This article was written by Don VanSyckel, the club president, as a part of "The President's Pen". This article appeared in the February 2021 WYSIWYG newsletter.
Data Privacy
by Don VanSyckel
Data Privacy Day just happen on January 28th; I hope you attend some of the on line presentations and reviewed other materials available on line. As I write this, since it takes a bit to produce the newsletter, it's actually before the 28th. So on the off chance that you read this before the 28th check, the emails I've sent and join in Data Privacy Day.
One of the pieces of data privacy is using a Virtual Private Network (VPN). But what does this actually mean? In the simplest form a piece of software on your PC grabs all your out bound internet traffic, encrypts it, and sends it to a VPN server. Of course the software on your PC has to be from the same company as the VPN server. When the VPN server receives your data it decrypts it and sends it on its way. Data coming back to you goes to the VPN server, it's encrypted, and sent to your PC. Your PC decrypts the data and hands it off.
So how is this different than when you use an web site with a HPPS URL? Isn't the data encrypted? Isn't that what the 'S' in HTTPS means, secure? Well not all the data in the HTTPS transmission is encrypted. Your address and the address of the site you're communicating with are not encrypted; how could it be, it has to be in plain text to be usable.
With a VPN your entire message include all the stuff that has to be in plain text is encrypted. So WOW, Comcast, or whoever your ISP is can't track your internet usage. All they see for your usage is you only visit one web address, that of the VPN server. Your ISP can't sell any information about you and Web trackers can't pin you down. The web site you're using can't report your geographic location.
Most VPN providers have many VPN server locations and some have locations around the world. This has it's pluses and minuses. If a site uses geo-fencing (limiting access based on geographic location) you can choose a VPN server inside the geo-fence. On the other hand this location spoofing is known and some companies such as banks and media outlets could block access from know VPN servers. But this is another whole level of effort on the web site's part and unless the site has a real need, they don't bother.
Recently I read an article about VPNs and was made aware of something I had never thought of. All the stuff in your house that uses the internet is being tracked by your ISP. Your ISP sees you have two Vizio TVs, each of the Roku's, the thermostats, the cell phones via WiFi traffic, the new printer sends out for software updates and problem reports, that new DVD/Bluray player with web apps, the smart refrigerator, your home security system, lawn sprinkler controller, garage door opener, the home automation lights and gadgets, and other stuff I don't even know about all communicate with a web site out there. So by collecting the address the stuff in your house is talking to your ISP knows what stuff you have in your house. They don't know the model numbers but categorically and quantity wise, they know.
I also read that some routers can have applications loaded on them; in particular VPN software. I should mention here that some VPN software is all or nothing and some can "white list" sites which means when you go to a white listed site the VPN software skirts your internet traffic around instead of through the VPN process. This allows you to use your bank's site without turning off the VPN so your other web surfing is still going through the VPN..
I've chosen to purchase a VPN service that works on both the PC and the new router I just bought to host this service. I've been very busy and plan to set up the router and VPN soon. Possibly next month I'll have enough to report on this.
End of Article