Guest written by: Laurtis Vestergaard
In these next series of blogs, we will walk you through the various methods on how you can set-up a commercial VPN or create your own for secure online browsing.
Previously we have looked at what a VPN is. You can read that overview here.
In this first blog we will review the basics of what a VPN is and look at some of the key benefits of having one. In this introduction we will focus on commercial VPNs and later will look at creating our own and the tech behind it.
Whether you purchase a VPN or create your own will depend on how covert/secure you would like your access to the free internet to be. Whether you purchase a commercial VPN or create your own will depend on your threat model, level of technical skills and how much effort you want to put in to your privacy and security.
Let’s get started…
First off, what is a VPN?
VPN stands for Virtual Private Network; they provide a proxy server that helps bypass censorship. It establishes a secure tunnel and ensures your provider can’t see your browsing data but will see that you’re using a VPN. This is because data can go back and forth between the tunnel, but there are only ever two endpoints (your device and the VPN server) where data is encrypted and decrypted.
VPNs can utilize Geo-blocking and protect user communications against data profiling. What does this mean? The use of a VPN can potentially help you avoid any third-party scrutiny of your digital footprint. VPNs can also assist you in avoiding geo-blocking, meaning that you access services that are region specific.
VPNs are NOT a silver bullet
You need to be aware that privacy does not mean anonymity and we will cover this in a future article.
Purchasing a VPN using your personal card will link you to the VPN provider and this could potentially alert authorities to your intent to purchase a VPN for what could be interpreted as illegal activities. Of course, that might not be your intent, but depending on which country you are in, and the limitations of your freedoms, your intent could be misunderstood as criminality. It is worth noting that many VPN providers claim to maintain a no log policy and to not cooperate with governments.
We should be clear and say that VPNs purchased through private companies do not always provide a true a private network. Usually, the VPN provider will have unrestricted access to your data, this is because the transmitted data is not encrypted prior to arriving at the proxy.
You can purchase VPNs using your personal credit information, however, if you want to protect your personal and financial information, bitcoin is the superior option.
Purchasing a VPN using bitcoin
This next part will require a slightly more technical background. Follow these steps if you wish to obscure your payment method, and avoid the creation of a digital footprint:
- Do not use VPNs or the Darkweb prior to these steps.
- Plan your approach to physical stores.
- Wear an “acceptable head piece” to mask your approach, a medical mask is best if it does not raise suspicion.
Find pawn shops or second hand IT stores. You will need:
- 2 USB sticks with more than 8Gb storage
- Second hand laptop
- Privacy screen filter
- New internal hard drive for the laptop (should be bought after the laptop)
Follow these steps to set up a VPN:
- Once you have worked out the estimated cost (from around $200-2000) you can plan withdrawing the money from your account.
- When purchasing this equipment, make sure to also buy other things such as shopping, food or clothes and don’t withdraw the specific amount needed for the VPN purchase.
- Borrowing money from unsuspecting individuals (but only in small amounts) would also be beneficial.
- Once you have the money, you can buy the components from multiple sources and even change cities where you purchase from.
- Turn on the laptop and clean it of all the previous owner’s files manually. Restart the operating system (OS) with the option to wipe data enabled.
- Install the privacy filter on the screen.
- Visit a different town or city and connect to a cafe or other public WiFi
- Download a new OS and create a bootable USB.
- Replace the hard drive with the fresh one and dispose of the old hard drive.
- Install your new OS without internet and disable any features that send data.
- At this point you are at your most vulnerable so be as quick as possible and change places frequently without re-visiting locations.
- Once you have Bitcoin in your wallet on your laptop, make sure you have a backup key and put them on a spare USB stick.
- Now you have an extra step of security you can repeat the steps and get a new laptop with a fresh hard drive.
- Now with a new laptop or the old one purchase and connect to the VPN making sure the VPN routes ALL your traffic and not just that of your browser.
Proxy server – A proxy server is a “go-between” between you and the computer and WAN (Wide Area Network), you send an encrypted message to the VPN on a server, that then requests the website or file you need whilst it resides in a country that fits your data protection or freedom of access needs. Then the VPN sends you the requested data. This does not stop the ISP (or country) from knowing you are accessing a VPN just from knowing what data you are accessing.
Geo-blocking – Geo-blocking restricts access to the internet based on the user’s geographical location. Your location can be determined through the checking of your IP address.
Data profiling – This is the process of examining the data available from an existing information source. For example, a database and collecting statistics about the data.
Pentest – Pentest or penetration test, is ethical hacking, it is an authorized simulated cyberattack on a computer system to evaluate the security of the system.