Justice Department Wants Phone Locales Without Warrant
The article above should alarm you. Must everyone be reminded of three truths?
- Laws go on books much easier than they come off them
- Governments and power structures change. A benevolent one now does not mean the same holds true for the future.
- History repeats. Abuses of the past will reappear in the future.
Picture your worst view of the future in terms of who might hold political office or power (national, local, or municipal) and what they might do. Then give them the power to locate you any time they want. Sound unpleasant? Stop them now.
This is covered completely on our VPN pages, but I want stress it clearly that PPTP should only be used as a last resort. Even then, it should be used in conjunction with SSH tunneling as additional protection.
PPTP has major flaws. It’s encryption uses the password as the key and it’s datastream carries a retrievable password hash. To make that perfectly clear, someone can take your password out of the datastream and decrypt your traffic.
Granted, there is more to it than that. They must somehow intercept your traffic, but while complicated, it is not impossible (we have seen and stopped attempts at arp poisoning attacks). They also must be able to crack the encrypted password hash.
There are tools to crack this. However, a very complex password will take eons to brute force. A common word, even if you replace vowels with numbers (this is too common people), may be cracked in minutes.
OpenVPN is subject to none of these weaknesses. It uses very strong certificate based encryption (blowfish). Even if someone does intercept your traffic, they can gain nothing from it. Use OpenVPN over PPTP.
