Results 1 to 8 of 8
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    London, UK
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Following Ian Richards' advice ("Connect safely over open Wi-Fi networks", December 2008), I use LogMeIn Hamachi² for all my browsing over wifi and 3G networks. (I'm in Britain.)

    I've just seen in another forum today someone say that you can't do it when using online banking. "...no way would a bank let anyone connect to their network as suggested", were his words.

    ISTM that either he's wrong or I've been fooling myself that I have that protection when I connect to my bank. I know very little about the subject, so would be grateful for an informed view.

    TIA,

    Roger

  2. #2
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    South of the North Pole
    Posts
    919
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Unless something has changed that I don't know about, Hamachi is a peer to peer secured virtual network, and unless you set up a custom peer to peer Hamachi connection with your bank in which you share the password and other information to make the connection work, the bank is not using it. In fact, in a case where public connections are initiated via something like Hamachi, i.e., at a known location and at a high rate of traffic, I would worry about man in the middle attacks involving the third party handshake server needed to initiate the secure Hamachi connection. I mean one would have to assume it was always a legitimate Hamachi server because there would be no way to verify it wasn't. So for private peer to peer connections its perfect, but there is a weak link in Hamachi.

    Strictly speaking just about the connection (and not about what, if any compromises may have occured at either end of the connection), HTTPS is the accepted and completely secure method for high traffic, public Internet connections. Once in a while one can still catch a server not encrypting until as or after signing in, but I haven't seen a bank or credit card site make that mistake for a long time now, and of course its always prudent to check for the lock or the https in the address before sending anything.

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    London, UK
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Many thanks. It looks like the short answer is that I've been fooling myself. 8=)

    I did say I know very little about the subject. Reading Ian's article again, I see that I confused the Hamachi offering with the third-party VPN offerings he mentions -- GoTrusted, PublicVPN and Witopia.

    Is one of these worth having? If so, would you have a preference? Or am I OK going for something like Hotspot Shield?

    With regard to HTTPS, I get this while I bank but only once I log in. I'd like some protection beforehand and for all my other wifi traffic. Wouldn't a VPN provide further protection even during an HTTPS session or would that cause problems?

    Sorry to be so clueless.

    Roger

  4. #4
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    South of the North Pole
    Posts
    919
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I've heard of Hotspot which I think has good reviews, but are you traveling a lot and that's why you want a VPN? Or is it to connect to business remotely? Those are the only two good reasons I can think of for a VPN, though you may have a good one as well. It does provide a big heap of extra security but it also has to be setup beforehand for the specific target use--in other words, you also have to have an exit strategy or you're as unable to get out as anything is getting in. For instance if you were traveling a lot and didn't want to have to trust any wifi or wired connection (such as may be in a hotel), you would set up a VPN with your home system and tunnel to it and from there, securely go out over the Internet from a known location to say, your bank. Indeed, that is what I would do if I traveled and had to sign into secure transaction sites while on the road. I would also carry my own personal mini wifi-lan router to use as a further protection--set up my own one-person network.

    What I used to do with my bank and cc accounts when the https didn't show up until the page after signing in (which is still secure, BUT, what if it should come back one time as http only?--so I never trusted it), I would use a bogus username and password (just bang anything on the keys) and get redirected to the invalid sign in, try again page, which for me was always https. Problem solved there. All the sites I go to have since wised up and its encrypted from the get go.

  5. #5
    New Lounger
    Join Date
    Dec 2009
    Location
    London, UK
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Byron Tarbox View Post
    ...are you traveling a lot and that's why you want a VPN?
    Indeed so. I live in and work from a motorhome (a small RV, in effect) and all my networking is either over local wifi services or via a 3G dongle to one of the main cellphone networks. I'm always on the road and have no fixed home to network to.

    You say a VPN needs to be set up for a particular target use but the three services mentioned in the article seem to work differently. AIUI, the signal goes from the client machine (a Windows laptop in my case) through the 'tunnel' to the service's server and thence to the target server. That's what I thought the Hamachi product did until I re-read the article.

    I used to use a Billion wireless router when I had a towed caravan previously but space is tight in my vehicle.

    Your trick with the false log-in to the bank is clever. I'll try that.

    Roger

  6. #6
    New Lounger
    Join Date
    Dec 2009
    Location
    London, UK
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Roger Whitehead View Post
    Your trick with the false log-in to the bank is clever. I'll try that.
    It works, at least for my bank. Thanks for the tip.

    On the VPN front, I'm now using the test (i.e. free) version of the PacketiX service from Japan. See http://www.packetix.net/en/vpn/ for details.

    It's easier to set up and use than it at first appears and, as far as I can tell, works.

    Roger

  7. #7
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    South of the North Pole
    Posts
    919
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Any company that offers VPN as a complete service is handling the "exit strategy" for you. You are tunneling securly to thier server and then you go out into the Cloud from there. That's ok as long as you are able to completely trust thier security and thier intentions with you as a client. And that's ALL you have is trust, no control.

    I should look into it more so I know better, but, I think your own 3G connection, if you can always get that, is direct and secure with encryption available. Much better than local WiFi though there are still vulnerabilities I'm sure.

  8. #8
    New Lounger
    Join Date
    Dec 2009
    Location
    London, UK
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Byron Tarbox View Post
    ..That's ok as long as you are able to completely trust thier security and thier intentions with you as a client. And that's ALL you have is trust, no control.
    Understood but for someone non-technical like me that's true of pretty well all my telecommunications. 8=)

    I think your own 3G connection, if you can always get that, is direct and secure with encryption available. Much better than local WiFi though there are still vulnerabilities I'm sure.
    There certainly are -- see http://preview.tinyurl.com/yfn2skt -- but I think I'll use that in preference to wifi in future for banking and similarly sensitive stuff.

    Thanks again.

    Roger

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •