Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Summer 2011: 10 Reasons to Use Encrypted Packet Routing 1.0

Looking for a bit more than customer support, and want to learn more about what cryptostorm is , what we've been announcing lately, and how the cryptostorm network makes the magic? This is a great place to start, so make yourself at home!
User avatar

Topic Author
Posts: 1492
Joined: Sun Dec 16, 2012 6:34 am

Summer 2011: 10 Reasons to Use Encrypted Packet Routing 1.0

Postby Pattern_Juggled » Sat Jul 06, 2013 3:39 pm

So last year, I wrote up this essay on VPNs - i.e. Encrypted Packet Routing (EPR) - because I wanted to explain to people why it matters. Why bother protecting yourself, rather than 'barebacking' with plaintext (hat tip to Jacob Applebaum for that phrasing)? For lots of people, that answer isn't self-evident. Also, ok, the folks at Cryptocloud asked me to write up some of my usual blather and I like to help out.

Last summer, I set pen to paper and wrote this up.

It floated up from our archives recently, and initially my idea was to 'update' it to reflect stuff that's happened in the meantime. After all... PRISM, Snowden, Tempura. Yeah, alot has changed. But as I set about the editing work, it just didn't feel right. Indeed, it was interesting to see what we had to say last year, before all that stuff became public.

What I'm thinking is that I'll now go back and produce a 2.0 version of this, with the "what we now know" stuff added in... or maybe it's simply interesting enough to leave the 1.0 version as it is, for the archives? We'll see.

[align=center]~.~ ~.~ ~.~[/align]

There was a time, not too long ago, when encrypted routing might have been optional for most folks: nice-to-have, but not really crucial. After all, who really had to worry about their 'net connection, once packets left their computer and headed into the proverbial "internet cloud." Those times have changed. Now, an encrypted routing (aka VPN) service is a must-have.

Encrypted routing protects your internet connection from the kinds of threats that aren't found locally on your PC/laptop (or smartphone), and also adds a layer of protection between your computer and the outside, where entities tediously gather all the browsing and tracking data they can find, ultimately available to the highest bidder.

To demonstrate exactly why this is the case, here's the 10 Reasons to Use Encrypted Packet Routing:

1. 'They' Really ARE Watching You

Back in the day, tinfoil-hat-wearing conspiracy theorists used to talk about shadowy national organizations that (so they claimed) were secretly spying on your phonecalls and email and net activities. They might have mentioned Echelon, or furtively whispered about the 'No Such Agency' (the NSA), but - chances are - you mostly ignored them. After all, how likely was it that some quasi-global shadowy organization was secretly spying on hundreds of millions of people worldwide... listening for keywords, storing archives, building profiles? Unlikely, right?

Unfortunately, they conspiracy nuts turned out to be 100% right. The American NSA (National Security Agency) has been illegally spying on domestic - and international - internet traffic for many years. Every email. Every IM session. Every web hit. This isn't conspiracy, it's been confirmed by the American government - and it continues today (with the help of the big American ISPs, per Reason #1 above). Fortunately, using an encrypted routing service - and an overseas private network - means the NSA (and other spooky, illegal American spy agencies like the NRO) gets nothing but encrypted nonsense when they spy on you. Sure, you might not have anything to hide... but who wants extra-legal spooks rifling through their personal affairs? Nobody - which is Reason #2 that encrypted routing is must-have.

2. You Can't Trust Your ISP Not To Spy On You

Every time you connect to the internet, you run that connection through your Internet Service Provider. If you're at home, your ISP might be your cable or phone company - when you're on the go, it's your wireless service provider (like ATT). One way or another, your connection is provided by some sort of ISP... and brings along some serious problems. Chances are, your ISP is a big company nowadays - long gone are the times when you got a 14.4 dial-up connection through a local company run by a few geeks with modems. Instead, your service comes from a megacorp that makes its money from you in lots of ways other than simply being paid for connectivity. So... what's wrong with that?

