人們常常使用VPN來進行信息加密和查看外國網(wǎng)站,但選擇不具備完全隱私保護政策的VPN,無疑給個人數(shù)據(jù)安全增添隱患。
測試中可能遇到的詞匯和知識:
looming隱隱約約的;正在逼近的['lu?m??]
rein控制;韁繩;駕馭[re?n]
hijack搶劫;揩油['ha?d?æk]
repressive鎮(zhèn)壓的;壓抑的[r?'pres?v]
tweak扭;用力拉[twi?k]
encryption加密;加密術[?n'kr?p??n]
futile無用的;無效的['fju?ta?l]
caveat警告['kæv?æt]
By Tim Bradshaw
Internet activists sounded the alarm this week over the Trump administration's looming rollback of online privacy protections. These rules were brought in by Barack Obama's administration last year to prevent broadband companies from selling the extensive array of data they collect on customers' online activity and communications.
The Electronic Frontier Foundation, a US campaigner for consumer protection online, warned the move would give internet service providers, such as AT&T, Comcast and Verizon, “free rein to hijack your searches, sell your data and hammer you with unwanted advertisements”.
The US outcry follows a similarly fierce reaction against the passage of the UK's Investigatory Powers Bill, known as the “Snooper's Charter”, last year.
So what is a privacy-minded, law-abiding citizen to do to protect themselves online?
A common recommendation is to use a virtual private network — a system that lets you mask your personal web browsing, app usage and messaging from an ISP.
While VPNs are often used by companies to let their employees access internal networks from outside the office, a large number of providers sell the same kind of services to regular consumers too. VPNs have also long been used by human rights activists and journalists in repressive regimes, and countries with limitations on internet usage such as China.
Using one can be as simple as installing an app on your iPhone or Android smartphone and following its instructions to tweak your settings; Apple and Google have baked-in support for VPNs.
The VPN can then route all your traffic to another country entirely, bypassing your local network provider altogether. The system's end-to-end encryption can protect your internet activity from the big broadband providers or local hackers looking to hijack your phone's WiFi connection in the local coffee shop.
However, VPNs are somewhat controversial in the privacy and security community. While many claim to offer total protection at just a flip of a switch, the reality is that hiding from snoopers is not that simple. At the very least, using one will most likely slow down your internet connection; at worst it could cause more problems than it solves.
Getting security experts to recommend the “best” VPN turns out to be near impossible. Many say that they can cause as much data leakage as they prevent, while others say that in a world when Google and Facebook's cookies track us all over the web, it is futile to try to protect yourself from ISPs without changing the way you use the internet much more fundamentally.
“A VPN protects your internet traffic from surveillance on the public network, but it does not protect your data from people on the private network you're using,” says the EFF in its online guide. “If you are using a commercial VPN, whoever runs the service will be able to see your traffic.”
If they can see it, they can collect it and sell it too. That could be an even bigger concern if the outfit hawking your data is a small, obscure company — as many VPN providers are — rather than a publicly listed and regulated ISP.
“Choose a reputable, established VPN because you are choosing a company that you need to trust more than your ISP,” says the Open Rights Group, a UK-based internet privacy campaigner.
Many people use VPNs to evade country-by-country content restrictions, such as watching the BBC's iPlayer video service from outside the UK or accessing Facebook and Twitter from China. These people may not even realise they are trading their privacy for a free episode of Doctor Who or a cat video.
Sorting the fine, upstanding VPNs from the creeps is, as they say in geek circles, non-trivial. It usually involves checking the fine print of their privacy policies — and trusting that they will stick to them. Torrentfreak, a news site that covers copyright and privacy for the online file-sharing community, regularly asks leading VPNs about their handling of personal information and collates the answers in a handy (if lengthy) list. Reddit also has a good thread for VPN recommendations if you really want to get into the details.
Without going into too much depth, one easy filter is to avoid the free providers whose only way to make money will be trading on your data.
“If you're going to use a VPN, expect it to cost money,” says Peter Eckersley, EFF's chief computer scientist. Prices can range widely from a few bucks a month to about $100 a year. Some experts recommend paying in bitcoin for true anonymity, lest your credit card be used to tie your real-world identity to your online activity.
Another reference point for quality is finding out in which country the VPN is hosted — although this too can be a mixed bag. If you are primarily worried about government surveillance, picking a VPN that is outside the US or UK may seem logical. Go too far afield, though, and the jurisdiction may have few data protection rules to enforce good behaviour. If the VPN provider itself does not have strong security protections, it could become a “honeypot” target for hackers.
The only way to avoid these issues is to host your own VPN, which requires a degree of technical know-how that exceeds most people, including me — those in the know seem to recommend Algo by Trail of Bits.
Verdict
If, after reading those lengthy caveats, you still wish to use a VPN — whether in a café, in another country or all the time — I have a few tentative recommendations. Private Internet Access, which is US-based, and NordVPN, which is run from Panama, both get generally good reviews for their privacy policies, speed and value for money. I have also had good experiences trying Switzerland's VyprVPN and Tunnelbear of Canada, although I am unclear on some of the finer details of their data handling. For those who just want a hacker-deterring connection in a café, US-based Cloak is easy to set up and use.
However, it is hard to guarantee that any of these will provide bulletproof protection from online snoopers. For that, the solution is not technical but something even more complicated and nuanced: changing the law.
1.What is the common recommendation for citizens to do to protect themselves online?
A.Set passwords for private Internet
B.Get latest operating system
C.Use VPN
D.Learn computer science knowledge
答案(1)
2.What VPN could be in the privacy and security community?
A.Controversial
B.Appreciated
C.Useless
D.Disapproved
答案(2)
3.What may help if you really want to use a VPN?
A.Set passwords for your VPN
B.Use it only when necessary
C.Pay for security protection
D.Check information on website like Torrentfreak
答案(3)
4.What is the best way to protect your data while using VPN?
A.Use paid VPN
B.Set up your own VPN
C.Use VPN that located in other countries
D.sk expert to choose one for you
答案(4)
(1)答案:C.Use VPN
解釋:對于那些想要上網(wǎng)時保護自己的個人信息的居民,最常規(guī)的建議是使用VPN上網(wǎng)。
(2)答案:A.Controversial
解釋:在保護用戶信息和隱私安全上,VPN的作用是存在爭議的。
(3)答案:D.Check information on website like Torrentfreak
解釋:在Torrentfreak這樣的新聞網(wǎng)站上,有許多對VPN的隱私政策和信息保護措施的評價和新聞,是值得參考的。
(4)答案:B.Set up your own VPN
解釋:最好的避免信息泄露的方式,就是自己搭建一個VPN,但這需要豐富的電腦知識。