • Mozy (Free to use up to 2GB)
  • Dropbox (Also has a 2GB free plan)

You can backup your data to the “cloud” and access it from any Internet connection while traveling. When you’ve reached your destination you can download the files back to your device or keep them stored online making modifications as needed.

To travel device free check out remote access software/services such as:

Obviously you’ll still need access to some type of device to connect to your home system. It could be a friend’s PC or a system at an Internet cafe or hotel. Or perhaps you carry your iPad but leave the laptop behind and access it remotely through the iPad. Readers of The 4-Hour Workweek will recall how Tim Ferriss used/uses GoToMyPC for access to his home computer(s) while traveling.

Follow the tracks...

3) Activate Tracking  \ Remote Lock & Wipe Software

Installing a device tracking application on your laptop or smartphone should be your backup plan in case your device is stolen or lost. It’s not a situation you want to be in but sometimes you can turn things in your favor. There are some interesting stories out there about how people have recovered their equipment through device tracking systems.

Some apps (usually the free versions) only have tracking capability but there are often paid versions with features that can potentially help you recover your gear.

Another thing to look for is the option to lock or remotely wipe your device to ensure that none of your data is accessed. That’s an especially important feature if you store credit card info or tax documents on your device.

Of course if you use encryption the data wiping feature isn’t really a big deciding factor.

Check out these tracking and recovery applications and services:

  • Prey (Works with Windows, Mac OS X, Linux and Android)
  • Lookout (Available for Android, BlackBerry and Windows Mobile)
  • iHound (For Android and Apple iOS devices: iPhone, iPad, iPod Touch)
  • Lojack (For Windows and Mac OS)
  • Find My iPhone (Apple’s service. Once part of MobileMe but now free for iOS 4.2+ users)

4) Keep Your Eye On The Gear

I know, I know…this one is so obvious however it also seems to be ignored much of the time. If you do a quick search for “stolen laptop” you’ll find any number of examples where the lifted item was sitting in plain sight just waiting for an opportunistic thief.

Be particularly careful in high traffic areas where there’s a lot of commotion or confusion that could distract you or anyone else from the fact that someone just lifted your iPhone from the table while your back was turned.

Airports put you in a tough position because you’re often separated from your possessions and distracted by the ritualistic security theater at the same time. According to a Wall Street Journal article from Dec. 2009 at least 330 TSA personnel have been fired for theft since the inception of the agency (it’s been around since 2001). Of course that’s only one group that has potentially unrestricted access to your possessions at the airport. You still have fellow travelers and airline/airport employees such as baggage handlers to consider.

When traveling by car remember to keep your gear out of sight in the trunk if possible. I’ve traveled with a fair amount of valuable equipment for much of the past few years and generally follow a few guidelines:

  • Keep everything in the vehicle out of sight if possible
  • When parking choose a mid-way point in the lot (not crowded but not isolated)
  • Park under a lamp when it’s dark
  • Park where you can see your vehicle while in restaurants

Another way to protect your privacy through theft prevention is to camouflage your equipment or make it invisible. You can read more about that here.

Very passive access restriction

5) Restrict Access

Restricting access goes along with camouflaging or hiding your mobile gear but is slightly different. It’s a bit more proactive and relies less on hope.

As in: “I hope no one breaks into my car since it’s parked under a light in an exposed area”. You can use “tough” active methods to restrict access as well as simple passive techniques.

A few examples:

  • Use lockable luggage or anti-theft backpacks\bags (like PacSafe products)
  • Carry locks to use w/lockers at hostels etc. (Matt @ suggests carrying two sizes of padlocks so you always have one that fits the locker you’re using at the moment).
  • Use the “Do Not Disturb” sign on your door in hotels. (I do this quite often to give the impression that someone could be in the room at all times. Plus I don’t like the hotel staff making my bed!)

6) Use A VPN

This is an important one. If you’re not familiar with Virtual Private Network (VPN) technology it’s usually described as a secure “tunnel” between your computer or smartphone and your VPN service provider. All the data traveling between your system and your VPN provider is hidden until it exits the tunnel via the provider’s gateways and goes out onto Internet backbone links.

