VPN options

Since I’m moving into a hotel for a couple of months at the end of this week, I’ve been shopping around for a Virtual Private Network.

The type of VPN I’m talking about is not the kind that one uses to connect securely to an office network. What I’m talking about is a VPN that provides encryption from a PC to a remote VPN service. This type of VPN protects data while the bits are ‘in the air’ over a public WiFi connection. Once it reaches the VPN company, it’s decrypted and sent along to intended destinations via a wired connection. What you get out of this kind of service is, essentially, a greater level of insurance that your internet activity over public WiFi will remain safe and secure.

When I first started looking into this, I found that there’s a question of whether or not this is really necessary. I found two categories of opinions in my research. Some people feel that it’s generally OK to forego the use of a VPN while engaged in general browsing at a public WiFi hotspot, but it’s best to wait until you get home to do anything sensitive involving passwords. Mail is a particular concern here. This camp notes that it’s generally safe to engage in password-protected activities provided you ensure you’re on a secure connection (i.e. https). However, this is generally not the safest option. Most of the comments I came across suggest that it’s a best practice to use a VPN connection whenever you tap into a public WiFi hotspot (even if you’re on a wired hotel connection), and doubly so if you are going to be on said public network for an extended period of time.

I’m opting for the more secure solution. It’s a low-cost security measure. It’ll give me peace of mind. But which trusted service should I use?

I started out by trying two free options. The first is the popular HotSpot Shield. This service works as advertised, but I found that it notably decreased my connection speed. It also requires the installation of an application that resides in the menu bar. When it’s launched, it fires up an ad-based browser page that is a bit obtrusive, but not too bad. All considered, I concluded that it’s a good option if you’re looking for an occasional-use VPN while, say, at a coffee shop for a few hours. Hotspot Shield also offers a free iPhone VPN option. While the iPhone service was very simple to set up, I could not get it to work on my iPhone after trying for several days.

The second free VPN option I tried is called ItsHidden. The caveat with this free service is that you’re booted off of your connection every 20 minutes. If you don’t want to be disconnected after a set period of time, the service offer a pay option for $12.99 a month. There are two things I liked about ItsHidden. First, it requires no software installation. Second, it was a lot speedier than Hotspot Shield. However, I felt uneasy about entrusting my longterm online activity to the service. Their website offers no clues about who they are, where they’re located, or how long they’ve been in business. And, frankly, it looks like the site was put together in someone’s basement. It doesn’t inspire confidence. I read in one forum that the main reason this service was set up is to accommodate BitTorrent traffic. I’m sure there’s a lot of legit BitTorrent traffic taking advantage of this service, but I couldn’t shake the feeling that it was, well, kind of shady. So I moved on.

I narrowed down my options to two popular pay options from long-established VPN companies. One is called WiTopia. The other is called HotSpotVPN. Both appear to be great options. The deciding factor in my case was that WiTopia only offered a year subscription, while HotSpotVPN offered month-to-month (and even daily) rates. If you are looking for a long-term relationship, WiTopia is substantially cheaper. They offer one year of 256-bit encrypted SSL service for $60 (in comparison, HotSpotVPN would cost about $138 for a year of 256-bit SSL).

The nice thing about HotSpotVPN—in addition to short-term rates—is that the SSL option offered by the company comes with an additional free PPTP connection, ideal for setting up VPN on an iPhone or iPod Touch. I opted for the cheaper $10.88 month Blowfish 128-bit encryption option after reading in several forums that this amount of encryption, while on the low end of the spectrum of what’s available, is more than adequate.

So there you have it. I signed up yesterday. It works great on my Mac and my iPhone. Significantly, I’ve found no noticeable speed difference while using it. Setup is quite easy: HotSpotVPN e-mailed me a zipped file with my encryption keys and certification files with easy-to-follow instructions about how to install them in my user Library. They also offered up the option to install Tunnelblick, an open source GUI for OpenVPN on the Mac (OpenVPN, I’ve learned, is used by most consumer VPN services).

I can’t comment on Tunnelblick, however, because I didn’t install it. I use an alternative paid VPN client called Shimo for my VPN connections, which I highly recommend. If you’re curious as to why I use Shimo, the main reason is that it seamlessly imports Cisco VPN settings (which is what I use for work). If you’ve ever used the abysmal Cisco VPN client, you’ll understand. Shimo allows me to easily switch between Cisco and, now, my new HotSpotVPN service. I can connect and disconnect from each VPN service in seconds.

One final note: I learned during this process that SSL is generally the best option if you’re looking for the fastest solution that will work anywhere. If you decide to use a VPN service whenever you access a public network, SSL is the way to go.