WEBVTT

00:00.660 --> 00:01.440
So far.

00:01.440 --> 00:07.710
I mentioned the word VPN in a number of lectures, but I never really explained what it is.

00:08.280 --> 00:15.570
So in this lecture I'm going to explain what a VPN is, how it works, and how we can use it to bypass

00:15.570 --> 00:20.250
censorship and protect our privacy, anonymity and security.

00:21.230 --> 00:28.250
So VPN stands for Virtual Private Network, and to understand how it works, let's first have a look

00:28.250 --> 00:34.770
on a normal scenario where we have a user trying to access Google.com, as we mentioned before.

00:34.790 --> 00:40.550
Usually this traffic is sent unencrypted unless Google or the website they're trying to access uses

00:40.550 --> 00:41.360
encryption.

00:41.900 --> 00:46.880
And like we said, this traffic passes through a number of routers, it passes through your Internet

00:46.880 --> 00:48.650
service provider and so on.

00:48.650 --> 00:54.260
And all of these stops can see the data that you're sending and manipulate it, profile you, gather

00:54.260 --> 00:56.390
information about you, and so on.

00:56.960 --> 01:05.030
Now if you use a VPN, you will first connect to the VPN server, which you can think of as a computer

01:05.030 --> 01:09.080
that exists on the Internet, on the cloud, with really good resources.

01:09.080 --> 01:15.890
And what happens is you create an encrypted tunnel, an encrypted connection with this computer.

01:16.160 --> 01:23.090
So whenever you want to access anything on the Internet, you send that first to this computer.

01:23.090 --> 01:25.930
But the request is sent encrypted.

01:25.940 --> 01:31.910
Hence, I used a green arrow in here to indicate that the data sent is encrypted.

01:32.240 --> 01:38.570
So whenever you want to access something, both you and the VPN server will be able to read this data

01:38.570 --> 01:39.800
and understand it.

01:39.800 --> 01:45.680
But if anybody intercepts this data, whether it's your Internet service provider, whether it's your

01:45.680 --> 01:51.500
network admin, whether it's a hacker, they will not be able to read this data or manipulate it or

01:51.500 --> 01:54.350
profile you because this data will be encrypted.

01:54.350 --> 01:55.630
It will be gibberish.

01:56.330 --> 02:02.720
Then once the VPN receives the data, once it sees, for example, you want to go to Google.com, it

02:02.720 --> 02:07.730
will simply forward that request to Google and then the response will follow a similar path.

02:08.600 --> 02:13.160
Again, keep in mind traffic leaving the VPN will be unencrypted.

02:13.160 --> 02:19.310
It will only be encrypted if the service that you're connecting to uses encryption hence are used a

02:19.310 --> 02:20.810
red arrow in this case.

02:21.470 --> 02:29.000
Now you can also use a VPN and connect to the Tor network, so you'll first connect to your VPN again.

02:29.000 --> 02:35.120
Green Arrow means your traffic is encrypted and then it leaves your VPN connecting to the Tor network.

02:35.120 --> 02:41.630
And then you can either access an onion service or go to Google or any other website on the clear net.

02:42.380 --> 02:50.480
Now this architecture of first creating a secure tunnel and connecting to a server and then go to the

02:50.480 --> 02:57.380
internet or to the Tor network or to whatever service is really, really useful because first of all,

02:57.380 --> 02:59.990
it adds an extra layer of encryption.

03:00.410 --> 03:06.200
This means that it's going to improve our privacy and anonymity because it will prevent anybody that

03:06.200 --> 03:10.040
intercepts this connection, that intercepts this flow of data.

03:10.040 --> 03:15.680
And here, from seeing what data you're sending or receiving, again, whether it's your network admin,

03:15.680 --> 03:19.760
whether it's your Internet provider, whether it's a government, it doesn't really matter.

03:19.760 --> 03:22.010
Your data in here is going to be encrypted.

03:22.010 --> 03:26.570
Therefore, it will be useless to any entity that intercepts it.

03:26.990 --> 03:29.450
It will also help us bypass censorship.

03:29.450 --> 03:35.570
So we see previously that we can use pluggable transports and bridges in order to bypass censorship

03:35.570 --> 03:37.160
and connect to the Tor network.

03:37.160 --> 03:41.630
Even if it's being blocked by your network admin or by your internet provider.

