{"id":18069,"date":"2022-02-02T10:49:01","date_gmt":"2022-02-02T18:49:01","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/02\/02\/news-11802\/"},"modified":"2022-02-02T10:49:01","modified_gmt":"2022-02-02T18:49:01","slug":"news-11802","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/02\/02\/news-11802\/","title":{"rendered":"VPNs and browsers \u2014 staying secure while online"},"content":{"rendered":"

<\/p>\n

Credit to Author: Susan Bradley| Date: Mon, 24 Jan 2022 09:08:00 -0800<\/strong><\/p>\n

In business, we\u2019ve used Virtual Private Networks (VPNs) for years. But I\u2019m now seeing recommendations that consumers use VPN software to make internet connections more private so sites can\u2019t snoop on your surfing and other communications. As someone who runs a website that uses IP address reputation as a guide to know who is and is not reputable on my site, I can tell you that using a VPN often assigns you an IP address that\u2019s less than stellar. As a result, if you attempt to access sites that check for reputation, such as your bank, you may find yourself blocked.<\/p>\n

I\u2019m not against the concept of consumer-based VPN software, but I\u2019m not convinced it\u2019s the security panacea many think it is. Users think it\u2019s keeping sites from tracking them, or keeping them safe when surfing on coffee shop Wi-Fi. They think it keeps prying eyes from reviewing our web traffic. But all VPN software is not created equal. I recently read\u00a0new research from Consumer Reports<\/a> that tested various VPN platforms; I was surprised to find that the top VPN providers<\/a> included vendors I\u2019ve not even heard of.<\/p>\n

As the publication points out in the article and related white paper<\/a>, ultimately you<\/em> decide who or what you trust while online. Do you trust your ISP or a VPN vendor to watch what you connect to? If you don\u2019t trust your ISP, you might want to change to a different ISP, one that has a better reputation. Also consider that nearly all of the websites we visit now support https:\/\/ and thus, the transmission to that site is protected by an SSL certificate and can\u2019t be intercepted if you go online using public Wi-Fi. As pointed out a while back in Wired<\/a>, concerns about the use of public Wi-Fi are now lessened as we\u2019ve moved to an always-https:\/\/ world.<\/p>\n

One security suggestion I have is to use different browsers based on what you are doing online. Use one for more sensitive tasks such as online banking, and another browser for generic surfing. As Consumer Reports notes, instead of focusing on a VPN, consider \u201cusing a password manager, setting up multifactor authentication, enabling HTTPS-only mode on your web browser, and blocking ads or trackers with a tool like Privacy Badger or uBlock Origin.\u201d<\/p>\n

Microsoft is in the early stages of beta testing a setting in its Edge browser that will proactively protect against zero-day attacks<\/a>. Given the increasing number of zero-days in Chrome, which Edge is built on, this is a wise move by Microsoft. Included in version 98.0.1108.23 released on Jan. 14, the zero-day protection, as Microsoft notes, can \u201cenhance your security on the web.<\/p>\n

\u201c[It\u2019s] a browsing mode in Microsoft Edge where the security of your browser takes priority, giving you an extra layer of protection when browsing the web. Administrators can apply the following Group Policies to end-user desktops (Windows, macOS, and Linux) to help protect against zero days. These policies also make [sure] that important sites and line of business applications continue to work as expected. This feature is a huge step forward because it lets us mitigate unforeseen active zero days (based on historical trends). When turned on, this feature brings Hardware-enforced Stack Protection, Arbitrary Code Guard (ACG), and Content Flow Guard (CFG) as supporting security mitigations to increase users’ security on the web.\u201d<\/p>\n

There are three new group policy and registry settings to control this, but you can try it out on a standalone basis by downloading the Edge canary channel version<\/a>. In the browser, click on the three dots in the upper corner and click on settings. Now click on Privacy, search, and services. Scroll down to Enhance your Security on the web and choose whether you want to use Balanced security or Strict. Note that this setting is also available in the regular version of Edge, though it does not appear to have the same protections as in the beta version. (Remember to also enable I the super-duper secure mode wrote about<\/a>.)<\/p>\n

When reviewing options for privacy and security, remember there is a variety of privacy focused software listed on \u201cNomoregoogle.com<\/a>.\u201d Often, I see the obvious side effects of online tracking in my search engine process: I\u2019ll search for an item and the next time I go online, I see exactly what I searched for pop up in ads. Thus, review your options for search engines other than Google. I routinely try different search engines using the same terms to see what results come up. You\u2019ll usually see different offerings based on which search engine you use.<\/p>\n

So when do I use VPN software? Honestly, it\u2019s when I want to pretend to be located in another country to get around arbitrary geo-blocking that limits access to certain websites. (There are videos I like to watch that are blocked from the United States; when I use a VPN that broadcasts an IP address from another country, I can access the video.) But, like Consumer Reports, I\u2019m of the opinion that a VPN does not protect internet surfing from prying eyes. Instead, it simply moves that risk from your ISP to the VPN vendor.\u00a0 As Consumer Reports notes, instead of using VPNs, prioritize blocking ads or trackers with tools like Privacy Badger<\/a> or uBlock Origin<\/a>.<\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Susan Bradley| Date: Mon, 24 Jan 2022 09:08:00 -0800<\/strong><\/p>\n

\n
\n

In business, we\u2019ve used Virtual Private Networks (VPNs) for years. But I\u2019m now seeing recommendations that consumers use VPN software to make internet connections more private so sites can\u2019t snoop on your surfing and other communications. As someone who runs a website that uses IP address reputation as a guide to know who is and is not reputable on my site, I can tell you that using a VPN often assigns you an IP address that\u2019s less than stellar. As a result, if you attempt to access sites that check for reputation, such as your bank, you may find yourself blocked.<\/p>\n

I\u2019m not against the concept of consumer-based VPN software, but I\u2019m not convinced it\u2019s the security panacea many think it is. Users think it\u2019s keeping sites from tracking them, or keeping them safe when surfing on coffee shop Wi-Fi. They think it keeps prying eyes from reviewing our web traffic. But all VPN software is not created equal. I recently read\u00a0new research from Consumer Reports<\/a> that tested various VPN platforms; I was surprised to find that the top VPN providers<\/a> included vendors I\u2019ve not even heard of.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[12014,10516,714],"class_list":["post-18069","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-browsers","tag-microsoft","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18069","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18069"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18069\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18069"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18069"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18069"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}