Help me choose a subscription VPN
July 11, 2007 7:45 AM
Help me choose a subscription VPN.
I want to use a subscription VPN service in order to conduct occasional but very secure banking and stock trading transactions, as well as general internet surfing, while at free hotspots. The leaders among paid VPN service providers appear to be Jiwire's Hotspot Helper, Witopia's personalVPN, and HotSpotVPN. I'll appreciate your answers to any/all of the questions below.
1. What is your general impression of the usability of each of these programs, and the quality of their customer support?
2. HotSpotVPN offers 256 bit encryption in a service that is about six times more expensive than JiWire's service and four times more expensive than Witopia's. The latter two services offer 128 bit encryption, but is there any real world advantage to 256 bit encryption for me, considering how low it would take to crack either one?
3. Is HotspotVPN's encryption of more than just port 80 important for security in my situation?
4. HotSpotVPN states "PPTP L2TP and IPSEC VPNs are easy to block and often do not work out in the wild." JiWire has a response to this (that is too techno for me to appreciate or even understand). Is this a problem that I should be concerned with?
5. Is it important that my VPN work with programs other than my browser, since I would only use it for internet surfing and secure financial transactions via Firefox or IE?
Witopia says it's security advantage involves a RADIUS server. Is that significant for my uses?
Thanks for your help!
I want to use a subscription VPN service in order to conduct occasional but very secure banking and stock trading transactions, as well as general internet surfing, while at free hotspots. The leaders among paid VPN service providers appear to be Jiwire's Hotspot Helper, Witopia's personalVPN, and HotSpotVPN. I'll appreciate your answers to any/all of the questions below.
1. What is your general impression of the usability of each of these programs, and the quality of their customer support?
2. HotSpotVPN offers 256 bit encryption in a service that is about six times more expensive than JiWire's service and four times more expensive than Witopia's. The latter two services offer 128 bit encryption, but is there any real world advantage to 256 bit encryption for me, considering how low it would take to crack either one?
3. Is HotspotVPN's encryption of more than just port 80 important for security in my situation?
4. HotSpotVPN states "PPTP L2TP and IPSEC VPNs are easy to block and often do not work out in the wild." JiWire has a response to this (that is too techno for me to appreciate or even understand). Is this a problem that I should be concerned with?
5. Is it important that my VPN work with programs other than my browser, since I would only use it for internet surfing and secure financial transactions via Firefox or IE?
Witopia says it's security advantage involves a RADIUS server. Is that significant for my uses?
Thanks for your help!
While only encrypting 80 might be enough, keep in mind that will leave other sensitive content in the clear. The primary concerns for this would be email and IM. If you have email and IM access that provide encryption too then the only port 80 solution would be fine.
posted by chairface at 8:33 AM on July 11, 2007
posted by chairface at 8:33 AM on July 11, 2007
I've had trouble with IPsec tunnels in certain cases: It cannot traverse NATs (at least only with just one IPSec tunnel user behind the NAT, and even then it requires special configuration to make sure the IPsec packers reach the right host).
This means it also doesn't work over GPRS, which is a pain.
posted by fvw at 8:47 AM on July 11, 2007
This means it also doesn't work over GPRS, which is a pain.
posted by fvw at 8:47 AM on July 11, 2007
It cannot traverse NATs (at least only with just one IPSec tunnel user behind the NAT, and even then it requires special configuration to make sure the IPsec packers reach the right host).
I haven't found that to be true at all. [Free|Open]SWAN with NAT-Traversal enabled as the VPN server has gotten past every NAT device I've found, regardless of the client software, platform, or internal IP range. No special configuration, it just works.
posted by cmonkey at 8:54 AM on July 11, 2007
I haven't found that to be true at all. [Free|Open]SWAN with NAT-Traversal enabled as the VPN server has gotten past every NAT device I've found, regardless of the client software, platform, or internal IP range. No special configuration, it just works.
posted by cmonkey at 8:54 AM on July 11, 2007
I use web based email and no IM.
These are very practical and helpful answers. It sounds like the combination of a less expensive vpn plus SSL encryption for the banking and broker are all I need to keep my transmitted data secure.
Thanks very much, cmonkey, fvw and interestingly named chairface!
posted by bbranden1 at 10:46 AM on July 11, 2007
These are very practical and helpful answers. It sounds like the combination of a less expensive vpn plus SSL encryption for the banking and broker are all I need to keep my transmitted data secure.
Thanks very much, cmonkey, fvw and interestingly named chairface!
posted by bbranden1 at 10:46 AM on July 11, 2007
Alternatively, you could use something like LogMeIn to access a computer at your office or home and do all the sensitive stuff on that computer.
posted by wierdo at 11:04 AM on July 11, 2007
posted by wierdo at 11:04 AM on July 11, 2007
i don't have technical advice nor have i used any of these services, but i did find a list of the prices by site, which may help you make your decision:
HotspotVPN
$8.88 a month / $88.80 for 1 year
PublicVPN
$5.95 a month / $59.95 for 1 year
Jiwire Spotlock
$4.95 a month / $49.95 for 1 year
Witopia PersonalVPN
$39.95 per year
posted by sharkfu at 11:26 AM on July 11, 2007
HotspotVPN
$8.88 a month / $88.80 for 1 year
PublicVPN
$5.95 a month / $59.95 for 1 year
Jiwire Spotlock
$4.95 a month / $49.95 for 1 year
Witopia PersonalVPN
$39.95 per year
posted by sharkfu at 11:26 AM on July 11, 2007
Thanks for the list, sharkfu.
The logmein program looks pretty interesting. I'll stick with the subscription vpns for most use, but I do like the idea of being able to leave my good laptop at home and use a somewhat disposable one on the road.
posted by bbranden1 at 12:41 PM on July 11, 2007
The logmein program looks pretty interesting. I'll stick with the subscription vpns for most use, but I do like the idea of being able to leave my good laptop at home and use a somewhat disposable one on the road.
posted by bbranden1 at 12:41 PM on July 11, 2007
This thread is closed to new comments.
No, not really. 128 bits will be enough to discourage anyone who is sniffing hotspot traffic.
3. Is HotspotVPN's encryption of more than just port 80 important for security in my situation?
Your web traffic to the bank and stock broker will go over SSL encryption on port 443. So if you really want to double up on the encryption, yes, you'll need more than port 80.
4. ... Is this a problem that I should be concerned with?
I ran an IPSec VPN on my own for years and never found a hotspot that it wouldn't work with, so HotSpotVPN is just making shit up.
5. Is it important that my VPN work with programs other than my browser, since I would only use it for internet surfing and secure financial transactions via Firefox or IE?
Probably not. What other internet applications do you use?
Witopia says it's security advantage involves a RADIUS server. Is that significant for my uses?
No, not really.
If I were you, I'd just go for whichever is cheap and just encrypts port 80. It doesn't sound like you need more than that right now (SSL, really, is quite safe for online banking at public hotspots).
posted by cmonkey at 8:26 AM on July 11, 2007