Responses to this week’s Ask the Reader question show that just because you’re away from home doesn’t mean you have to give up the security and privacy that your home network provides.
Earlier this week we asked you to share you browsing away from home security tips and tricks and obliged. JC offered one of the more entertaining tales of away-from-home browsing:
Recently a bunch of us stayed at a high end resort down in Mexico. Internet was offered as a pay per device service at about $80/week/device. Considering we had about 12 wifi devices there among us(a few geeks), I decided to plan ahead. I setup a WRT54G as a WiFi client with a vpn back to my house and NAT. Setup a second one as a basic wireless access point with password and plugged it into the first.
Onsite we setup the devices and connected to the wireless with one paid account(tied to the MAC address). Everyone connected to the other device for wireless access and it was all tunnelled through my home network with encryption.
Next time, I will have a WAN side proxy to allow devices to get on the WiFi network, not register with the access gateway, and use the proxy as the default gateway. This way we can use the wireless anywhere on the resort, not just in our room.
Paranoid, not really(in Cuba I was paranoid). I’m just cheap, paranoid was a simple addon to cheap.
TheFu highlights how, despite your best efforts sometimes the Wi-Fi hotspot can thwart you:
For quick access, an ssh SOCKS proxy to my home server(s).
For longer needs, like an evening in a hotel, OpenVPN.
If I can’t get either of those working, it is time to hit the hotel bar or watch some tube.
Out of 7 hotels I’ve stayed in the last 3 months, only 2 allowed any VPN/ssh access. Hotels are deploying invisible web proxies to prevent bandwidth hogs. These are not compatible with ssh or openVPN. I’m amazed at the number of fantastic hotels that don’t have in-room wifi too. I always bring a tiny, usb-powered, travel wifi router now.
The proxies are a real problem.
Hisa tried the tunneling and VPN solutions others highlighted, but found them lacking:
I have tried tunneling home and VPNs, but I could never get over the performance issues. So, prior to the Sprint hotspot for smartphones, I tethered. Now, I use the hotspot when I need it. It’s $30 for the month, but if you don’t use it the whole month, Sprint only charges you for the days you used it. And you can secure it too so no one else can hitch a ride. If I am feeling particularly paranoid, I will use TOR as well. Performance is great, even outside of the Sprint service area (thanks roaming – the minimal charges are worth it when your job depends on it). I had AT&T for a while and they had a similar feature though a bit more expensive but still well worth it.