home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   alt.internet.wireless      Fun with wireless Internet access      55,960 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 55,003 of 55,960   
   Robin Goodfellow to Marco Moock   
   Re: Classic college kid Internet privacy   
   24 Oct 21 18:33:02   
   
   XPost: alt.privacy, alt.comp.networking.routers   
   From: Ancient-of-Days@Heaven.Net   
      
   Marco Moock  asked   
   >> 2. Kid is in a dorm apt with school Wi-Fi & Ethernet (2 ports).   
   > Use this net and only connect through a VPN or TOR.   
   > Restrict that by certain firewall rules.   
   > You can run a TOR client that provides a SOCKS proxy server. The   
   > computer the kid uses is directly connected to that computer (not   
   > Routing or NAT enabled, just connected via Ehernet) and only uses the   
   > SOCKS proxy on it.   
      
   Thanks Marco Mock for hazarding advice, as I am well aware how risky   
   that is, which I very much appreciate given your knowledge of networking   
   surpasses that of mine.   
      
   Two things were already done, one by his parents, the other by me.   
   1. The parents doubled his cellular hotspot from 5GB to 10GB for $10/month   
   2. I flashed the extra Netgear WNR834Bv2 with this "chk" file from dd-wrt   
         
         
      
   Regarding VPN or TOR, he is mostly gaming, I think, neither of which   
   really lends itself to TOR (at least not the Tor Browser Bundle anyway).   
      
   I'm sure there is a way to set up the entire system on TOR/Socks   
   but I've tried that about 10 or 15 years ago and it was miserable   
   (privoxy and all that) to do.   
      
   Therefore the only TOR he's using is the Tor Browser Bundle,   
   which isn't, he says, useful for gaming.   
      
   The VPN he's using are the free vpns, which, as you may know,   
   aren't all that reliable (and which don't have many locales   
   inside the USA usually).   
      
   If I understand your suggestion correctly, we can set up an entire   
   computer to run nothing but TOR/SOCKS, which is what the kid can   
   connect to directly from his desktop (but he also wants to use   
   his phone cellular, apparently).   
      
   There is a $90 T-Mobile mobile hotspot device which, for $55/month   
   gives him everything he's asking for (50GB/month of cellular data)   
   but of course, that's $600 per year which is a bit steep of a price   
   to pay when he _already_ has "free" Internet provided by the school.   
      
   I'm working on figuring out how adding "VPN" to a router works,   
   where I've figured out that Netgear uses "chk" files first.   
       
   and then once dd-wrt is on that router, it can take a further   
   dd-wrt "bin" file, but I don't know (yet) which bin to use.   
       
   And, I don't want to guess (as bricking is always around the corner).   
      
   At that location are seven dd-wrt "bin" files, but which one do I use?   
      
   1) DD-WRT: Broadcom Generic -= K2.4 - Mini dd-wrt.v24_std_generic.bin   
       
      
   2) DD-WRT: Broadcom Generic -= K2.4 - Mini dd-wrt.v24_mini_generic.bin   
       
      
   3) DD-WRT: Broadcom Generic -= K2.4 - Micro  	dd-wrt.v24_micro_generic.bin   
       
      
   4) DD-WRT: Broadcom Generic -= K2.4 - Micro + OLSRD dd-wrt.v24_m   
   ni-wnr834bv2.chk   
       
      
   5) DD-WRT: Broadcom Generic -= K2.4 - Mini dd-wrt.v24_nokaid_generic.bin   
       
      
   6) DD-WRT: Broadcom Generic -= K2.4 - Mini dd-wrt.v24_voip_generic.bin   
       
      
   7) DD-WRT: Broadcom Generic -= K2.4 - Mini dd-wrt.v24_vpn_generic.bin   
       
      
   Notice the _last_ one has "vpn" in the name, so one might intuit   
   that it's the one to use, but knowing that bricking routers is a   
   distinct possibility, just guessing without any other data is usually   
   not a good idea when it comes to flashing firmware.   
      
   I think the VPN router "might" replace your "TOR/SOCKS computer" in   
   the suggested scenario (as I don't have an extra PC to give the kid).   
      
   If I understand VPN routers, we still need to pay for a reliable VPN   
   service but after that, the school will only see the (faked) MAC   
   address of the VPN router for _all_ his traffic (whether it's Wi-Fi   
   or Ethernet from his phone or from his desktop or from his laptop).   
      
   And, if I understand it correctly, _all_ that traffic will be   
   connected to a single IP address (of the VPN) and it will all   
   be encrypted.   
      
   The school will know he's using VPN, and they'll know all the   
   metadata of the size and timing of the packets, but that's it   
   (am I correct?)   
      
   If that's a good plan (lowest cost, best compromise on privacy),   
   then all I need to do now is find a tutorial for setting up   
   dd-wrt as a VPN router. I think I need to flash another "bin" file   
   (after the initial "chk" file though - but I don't know which one).   
      
   In theory, does this sound like a low-cost plan that "can" work?   
   1. I put VPN on the extra router & set the MAC to look like a PC   
   2. I set dd-wrt to always log into a (paid?) public VPN service   
   3. The kid connects _everything_ to that VPN router   
      
   Does _that_ approach give the kid the privacy he is asking for?   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca