Australia’s new data retention laws come into effect today, and a lot of people are looking for a way to keep their personal communications private. This is what I do to keep my mobile phone data, and the data from my PC and laptop at home, secure and encrypted and safe from unwanted surveillance from government or from any other interested party.
This is by no means a comprehensive guide, and it’s by no means a comprehensive safeguard against unwanted snooping. Any party that was especially interested in surveilling me could do so by other means — by gaining access to my Gmail or work email account, through monitoring my everyday phone and SMS conversations which can’t be secured via VPN, through breaking into my home Wi-Fi and sitting in the middle of any connection that takes place. But for the average user that doesn’t already have ASIO or the Australian Federal Police after them, using a VPN — whether it’s on a mobile device or a more permanent network installation — is enough to encrypt and anonymise internet data and hide it from plain view.
On my smartphone and tablet
I have an Android smartphone (a Samsung Galaxy Note 5) and an Apple tablet (an iPad Mini 4), and I change devices extremely frequently, so I wanted a service that could follow me easily between different phones and tabs. I also carry a 4G hotspot with me most of the time, so I’m not using my phone’s measly data allowance too often. That means any service I choose would almost certainly have to run through a standalone app, for both iOS and Android, rather than require any diving into settings to input IP addresses and activate and deactivate every five minutes.
I’m using Private Internet Access, which has those all-important companion apps for both major mobile platforms — it’s $US39.95 annually, or $US3.33 per month at that discounted rate. You can also sign up for six months at $US35.95 ($US5.99 per month) or one month for $US6.95. PIA has 2897 servers across 31 locations around the world, including the US and UK and Australia, each of which has a pretty straightforward host address — us.east.privateinternetaccess.com, or aus.privateinternetaccess.com, and so on. Encryption is user-adjustable, and the service uses the open-source OpenVPN standard.
When you sign up to PIA (you’ll need to supply an email address, along with a PayPal account or credit card and billing details) you’re sent a randomised username and password via email. Download the app, open it up, choose a server from the list, plug in your username and password, click connect, et voila — your internet session is anonymised and ready to go. The servers are fast, too — the closest Sydney server to my 4G connection at the Gizmodo office has a 4ms ping, Melbourne is 17ms, and the fastest US location is California at 190ms ping.
PIA hops connections, too. When I switch off my 4G hotspot or jump on the Gizmodo office Wi-Fi, it’ll quietly go through the re-connecting and re-authenticating process in the background, and encrypted internet traffic continues on its way when the connection is secure again. A permanent notification in the notifications menu tells you when you’re connected, and which server you’re connected to — the app also shows you current download and upload speeds and the quantity of data transmitted so far. I don’t notice any significant speed degradation, and I like knowing that my data is travelling securely to its destination.
On My home Wi-Fi router
Because I have a whole bunch of different internet-connected gadgets on my home Wi-Fi network — I counted a dozen last night, just sitting there snoozing and requesting the odd data packet around the clock — I wanted a VPN service that ran on my router, and therefore covered every single piece of traffic travelling through my internet connection. The alternative is to install a VPN on every single device that accessed the internet — chief amongst which is my desktop PC and laptop obviously, since they’re full of my personal communications — but that’s not feasible.
I’m lucky enough to have a Wi-Fi modem router that supports a PPTP VPN. PPTP stands for “point to point tunneling protocol”, and it’s one of the simplest secure ways to set up a VPN. Check to see if your router supports a VPN, and if it doesn’t, you’ll have to set up devices individually and on an ad-hoc basis. It’s much simpler to set it up on your router if possible, and you can get a great Wi-Fi router (I’m using a Dovado Tiny AC as my internet gateway) for little more than $100.
I could use the same Private Internet Access account that I use on my phone, but I’ve had a UnoVPN service sitting idle ever since I signed up for a year’s UnoTelly Gold — for $US59.95 annually, or $US4.93 per month at that discounted rate. The main feature of UnoTelly is a DNS redirection service that operates outside of a VPN, giving you access to US or UK Netflix or US YouTube and the like without redirecting the entirety of your internet traffic — which is useful for fast ‘net browsing while watching international videos, but not what I’m after here.
The process with UnoVPN is a little more complicated than with PIA — you sign up (you’ll need to supply an email address, along with a PayPal account or credit card and billing details) and then login details for UnoTelly’s web portal are emailed to you. From there, you can choose an international gateway from either the US or UK offerings, and put that host address plus your UnoVPN user details into your router or any other device you set up. My Dovado router runs the PPTP VPN as part of its initial startup process, so as soon as it’s started up and I’m connected to the internet, I know all my data is encrypted and travelling to an anonymous international location before hitting the rest of the web.