I’m happy to report I’ve finally found a solution to a long-standing problem. Wireless internet connections are great, especially on laptops, but they lack good security. You can try to keep people off your network with passwords and mac address filtering, but eventually someone that wants on will get on no matter what you do (those solutions are like The Club on your steering wheel — your car can still be stolen).
Whenever I’m on a public open wireless network, I’ve taken a lower tech approach by not going to any sensitive sites, and reading email in a secure shell window running pine, but sometimes I accidentally load a page on an unsecure server and my password is shared with everyone in the room. I’ve long wondered why Apple didn’t create a simple app to automate secure tunnels and I’ve tried all sorts of custom packages but nothing was ever easy to setup or reconnect to. I’ve always felt like a bit of a dork for not getting this solved, as I travel from one technical conference to the next, covering my tracks and watching my back while reading email in a tiny text window instead of a rich GUI client.
I heard about HotSpotVPN last year, but they were windows-only at the time. Thanks to a mention on the SXSW blog, I noticed they have OS X support now as well. I signed up and set it up on my powerbook. I connected in a flash and my browser, IM, and email worked fine. I noticed that once I saved my VPN setup, OS X added an icon in my toolbar that had a simple dropdown to “connect” and “disconnect” — this is exactly what I’ve always wanted and it didn’t even require any software to download. Very slick.
To check the security, I disconnected from HotSpotVPN’s servers and ran Ethereal (a packet sniffer) on my desktop PC that’s also on the network. I checked my email and checked the output on ethereal and my username, pop servers, and passwords were all in the clear. I connected to the VPN and ran the same test and only see garbled text that isn’t even showing up as POP commands as the traffic is all being sent through the VPN securely. The only downside is that you have to trust that the company running HotSpotVPN is going to be secure with their data, as they could be sniffing/logging/analyzing your traffic on their end, but frankly I think the chances of that happening are slim, since they’ve been around for a couple years and doing anything like this would end the business for them.
Long story short, this is the best $8.88/month I’ve spent and I’m going to set up an account for all my wireless devices.
(Oh, if you decide to sign up, I get a few cents if you sign up through this link)