Unfortunately, as ISPs have grown bigger their loyalty has shifted away from you - the actual customer - to others. They might be selling your surfing history to ad networks to help "target" spam-ish marketing at you more effectively. They're almost certainly cooperating with the massive media oligarchs to peer into your activities & spy on your sharing of digital files (more below on this). They might be slowing down - or outright blocking - your connection if they don't "like" what you do with your account, like streaming lots of movies or sharing large files. In short, they're ready and willing to mine your trove of highly personal information that flows through their networks, if they think they can make a buck off it. Yes, though you thought you were paying for simple connectivity, like water coming out of the tap - but you're getting more (less, really) than you bargained for when your ISP is mining your connection and selling you out to advertisers and mega-media snoops.

However, with an encrypted VPN routing service, all this becomes a non-problem. No ISP sell-outs of your personal behavior to corporate mercenaries. No spying on you to push annoying ads your way. Instead, every packet that comes and goes through your ISP is safely packaged inside an "envelope" of solid encryption - all your ISP does is deliver it to the 'net, instead of being tempted to mess with it or rummage through it. This makes your time online safer, faster, more secure, and more reliable - simple as that.

3. The Media Oligarchs Are On The Hunt

Let's say you buy some music the old-fashioned way: on a CD. You really like one of the songs on it, and want to share it with your best friend who is living across the country. It's your CD, you paid for it, and you've every right to share that song with a friend - just like you might share a favorite book with your neighbor when you're done... right? Wrong.

Today, massive (and massively profitable) international media conglomerates that spend millions on lobbyists and "campaign contributions" (read: thinly-veiled bribes) have turned the simple process of sharing a song with a friend into a potential minefield of risk. If those media oligarchs find out that you've shared that song - and they employ a whole army of mercenary hunters & lawyers to do exactly that - they can come after you and turn your life upside-down. Civil lawsuits. Threats of criminal prosecution. Loss of your internet connectivity. Does it sound like something out of the Soviet Union? Sadly, it's the reality of today's "free" countries, and not just the US of A. France is even worse.

If you use an encrypted routing service, however, you're 100% protected from this kind of extra-legal harrassment. How? Because any good encrypted VPN service will route your traffic through safe jurisdictions that don't allow profit-mad media conglomerates to shake you down for extortion-style payouts, you jump past their capture of the political system in some countries. Even better, the private network itself puts a secure layer between you and the media oligarchs - and their creepy mercenary allies. If they try to brute-force unravel your connection back to you, they run into a brick wall at the secure network. Instead of you dealing with these creepy extortionists, you're safely behind the operators of the private network - who can (and should) then safely tell those oligarchs to go to hell. That kind of protection no longer a nice-to-have option... now, it's simply must-have.

4. Can you spell "CALEA?"

Back in the 1990s, the American government decided that the new world of global telecommunications was just a little bit too free, too open, and too dynamic. Instead of simply driving down to the local phone company offices when they wanted to tap a suspect (or, often, a member of a political group or opposition party: remember Watergate?), American cops were finding it increasingly difficult to snoop on people's phone calls. Then there were the hassles of following wiretapping laws, getting court orders, and generally following the basic standards of due process. They found that to be too much work, so they passed a law - CALEA - to make electronic surveillance simpler and less bound by legal checks and balances. Yes, they made it much, much easier to spy on everyone.

How? Actually, what CALEA did was require that each and every telecommunications company doing business in America must install permanently-available "backdoors" in their hardware and software used to run their networks. That way, the cops no longer had to ask permission to spy on a customer - they always have the keys to the backdoor, so they can just log in and do it themselves. Of course, they were supposed to get a court order first... but guess who was put in charge of making sure that happened? The cops themselves! Foxes-guarding-henhouses never ends well, and so it has been with CALEA. All those open backdoors have been abused not just by cops, but by organized crime groups, criminal extortionists, and crazed stalkers. If you build a secret backdoor into every piece of the network, inevitably some bad people will sneak in the doors - which is exactly what CALEA made possible... and not just in the USA. Since telecom equipment is sold worldwide, the same backdoors are present worldwide. This is not a good thing, not at all.

Fortunately, encrypted routing service protects against this kind of unintended consequence of a power-grab by American cops. Sure, a stalker might still find a way to sneak in one of these backdoors... but all they'll find is safely-encrypted communications. Local police bent on harrassing a dissident or human-rights activist might just "grant themselves permission" to spy on citizens... but all they'll find is encrypted traffic. The whole concept of building backdoors into the global telecommunications infrastructure was a Really Bad Idea - and it's almost impossible to reverse, now. But, with the must-have protection of a good encrypted routing service, the problem is solved - once and for all.

5. Targeting Is For Targets... Not For People

The "social web" - and companies like Facebook - have made a huge business of tracking what you do online, so that they can sell your "user profile" to advertisers. That's been great for their bottom lines, and if you've become a billionaire during the mad rush for "mass personalization" of advertising online, it's been really good for you, too. Unfortunately, for the rest of us the results aren't quite as wonderful. Clever tricks and inexorable expansion have allowed the big advertising networks to spread their reach & track a big chunk of what you do, who you talk to, and where you go online. They turn around and sell this information about you - for top dollar - to anyone who will pay.

Sometimes that's ok: using Amazon's recommendation system to find great new stuff is genuinely helpful, and sharing via social networks can encourage friendships & collaboration across vast distances. However, it should be your choice - and yours alone - when you want to allow that kind of sharing - not the choice of some shadowy online advertising network. When you leave the world of Facebook and explore the rest of the open internet, it's truly best to put some space between the two. If you don't have any kind of protection from advertising-driven profiling, that's almost impossible to do.

However, with a private network service, you keep control of your own online profile. If you want to share what you had for breakfast with the whole world, great! But when you want to do something and not have it broadcast far and wide, an encrypted VPN service keeps that information private - nobody can use your IP address to track your online behavior, since the private network shields it from everyone. You choose when you want to share - and when you just want to keep stuff private. Isn't that a must-have choice, especially since the web never forgets? Yes, it is - don't be a target. Be a person, and make your own choices.

6. Sharing Isn't "Illegal"

How many times have you heard stories in the press about this or that crackdown on "illegal filesharing?" We've all watched something as friendly and routine as sharing dinner with a friend be twisted into the equivalent of grand larceny - why? While there's legitimate questions to be asked about the goods and bads of sharing digital files, nowadays the whole discussion has turned so heated and toxic that little room is left for common sense.

Non-commercial filesharing isn't "illegal" - at least, not in any modern, civilized democracies (North Korea is another question). Sure, if you start burning copies of DVDs and selling them on the street corner, that's criminal trademark infringement and you might go to jail... but sharing a copy of your favorite CD with a friend isn't a crime. In fact, worst-case is that you could face the risk of non-criminal, civil liability - in other words, you might get sued but you're not going to get locked up.

Despite this, the "filesharing issue" has racheted up to a fevered pitch and there's real collateral damage being felt by internet users worldwide: fear & hype. Now comes news that you could lose your internet connection in the USA if some big media company "decides" you were sharing their stuff without paying enough royalties... no due process, no objective evidence. American ISPs will just cut you off, blacklist you. End of story. Were you really sharing something with a valid copyright... or did you just get swept up in the tidal wave of mercenary extortion campaigns?

Simply put, it's too late to trust that the facts about filesharing will keep trouble from your door. But with an encrypted routing service, you're 100% protected from the routine harrassment of media mercenaries, bloodthirsty trial attorneys demanding extortion payments for alleged filesharing, and three-strikes threats of lost internet connectivity. A solid encrypted VPN network filters all that crap out of your life, and stands between you and the media shakedown artists. That puts the power of choice back in your hands: you decide what's right (and wrong) to share - just like in the rest of your life. Don't live in fear of crazy claims about "illegal" filesharing, or piracy panics - protect yourself with VPN security.

7. The Best Defense Is A Good Defense

Nobody needs to tell us that there's all sorts of creepy badware threats out there on the internet nowadays: viruses, botnet rootkits, CSS hijack exploits, man-in-the-middle attacks, spearphishing, identity theft, brute-force port-scans... the list is endless. It's a never-ending arms race between those of us who just just want to go about our business online, and the predators who are looking for any weakness to use for their own nefarious ends.

