An island of freedom or a regulated industry: what the Internet has become and how to make it safer

Hello, Habr. With you Maxim Gorshkov, information security specialist Cloud4Y. I propose to talk about how the Internet was two or three decades ago, and what it is now.

You can hardly accuse me of exaggerating if I say that the Internet has become for the majority the same resource as water and electricity. For a huge number of people, the lack of the Internet is equal to the lack of livelihood. Of course, the state and the criminals could not help but pay attention to this. And then both of them decided to contribute to the development of the Internet. Looking ahead, I will say that the intervention was not the most successful. And yes, I can already hear your comments in the style of “who would have doubted.”

I’ll start with my experience. I first connected to the network in 2003. It was a truly free world. No restrictions – in those days, forums and sites of National Socialists, “bombers”, aggressive sects, and just regional forums without any censorship existed quietly. And during the holivar, they could not only send you, but also give a recommendation for self-sawing, accompanying the advice with detailed instructions.

There was little security then. No traffic encryption or brute-force protection of services. Anyone could brute force accounts on any sites, and a little more advanced sniffed open traffic with logins and passwords from services, in order to then prank the victims, creating compromising posts on their behalf.

You probably remember this time. And someone is even nostalgic for him (I did not find the BBS era, so I cannot tell you about it). There was a smell of permissiveness and anarchy on the Internet. There were no restrictions, you could engage in any, even illegal activity. But at the same time, how could you hack something, so could you too.

Internet users frolicked as best they could, and these games led to the fact that they paid attention to the state. The fact is that the authorities have serious problems in terms of combating crime. If the experience of “rounding up” thieves’ meetings or, in jargon, “gatherings” has accumulated over decades, then what to do with the “bombers” who discuss their plans on the Internet? What to do with radical ideological and religious movements, which using the Internet are much more effective in looking for new adherents? What about the theft of data and money? Later, espionage and high treason were dragged here.

The Internet fell on the head of the state suddenly. And up there, they just didn’t know what to do with all this. But it was necessary to do it, and quickly. The BORN case (a militant organization of Russian nationalists), Bolotnaya Square and many other events were a kind of alarm bell that caused panic among representatives of the authorities. Ignorance, misunderstanding, inflexibility of officials caused an unhealthy fuss and a lot of not the smartest projects to regulate the Internet. Laws concerning freedom and security of the Internet began to be stamped in batches. With the same enthusiasm, they began to create structures that monitor users on the network (Roskomnadzor, cybercossacks, cyber squads, cyber police).

As a result, we have what we have. Sometimes inadequate laws, inadequate law enforcement practice (it has become very easy to get a term for a repost) are aggravated by attempts to influence politically on certain countries by blocking or slowing down popular resources on the network (telegrams, LinkedIn, twitter). The state is trying to hide from the world wide web, then to influence it administratively.

The effectiveness of many measures is highly questionable: crime is rampant, ordinary users are suffering. At the same time, the “struggle for security” negates the freedom of users at the root. And it is no longer clear what to do and how to be, because the state constantly makes hasty steps, then rolls them back, and almost every time “goes too far.”

Such instability arises for an understandable reason: the digital world order is still being formed. There will be new strange laws, and their subsequent amendment. Users are left to try to preserve maximum freedom, comfort and safety in these conditions. This is partly why the demand for VPNs is growing.

VPN for internet hygiene

VPN (Virtual Private Network) is a software system designed to protect the online privacy of users. A VPN service prevents attackers from stealing your data by protecting it by anonymizing traffic and user location. Also, with the help of a VPN, you can solve many different problems – for example, bypass access restrictions based on geography and get access to any platforms in the world, and in the light of the forced slowdown of some services, download data faster.

When you connect to a VPN server, all of your internet traffic becomes encrypted. This means that your activity on the Internet is hidden from prying eyes, including even your ISP. Encryption will prevent attackers from gaining access to your personal data that you provide on various sites – for example, your passwords. This is especially important if you are connecting to a public WiFi hotspot – these networks tend to be poorly secured and are a favorite habitat for cybercriminals.

