Wednesday, October 30, 2013

Finding Out Your Public IP Address

You probably have an Internet connection with some kind of router attached to it, probably a Wi-Fi router. The main purpose of the router is to share the single, public IP address given to you by your cable provider with multiple devices. Otherwise each Internet connection would only allow a single device to be on the Internet. Every device on the Internet needs an IP address to communicate, so the router hands out private IP addresses that all connect via the public IP address assigned to you by your service provider.

Every web site you visit from every device in your home connects via this single public IP address, and each one of those web sites knows your IP address and can do with it what it will. It can use your IP to track you and all the devices in your house, and even get a rough idea of your physical location.

Residential Internet connections are generally given what's called a dynamic IP, which means you are only leasing it. But even though it is only "leased", chances are that you have had it a good long while. That is because it is easier for your provider to keep leasing you the same IP. The main exception is that when you turn your Cable/DSL modem off for a certain period of time, your IP address goes into a pool, and is given to the first new client who doesn't already have one assigned. Otherwise you get it back.

Knowledge is power, and knowing your public IP address is one more tool you have in the fight to regain your privacy on the Internet. Since every web site you visit sees your public IP address, there are lots of sites that will display that to you.

NOTE: Before anyone thinks I am giving out my real IP address, I have modified the IP address as well as the longitude / latitude numbers on all the screen shots below.

1. whatismyip.com

One of my network engineer friends told me this site years ago and I've used it ever since. It's definitely easy to remember, and that is important when your memory is as poor as mine!


2. Google

If you just want to know your IP address, even Google will tell you. Just type in "IP" and it will tell you. There's other variations it will also accept, like "my IP" and "what is my IP".


3. whereisip.net

This site shows you your public IP address and also your position on Google maps. It's a little scary, huh? What's even scarier is that unlike Android devices such as your phone or tablet, a web site can often tell your physical location within a few feet without your permission, based on your IP address alone.


4. iplocation.net

As with other sites, this site gives you both your public IP address and your location, but with a twist. Because different sites use slightly different methods to detect your location, some may be more accurate than others. I make no secret that I live in Spokane, WA. But notice above that whatismyip.com shows my city as Seattle, WA. A couple of the listings for this site show my correct city.

The neat thing about this site is that it will give you location data from numerous sites, some of which report longitude and latitude of your exact location.



Putting your knowledge to use


What value does knowing my IP address have for my privacy? I'm glad you asked! Knowing your public IP allows you to tell when it's changed, such as when you connect to a private VPN service. The VPN I use has servers all over the world. What that means is that I can appear to the outside world to be located wherever I choose, based on the servers available from my VPN service.

Here you can see that I connected to a server in Luxembourg. When connected to the VPN, every web site I visit sees the public IP address of the VPN server I connected to, and not my actual public IP. Now any web server which tries to use geolocation data based on my IP is going to guess wrong. If you use your imagination, you will see how a VPN could be helpful to your privacy!




Saturday, October 26, 2013

The Top 5 Threats To Your Privacy

The prevailing attitude is that if you don't have anything to hide, then you shouldn't be worried about your privacy. Of course if you ask anyone who preaches this philosophy to post their last few tax returns on Facebook, the story might change a little bit. The truth is we all have something to hide. Maybe it's not illegal, and maybe it's not even immoral, but most of us have details of our lives that we wouldn't feel comfortable with the entire world seeing.

1. The Government


The NSA drinks from the well of pretty much the entire world's Internet traffic. With little or no oversight they are free to do what they want with your information as long as they say "because terrorism!" first. Revelations have come to light about the NSA not only using information it collects about you for purposes of national security, but to secretly share with other government agencies and even corporations which use this information for profit.

New revelations are coming out of the Snowden leaks virtually every day, and it's all bad for your privacy. Ok, it's not all bad. We now know that technology like VPNs and the Tor network are actually capable of giving us a modicum of privacy. By looking at the leaks of what is giving the government trouble in taking away our privacy, we can infer which technologies work the best to protect it.

2. Hollywood


Hollywood has long seen Internet as the enemy and everyone on the Internet as either thieves or potential thieves. While not a direct threat to your privacy, they are an indirect to everyone's privacy because they work so hard to undermine it. They spend millions lobbying for laws that erode your privacy and even your civil liberties in a vain attempt to turn the clock back 30 years.

The purpose of (thankfully) failed laws and agreements such as SOPA, ACTA and CISPA were to take away your rights and consumer protections in the name of profit. Hollywood lobbyists have reportedly admitted that they have infinite patience and will eventually slip one of these types of draconian laws through while the public is napping.

3. Corporations


Unlike Hollywood with its disdain for technology, most corporations exploit technology to its fullest potential in order to maximize profit. Your privacy is a simple formula to them: the less privacy you have, the better these corporations can sell you things. It almost doesn't even sound bad.

