I am wrapping up the discussion on VPNs and then talking about the importance of patching and why if you use Windows as your operating system it is absolutely necessary to prevent any cyberattack.
For more tech tips, news, and updates visit – CraigPeterson.com
Automated Machine-Generated Transcript:
Hey, welcome back. Craig Peterson here on WGAN am and FM online is you know by now Craig Peters song.com. You’ll also find me on YouTube on Facebook, on Soundcloud on tune in on it kind of all over the place a little bit, I guess is that the bottom line? So we were talking about VPN before the break, and I was explaining some of the pros and cons. One might you want to use them when might you not want to use them? So warning number one, your data is only safe at best when it’s in transit, which means your data going from your laptop, let’s say through the Wi Fi at the coffee shop, until it gets to the exit point of the VPN is pretty safe. So now all of your data is going to this one exit point. How do you think that the free VPN companies make money? Or the low cost VPN services? If you’re paying nothing, or you’re paying three bucks or five bucks a month or VPN? How would those companies staying in business? Well, they’re staying in business because they are selling your data. Remember, your data is safe and secure. Hopefully, going from your laptop, through the coffee shops Wi Fi and their internet until it gets to the exit point. Well, the exit point is owned by the VPN company or in many cases not even owned by them. It’s it’s just leased space. Now it gets there, guess what the VPN company knows everywhere you have gone. They know all of that data that you are trying to hide. And in the worst case scenarios, it’s really bad. In the worst case scenarios, your data is being routed through Russia, or China or even North Korea. And they are attempting to and in many cases succeeding in breaking the encryption that you have. So remember now, let’s say you’re trying to go to your bank site from the coffee shop. The bank site at the coffee shop is what’s called a secure connection. It’s not the server is not secure. The generic terminology. It’s a secure server, but it is not a secure server. Okay, so let’s point number one, the server itself is not secure. But your connection from your computer to the bank is encrypted completely. No matter which VPN provider you’re using no matter what network you’re on anything, it is secure from your computer to the bank. However, there’s something called a man in the middle attack. So let’s say you’re you’re using one of these cheap VPN services, or heaven forbid one of these free VPN services. And it’s actually being run by a bad guy. So now that hacker is sitting there in the middle, and what many hackers try and do is they will use stolen master keys. Now usually when those are stolen for these Secure Sockets, layers, certificates, they are revoked pretty quickly. But when was the last time the revocation list was updated on your browser, right? Yeah, you haven’t even updated windows have you? Right, that’s, that’s true for the most of the people in the country right there. So what they can do now is if they have one of these masters certificates, they can break the encryption. Or if they can get you to install them certificate as a master certificate on your browser, they can break encryption, that’s a Mad Men in the middle attack. And many businesses use men in the middle attacks, in order to monitor all of the traffic going in and out from their employees. So they can see exactly what’s going on because they don’t want customer data, other private information to be leaking out. Right, particularly if you’re a federal government contractor, or you deal with any sort of medical records, you have defiers it or HIPAA compliance. So you want to know, you want to make sure there isn’t a person, or maybe even malware that sending this data out. Okay, so they’re using that in middle attacks. So now let’s say you’re using, again, one of these cheap or free VPN services, and that cheaper free VPN service is going through one of these bad guy hackers out there.
And now the next step comes into play, which is they have access to all of your data, period. Okay, if they’ve been able to crack the SSL get you to install an SSL certificate, most of us don’t know enough to not even accept one of those things. They’ve got your bank account and everything else. So that’s my big, big warning about VPN services. And I keep threatening to build one of my own, I’ve got this idea for a VPN service that you you start it up, it’s going to take, you know, a few minutes for to get started. So let’s say you’re at a coffee shop or something. And so what it does is it builds a virtual machine on one of these hosting services, and then it connects you through that. And then when you’re done with a VPN service, that machine is completely destroyed. So you’re never coming from the same IP address, you’re never going to the same exit point. None of that stuff. I don’t know, if you think that’s something that would be worth doing it a lot of be a lot of work on my part and probably be, you know, 30, maybe even 50 bucks a month for people to use. But that’s the only way that I can think of a real secure VPN. So be very careful about them. Now, a lot of people ask Craig, what do you do? So I’ll tell you, you know already that I’m a big Cisco fan. And so at my house, we use Cisco equipment, we have mostly Meraki equipment at the house. And then at the office, we also use Cisco equipment. So when I’m on the road, I VPN into the office. And I wrote my traffic through that. And so what happens when it gets to the office, we have firewalls between the VPN and our main networks. So if let’s say I’m going to Facebook, I am routed into the office VPN, but it goes directly out and never gets on to the main networks. And I can only access when I’m remotely certain services within the business when I have another layer of protection. And that’s part of the whole two factor authentication. That’s why we use the yubikey keys and why we use duo and everything right? Because you got to keep your data safe when we’re talking about businesses. So that’s what I do what I advise you to to, that’s where it gets a little bit tricky. Now, some of the higher end, low end, Wi Fi and routers, including some from Netgear, and some others have VPN servers built into them now. And they even have what’s called the DMZ, which is a demilitarized zone. So you you can VPN into your home or into your office. That is absolutely what I would do. Now your ISP, whether it’s Comcast or whoever might be, you know, Road Runner, we have a few of them in Maine and the few new hampshire every state has a few of these guys. But they’re still going to see where you’re going. But it looks like you’re coming from your home or your office. Which bottom line is is fine, right? You might want to do something about your DNS, cuz that’s going to give them a lot of hints as well. But that’s a topic for the show. Okay, man, we’re almost out of time. In this segment, we only have one more left with today’s show. And I want to get to these smart driving articles, which are II, you’re going to love these. Okay, so we’ll do that in the last segment. So coming up next. But we got to get to this article. One more security thing here. Hopefully, we haven’t melted your brains already. I know this stuff’s complicated, but I appreciate you sticking with me. And it’s something that I think is good for everybody. And that’s why I’m covering it.
But Microsoft has now issued a warning that there are 4700 new machines compromised every day, using an exploit from the National Security Agency that was leaked from them. And it is spreading at an alarming rates. And why? It’s because people have not patched their machines. So make sure you update your Windows machine. This is very, very important. Because you don’t want to be one of those 5000 new machines every day. That becomes compromised and gets ransomware and has information stolen. Stick around. We’ll be right back and listening to Craig Peterson on WGAN and online Craig Peterson calm
Transcribed by https://otter.ai
More stories and tech updates at:
Don’t miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text: