I took my wife to a doctor’s appointment this afternoon. After completing her paperwork (what decade is this, again?), she proceeded to whip out her MacBook Air for a bit of school planning in the waiting room. After connecting to the open guest Wi-Fi network and then logging into the captive portal with the credentials displayed on the office check-in counter, it made me so proud to watch her fire up her virtual private network (VPN) client before returning to her Google Doc. My wife was about to build a tunnel for her data from the comfort of a hard waiting room sofa. Internet users should protect their cyber-selves through VPN tunnels just as El Chapo protected his business from law enforcement with physical tubes.
Tunneling Through the LAN
Most Internet users have heard of the dangers when connecting to public Wi-Fi hotspots at the local Starbucks or Hipsterbrew. Since Wi-Fi signals are traveling through the air, any device with the network’s password can snoop on what you are doing. Using sites with TLS encryption (HTTPS) does scramble the data; however, snoopers can still see what sites you visit and any data sent or received via standard HTTP communication. By building an encrypted “tunnel” from your device to the VPN’s node somewhere out on the Internet, you prevent any local devices from peeking at your bank statements.
Tunneling Through the Pipes
Stay with me; this is a bit meta. You see, for-profit businesses run the “pipes” that connect the wireless router or LTE antennae to the Internet. When you connect to a tube and turn on the faucet of data to and from your device, all of that data can be technically snooped on by the Internet service providers (ISPs) that are operating that pipe. Again, that HTTPS connection does prevent most sensitive data from being snooped on (for the most part, more on MITM attacks later). However, an ISP, its business partners, and the NSA can still mine a significant amount of data about you. So, the solution is to create a tunnel inside the ISP’s pipes via a VPN.
Disclaimer: I do not condone the illegal actions of El Chapo or the use of VPNs for unlawful or immoral acts.