Starbucks VPN Options for Wifi Security – catcher technologyMay 8, 2021
On my previous “Starbucks” post I discussed how their recent move to free wifi for all has really helped raise awareness of surfing securely when using free wifi hotspots. In the end I encouraged the use of VPNs as the most effective countermeasure in stopping malicious snoopers. To follow up on this post, I wanted to put out a few VPN options you may want to consider.
VPN options come in all shapes and sizes. If you have one through work, great! You get a solution that has typically been vetted and is maintained by the corporate security team. This option may work well if you are employed for a large company but workers for smaller organizations may not end up with such services or may actually be less secure as they may not have as good of an infrastructure team to maintain it. Additionally, you’ll have to deal with the same network filtering restrictions you have at the office. Of course the other option is to use a third-party service.
If you spend a lot of time in Starbucks, Panera Bread, or the Silver Dinner or if you travel a lot and log onto insecure hotel networks, then I would advise paying for one of the many inexpensive services out there. You typically purchase these services by the year but it usually works out to only $3 to $14 a month. Often, you not only get protection for your computer but also your smartphone.
The two services that I’ve been looking at for people that plan to use VPNs a lot are either the original HotSpotVPN or the newer WiTopia. HotSpotVPN seems to have been around a while and offers flexible payment options. Pricing starts around $90 per year and goes up to $140 depending on the VPN type and level of encryption. If you don’t want to go for the monthly or yearly plan, they even offer 1, 3, and 7 day options ranging from $4 to $7. WiTopia is the newer of the two and only offers yearly plans but at a deep discount compared to HotSpotVPN. They offer three plans at $40, $60, and $70 with a 30-day money back guarantee.
Both the HotSpotVPN and WiTopia top plans look pretty similar but that comes out to be price difference of $70 a year in WiTopia’s favor. Of course you don’t get the 1, 3, or 7 day HotSpotVPN options. The two companies have been snipping at each other over the past few years about who’s service is best and why HotSpotVPN is so much more expensive. Here is an article from March 2008 where the owners of each commented on CNET’s “More about VPNs: Price and Trust” post. Overall, both services have pros and cons and with some feature sets its like trying to compare apples and oranges … however I’m leaning a little more towards WiTopia.
If you are the type of person that will only be using Starbucks’ free wifi occasionally, then I would probably stick with one of the several free services and be a little cautious of your Internet use (e.g., no sensitive bank transfers). HotSpot Shield is one many of the recent articles recommend. They make their money by injecting ads into your browser session as you surf around. Sounds a little intrusive but they have to pay their bills somehow…
Of course if you are a super-1337 geek, there are many other “free” options to take advantage of. You could role your own using a wifi router that supports a VPN, building your own firewall/VPN server from an old computer, hacking a WRT54G, or using the old SSH trick through a web host or VPS provider. I quoted “free” because it may be free in terms of cost but not free in terms of the time you have to implement and support it yourself.
Personally I’ve done a little bit of both using a service and rolling my own. For years I ran the free Astaro UTM on an old computer and have used the SSH-trick through my web host provider. More recently though I’ve been leaning towards using the WiTopia service as I mentioned above.
Got any good or bad experiences with HotSpotVPN or WiTopia? Anyone have insight into what HotSpot Shield does with the data they can collect about you? Let us know in the comments below.
And as always Grecs here “… reminding you to help control the pet population. Have your pet spayed or neutered …” See ya!
Forget this Network, Pretty Please – catcher technology
The whole Starbucks thing seems to be getting me on a role in the wifi security arena. The recent deluge of free wifi security articles reminded me of an article Brian Krebbs wrote a while back called “Wi-Fi Street Smarts, iPhone Edition” about hotspot security. One of the pieces of advice was to remove known networks from your iPhone. Here are the instructions he posted.
“To force your iPhone to forget a wireless network after you’re done using it, click “Settings,” “Wi-Fi Networks,” select the wireless network’s name, and then ‘Forget this Network.’“
The problem back then was that there was no way to “Forget this Network” unless you were currently in the same location where you initially connected to the access point. I was hoping the iOS 4 would have fixed this problem but unfortunately it doesn’t. I know on Macs and Windows PCs you can get a list of previously connected networks through their advanced network properties options. From this list you can delete the networks completely and/or just deselect the ones that you don’t want to automatically connect to. Up to this point, the iPhone doesn’t seem to support a similar option.
The Googles have not turned up anything yet for me as well. The only solution seems to be to rename a spare access point to the SSID of the network you want to forget, connect to it with the iPhone, and choose the option to forget the network. This kludge seems like a lot of work and something that an average user probably doesn’t know how or want to do. Apple usability anyone?
Controlling the wifi networks you automatically connect to is very important. If you don’t clean up this list periodically, you are more at risk of becoming the victim of evil-twin or Karmetasploit-type attacks. Additionally, it seems that wifi device makers and the OSs that connect to them (including the iPhone) need to go a step further. For example, there needs to be some type of secured handshake between the “linksys” you normally connect to and the rouge “linksys” down the street. Maybe some sort of certificate or fingerprint acceptance process similar to how you trust SSH server signatures would be an option.
How are you getting the iPhone to “forget” networks? What type of handshake do you recommend between different devices with the same SSID? Let us know in the comments below.
Well thanks for listening to this little rant. See ya!