The problem lies with the fact that a great deal of time and money is spent gathering your personal information, but not much if anything is spent on protecting it. On the contrary, corporations routinely sell your personal information as well as volunteering it to various government agencies. What's worse, these corporations have virtually no liability or accountability for what they do with your information, because they were given retroactive immunity.

There are very few large companies fighting for your privacy. And because all corporations are for profit, the ones that protect your privacy only do so because it is in their own financial interests.

4. Employers


It used to be that other than being some kind of criminal, your personal life off the clock was none of your employer's business. You have no such protections these days. Of course your employer can't officially discriminate against you for a chronic medical condition or dressing up as a donkey on Thursday nights and singing karaoke at the corner bar.

When I bought my first house, they made me sign a non-discrimination disclosure. The lady doing the signing made a joke of it and said something like "sign here saying you're not being discriminated against, though if you were, ironically you wouldn't be here signing this disclosure."

And there lies the problem with your employer or potential employer knowing every intimate detail of your life. Chances are, if you are discriminated against, you won't even know it.

5. Hackers and Identity Thieves


Why is Hackers at number 5? Because you are more likely to lose your privacy to the top 4. But that doesn't mean that hackers and identity thieves aren't a threat. It's just these days, most people are more savvy than they were, and they're wary of scams. The Nigerian Prince who just sent you an email will pretty much always find a target somewhere, but the Internet isn't as gullible as it used to be. Thank you for that Russia and Nigeria.

But hackers are getting more sophisticated as the arms race against them escalates. The one thing we as consumers have going for us is that the same banks who minimize our privacy in order to squeeze every last penny out of us is our unlikely ally against hackers. The bank could very well be on the hook for a hacker's shopping spree on your stolen credit card. The bank doesn't give a crap about you, but it really, really likes money, so it does whatever it can to keep you safe. By trying to keep your money safe, it's keeping its own money safe.

It is for this reason that I put hackers as the lower risk to your privacy. You as a consumer have a rare overlap of interest with the powerful players who normally work to screw you. Also, the threat is a bit overstated because there are billions of dollars in profit with a vested interest in keeping you scared of hackers, viruses and malware.

Conclusions


This article is meant to focus more on the problems protecting our privacy than the solutions, which I intend to get into depth with in future articles. The short answer is that we're pretty much screwed as far as our privacy goes, but with some discipline, tools and good practices, we can take back some of the privacy we all have unknowingly relinquished.


Friday, October 18, 2013

Debunking Myths About Remote Access Technology

Note: This is a guest post

Explore more benefits of remote access technologies and learn useful tips for VPN solutions with our Free ebook: Debunking Myths about Remote Access Technology

And for other Remote Access Solutions, check out HOB’s suite of FREE E-BOOKs!


Wednesday, October 16, 2013

How To Force A Windows Application To Use Your VPN

You did it, you finally cared enough about your privacy to go out and purchase a VPN subscription. But it only protects your privacy when it’s connected, and you keep forgetting to connect it or verify that it’s still connected. VPN connections sometimes drop, and when your VPN drops its connection, your privacy is not protected. What’s worse, when the VPN drops, everything on your computer keeps chugging along, unaware of the unsecure change in its environment.

What you want is to know for sure is that certain applications of your choosing are only functional when the VPN is connected. That way, your specific application will not send a single packet of data from an unsecure connection, ever. It turns out that this is pretty easy to accomplish with more recent versions of Windows, using advanced features of the built in Windows Firewall.

In this tutorial, I will be using the Google Chrome browser as my example. Using a browser is a good example for several reasons. For one, most of what people do on the Internet is through a browser. Also, it’s very easy to test the new Inbound and Outbound firewall rules we will be creating for this tutorial. When the change is complete, Chrome will only connect through the VPN and will not function without the VPN connected.

Step 1 – Configure Your VPN


I’m going to assume that at this point you have some sort of VPN service, whether it’s a custom OpenVPN client or an L2TP connection you created manually yourself in Windows. There are lots of ways to connect to a VPN, but for the purposes of this tutorial it doesn’t matter, because you are going to be basing the applications you want to have control over solely on the basis of connecting through a Public profile network in Windows.

When you create an Internet connection it gives you several profile options to create the new connection for: Public, Private and Domain. For this tutorial to work, it is very important that your VPN connection is configured for a Public profile. It’s the key to setting it up in Windows Firewall. In a nutshell, every program you want to force through the VPN is going to be configured to be restricted to this Public profile.

Step 2 – Network and Sharing Center


Start by right clicking on the network icon in the lower right hand corner of your desktop and choose “Open Network and Sharing Center” and you should see something like the window below:


Before we move on to the Windows Firewall, let’s take a second to double check your VPN profile setting. It should show a picture of a park bench showing you at a glance that it’s set correctly, like shown below:



Now, click on the Windows Firewall link in the lower left corner of the Network and Sharing Center window, as shown below:


Step 3 – Windows Firewall


You should be looking at the Windows Firewall screen, and the firewall should be enabled. Click the advanced settings, as circled below:


Step 4 – Advanced Firewall


You should be looking at the advanced firewall window, as shown below:


Step 5 – Create Outbound Rule


On the left hand side of the window, click on Outbound Rules, like so:



Then, on the right hand side of the window, in the action bar, click New Rule, like so:


Choose Program and click Next >>


This is the screen where you are going to need to know the full path on your hard drive to the EXE file which runs the program you are working with. In this example I am using Chrome, so I will point it to Chrome.


However, what if you don’t know the path to the EXE file you are looking for? If the program is running, you can find it in Task Manager as shown below. To run Task Manager, just right click on your desktop taskbar and choose “Task Manager”.

This is the Windows 8 Task Manager, but you can still get the job done in Windows 7:



When you are in Task Manager, right click on the application you want to know the path to and choose “Open File Location” which will open a Windows Explorer window with the EXE file you are looking for!



Now, right click on the shortcut you should be looking at, and choose Properties. Circled below is the fruit of your labor—the full path to Chrome, not counting the .EXE file itself.


With this knowledge in hand, we can create type the path into our outbound rule and advance by pressing Next >>


Because outbound traffic is allowed by default, the only purpose of this rule is to block traffic that’s not from the VPN. And so you want to set this screen to Block and click Next >>


Below is the most important screen, because you are blocking everything not in the Public profile. Since the VPN connection is the only connection set to Public, this rule will filter out all traffic except the VPN. The end result is that Chrome will not surf the web when the VPN is disconnected.


Almost done. Now just give your rule a name and description. If you or old like me, or just have a poor memory, it is a very good idea to put something descriptive here. I put “force chrome to VPN” so there will not be any doubts about what my new firewall rule does:


That’s it! Now just press the Finish button, and you should see your new rule appear at the top of the list, though the next time the window refreshes it will sort your new rule, so you may have to go hunting for it next time:


That’s it for Chrome, since it does not accept any incoming connections. If you have an application that does, then you will want to keep going. You still want to test it though. With your VPN connected, verify that it surfs the web. Now disconnect your VPN and try to browse to a common web site like Google to verify that it won’t work:

I get the message below when I try the test:


Step 6 (Optional) – Create Inbound Rule


For the most part you are not going to have many incoming connections via your VPN. But some common Windows applications such as voice, messaging and file sharing are going to need incoming connections to work properly. Unlike outbound connections, inbound connections are disabled by default. This tutorial is going to assume that you already have an inbound firewall rule for the application you are working with and that the application is already functioning properly aside from needing to be restricted to the VPN.

Creating the inbound rule is the same procedure you just used to create the outbound rule, so I won’t repeat it. It’s just another rule to create.

That’s it—you should be done!


Tuesday, October 8, 2013

Android Explained: Email Notifications

I get up to a couple hundred emails a day. Normally I don't use my phone for email, but it's nice in a pinch,
like when there's no Wi-Fi to be had. I use the stock email app from Google to manage my 7 accounts. One day fairly recently, my ZTE Android phone decided that it was going to always run the Email app in the background no matter what I did. Which means it wanted to make a sound every time an email came in, which is about every few minutes. It got aggravating quickly. My ZTE is running close to a stock version of Android, so it doesn't have all the fancy email settings in the stock app like my wife's fancy HTC smart phone.

There seemed to be no way to tell the stock email program not to play any audio notifications. The best I could do was turn off sound for the entire device.

There seemed to be no way of getting the email app not to run when I didn't want it running. Stopping the app in App Manager didn't help. Disabling it completely did the trick, but when I re-enabled it, all my accounts were gone. Not a very good solution, though it did solve the notification problem by deleting all my account info.

Really the only way I found to control the notifications is by individual account, which is better than nothing. It would be nice to have a master toggle switch for the notifications to turn them on and off in one shot, but I guess this is better than nothing.

The account settings for each account lets you control wheter a notification comes through, and whether it plays a ring tone or vibrates when a new message comes in. Setting the ring tone of each account to Silent lets me keep the notifications without the noise of it playing a ringtone every few minutes.






Tuesday, October 1, 2013

Lithium-ion batteries may be hard to get

Lately the Chinese have stopped allowing the shipment of Lithuim-ion batteries via air mail over cited safety concerns. This means the price of Lithuim-ion batteries has already gone up across the board. It was a nice ride while it lasted though, with genuine Panasonic 18650 batteries going for as little as 5 bucks a piece new. But I believe that some Chinese sellers like Fasttech and Wallbuys are continuing to ship them and let people take their chances. Other than that, your best bet will be with an e-bay seller who ships locally, and of course there are reputable U.S. sellers who still sell them at the normal markup. But the days of dirt cheap Panasonic and Sanyo batteries might be over. Oh well, at least we stocked up a bit.