03:42.140 --> 03:49.220
A better solution, in my opinion, is to simply use a VPN, because let's assume we have an internet

03:49.220 --> 03:54.080
service provider in here that doesn't allow the users to access tor.

03:54.260 --> 04:02.180
When you use a VPN again, you're creating a secure, encrypted tunnel between you and the VPN provider.

04:02.180 --> 04:07.940
So the internet service provider cannot see that you're trying to connect to Tor.

04:07.970 --> 04:12.860
All it can see is encrypted data going to some server on the internet.

04:13.460 --> 04:20.000
Therefore, in the case of the pluggable transports and bridges, in worst case scenario, the Internet

04:20.000 --> 04:26.030
service provider or the admin or the government will be able to see that you are trying to connect to

04:26.030 --> 04:29.060
TOR, which could cause problems in some countries.

04:29.510 --> 04:36.410
In the case of using a VPN, the worst case scenario is your internet service provider will be able

04:36.410 --> 04:39.260
to know that you're trying to connect to a VPN.

04:39.260 --> 04:40.010
That's it.

04:40.010 --> 04:45.830
They won't know that you're trying to use Tor and they won't be able to see any data you send because

04:45.830 --> 04:51.410
like I said, the connection is encrypted and hence the use of the green arrows in here.

04:52.620 --> 05:00.150
On top of all of these features using a VPN protect us from hackers because it is very easy for anyone

05:00.150 --> 05:06.930
connected to the same network as you to intercept your data, to redirect the flow of data so that it

05:06.930 --> 05:08.700
flows through their computer.

05:08.730 --> 05:13.350
I actually covered this in my network hacking and in my ethical hacking courses.

05:13.800 --> 05:19.920
So whether you're connected to a public network such as an airport network or a hotel or a college network

05:19.920 --> 05:27.300
or even at your own home network, anybody connected to that network can redirect the flow of data so

05:27.300 --> 05:29.250
that it flows through their computer.

05:29.250 --> 05:34.680
And once they do this, they'll be able to see all the websites you visit, all the usernames and passwords

05:34.680 --> 05:35.470
you send.

05:35.490 --> 05:43.020
They'll even be able to modify data on the fly and backdoor files you download and in many cases even

05:43.020 --> 05:45.570
gain full control over your computer.

05:46.390 --> 05:52.840
Now, if a VPN is used, the hacker will still be able to redirect the flow of data, and they will

05:52.840 --> 05:55.210
still be able to intercept your data.

05:55.330 --> 05:59.980
But this data again will be encrypted, hence the use of the green arrows.

05:59.980 --> 06:04.150
So they won't be able to see the usernames or the passwords or anything.

06:04.150 --> 06:10.060
And even if they try to modify this data, they wouldn't be able to do it because it will be simply

06:10.060 --> 06:14.500
gibberish and they wouldn't be able to analyze it or do anything with it.

06:15.160 --> 06:21.220
That's why using a VPN is a really good solution to prevent man in the middle attacks.

06:22.420 --> 06:28.600
With that being said, there is a number of things that you need to keep in mind when using a VPN.

06:29.200 --> 06:33.700
First of all, we are introducing a man in the middle in here.

06:33.700 --> 06:39.490
So if we go back to the previous diagram, you can see that our connection was going directly to the

06:39.490 --> 06:40.240
Internet.

06:40.420 --> 06:46.510
But when we're using a VPN, we're literally adding an extra node to our connection.

06:46.510 --> 06:53.710
So the data is encrypted between the user and the VPN provider, but the VPN provider is able to see

06:53.710 --> 06:54.580
this data.

06:54.700 --> 07:01.720
Therefore, you want to make sure that you pick a reputable VPN provider and avoid free providers because

07:01.720 --> 07:04.540
a lot of them keep logs and analyze you.

07:04.870 --> 07:09.070
You also want to make sure that you use a provider that keeps no logs.

07:09.070 --> 07:14.740
And with keeping all of these things in mind, with picking a reputable provider, avoid free ones and

07:14.740 --> 07:16.450
make sure that they keep no logs.

07:16.480 --> 07:19.590
Also use HTTPS everywhere.

07:19.600 --> 07:25.450
This really solves the problem of having a VPN here, even if you trust them, even if you think this

07:25.450 --> 07:32.290
company will never do anything bad, will never keep logs and analyze your traffic when you use https

07:32.290 --> 07:39.700
everywhere, you're adding another layer of encryption so your connection between you and the VPN provider

07:39.700 --> 07:42.340
will be secured by two layers of encryption.

07:42.340 --> 07:50.440
First, the encryption used by the VPN and the encryption enforced by HTTPS everywhere, which is TLS.

07:51.010 --> 07:58.750
And then when traffic leaves the VPN provider, you will have TLS encryption up to whatever destination

07:58.750 --> 07:59.800
you're going to.

07:59.830 --> 08:06.820
Therefore, even the VPN provider in this case will not be able to see your data because it will be

08:06.820 --> 08:11.140
encrypted with TLS, which is a very, very secure encryption.

08:11.980 --> 08:17.800
Last but not least, when signing up with a VPN, you want to make sure you use a VPN that does not

08:17.800 --> 08:20.660
require a lot of information again, at the end of the day.

08:20.680 --> 08:25.840
We're trying to improve our privacy and it doesn't really make sense to give them my address and all

08:25.840 --> 08:26.920
this information.

08:27.340 --> 08:32.250
You can also take this one step further and pay with crypto, but this is optional.

08:32.260 --> 08:35.170
It really depends on you and your threat model.

08:36.600 --> 08:39.580
Now there are a lot of BPM providers out there.

08:39.600 --> 08:42.690
I highly recommend you go and do your own research.

08:42.720 --> 08:50.160
Me personally, I use our own VPN that we provide added security, which you can get at zealous VPN.

08:50.940 --> 08:54.870
So I have the website already here and I'm already at the download section.

08:55.230 --> 08:59.250
It supports all platforms so you can use it on Windows or Linux.

08:59.250 --> 09:01.560
iOS and Android doesn't really matter.

09:02.070 --> 09:06.180
And using these VPN providers is actually very, very simple.

09:06.210 --> 09:10.860
All you'll have to do is, first of all, obviously sign up with the one that you want, download their

09:10.860 --> 09:16.440
client, and once you have the client downloaded, you simply want to select a server and connect to

09:16.440 --> 09:16.890
it.

09:17.160 --> 09:22.800
So I already have the client downloaded and installed and I'm simply going to connect to the Australia

09:22.800 --> 09:23.640
server.

09:24.780 --> 09:28.200
And right now as you can see, my location changed to Australia.

09:28.200 --> 09:34.320
So the websites that I visit will think that I am visiting them from Australia because going back to

09:34.320 --> 09:39.420
this diagram I connect it to a VPN server that is in Australia.

09:39.630 --> 09:46.280
So anything I send will be leaving this server and therefore I'll appear like I'm coming from this country.

09:46.290 --> 09:49.440
So that's another benefit of using a VPN.

09:49.680 --> 09:56.190
You can change your location and access websites or content that is only available for a certain country

09:56.190 --> 10:00.240
by simply connecting to a VPN that is in that country.

10:00.450 --> 10:04.950
So now that I'm connected, we can see that it's saying here Australia, we can double check on the

10:04.950 --> 10:05.820
website itself.

10:05.820 --> 10:11.670
If I refresh it here, you'll see this bar will tell me that I am protected by that VPN.

10:11.670 --> 10:18.090
My IP appears to be this one, which is not my real IP and I seem like I'm coming from Australia, so

10:18.090 --> 10:19.080
that's perfect.

10:19.170 --> 10:26.190
And now that we are connected to the VPN, we can go ahead and use the internet normally and will appear

10:26.190 --> 10:33.840
like we're visiting these websites from Australia or you can use your Tor browser and this way we'll

10:33.840 --> 10:40.020
connect to the Tor network from the VPN server that is in Australia and then bounce through another

10:40.020 --> 10:46.290
three nodes and then access the website that we want or access to our hidden services.

10:46.440 --> 10:52.650
So we can just go to check the Tor project dot org to confirm that we're connected to the Tor network

10:52.650 --> 10:53.430
properly.

10:53.430 --> 10:55.140
And as you can see, that's perfect.

10:55.140 --> 10:56.460
We're connected to it.

10:56.490 --> 11:00.750
This is the IP, this is the end IP, the IP of the exit node.

11:00.750 --> 11:05.130
And we can even click on the AI here to see the nodes we're bouncing through.

11:05.130 --> 11:12.150
So what's happening right now is we have an encrypted connection from my computer to a VPN server in

11:12.150 --> 11:18.780
Australia and then from there we're connecting to the Netherlands, to Germany to the United States,

11:18.780 --> 11:23.880
and then we access the Tor project website or whatever website we want.