Now, let's be honest about something: anyone who claims that using a VPN service - even a really good one - will magically protect against all forms of badware is simply promising too much. Yes, it's true that a solid encrypted privacy network will filter out a good-sized chunk of online badware threads, with tight network-based filters & firewall management. Think of the private network as an outer wall protecting the main citadel: the wall won't stop all attacks, but it'll certainly make for a more secure setup overall.

That's the thing about defending against modern threat vectors online: there's no one magic bullet that will effectively de-fang everything out there. A really clever phishing attack won't be slowed down by even the best VPN-network security, if you fall for an inbound email that looks real enough to touch. Even so, running your life online without the benefit of a good encrypted privacy service is really just needlessly risky, and would remove a key element of your overall defense strategy. No, it's no magic bullet that will make up for reckless (or irresponsible) decisions you make elsewhere in your internet activities... but it will filter out enough of the front-link threats to make a real difference. Sometimes, the best defense really is a strong defense: a VPN defense.

8. Self-Censorship Is The Worst Kind

Think back to the first time you got online and really realized the vast landscape of opportunities available there: sooner or later, you decided to jump into the fray and start adding your thoughts to the great mass of discussions and debates and, yes, flame wars online. Over time, you probably learned the hard way that there's some places best left untouched, some topics that will inevitably descend into flamefests, and some opinions that are always going to roil the waters.

Unfortunately, you probably also learned that there's some people online who cross the line from heated debate into outright stalking, harrassment, and actual threats. Maybe the people you met were religious nutjobs eager to prove their mindless faith through ugly attacks; perhaps they were political partisans who don't know how to separate their own views from the diversity of alternative perspectives; or, worst of all, you might have run into the vicious attacks of self-proclaimed morality police who seek out vulnerable minorities online on which to vent their ugly anger, hatred, and festering prejudices.

What happens next? Let's be honest: you've learned to hold your words, to duck and run when these rabid hysterics are around. After all, you never really know if they're going to "cross the beams" and start some harrassment campaign against you in real-life - based on your comments online. In other words, you've learned to self-censor - and that's a tragic shame. Just as dictators throughout history have sought to force people to hold their true opinions inside for fear of persecution, modern-day censorious thugs are all about bludgeoning open-minded folks into biting their tongues and keeping their diverse viewpoints quiet as a result. The worst kind: self-censorship.

Sure, it's a good idea to think before you type - netiquette 101. However, it's just as true that censoring what you say for fear of some nutjob going ballistic and hunting you down in Real Life robs the online community of your honest and unique perspectives... and that ends up harming all of us. The issue of self-censorship is entirely resolved with an encrypted routing service, however: connect through a good VPN security network, and you know you're safely behind an impregnable wall of privacy, if you so choose. Say what you want to say, argue with your heart's conviction, and never worry that you must swallow your words for fear of rabid goons harrassing you. An encrypted, secure network connection puts the power of deciding what to say - and not to say - entirely into your hands. Where it belongs.

9. Privacy Is Just Another Name For Common Sense

One of those old sayings that's put forth as accepted wisdom is that you need not worry about privacy if you've got nothing to hide. Apart from the fact that nobody really has no secrets at all (however small-scale they might be, we've all got 'em), there's a fatal flaw in this kind of thinking. Simply put, even when we're not trying to "hide" any particular thing, we're instinctively aware that keeping reasonable privacy standards is just a good idea. You might not even have any particular threat in mind, or anybody who would want to snoop into anything about you in the first place. Just the same, you know it's a good idea to retain some core private space for, well, just for you.

In fact, your own decisions already prove how true this is when it comes to your everyday life. Do you walk around with your social security number, telephone number, date of birth, and bank account information written on the back of your coat for all the world to see? Of course not! It's not like you're some undercover operative... but still, you know that your identity- and some personal things about you - just aren't for public consumption. You take commonsense precautions to retain that privacy, because it's easy enough to do and it's so obviously a good idea.

Well, if you are active online without using an encrypted privacy service, then you're essentially walking around with your identification posted on your forehead. Specifically, your Internet Protocol (IP) address is broadcast every time you visit a website, send an instant message, or share a file. With that IP address, someone can - with a little effort - trace back to your physical address, your name, your ISP, and even your other activities online. That's like leaving your wallet sitting around for all the world to rifle through. Not a good plan.

