YouTube the popular video sharing service is the third most visited website in the world. It receives 1 billion unique visitors every month, with viewers from around the world tuning in to view and/or uploading videos on any topic. However, regardless of being a remarkably popular website, it is also one of the most heavily blocked websites in the world. It receives take down requests as well as legal orders from the governments of countries all over the world demanding to remove content or restrict viewership to a variety of content on the site.
These requests or orders asking to ban content in a specific country could spell a variety of reasons, including religious, cultural, security or moral violation of national beliefs, laws or regulations. YouTube has always had a policy of exercising Free Speech, but it complies with the specific government requests and bans the content for that specific country.
It was the number one advice following the Snowden reveals: encrypt your email. Although VPNs (Virtual Private Networks) are great because of their ability to secure your communications through another server in a different location, they can’t provide you with full protection in all areas.
When you use regular email services it is only safe up to a level, as the message you’re sending is regular text, very similar to a postcard. If there are any snooping eyes, they’ll be able to read it with no problems.
So, how does it work?
Email encryption works by creating two mathematically-related cryptography keys: a public one that you share with your recipient and a private key that you should never share. These two keys work in tandem to encrypt and decrypt a message. If I send you an email, for example, I’ll use your public key to encrypt it, and only you can decrypt it with your private key, and vice versa when you send me an email.
Usually, email encryption requires a bit of setup on the user side, with many complicated steps and even the production and control of your own cryptographic keys—something that’s a bit out of hand for most users. But in recent years more user-friendly providers have come on the scene.
These email providers offer you an even greater level of protection when you use it in combination with a VPN service, such as NordVPN, which offers unparalleled encryption and privacy for all your online communications. We’ve mentioned before how to keep safe on public wi-fi, so now we’re going to look at some easy-to-use providers that help secure your privacy when sending emails.
The number one name when it comes to encrypted mail, ProtonMail started in 2013 in the wake of the Edward Snowden document leaks. The provider’s strongest feature is its iron-willed stance against government surveillance, as it is based in Switzerland and thus located outside of US and EU jurisdiction.
Their main datacenter is also buried under 1,000 meters of granite rock with fully-encrypted hard drives, redundant power supply, and other features to help keep your mind at ease.
ProtonMail provides users with two passwords: one for logging in, and the other for your mailbox. The first password provides authentication and entry into the mail system, and the second provides decryption of the secure mailbox.
The entire process takes place in the user’s web browser, which means that ProtonMail has no way to decrypt user messages, even under court order. It also offers end-to-end encryption for recipients outside of the ProtonMail system. The service is free and offers additional paid services.
Usually spoken of in the same vein as ProtonMail, though a bit older, Tutanota started in 2011 in Germany and offers 1GB of free storage with additional paid services. The service also offers end-to-end encryption, but they are perhaps most notable for not using the almost-ubiquitous PGP (Pretty Good Privacy) encryption. They instead use a custom-built solution, arguing that PGP does not encrypt the subject lines of emails. This goes also for non-Tutanota recipients.
The service works by both sender and recipient having agreed to a password beforehand, without which the recipient won’t be able to read anything—including even the subject of the email.
The service has strong data privacy and they are unable to access anything you’re doing. So, because of their levels of privacy and security, they won’t be able to change your password if you lose it. So don’t lose it.
This service is also available for Android and iOS and a plugin for Outlook.
Rounding out our top 3 is RiseUp—a volunteer-run organization more known for its political activism against government surveillance than for its suite of private email, VPN, and other online services. RiseUp is the only non-profit organization on this list. It was started long before the Snowden files, in 1999, and has garnered international recognition as an ally of secure-minded online users, having gained 6 million subscribers by 2013.
Before the Snowden leaks, the organization was more connected with the environment, human rights, and social justice activists worldwide, but was flooded afterwards with a whole generation of privacy-seeking users and activists. This helped grow their numbers and led them to focus more on email security.
RiseUp does not store any logs and all mail is stored on encrypted partitions. Emails are also transmitted over encrypted connections whenever possible. The organization relies on volunteers and donations, so if you end up using their services, you can also consider pitching in.
These are but a few of the encrypted email service providers out there, but they comprise a good cross-section of what’s available. It’s important to be vigilant in your activities online, and using these email encryption services—in combination with a VPN of course—will ensure no one can track you, log you, or intercept your private information.
How often would you say you connect to a public wifi hotspot available in cafés, restaurants, airport or hotel? About once a week? Maybe once month?
Have you ever thought about whether that free, public wifi you’re connecting to is legitimate, or a fake wifi hotspot, what’s known as an Evil Twin?
An Evil Twin is a wifi hotspot set up by a hacker or cybercriminal that is made to look like a real, authentic wifi hotspot. It mimics the real hotspot in every single way, so that you wouldn’t notice anything different, except for one thing: it wants to steal and intercept your information.
When people connect to wifi hotspots, they generally behave similarly to how they would behave on their own private networks, accessing sensitive information on a regular basis.
According to the Identity Theft Resource Center, nearly 24% free wifi patrons have made purchases using credit cards while connected to public wifi hotspots. The Harris Poll showed that 26% of US adults have checked their bank accounts on these free wifi hotspots, 9% have paid bills online, and 8% have even sent emails with sensitive information, such as bank accounts or Social Security numbers.
>Even worse, according to the ITRC survey, almost 57% have logged into their work-related systems on these public wifi hotspots (even though, according to the same survey, 79% believe that these wifi hotspots could lead to identity theft!).
That is a lot of juicy, exploitable personal and financial information.
That’s where Hackers and cybercriminals come in. They create these Evil Twin, fake wifi hotspots to gain access to your network traffic for two main reasons. One, they can eavesdrop on your communications and steal your account numbers, passwords, private photos and videos, and more. Two, they can intercept your traffic and send you to malware sites or fake banking sites. So, this website will look like your authentic bank website; when you enter your username and password, they will have full access to your financial information.
So, for example, you’re at McDonald’s or your favorite coffee shop, and you see two public networks, “Coffee Shop” and “FREE_Coffee Shop”, you might click on the free one, because that’s what you’re really after. Now instead of being connected to the actual coffee shop hotspot, you’ve just got connected to the rogue one, the Evil Twin.
And if you’re like the people mentioned above in those surveys, you’re very likely to connect to your email and share sensitive information, or engage in online purchases. Even worse (from a corporation perspective), you are more likely than not to connect to your work-related system and put your company’s information at risk.
Airports are particularly susceptible to such methods. According to a BBB report, in 2008 there were 20 Evil Twin hotspots at Chicago O’Hare airport used by cybercriminals to steal and intercept user communications. Even at the Rio 2016 Olympics, Skycure has detected multiple Evil Twin networks hoping to steal tourists’ information.
How can you protect yourself?
If you don’t want to be a victim, there are certain steps you can take.
First of all, according to private investigator Colman Ryan speaking to ABC13, you shouldn’t need to put in a password if you’re connecting a true wifi hotspot. Also, most (but not all) legitimate wifi hotspots will ask you to agree to their terms and conditions, so if you don’t see that, it could be another red flag. Then, if the connection speed is quite slow or sluggish, it could be because the information is being rerouted and slowing everything down.
If you encounter any of these warning signs, it is advisable to disconnect from that network.
Beyond that, you should go into your device’s network settings and forget any automatic connections. Doing this, if you’ve connected to an Evil Twin in the past, you would not be automatically connecting to them again.
You can make sure that the wifi you’re connecting to seems legit, and beware of things that appear spammy. You should also check if the websites you’re connecting to are HTTP or HTTPS, where HTTP website addresses mean that your browsing is not secure and therefore open to hackers.
However, the best option is to use a VPN (Virtual Private Network). VPNs used to be luxury items for large corporations, but in our modern age, VPN services are ubiquitous at competitive prices. However, you shouldn’t go with free options, as they are spotty at best and deceitful at worst.
Here at NordVPN, we support a number of different security protocols to provide our VPN service. We encourage you to take a closer look and explore the strengths and weaknesses of each and every one of them. The security levels and purposes of these protocols are different, but so are the needs of our customers. We want you to be able to choose freely, but also advise you of what might suit you best.
1. OpenVPN – (recommended by NordVPN and used by default in our apps)
OpenVPN is a mature and robust piece of open source software which enables us to provide a reliable and secure VPN service. It is a versatile protocol and can be used on both TCP and UDP ports. It supports a great number of strong encryption algorithms and ciphers – to ensure the protection of your data we use AES-256-CBC with a 2048bit DH key. OpenVPN is currently used by default in NordVPN apps. We recommend it for the most security-conscious.
2. PPTP – (Not recommended for general use. Advanced users only)
Point-to-Point Tunnelling Protocol is one of the first encryption protocols that came into existence. It is quite simple to set up and runs on a lot of Windows versions, right from Windows 95 to Windows 7. However, the reason that more protocols came into existence is because PPTP is not nearly as secure as it should be. We recommend this only in those rare cases where security isn’t a priority and where legacy support is required.
3. L2TP/IPsec – (Not recommended for general use. Advanced users only)
The first protocol ever used by NordVPN, L2TP/IPsec is a Layer-2 tunneling protocol encapsulated within IPsec. It’s mostly used where newer protocols aren’t supported, or security is far less important than the ability to use a VPN at all. We have had cases where our customers have old hardware or are based in countries where this is the only protocol that can penetrate Governmental/ISP firewalls. L2TP/IPsec uses the legacy IKEv1 Internet Key Exchange protocol, which is widely supported in many operating systems and mobile devices, however, it has limitations when compared to the newer IKEv2. One of those limitations is the fact that the authentication methods must match on both the client and the VPN server. To simplify the process of connecting to this VPN service we use a shared secret key for authentication in Phase 1 of an establishment of VPN tunnel as opposed to providing every client with their own certificate, and since the secret key is shared, there is always a potential for your data to be intercepted. Managing certificates is often time consuming and cumbersome for the end user, so we only support this protocol to enable you to connect to VPN when you need it most, but have no time to set it up – or if other protocols are blocked by a government or an ISP, which is when we ask to switch back to another protocol when VPN connection established. Use at your own risk and only as a temporary measure or last resort.
4. IKEv2/IPsec – (highly recommended – new to NordVPN) The latest addition to NordVPN security protocol family, which is also protected by IPsec, just as L2TP is, however, IKEv2/IPsec significantly increases security and privacy of the user by employing very strong cryptographic algorithms and keys. NordVPN uses NGE (Next Generation Encryption) in IKEv2/IPsec. The ciphers used to generate Phase1 keys are AES-256-GCM for encryption, coupled with SHA2-384 to ensure integrity, combined with PFS (Perfect Forward Secrecy) using 3072-bit Diffie Hellmann keys. IPsec then secures the tunnel between the client and server using the strong AES256. This is the protocol, which provides the user with peace of mind security, stability, and speed. For these reasons, it is highly recommended by NordVPN and has been adopted as a default in the iOS and macOS apps. Instructions for set up for other devices coming soon.
This summary of VPN protocols should be used as a reference point when moving away from default native app settings. We want to provide you with a freedom to choose and tinker, but also keep you informed about our motivation in offering and recommending certain protocols. If you have any questions or comments, please do not hesitate to express them in the comments section below.
P Address or Internet Protocol Address is a string of numbers which identifies a computer or a device on IP/TCP network. Basically, it is a number assigned to each device connected to a computer network. An IP Address is written as four numbers separated by periods. Each of these numbers can range from 0 to 255. For example, it is possible for 18.104.22.168 may be an IP address.
Types of IP addresses:
private – an IP address for your network devices assigned by your router. This IP address cannot be routed over the internet and can only be used internally.
public – an IP address assigned to you by your ISP. There are two kinds of public IP addresses:
Dynamic IP Address
Static IP Address
i.) Dynamic IP Address
This is the IP address which is commonly used in almost all households. These IP addresses are also assigned dynamically by the ISPs. Such IP addresses change every time you reboot your device, add a new device to your network or your network changes configuration. The changes rarely have any impact on your connection to the internet services.
ii) Static IP Address
A Static IP is the one which is assigned permanently by your ISP. Such IP address remains constant unaffected by any number of reboots performed on the system. Such IP Addresses are typically assigned to servers which host websites, provide emails, and FTP services. They may also be assigned to any public organization which may need the same address every time. Individuals might use it for certain types of gaming or VOIP connections that require very stable connections.
