Hi I would like a little advice from the resident experts please. I use Win 7 along with Comodo Chromium and Firefox. Both have the ZenMate VPN extension for privacy and encryption. Zenmate does slow the connection down and pages can take a little time to connect. Chromium is used for internet banking and Firefox for everyday use. Insofar as Chromium is concerned since banking uses HTTPS and is supposed to be secure, do I need to use ZenMate, because if not I can speed up my connection? Thankyou. Terry
If you're on a wired network or a secured (WPA2) wireless network when connecting to your bank site then I don't believe a VPN is needed. You would definitely want to use a VPN if you're using an open WiFi network since those networks expose data. By the way I found this discussion about Zenmate here: https://www.wilderssecurity.com/threads/zenmate-leaks-your-ip.359044/ I don't use it and don't have an opinion, but you might want to read it. I use VPNgate which is also free and it encrypts the whole connection, not just the browser. That's a better solution for me since I don't do email in a browser.
What you need is a better VPN other than that Zenmate crap you have installed. I recommend a good offshore paid VPN. Free VPN's are useless and bad for your privacy.
victek's right. the rule of thumb: while on a secure network, no need to use vpn; while on an insecure network, better use one. but bear in mind that you should not do banking related stuff while on an insecure network, unless you really have to, even behind a vpn.
Hi All Many thanks for your comments, in particular Victek's. I would be interested in knowing whether it is possible to simplify the login procedure of VPNGate, so that one can, say have an icon on the Desktop to login to a particular connection? Otherwise it is a bit convoluted to choose and open a connection. Thanks Terry
Yes, I know what you mean. One advantage though of selecting the server for each session is you can check which ones have the fastest line speed at the time. It used to bug me that the servers are only listed by IP with no location information other then country, but I find that selecting a fast line speed works well.
Hi Victek Funny thing is, I find using the PING value a better indicator of speed of page loading. ie the lower the PING value the faster the loading. That said, I have not found a VPNGate server that is as fast as ZenMate. Terry
Use real VPNs, not browser extensions. Use stock OpenVPN, not custom clients. Use a firewall to prevent connection leaks and DNS leaks. Check for connection leaks using Wireshark. Check for DNS leaks using https://grc.com/dns (many other test sites don't hit all configured DNS servers).
OpenVPN is under 2mb, uses very little system resources, and is open source and cross platform. At this point, I've tried a number of custom clients that put a colorful wrapper around an OpenVPN TAP connection and I've had issues with all of them. It is so much better to just use OpenVPN which can be used in almost any device and OS. It works with .ovpn files from most VPN providers including VPNgate. I use it both in Windows and in a Linux router. The Softether VPNGate client is interesting and equal or better than most commercial VPN clients. The developer comes off as being very sincere and it is open source. It's downside is that it is also a much bigger and heavier program than OpenVPN. OpenVPN is light, simple and powerful.
So instead of using a VPN client, e.g. Mullvad or whatever, I should use the stock openvpn client? My biggest worry is when my connection drops and I am left out in the open. Is there an easy way to mitigate this in Win7 to only allow my VPN connection, or should I learn how to configure Comodo to do this (not sure how to do this).
I'm rather clueless about Windows. There are Commodo how-tos around that work on Windows XP and Windows 7. I'm not sure about Win 8.x and newer. It's probably doable in Windows firewall, but
as far as i know there are a few guides on the net for that but they're outdated due to comodo software being updated but the guides. (airvpn and a few others have guides with visuals) but the guides for windows firewall are still up-to-date. as for your concerns about your isp ip being exposed to public in case of a connection drop, your best bet is to set up your vpn on your router, that is of course doable if your router supports it.
I just make sure that the OpenVPN GUI icon is always visible in the taskbar. It will change colors from green to yellow or red when the VPN connection is not working. I have it on top of the VPNed router so a drop out is not going to give away my real IP so I haven't configured a firewall to disable internet access if the OpenVPN connection fails but it is doable. Commodo FW is know to work for this but it is a bit bloated for my taste. I'm tending towards simple, light weight and preferably free and open source software these days. For the router connection, I have to make sure it is connected to the VPN on startup which is the only time it totally fails and can give away my real IP. Once the OpenVPN connection is established, a failure just blocks any internet access. I don't know if it was designed to do this or just a happy accident. The TomatoUSB firmware I'm using has two OpenVPN client connections and the first will tunnel into the second if both are activated. This is really cool because it makes a two hop connection inside the router. I found this out when I started the second one on top of the first and it failed to connect and instead of my real IP, I got the IP of the first OpenVPN connection.
Linksys WRT54GL. Nothing new or fancy, just a dependable Linux router. There are a lot of newer and faster routers that support DD-WRT that can be VPNed but I would need a lot more bandwidth before I needed one. The WRT54G routers are incredibly reliable. I've been using the same one for several years now with never a glitch.
High line speed and low ping seem to correlate so I think either works well for choosing a server As you can see from the posts people have differing priorities when it comes to VPNs. I use one primarily to protect my internet use when I'm in coffee shops, etc. My needs are simple and something like VPNgate is sufficient. People who are striving for much higher levels of privacy are concerned about logs, the provider's stance on releasing information to law enforcement, etc.
I feel like using VPN on daily basis makes you a target for state sponsored attacks/data collection. So I only use it to secure banking or to bypass some restriction or for general browsing in a hotel. Just my 0.02$, Im sure a lot of folks here will disagree. I think the best thing you can do for your own privacy is to cover laptop, smartphone and TV cameras.
A lot of VPN users are not worried about the state so much as private sector intrusions on their privacy. There are many more of them even if they don't have the resources of a government. That being said, repressive governments don't like them much either: http://torrentfreak.com/vpn-and-tor-ban-looming-on-the-horizon-for-russia-150212/
Well camera is something I wouldn't want anyone to access. Putting a tape on a phone, computer and "smart" TV is 100% fool proof, unhackable way to obtain privacy. I've seen too many people in here worrying about VPN, Tor, and other stuff and missing the most obvious, living room microphone and cameras in their devices. There isn't much you can do about the microphone thou, unless you are willing to go into extensive hardware hacking.
Any device that has a camera, microphone, wifi and an OS that reserves root access for the corporation that made it is a potential privacy and security threat. A bit of carelessness on the part of a user can quickly identify someone no matter what VPN, TOR or other technology they are using. Look at Ross Ulbricht. He wasn't brought down by a sophisticated technological approach. It was just some basic investigative techniques that are founded in basic A implies B logic. All the investigators had to do was find a couple of cracks that Ulbricht had carelessly left open to shatter the technological shell he put around himself.
Cheers for that site @mirimir, I thought I had it bookmarked but didn't. I ran it while on my VPN, 5 query rounds returned 4 DNS servers (all in 1st query round, 2nd to 4th returned nil). "Anti-Spoofing Safety: Excellent" was displayed for all 4.
That's good But also important is that all four are either associated with the VPN, or added by you, and that none of them are associated with your ISP.