Using a VPN allows you to:

  • Safely surf the web, email, IM, talk via Skype etc. while using an open network (coffee shops, hotels, libraries)
  • Disguises your location so you can appear to be connecting from a country other than the one in which you are physically present
  • Bypass Internet censorship
  • Avoid possible surveillance
  • Achieve greater privacy and anonymity than you would by simply using a web proxy

If you want a good VPN experience (high speed connection, no ads…) you’re probably going to need to pay for it. It’s not expensive though. I’ve written a little about Witopia’s personalVPN – PPTP service before. It’s what I use and can be had for $39.99/yr. I haven’t had any problems with it and it doesn’t seem to slow down my connection speeds at all (I haven’t measured back-to-back but I know I’ve gotten 1.4Mbps on my “up to 1.5Mbps” DSL line which is quite respectable).

Another VPN service that Lea Woodward over at suggests is 12VPN. Their basic service is only $35/yr although you are limited to 10GB of data per month ($69.99/yr for unlimited data).

I decided to go with Witopia over 12VPN mostly because of the better setup documentation available pre-purchase but also because Witopia has an impressive list of gateways in the Americas, Europe and Asia versus 12VPN’s gateways in the U.K., U.S. and Germany.

How I Practice What I’m Preachin’:

You might be wondering how much of this I actually practice myself. Fair enough. Here are some of the ways I use the techniques above:

  • I use TrueCrypt for encryption. I created a TrueCrypt container on the memory card in my Android phone to hold semi-sensitive documents. I also use TrueCrypt on a portable USB hard disk I use for data transfers and backup.
  • I don’t travel data-free but I do use SugarSync for cloud storage so the option is available to me. I actually don’t have a personal laptop at the moment (bought one but haven’t picked it up yet) so the only personal device I travel with is my smartphone. I prefer not to carry my Dell desktop and 19” LCD with me! I also use GoogleDocs as a cloud document creation and storage solution.
  • I installed the free version of Lookout on my Droid X some time ago for tracking and backup but while I was writing this article I got to looking at the features of Prey versus Lookout and I may switch. Actually I could run both for a while to see what I like best.
  • I described a few of my techniques for keeping an eye on the equipment I’m responsible for.  See #4 above.
  • When traveling and staying in hotels I restrict access via declining housekeeping service (the “Do Not Disturb” sign). I also tend to keep my gear on my person or in a locked location.
  • I use Witopia’s personalVPN – PPTP service for security/anonymity over open networks as mentioned above.

Any tips to suggest?

There you have it folks. I’m sure there are other great techniques you know of. If you’d like to share one leave a comment and help round us out to a perfect 7 Easy Privacy Techniques For Traveling With Digital Gear!

Image Credits: 1, 2, 3.

Posted in Anonymous Browsing, Encryption, Theft Prevention, Virtual Private Networks | Tagged , , , , , , , | 4 Comments

Are You Missing Out On Free Encryption Software?

It's Kind Of Like Free Encryption...Most People Have It

Drive and file encryption is probably the most foolproof way to ensure that data you consider confidential remains so.

You’re probably familiar with it to some extent but if you’re not up on the technical side of things encryption is pretty much just scrambling information in a particular pattern.

Only the person(s) who have the key to reverse the process can decrypt and read the data.

Some types of encryption are stronger than others but we’ll leave that for another time. The software we’ll be looking at for encryption here should all support 256-bit AES (Advanced Encryption Standard) encryption which, to put it simply, is some crazy stuff. Basically it takes so long to try and crack into anything encrypted with 256 bit AES that it’s not worth it unless the cracker knows that the encrypted file contains the truth about Area 51, who killed JFK and why they did it or some other reality altering information.

Your Unknown Cryptographic Powers

I can almost guarantee that you have some form of drive or file encryption software on your computer right now. If not, or if you want third party options, there are some great applications for the purpose that are free for download and use. We’ll cover the standard software included in the Windows and Mac operating systems first.

Encrypting File System (EFS)

Many Windows versions (barring the Home Editions of XP, Vista and 7) support Microsoft’s EFS which allows you to easily encrypt individual files and folders. It’s not the most secure way to protect your data but it is a step. The Microsoft support site has steps for encrypting both files and folders in Windows 7.


BitLocker Drive Encryption is available for users of Windows 7 or Vista provided you have either the Ultimate or Enterprise edition.  BitLocker is a whole drive encryption solution so if you only want to protect a specific file or maybe your folder with tax info you should go with EFS. Ultimately a fully encrypted drive with BitLocker is preferable but then again an EFS protected folder is better than having zero defenses.


Mac OS X 10.3 “Panther” and later systems include the FileVault application which allows you to encrypt your entire home directory. FileVault setup instructions on

Disk Utility

This is Apple’s multi-functional app for hard drive related tasks in Mac OS X. There’s a similar dynamic to the Windows software we looked at above. It’s capabilities go beyond those of FileVault in that you are able to create a self contained encrypted disk image as opposed to only securing the home directory. Apple’s support page has a how-to here. Macinstruct has another.

The Good Stuff: Third Party Apps

I have third party applications listed last here not because they are less preferable solutions but simply because they are third party. Makes sense to start with what’s included on your computer already right?


I think TrueCrypt is the ultimate. You can create a large or small encrypted container into which you dump all the stuff you want protected or you can encrypt the entire drive if you’re running Windows. All the features of TrueCrypt except for full drive encryption work on Mac and Linux as well as Windows. Also, unlike the OEM software listed above TrueCrypt has a much stronger reputation and has withstood some powerful attempts to crack volumes encrypted with it by both Brazilian and U.S. government agents. Download TrueCrypt here and check out the how-to and support documentation here.


This is another nice little tool for Windows users. It’s primarily a free compressed archive creation program. You may be familiar with WinZip…7Zip is similiar. I’ve included it here because it has an encryption feature that lets you create an AES encrypted archive file. Might be helpful if you want to protect individual folders you plan to put on a thumb drive or transfer over the web. Find out more and download it here.


Image by: St_A_Sh

Posted in Encryption | Tagged , , , | Leave a comment

How To Detect A Potential Facebook Hijacker

At least they warn you...

Account hijacking really exploded on the Internet scene lately with the release of the Firesheep extension for Mozilla’s Firefox web browser.

The Hijackers Toolkit

Firesheep is really just a very automated way to use a technique called session hijacking that has been around for a long time. What happens is that when you connect to various websites (this problem isn’t limited to Facebook but it’s a popular example) a small file is created on your system related to that particular session. Maybe we can think of it like a movie ticket or ski pass. It’s a pass for a session of cinema enjoyment or shredding on the slopes right?

Well any prankster or malicious person can download the Firesheep extension which is then added onto their Firefox web browser. If the prankster \ villain activates Firesheep while their computer is connected to an open network like you’ll find in cities everywhere, Firesheep will attempt to grab the virtual, digital “ski passes” floating around on the network. It can then use this pass to impersonate you when connecting to a website.

The villain (I’m tired of calling him a prankster \ villain so we’ll just say he’s all evil) is given a list of available people to impersonate which looks similar to the list of friends available for chat in IM. Click on anyone from the list and a connection is made to Facebook or whatever site the victim is using. Get this though: it’s made with the victim’s “ski pass” so the website lets the villain into the account just like it would the authentic user. It’s as if two people are on the slopes using the same pass but the ticket checker at the lift doesn’t know the difference.

From there it’s a simple matter to mess with account settings, post embarrassing updates and so on. More than embarrassment is at stake though. Remember the stories about people getting fired for things they put on Facebook or MySpace? People have been investigated by the cops for tweets as well.

How Can I Detect A Hijacker?

Okay, you get the idea that bad things can happen and how they happen. What’s a simple and free way to detect villains trying to find someone to impersonate?

Shortly after the popularization of Firesheep a company called Zscaler came out with a detection add-on for Firefox called Blacksheep. You have my sincere apologies for all these name permutations. I didn’t come up with ‘em!

Blacksheep creates fake session information (a fake “ski pass” to continue with our example) and sends it floating out on the network. Firesheep essentially grabs these fake passes and asks for more identifying itself in the process. Really?! What would you expect to happen if you walked up to a stranger and asked insistently for his ski pass a couple times?

When Blacksheep has detected an active Firesheep villain it then throws up a notice telling you “Somebody is using Firesheep on this network…”. That’s your cue to avoid logging into any accounts that could be hijacked such as:

  • Facebook
  • Twitter
  • WordPress
  • And so on…

Beyond Detection

For real security and protection from hijacking attempts like this you want to use a Virtual Private Network (VPN) or connect only over a Wi-Fi connection that has WPA security enabled. Most public wireless is completely open \ insecure so if you do a lot of surfing at Starbucks or another public hotspot you’ll want to consider getting VPN service. Check out the Topics section for other posts on actually protecting your system from this kind of snooping instead of just detecting attempts.

P.S. You can see screenshots of Firesheep here.


Image by: Sdot Cruz

Posted in Hijacking | Tagged , , , , , , , , | Leave a comment