However, if you're using a secure VPN network, your personal IP address is forever protected while you go about your online activities. Instead of that address, what the rest of the world sees is the address of your encrypted routing provider - not you. Sure, you might choose to tell some folks more about yourself online - but you choose who, and when, and what. That's commonsense privacy, and with a well-run VPN service you know that the choice remains with you. It's not (necessarily) about hiding sensitive personal secrets; instead, it's all about knowing that you aren't letting it all hang out in an irresponsible and short-sighted way. Encrypted routing protection is the most basic form of common sense.

10. Bullies Thrive On Vulnerability

You don't have to be a conspiracy theorist - or a hopeless nihilist - to know that the world isn't always nice. In fact, those amongst us who are most engaged with positive efforts to create a better world are most aware of just how dark and ugly some people (and organizations) can be. No, it's not all doom and gloom... but neither is it purely roses, rainbows, and cute kittens. There's both - and when we recognize that, we also recognize that bad people do bad things online, and that protecting ourselves against bad things is a good plan.

One thing everyone's probably learned about the world's bullies - those who fed on the fear & hurt & loneliness of others - is that they thrive on vulnerability. They seek out weakness, and they look for victims who are unprotected: easy to attack. Whatever it is that makes people (or organizations) turn ugly and seek only discord and destruction also makes them zone in on the easy targets, especially on un-defended targets.

Nobody wants to be such a target, and the single best way to protect against bullies is actually very simple: don't broadcast vulnerability. Since bullies (of all stripes and flavors and styles) invariably go after "soft targets," if you make youself a hard target, you have excluded yourself from the pool of prospective victims. The bullies in question might be creepy government thoughtcrime cops, or they might be identity thieves trolling for new prey, or mobs of fanatical moral zealots hell-bent on causing harm to their intended victims... but they're all bullies.

What if you can shut the bullies down before they even get started? What if you can take yourself right out of the pool of prospective targets for their hatred and viciousness? That's what standing safely within a secure VPN network provides for you: instead of feeling exposed and vulnerable, you're protected by a private network that keeps you inside, and the bullies forever outside. When you drop your vulnerability down like this, you become a deeply unappealing target to bullies of all stripes... and that allows you to live your life online as you see fit, free from the fear of bullies and thugs. Safe & sound.

[align=left]❦ ❦ ❦[/align]

Overall, these Top 10 reasons have a few common themes. One is that the online world isn't just a place where open-minded communities of folks interact, argue, & share ideas. Nowadays, it's that... but it's also got pockets of seriously dangerous, mean-spirited, and downright evil stuff. If you want to take advantage of all the good things online - opportunities beyond measure, vast troves of information & ideas - you either need to have some good defenses against the evil stuff, or you'd best just avoid online life entirely. When the decision's between no online life, or reasonable protections against the threats we all know are out there... well, that's an easy choice to make!

Another obvious common thread is the effectiveness of a good private encrypted routing service in protecting you without requiring you to hide under a table, censor yourself, or triple-guess every step you take online. With this one simple addition to your security strategy - operating from within a secure VPN service - you gain a whole range of protections against the broadest possible spectrum of potential threats... all without any hassle, any technical complexity, or any extra constraints. Instead, it's like a door opening onto a new pathway: safe, secure, private, and always in your own control.

With all those reasons, and few opposed, isn't the decision simple? VPN security... and peace of mind!
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

    ✨ ✨ ✨
pj@ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github

Posts: 1
Joined: Tue Feb 24, 2015 10:31 am

Re: Summer 2011: 10 Reasons to Use Encrypted Packet Routing 1.0

Postby telenor » Tue Feb 24, 2015 10:32 am

this is very nice post
We offer best quality Testking sphr certification test papers and gre test dumps materials. You can get our 100% guaranteed questions pittstate to help you in passing the real exam of www.mica.edu

Return to “cryptostorm in-depth: announcements, how it works, what it is”

Who is online

Users browsing this forum: No registered users and 7 guests