Why VPNs are essential regardless what others say

I tweeted during a ride on the Manchester Metrolink tram but things didn’t seem to come across as I was hoping.

My main point is the image from the mainstream media is VPNs is for pirates and the darkweb. But in actual fact its part of modern day web usage.

I was trying to tweet something but needed to look for a slide presentation which I thought I had on slideshare.net. When looking at slideshare on the metrolink wifi I got a Cisco page about content filtering.

I thought this was just because some of my slides might trigger something but nope its the whole of slideshare.net.

I was pretty annoyed about the whole thing and fired up my home VPN.

Done…

Only took my journey from MediaCityUK to St Peters Square to do all this, hence the confused tweeting. Plus I couldn’t work out where the new Google assistant saves the screenshots.

Didn’t find what I thought I had on my slideshare but I did find it elsewhere, I’ll go into details in my next blog post.

 

Are you happy with the state of the mainstream net?

Pirate Markets & Guerrilla Libraries, with Balázs Bodó

I was listening to the Steal this show podcast season 2 episode 8 with Balázs Bodó and Jamie King. They were talking about how we have kind of gotten use to the way the net is and they are wondering where the innovation is coming from or going to.

It tweaked my interest as I have always got a interest in technology uses for legal and illegal purposes. Its that classic cat/cops and mouse/robbers scenario, I’m not saying technology is neutral, but the same technology can be used to liberate and enslave. I thought it might be nice to share some of the stuff I’ve got in my tabs/task list to look at…

Most of the good stuff I’ve recently been looking at is all about privacy and security, which has required me to get a lot more serious about my digital keys.

  • Asemica
    I have always been interested in Steganography, especially in clear view where you wouldn’t normally expect it. Securebook always interested me and I’m slightly responsible for inspiring the developer of that. But its not been update in a while and I always thought why can’t I use something else to generate the text required in a way which is clearly still readable?
    Because of this I’ve been looking for something like Asemica.
  • Zeronet
    I was originally looking at Zeronet for my decentralised dating idea but have always been interested in things like freenet from a long long way back. Its pretty neat and certainly ticks all the buzz words but has a solid idea built on open tech.
  • Keybase
    I can’t quite work this one out but I signed up to the alpha and have been trying it out for the last few months at least. I haven’t sent any GPG messages yet but getting my head around it all. The keybase file system is much more like a distributed dropbox and it doesn’t take a lot of thinking to imagine the possibilities.
  • ZeroTier
    This is what I’m using as a VPN for all my devices and its quite simple but effective. Its quite neat as it works like Hamachi and I have configured my server at home to bridge networks, allowing me to access my 1gig connection in the UK from anywhere. I haven’t played with accessing other networks yet but its in my tasklist to bounce around the world if needed.
  • TOR (the onion router)
    Does this one really need any explaining? So many people instantly think of the dark web and buying drugs, porn or worst. Well theres a lot more to the dark web than this and I’m seeing some seriously credible technology solutions built on top of TOR. Of course TOR project really lend its self to huge amounts of data bandwidth, but have you recently looked at the TOR Stem or TOR messenger?
    Theres other things I’ve seen which I’d rather not talk about which does the connection over TOR then switches to IPv6 afterwards for the bulk bandwidth.
  • Signal
    Remember that instant messenger system Snowdon used? Well its end to end encrypted messaging by open whisper systems and theres apps for most platforms including Linux and Android. Its pretty neat but if used in a careless way can’t really help you much. Some would say whats the point now Facebook/Whatsapp are doing the same? Well actually they are using Open whisper’s library, so clearly superior.
    Signal is starting to get a lot of people now and although it won’t be as popular as whatsapp, facebook messenger or even google allo; its pretty neat and bots are coming.
    I’d like to see shared identities, so both my mobile phone numbers (work & personal) combined. I could choose to message from either of them but also see both. A master identity of some kind?
  • Bitmask
    Encrypted VPN and Email, looking at it I thought it was a bit too good to be true. So I checked out and found its actually an implementation of the LEAP Encryption Access Project, which had a number of interesting projects including TorBirdy (TOR+Mozilla Thunderbird).

