How To Choose The Best VPN - Kill Switch, Warrant Canaries
1 Jun 2016This is the last part of the comrepehensive guide on how to choose the best VPN by @ThatOnePrivacyGuy: Kill switch, Warrant Canaries (read previous parts here: part 1, part2 and part3)
IF YOU'RE CONCERNED WITH BYPASSING RESTRICTIVE NETWORKS
Some parts of the world are resisting the ever-growing ability for their citizens to freely share information and as such have implemented roadblocks in their networking infrastructure to cripple such communication. For example, the "Great Firewall of China" has several layers of VPN detection and blocking built into it. Other networks belonging to large corporations or maybe even your Internet Service Provider may restrict you from using certain ports, limiting what you can use the internet for. However, there are ways to get around these restrictions by using the right VPN.
Features such as multihop, TCP port 443, Obfsproxy, SOCKS, SSL tunnels, SSH tunnels, and some other proprietary solutions (which may be built specifically by a given VPN company) can be useful in avoiding these restrictions. As for which are most effective, it's a matter of which restriction is being inflicted upon the user. Speak with your VPN service's support team to determine which might be effective in your case. The VPN Comparison Chart shows which services support which of these protocols and features in their configuration. Using TCP port 443 is usually a relatively common and user-friendly measure to bypass a restrictive/oppressive network.
CLEARING UP MISCONCEPTIONS
Kill switches - Many VPN services offer in their client a feature called a "Kill switch". The idea with a Kill Switch is that when the VPN loses its connection, it completely prevents the device from using internet, thus preventing accidental leaks of local connection data. Kill Switches are implemented very differently and will never be secure due to their design. The only 100% effective and secure configuration to accomplish prevention of leaks is a properly configured firewall. There are two main types of kill switches, those that shut down preconfigured apps in response to detecting the VPN connection has dropped and those that disable the network connection (or delete routes etc) if they detect a disconnection. In both of these cases the Kill Switch component is having to react to an event and very often leads to leaks - just a single packet is all it takes to compromise your privacy. The only way to be absolutely certain that packets cannot leak is for there to be an independent component (the Firewall) that blocks all packets unless destined for the VPN interface.
Warrant Canaries - Some VPN services maintain a document called a "Warrant Canary". This is a document put out and updated by them certifying that they have not been contacted by government agencies or coerced to compromise their user's data. In theory, if such an event occurred forcing them to compromise their principles, they would stop updating the canary, which in turn would indicate to users that their data is no longer private. Note that not all companies use effective warrant canaries. There is some debate as to the effectiveness of a warrant canary between experts to begin with - as force can be used by governments to coerce companies into maintaining them, thus nullifying their effectiveness. They are usually nothing more than marketing theater. If a company WAS operating a good canary, it would be almost impossible to tell. A warrant canary is almost a better feature to care about once you've found a trustworthy, capable service, rather than looking for a company that has one when shopping around.
Many thanks to @ThatOnePrivacyGuy!
Tags: vpn, geo-restrictions, Kill Switch, warrant canary, trust.zone, guide
How To Choose The Best VPN - IPv6, Encryption Strength, P2P Support, SSL CertificatesHow to Unblock Websites in Saudi Arabia with a VPN
Latest PostsMissed Our Sale? Here is a 62% OFF Coupon Code
Need More Reviews of Trust.Zone VPN from Trusted VPN Review Websites?
Security Experts from 42 Countries Urge World Leaders to Reject Software Backdoors
It's Legal Now: Your ISP Will Sell Your Browsing History to Highest Bidders
Hackers set up ‘FREE’ Wi-Fi hotspots to steal users’ personal details
Does Trust.Zone VPN protect users from DNS Leak and WebRTC Leak? Definitely, YES
Most PopularWhat's a Warrant Canary of Trust.Zone VPN?
How to Access Medium and Wordpress in China?
Trust.Zone is Highlighted by The Best VPN Comparison Services
All Wi-Fi devices are now vulnerable. Protect yourself with a VPN
Trust.Zone VPN Affiliate System – Start making money with us now!