Archives

by Jean Luc Picard

A/I VPN

 

Leggi questa pagina in Italiano

Lea esa pagina en español

What are A/I VPNs?

Virtual Private Networks (VPN) are typically used to connect remote workers to the main office network. The A/I VPNs are different: they sends all your internet traffic through an encrypted connection to our servers, where it then goes out onto the public internet. This type of VPN is sometimes called a “Personal VPN”. The goal with a personal VPN is not to securely connect you with a private network, but to securely connect you to the internet as a whole.

Personal VPN can be used for many different reasons. A/I chose to provide this service for emergency situations limited in time, such as a journey, the coverage of an event or a demo. A/I VPNs are not available for permanent home use: if you need to anonimize your Bittorrent traffic you should look forward to different solutions.

Why would you want to use A/I VPNs?

A/I Collective believes that providing its users with safe and anonymous channels to connect to the internet is a very important step against censorship and institutions’, governments’ and polices forces’ dreams of total control on internet access. That’s why we have been suggesting to our supporters to use Tor and that’s why we are releasing this new A/I VPN project.

Around the world, governments are using the internet for social control, through both surveillance and censorship. While many people are familiar with the censorship of the internet by governments in China and Iran (just to mention a couple of examples), you may not realize that the US practices active surveillance of internet users’ relationships and the European Union countries require all ISPs and website operators to record and retain personal data on your behavior. With three-strikes laws, many countries now deny citizens access to the internet if accused of file sharing. Some countries (like Egypt during Tahrir square unrest in 2011) forbid the use of new communication technologies, like skype.

That’s why A/I VPNs can help those who feel the need for a safe, encrypted channel to communicate free of the prying eyes and ears of governments, ISPs and repression or control institutions. A/I VPNs aim to:

  • protect against ISP surveillance: A/I VPNs eliminate the ability of your ISP to monitor your communication. They have no meaningful records which can be used against you, either by marketers or the state.
  • bypass government censorship: A/I VPNs can entirely bypass all government censorship, so long as you still have access to the internet. Note, however, that careful analysis of your traffic could reveal that you are using a VPN, which may or may not be legal in your jurisdiction.
  • allow you to reach the internet through an encrypted channel.
  • access the entire internet, regardless of where you live: A/I VPNs allow you to pretend to live in any country where we have a VPN server. This gives you access to restricted content only available in those countries. A/I VPNs also allow you to use services that may be blocked in your country, like Skype.
  • break free from a corporate firewall: so you work for an evil corporation and you try to waste as much time as possible surfing the web? Unfortunately, the corporate firewall probably prevents you from visiting many websites (riseup.net is on the list of banned sites for many corporate firewalls). A/I VPNs will let you entirely bypass these restrictions and gives you access to the whole web.
  • secure your Wi-Fi connection: any time you use a public Wi-Fi connection, everyone else using that access point can spy on your traffic. A/I VPNs will prevent this.

Limitations to using A/I VPNs

A/I VPNs shares some limitations common with all “personal” VPNs, and their use is further limited by some choices we made as A/I Collective.

From a technical standpoint VPNs are not a panacea: although VPNs accomplish a lot, they can’t fix everything. You should use in any case SSL/TLS connections (https to surf, pop-ssl/imaps/smtp-tls for mail exchange, and so on). Furthermore once your data is securely routed through our servers it will go out on the internet as it normally would, A/I VPNs will only anonymize your location. And A/I VPNs cannot increase your security if your computer is already compromised with viruses or spyware. If you give personal information to a website, there is little that a VPN can do to maintain your anonymity with that website or its partners. Last but not least the internet might get slower: the A/I VPNs routes all your traffic through an encrypted connection to our servers before it goes out onto the normal internet. This extra step can slow things down: this does not matter if your main aim is to communicate safely and privately, but it’s of course a big pain in the neck if you are using A/I VPNs for leisure (the wrong reason to use our resources).

A/I Collective resources are limited, that’s why the package we offer you with A/I VPNs will work for 7 days, after which you will have to renew all the configurations. This is not due to our sadistic nature, but simply to the need to be sure that you are using A/I VPNs for actual needs and to struggle against censorship and control.

How do you configure your PCs to use A/I VPNs?

To activate a A/I VPN you have to browse to the vpn.autistici.org website and download a zip file containing an SSL certificate (and private key) used to authenticate to the VPN network. This file is very sensitive, keep it in a safe place, and with it you can configure one of the many different software created to setup personal VPNs. In the zip file you will find a README.txt file where you will specific instructions to install the VPN connection on your device, depending on your OS. Once the A/I VPN has been estabilished all your internet traffic will be routed through an encrypted connection to our server before reaching any other target.
Remember: to download the zip file and use A/I VPNs you have to be one of our users, ie you have to own a mail on our servers and its password. If you don’t have one, get one!

A/I VPN uses OpenVPN. You can use a lot of different client to connect to it. We have written some manuals for most widespread systems. If the information in the README.txt files were not enough for you, read one of the following howtos:

We wish to thank a thousand times Riseup for inspiring this document

from here