Less about privacy and security but still on my task list

Plex and Emby
Streaming your own media anywhere and everywhere is very attractive especially when you have a fast home connection. I have Plex installed but I’m certainly looking at Emby which seems to be the new kid on the block. Looking at it, Emby might play nicer with things like Kodi & VPNs maybe?

There’s many things out there if your curious and look around for better; for example I have on my task list hacking my Chromecast, which I seen someone has put the Plex client on a chromecast, got screen mirroring without wifi and even a DNLA client. Lets not forget EZcast and Miracast alternatives.

 

 

 

Open hamachi replacement?

Fiber optic bokeh

I wrote this 6 years ago, while looking at VPNs…

I use to love Hamachi, it use to simply work and it was very secure. The only problem is it got picked up by log me in and therefore hasn’t been developed in the way I would have liked. The Windows version has been developed but the linux and mac version are lagging behind in the lab. I also would like to see a Android app like how someone created a Windows mobile version.

Its been a while since I looked at VPNs for different purposes including privacy, anonymity, tunnelling, etc. I really wanted something like Hamachi mainly because Tor can do so much around anonymity, but there are things which I’d like to do like I was on my own network (tunnelling). Hamachi worked very simply and made something quite complex very simple.

I was looking at a few options including Bitmask, FreeLAN, Tinc VPN, WireGuard and ZeroTier. It needed to be open source or actually free software licensed. It needs to run on Linux and Android at least. I don’t mind if its got a commercial service, but I should be able to migrate away without having to replace everything again. It should also be straight forward, extensible, secure and work closely like standard networks. This is why I loved Hamachi, once you had a 5.x.x.x address, everything else just clicked.

I tried all but the ones which stuck out for me are Bitmask which is trying to build a complete system including secure email, vpn and hosting. I originally looked at Zeronet for the hosting side of things and I keep looking at GPG for secure email but its not high on my list currently. Bitmask seems too much, its a client of the LEAP project. One to keep an eye on in the future. FreeLan looked like a perfect replacement for Hamachi but having no gui was a real pain. I don’t mind messing with config files but sometimes I’d like to see whats happening without scrolling through the terminal. Tinc and Wireguard were cool but ZeroTier was ideal.

Zerotier runs on everything, the client is actually GPL v3. Its mainly command line/terminal for linux but easily installed and although you can do everything that way. Its not completely decentralised as you have a server which points the clients at each other. Once thats done, they can talk without the pointer. You can also setup your own server of course. At the server end, its The server allows you to configure the network which the clients join. You can also reject clients, add certs, etc. Its all so easy with a browser interface.

Now I’m connected over this VPN, I can do things like SSH, access my router settings without going via the WAN interface (something I hated about Hyperoptic’s router as its administrative login was on a WAN/public interface). This also means I don’t need to worry so much about securing PlexPy, Sickrage, etc, etc. This saves messing with certs. You can share networks across this too, allowing you to route networks; very useful when trying to get around web blocking, For example I was surprised my 3 tethered 4G connection was restricted to only ports 80 & 443 while roaming abroad.

ZeroTier seems to have everything at the moment, I am impressed and doesn’t take many resources which is great for mobile devices. Its simply another network but heavily encrypted.

Highly recommended so far…

Lesser known Google projects

Google unveils uProxy for Chrome, Firefox to help protect ‘free speech’- @757LiveTech

There seems to be a number of projects Google are developing which don’t get a lot of press attention. Here’s a few which have got me thinking…

uProxy

uProxy is a browser extension that lets users share alternative more secure routes to the Internet. It’s like a personalised VPN service that you set up for yourself and your friends. uProxy helps users protect each other from third parties who may try to watch, block, or redirect users’ Internet connections.

This project is an experiment in enabling people to provide each other with a more secure and private connection to the internet. At the moment, it is under active development and we are interested in working with a limitted number of testers to help develop the tool.

Yes can you imagine what fun you could have with uProxy and how easy it makes Proxying? Some Tor clients are simple but this could be really interesting as it adds a social aspect. This is fantastic for those trusted connections, such as friends whose ISP’s are blocking certain sites.

Google+ Ripples

I missed this and I’m sure many others did too. But Google+ Ripples visualises how things are shared on Google+. Now this might sound a bit lame as your not using G+ at the moment but the fact Google are sharing this data with the users, is encouraging.

Handwriting comes to Google

Gmail and Docs offer wide language support, however in some cases using the keyboard is less than ideal. Whether you’re a student trying to include a foreign phrase in your paper or an international consultant hoping to begin your message with a friendly local greeting, now you’ll be able to use your own handwriting to input words directly into Gmail and Google Docs with your mouse or trackpad.

Sound good, can’t wait to try this out. Be fun to try it on my tablet

Changes to the home network

Just about to make a number of changes to my ageing network.

First up, its time to upgrade my XBMC box in the living room, to something more modern and smaller. Right now I’m using a Lenovo Thinkcentre  A55 mini desktop machine to something smaller and can handle full HD without struggle (specially now I got my new full HD TV). A friend has suggested the Feteko MyGica EnjoyTV 510B, but what puts me off is the 10/100 networking and it runs Android.

My home network backbone is gigabit and most devices are gigabit including the Thinkcentre but after doing some recent reading and tests, I have concluded that the speed of reading data off the hard discs is slower than pushing it around the network. I was using NFS mounts for a while which seemed more efficient but I’ve switched back to Samba after not really understanding how NFS mounts work correctly and installing Plex Home server. Seems my Samba setup isn’t caching as much as I would have liked. This all in all means 10/100 device should be ok to receive media from around the network.

Android? My biggest issue with Android as the background operating system is I’m not certain its as flexible as Ubuntu and XBMC is still in beta on Android. Because this is my main XBMC box, it needs to be super reliable and play everything. I do want to get the live TV functionality in the Frodo release of XBMC working too.

On top of all that… I’m also looking to firmware of the Edimax BR-6574N router I have to the classic DD WRT firmware, mainly because I want to sort out a VPN into my home network.

Yes quite a few changes… luckily I got to use up my holidays before April

The History of File-Sharing

Anonymous DDC_1660_1

The Darknet is something I deep into for research purposes and to get an idea of whats emerging… However I keep having to defend the innovation, expertise and pure genius of the darknet. I use darknet in lei of a better word to describe the underground world of hackers. Crazy because theres so many examples out there.

Torrentfreak recently did a history of file-sharing which has plenty of examples of hackers and developers scratching there own itches.

BitTorrent has catapulted into a mainstream filesharing mechanism which is fast, efficient, and difficult to stop. Early versions of BitTorrent required centralized trackers to operate, but have later become able to utilize trackerless “torrents.” Increasingly BitTorrent users have grown concerned with their privacy. Indexes such as YouHaveDownloaded.com have been able to maintain logs of every file downloaded by IP, which has raised significant awareness to whether it is safe to download files through BitTorrent. In addition, many ISPs have been known to cap speeds when detecting BitTorrent downloads. As a result of these privacy concerns millions of BitTorrent users have signed up with Anonymous VPN services to mask their IP-addresses when downloading…

Simple VPN – Hamachi vs Remobo vs Wippien

I use to love Hamachi, it use to simply work and it was very secure. The only problem is it got picked up by log me in and therefore hasn’t been developed in the way I would have liked. The Windows version has been developed but the linux and mac version are lagging behind in the lab. I also would like to see a Android app like how someone created a Windows mobile version.

So I looked into alternatives because to be frank, I still don’t really understand PPTP VPN or IPSEC VPN.

The two I’ve seen which are similar to Hamachi is n2n, Remobo and Wippien.

  • N2N – I just don’t quite get. It sounds fantastic but not at a mature enough stage right now. It requires a lot of manual effort to get up and running. And to be fair it didn’t work for me.
  • Remobo – Has a Gui but for some reason it won’t auto-loggin on ubuntu in so I have to enter the details each time I reboot. This is not great when you have it running on a server with limited access like no monitor. Once they fix that problem and finish the command line version, I may consider switching.
  • Wippien – Seems pretty good it uses xmpp to do the connection but you can’t join the network on the linux version because you can add new users. So unfortunately I wasn’t able to use it or test it. Very frustrating because I had high hopes for this one.

So right now, I’m going to stick with Hamachi but my eyes are certainly looking else where. Wippien and Remobo once mature and add real support for Linux, then Hamachi should be worried, theres some stiff competition coming.

Boxee is now my mediaplayer while at work

Boxee on the desktop

I’ve been playing with the beta version of Boxee and I’m more and more enjoying it. During work, its got the perfect interface for playing back tunes but I also discover I could also connect to my shares at home easily using Hamachi VPN. Simply pop in the ip address of your remote machine and thats it. Because Hamachi uses a 5.x.x.x address, Boxee connects and the locally running Hamachi takes over the connection. Not only that, because Hamachi’s central server is only used to connect the two points, all traffic is routed as directly as possible. Aka the lag time I’m getting is super low due to the 1meg upstream link at home and super fast connection at work. Fast enough to even play some of films if I really wanted to. I also suspect when away off site I can use my 3g/HSDPA connection to do the same with no changes to Hamachi or Boxee.

Boxee with Hamachi VPN

I know a lot of people don’t like Hamachi but to be fair I run it on almost every machine I own and enjoy how simple it makes VPN and tunneling. I’ve still had no luck with L2L: layer two but yet to try Wippen which I hear is the truly open version of Hamachi.

I could use XBMC to do the same but I actually prefer boxee’s interface for my laptop and xbmc’s for large displays. Also the social features in Boxee means if I quickly hear a tune I like or something, within a few clicks its shared and i’m back to work again. Now if only mix podcasts came with tracks…

VPN tunnel your way to safe ground with Hamachi

Hamachi on windows

What is Hamachi?

Hamachi is a UDP-based virtual private networking system. Its peers utilize the help of a 3rd node called mediation server to locate each other and to boot strap the connection between themselves. The connection itself is direct and once it's established no traffic flows through our servers.

Hamachi is not just truly peer-to-peer, it is verifiably secure peer-to-peer.

Believe it or not, but we are able to successfully mediate p2p connections in roughly 97% of all cases we dealt with so far (few tens of thousands as of early March). This includes peers sitting behind different firewalls and/or broadband routers (aka NAT devices).

Oh my goodness, if you have not tried out Hamachi and want access to your home network from elsewhere. You need to try it out! I heard it about it ages ago but dismissed it because I didnt really see the need. Well that was before I learned about how insecure Wifi can be. So during hearing this week's Security Now podcast

I spent a hour checking out Hamachi. At the moment it runs on Windows and Linux but after verison 1.0 (there currently 0.99) it will be developed for the Mac too. I dont see why you cant run the Linux version on a Mac command line but I'm sure there is a reason. So anyhow once you got it installed you can follow the Wizard which is a little too simple but good for those not deeply into networking, its easy to escape at anytime.
Once your setup its just a matter of making a new network or joining another one. You can easily make one and the the security is then all hanged off your stupidly impossible to crack password. GRC recommends some 63 character password string which can be generated here at the High security password generator. I actually went for a stupid 96 ASCII character password with all types of characters. I'll switch it down to 63 because Hamachi uses a 256bit AES crypto for authentication. After setting the password and name of the network you can go to another machine and do the same but this time hit join and enter the same details.

Before you know it your on a new type of network. Actually a 5.x.x.x IP address. I didnt even know you could actually have one of those for a network, I always thought 10.x.x.x was the lowest things went. Ok so once you got two machines on the same p2p network your away. I was able to tunnel out of my work network and on my own computer at home and launch VNC and access the net and machines attached to the same physical network. Everything is accessable and the speed is amazing. Oh yeah by the way, I only had to open one port on Smoothwall for it to work, most firewalls and NAT environments can be traversed without opening ports and port forwarding according to the Hamachi creators. I did nothing to the work network, like Skype it just worked. Crazy but true. I also tried using Hamachi with some of the sniffing tools out there and glad to say it works perfectly. All traffic is secured and even insecure connections like POP3 retrivial can not be discovered as it all looks like normal web traffic. Honestly I cant wait for version 1.0 of Hamachi. Its solved so many of my problems its untrue.

Comments [Comments]
Trackbacks [0]