With the help of a VPN, you protect yourself at least by the fact that your data will be encrypted – even if someone manages to steal it, they will not be able to decrypt it. The VPN service will redirect all of your internet traffic through one of its servers, where it will be encrypted. For example, you are in Russia and you are about to connect to a server in the United States. In this case, the VPN service will send all your Internet traffic from the Russian Federation to the United States, and in a fully encrypted form. Encryption will prevent your ISP from knowing which site you are trying to access and thus block your connection.

The VPN server will then redirect your traffic to the site you want to visit – for example, to the site of some web service or streaming platform (like Netflix). The site will see that the traffic originated from the VPN server, not your device. In other words, it will see the IP address of the VPN server, not your device. The best VPNs have thousands of servers and regularly update their databases of IP addresses to prevent web services from blacklisting and blocking them. This will provide you with complete confidentiality and freedom of action.

Someone will say that everything is clear with VPN. They write a lot about it, but why would I need a private VPN service if I’m not a hacker and I have nothing to hide. Unfortunately, now the trend is the policy of universal prohibition and restrictions on working in the network. I bet you yourself saw how certain resources began to work worse, and sometimes not load at all. VPN can solve this problem. Western resources start to work more stable, while the ping does not grow much.

Again, we all know that every provider is obliged to pass traffic through the SORM system (system of operational-search measures), but no one tells us or will tell us what law enforcement officers are doing with this traffic. Databases of users of the largest banks with all personal data have been wandering around the Internet for a long time, although it would seem that banks are obliged to protect them, guaranteeing safety. If banks, risking their reputation and financial losses, allow themselves such leaks, then what about the “leaks” of confidential data by corrupt employees? While we see excesses and abuse, I consider it a good form not to allow anything like this in relation to myself.

Which VPN service to choose

The important point here is reputation. You need to understand that the VPN server, in principle, can see our traffic and give it out where it should be. Many VPN services do not provide adequate guarantees. It is imperative to pay attention to this. So, the once popularized NordVPN can in fact easily share information upon request about a client.

Personally, I would advise Private internet access… Why? Its own DNS, shadow socks, a bunch of servers around the world, a loyal registration model. If the service is ready to provide services to a person about whom he only knows the BTC wallet number, then this means that he does not need your personal data. All traffic is impersonal.

I will repeat myself. I do not need to hide on the net, I always write in my real name. VPN on the network is like curtains or soundproofing in an apartment so that no one wants to spy on or eavesdrop. This is primarily for comfort. In addition, paradoxically, a VPN with Western IP addresses speeds up many of the services I need on the Internet.

The HTTPS protocol is currently relevant. A protocol to encrypt traffic from you to the server and back using asymmetric encryption. The only chance for most attackers to spy on you is to downgrade your security level to HTTP.

It is easy to understand if your traffic is secure: in modern browsers, it is shown when the connection is protected (closed with a padlock) and when not (opened with a padlock).

I recommend installing the HTTPS Everyone plugin, so as not to be mistaken. The point is, when you connect over HTTP, your traffic is easy for everyone to read. As a neighbor sitting in the same network, and a provider or SORM.

Conclusion

I repeat, now the digital world is at the stage of formation and therefore “excesses” on the part of the state are quite real. For a post or opinion left on the network 15 years ago, you may well be brought to real responsibility, interpreting the message as a continuing offense. That is, 15 years ago, you wrote something bad about someone, but you still haven’t deleted it – consider it tantamount to making a “fresh post”.

Yes, the time of free and free internet sometimes pops up in nostalgic waves in our minds. But we must be aware that now the Internet has become different, has evolved into a full-fledged and irreplaceable sphere of our being. Accordingly, rules and requirements for activities in this area should be formed. And most importantly: it is required to form the concept of responsible behavior in the network. Our world is not perfect, laws and people are also not perfect. But Internet users should not commit illegal actions on the network themselves, just as they should not give an opportunity to commit illegal (albeit sometimes enshrined in legislation) actions against them by anyone. That is, everything is like in real life. Thanks for attention.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *