Recommended Tech Project: Raspberry Pi VPN

If you are someone who uses “Free WiFi” at any point without using a VPN you are taking some unnecessary risks with your online security. Especially if you actually log onto anything, as “Free WiFi” can be a serious “man in the middle” risk.

However, you can mitigate that by using a virtual private network, or VPN. Don’t bother with a “free” VPN service, they do little more than change your public facing IP address to get around censorship (and to make their money they sell your browsing habits). And paid VPNs run the entire gamut from “completely a rip off” to “mostly ok” and everything in between.

So, if you have a constant on broadband internet connection to your home such as cable, dsl, or fiber (does anyone still use ISDN?) then creating your own VPN is recommended. Why? Because if you want to actually do anything productive over “free WiFi” then you don’t want someone stealing your credentials or conducting a session hijack when you are trying to pay the electric bill.

To put things into perspective, you can purchase a Raspberry Pi 3B, with everything you need for less than sixty dollars delivered off of Amazon. If you pay for a decent commercial VPN service, this can easily be a six dollar a month expense (and maybe it is an expense that is worth it to you if you don’t have an always on internet connection at your home or small business). So if you set up your own VPN, and you use it for 10 months, anything beyond that is essentially cost savings compared to a decent commercial VPN.

Here is how running your own VPN works. You set up a VPN server on your home network, and you’ll have to assign it an IP address and do some port forwarding on your router, but then you can connect to that VPN server through a strongly encrypted connection which will then let you use the internet as if you were at home (minus any additional latency because of the increased transmission distances).

The benefit? Your bank sees you logging on from your known home IP address, and your ISP (which already has all your data use statistics, but you pay them for service so they are nominally on your side) just sees a bit more traffic on your link.

Here is a pretty good kit bundle on a Ras Pi 3B with heatsinks, power supply, and flash drive pre-loaded with Raspian. The case is optional, but I recommend one, even a cheap seven dollar model helps keep curious little fingers off the hardware. https://www.amazon.com/LoveRPi-Raspberry-Plug-Play-Starter/dp/B01IYBZEV6/

Follow along steps on setting up a Raspberry Pi as a VPN server here (and how to set up the VPN client): https://pimylifeup.com/raspberry-pi-vpn-server/

Also good reading, how to “harden” the RaspianOS so that someone can’t Telnet into your device: http://automationguy.co.uk/home-lab/home-lab-build-part-13-raspberry-pi-hardening/

Now…why am I really recommending this over a commercial VPN? Because the reality of the world is that those with digital skills have a higher chance of prospering going into the future, and setting up little projects like this is a step towards technological interdependency with other freedom minded individuals.

The Raspberry Pi started out by a few folks who wanted to help kids get into computer science, the Linux operating system is almost entirely supported by volunteers (there are some commercial supporters who are really reaping the benefits of the entire free, open source software “FOSS” model). Even the folks who wrote the encryption standards did so in order to protect your online privacy.

Doing the projects like this, and working through the growing pain and frustration to actually make them work for you, is going to cost you both time and money. However at the other end of it, think about how this could be the “summer lawn mowing gig” for a new generation of teenagers. Would you pay some kid 25 bucks to come set up your home VPN server? I think that there are a lot of people out there right now who would say “yes” to that. And even if you aren’t a teenager, the benefit of browsing securely, even over an unsecure “Free WiFi” connection cannot be calculated.

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s