There are readily accessible ways of evading the government's mass surveillance scheme, but you'll need to assess what's best for you, technology consultant Dave Sag writes.
It's very likely that the Australian federal government will soon pass laws that allow a wide range of government agencies to access large datasets collected by telecommunications companies and internet service providers about who you call, who calls you, who you email, who your friends are, where you are and where you have been.
Techy people just respond "yeah sure they can do all this, but I'll just use a virtual private network (VPN) and then the gubmint knows diddly-squat". Non-techy people say VPwhat? And this is a problem, as it means that tech-literate people will have more privacy than non-technical people, a perverted "might is right" style outcome.
So let's look at what you can do to lock down your family's, or business' privacy using inexpensive, proven tools.
What is a VPN provider?
There are thousands of companies out there that will allow you to securely connect your devices to their network, such that when you then exchange information with other computers on the internet, those computers think you are wherever the network says, and not where you actually are. Sophisticated virtual private networks also provide tools that re-write the "metadata" that goes with each packet, to make it resistant to even the most detailed "deep packet" inspection. To the outside world you might appear to be living in some data centre in the United States, instead of your home, or office, or wherever your mobile says you are.
Prerequisites, jargon, and assumed knowledge
Unfortunately, choosing a VPN provider means learning some jargon. but to keep it super-simple, imagine it like this. Your device (phone, laptop, router, fridge, whatever) opens a secure connection to the VPN using one of the following encryption protocols, in order of worst to best: PPTP, L2TP/IPSEC. or OpenVPN (also known as SSL/TLS). From there, the VPN provider creates a tunnel between the outside world and your device. Your exit point is the location where you have told your VPN provider you want it to appear you are coming from. Good VPN providers have many hundreds or even thousands of exit points in many countries. In this way you can appear to be in the US to HBO and Netflix through your AppleTV (via paid subscription), but in the UK when you want to watch the BBC's iPlayer. It also means, while you are travelling overseas, you can make the ABC's iView think your iPhone is in Sydney instead of Istanbul.
So how do you choose one? Here's a simple checklist:
1. Do they keep logs? Only choose a VPN that doesn't track your use of their system.
2. Do they offer OpenVPN (aka SSL/TLS) and L2TP/IPSec, in addition to plain old L2TP and PPTP (which are not considered secure anymore)? Always choose a provider that supports OpenVPN.
3. Do they allow unlimited devices? A VPN is not secure if only some of your devices use it.
4. Do they offer unlimited bandwidth?
5. Do they offer a system for obfuscating your metadata?
6. Are they based in a "Five Eyes" country (US, UK, Australia, Canada, New Zealand), or politically unstable, or corrupt country? If so, go with another provider.
7. Have they been around for a while?
8. Do they offer good quality support?