However, Static IP Addresses are expensive and are rarely used for individual household needs. The ISPs charge extra for assigning a static IP. Such IP addresses also require additional security measures as hackers may try to break into such systems using brute force attacks and they are also easier to track by data mining companies.
Functions of an IP address
The functions of an IP Address are twofold:
The first function is to deliver the message or the request to the required destination.
The second function is for the receiver knows about the origin of the message or the request. This also enables it to send the request to the appropriate location.
What information can be extracted from an IP address?
Your IP address contains a lot of information which is used by the service providers across the web. It can trace the origin and destination of requests made online. Here are some examples of information contained within an IP:
IP address ownership: the IP address contains information regarding the owner of the IP address. Don’t be alarmed because you’re no the owner of the IP address, but your ISP is. All the public information about the IP address will reveal the name of the ISP only.
Location info: Yes, IP address may be used to geo-locate your approximate location. Your exact location might not be pinpointed, but can surely point towards the nearest ISP distribution equipment.
Can your web activity be traced and assigned to your IP?
If someone were to force your ISP to cross reference the particular public IP address with the logged web data and ISP customer records- a digital footprint could be matched with your personal details.
This is worrisome, as we have seen attempts by private companies or governments asking ISPs to reveal information about an individual by identifying that an IP address has sent or received particular data online.
An example from Australia comes to mind, where a film producer for Dallas Buyers Club had identified over 4500 IP addresses they believed torrented their film. They asked ISPs in Australia to reveal personal contact details for identified users in reference to IP addresses associated with torrenting files. ISPs refused to reveal the information, which started a lengthy court battle. The court case ended after a year in courts – with the case being dropped, however, it showed that users action online can be traced and if ISPs cooperated, could be traced back to a household.
How to Hide your IP address
NordVPN service encrypts user online data by hiding internet user IP address by replacing it with one of NordVPN server IP addresses (Currently over 1000+ servers worldwide).
Related: 10 Reasons to Hide Your IP
All the data sent through NordVPN connection passes through a secure tunnel. This secure tunnel encrypts all your data so that none of your personal information is revealed to any third party or any unauthorized person while you browse online. This ensures both security and anonymity online.
Cases of identity theft have brought to the attention the risks that follow with sharing private information on the internet. The data you input and share online could be used to hurt your reputation, expose your personal and financial details, or worse – be used to conduct attacks against you or your friends & family. Therefore, it’s always best to be absolutely cautious when sharing information on the internet.
This should place today’s parents on high alert, because children today start using the internet at a very young age, but don’t understand that their actions online can lead to serious consequences. They are very quick and eager to use internet enabled devices, but lack the obvious know how about internet privacy and security and are often eager to overshare. As children grow, the way they use the internet, share information on social media, etc changes a lot, but throughout this learning curve, parents and educators could step in and offer guidance and introduce some internet ground rules.
We take a look at some tips & tricks parents can implement at home to teach children about internet privacy and safety.
1. Lay out some ground rules
Whether your child is a teenager or a kid in elementary school, you need to tell them a few basic guidelines. For example, start by telling them things like anything shared once on the internet stays there forever and that nothing is 100% private.
2. Tell them to check with you
First tell your child what is meant by personal information. Draw up a list for them and tell them clearly that they should always, ALWAYS, consult with you before sharing those details together with any website or person on the internet. This would make them aware of not providing all of the personal details to anyone. Different things are required by websites for children of different ages, so it is better to guide your child through the things he will be required to share, only after your consent, of course.
3. Password protection and usage
Children at a young age start creating their own email accounts these days. Although such email websites alert users to choose strong passwords, advice your child on what kind of passwords to choose. Tell them that the password could be a mix of characters and special symbols and ask them never to share their passwords with anyone, perhaps even with you. This will develop the need to keep passwords secure in your child’s mind.
4. Curb social media usage
Children spend the most amount of time on social media, so it is important to let them know what is ok to share and what isn’t. Have a talk with your child and discuss with him or her what he or she should not share on social media, for everything stays forever on the internet and nothing is 100% private.
5. IM and texting
Sending messages on IM clients like messenger or Whatsapp is something every teenager does, but they don’t always know that their chats are not 100% private. Therefore, you should advise them never to share personal, or bank details or other sensitive information like passwords via messages.
6. Share news of personal hacks with them
If your child is big enough to understand this, share the latest news about identity thefts, personal hacks, etc. with them to make them aware of the dangers they face while using the internet. Also, it is a good practice to teach your child about things like VPN.
7. Explain to them the dangers of free public wifi
Kids love free wifi – who doesn’t. Cafes, shops, and even school cafeteria might have unsecured wifi networks. Explaining to your kid(s) to be especially cautious when connecting to these networks – as they can easily be monitored. For ultimate protection you can install a VPN service on the device they use to encrypt their online communication data.
8. Warn them of game scams
Agree to install games together with your kids. Read up to see if the game and the provider are reputable. Make sure you download the games from a reputable source after reading some reviews. Too often fake games are uploaded online, which are made to pop with colour on websites, prompting kids to install them for free, when in fact they might be malware that could infect your device.
9. Communication with strangers
The internet is as social as ever. New chat rooms, forums uniting different interest groups are popping up every day. As kids are eager to discuss their interests with peers, it is important to speak to them about sharing one’s private information. Under no circumstances should they share any pictures, addresses, etc.
10. Email deals are fake!
All that sparkles is not gold. If your kids receive a email about a great offer like a free cell phone or concert tickets – it’s a trick designed to get one to give up personal information. Again, advise your kids to always show you such emails with you and not to respond to them in any circumstance.
Android is the front runner of mobile OS through the world. The availability across many devices and ease of use of Android makes it the most popular and most widely used mobile operating system. However, with all its features and user friendliness, Android often falls short when it comes to protecting people’s devices from malware and other threats.
The Android OS mainly checks apps through one of Google’s testing services, named Bouncer, which only matches apps with signatures of previously known malware. Apart from that, there are many other threats that the devices face which are often exploited by attackers. Today, we discuss some tips to make your android devices more secure.
Securing your Android device
Below are some tips that are useful in securing your Android devices:
1. Download trustworthy apps
Android devices have the feature of downloading apps from markets other than the official Google Play Store. These markets do not have the necessary security measures to intercept malicious apps from making their way to the user’s device. Even when downloading apps from the play store, only download apps from trustworthy developers or which are featured by Google itself. It is also necessary to look out for the permissions the app requests before installing it. Some apps ask for permissions which they should not ask for, which usually points to something fishy. Therefore, keep an eye out for such things.
2. Stronger passwords
Once again this suggestion is made, but the reason it is being highlighted again is because people still fall victim to attackers because of using weak passwords. It is always a good practise to use pass codes that have a unique mix of characters and/ or have secondary authentication. Using such passwords in place of PIN codes or patterns is a better practise, for they are harder to crack.
Online security is quite essential for Android devices today, seeing that almost all tasks can be done via the internet today. Sensitive information like bank account details, passwords, etc. need to be encrypted and secured while sharing them online, which is something VPNs always help out with. Therefore, always use a good VPN for your Android device.
Related: NordVPN Android (Beta) is now available for download
4. Encrypt your data
Encrypting your data prevents it from being accessed in the event your phone is stolen or hacked into. Encryption is a simple process which can be done through the settings of your device. All data of your device is encrypted, with access only granted upon entering a password.
-> Follow these instructions for Android devices v.5 and later.
1) Back up your data.
2) Go to Settings > Lock Screen > Screen Lock > [input your current password] > Password and create a strong password.
3) Go to Settings > System > Security > Encrypt device and select Encrypt phone (if using tablet, Encrypt tablet). You’ll be asked to confirm your password again.
4) wait for the encryption process to complete. I’ve seen this take anything between 45 minutes and a couple of hours.
5. Delete unnecessary apps
Having apps installed on your phone that you do not use at all can be dangerous for your device. Some apps collude with other applications to use their permissions and attack your device. Deleting all unnecessary apps is thus a good practise.