cameo said:
For Macs there is a supposedly pretty good and easy-to-use cloaking
program to make public WiFi connection secure. Is there anything like
that for Windows PCs?
https://www.getcloak.com/
"... personal VPN..."
It's a Virtual Private Network.
That's the term you'd search for, not for "cloak".
*******
Apparently, Windows 7 has a VPN server built-in. I think
that would allow the following.
http://www.ehow.com/how_7418436_turn-home-desktop-vpn-server.html
You could do something like this. This uses your own equipment,
but requires an ISP that doesn't complain about how you use
their service.
Internet
|
| Unencrypted
|
| Encrypted
| +----------------------+
| | |
CameoHome Public Wifi
Windows 7 |
| | Cameo Remote running
+----+ VPN client
"HairPin
Turn"
(via Windows7
normal routing)
You would leave your home PC running. The home PC would have a
regular connection to the Internet, without encryption.
However, logically (rather than physically), while you're
sitting in the public wifi spot, you use your VPN Client,
to contact the IP address of your home PC. Your home router
has a hole punched in it (port forwarding), to allow the VPN connection.
Some routers have a passthru function specifically for VPNs. Inside
your PC, the Windows VPN server software, decrypts the packets,
then routes the resulting packet. If the packet is destined
for the Internet (not directed to your home subnet), then
the Windows internal routing software will send the packet
towards the Internet.
Now, a problem with this concept, is if you use your home
computer and Internet connection, the Internet connection
is "asymmetric". The connection from CameoHome to Cameo Remote
will be slow, because as far as the home PC is concerned,
it's "uploading". On my system here, the available
bandwidth in that direction, is about as fast as writing
to a floppy drive. Useless. I would be sitting at the
public Wifi, with secure access, but slow access to the
Internet.
And technically speaking, you are "running a server" on your
home networking setup, in violation of the Terms Of Service
of your ISP (for cheap home Internet packages). Since my
ISP uses a deep packet inspection box, any policy
violations can be detected in the blink of an eye.
It depends on your ISP, and what it says in the TOS,
as to whether you're allowed to run that way or not.
If you use a commercial VPN service for the left hand
side of the diagram, their networking setup will be
symmetric, supporting good bandwidth in all directions.
If you use a commercial VPN, there is no connection
at all, running to your home PC. And no TOS to worry about.
There would be a monthly fee, to use the commercial VPN.
Note that, VPN link encryption, can affect things like
Windows shares. When I used a VPN hardware box at work
(our own corporate VPN server), I could copy files to
the work server at a blistering 4KB/sec. What seemed to
be happening, is the encrypted VPN packet encapsulation, caused
packets to be fragmented, and without the seeming benefit
of protocol pipelining. That meant a 100 millisecond delay,
for each protocol exchange. No pipelined acks seemed to be
present, for whatever reason. So depending on the dynamics,
using a VPN can be pure misery. The funny thing was, some
protocols (like XWindows protocol was the main thing I was
doing), ran at more normal rates. It was just the Windows
shares that were slow as molasses. Broadband Internet
with dialup performance.
Whoever provides the VPN server end of the above
picture (on the left), must be trustworthy. As they have
access to the unencrypted stream. You would assume your
own home PC running Windows 7 would be trustworthy, and it
is, until it gets hacked from outside. Then, it's no longer
trustworthy. Any time you do Port Forwarding on your
home router, there is a risk associated with doing so.
Paul
