To the Cloud!

Publicly available WiFi sucks — for more reasons than one. Other than the obvious slowness, there’s also traffic and packet shaping, ads, and the gaping security problems that come from being on the same network as strangers. Most sites are encrypted between the client and the server, but who knows what kinds of identity information you’re potentially leaking to the owner of the network — or the other guests using it.
But that’s nothing on your work network, where the IT department — or even the HR department — have access to your activity logs, including every request you send to a server. That’s assuming they even let you get to the sites you want to visit. Some employers are more open than others, leaving it to the discretion of the employee (and heuristics against your activity logs) to determine what parts of the internet are appropriate. My current employer is not one of them. Want to see that picture of your kids your wife just posted on Instagram? Too bad. Like to have some background music or video playing while you work? Not here. How about doing some work in the Cloud — y’know, when your software team is tasked with making Cloud software? You’ll need a special exception for that…

In short, if you want any sort of expectation of privacy while emailing with your spouse, or banking online, your best choice is to wait until you get home. Failing that, creating an encrypted tunnel from where ever you are through your home network is the next best choice. Enter VPN software. Long the domain of enterprise networks, with OpenVPN and a Raspberry Pi its available to any reasonably savvy individual. PiVPN provides a simple script that makes setting up a VPN a breeze. Set up a free Dynamic DNS entry, and poke a single port through your router, and its done. You can generate VPN configurations for your phone, or your Mac or PC laptop with a single command.

Once this is setup, you can flip a switch from anywhere and open an encrypted and secure tunnel through your home, and out to the Internet from there. Anyone on your public or work network trying to hack, limit or snoop your connection will see only garbage in traffic. And if you have resources on your home network, those are available to you (including remote desktop, file sharing and printing.)

Now if I can just get OneDrive syncing with my Pi…

Update: You can also run your own DNS, for more privacy and less ads. Check out Pi-Hole!