Check out the rest of the videos in this special course: The Practical Guide To Mac Security.
Using a VPN will protect your data from malicious Wi0Fi networks and ISPs. But thanks to HTTPS, it is mostly unnecessary for typical Mac users.
You can also watch this video at YouTube (but with ads).
Why your caution about using the web while you travel; aren't sites that have https domestically and considered secure also connecting in that manner overseas and hence secure?
Tim: Using https is fine in most cases. But it pays to be extra vigilant when using a network you don’t trust. For example a man-in-the-middle attack could make a compromised network show you an imitation of Facebook instead of the real thing, and then steal your password when you try to log in. Rare, though, so I wouldn’t worry too much.
Hi Gary, Your discussion on VPNs talked about secure connections to websites through VPN or SSL. What about mail and text messages. Are they secured by VPNs. Thanks, Fred
Fred: Apps like Mail and services like iCloud, Gmail, school and corporate email servers, etc, have been using SSL for a long time now. So they are pretty secure. VPN would add another layer to that, but most people wouldn't need it. The odd thing is that email in itself is kind insecure, because services need to send email between each other, iCloud to some other service for instance. So end-to-end encryption isn't possible. But VPN doesn't help that at all and if the Wi-Fi you are using is compromised it would be safe and encrypted when passing through that point.
So after I turn Have an great day! VPN on do I just act as normal? Click on Safari to use web?
Nick: Once your VPN shows it is on and working, just browse as normal. You shouldn't notice any difference.
The password manager app Dashlane includes a free VPN. They are in the process of revamping their app, so it's a little clunky to get started, but it's doable.
I am curious to know if apps we have downloaded, say from our bank, would also be secure like going to their site would be https://. So they would be safe (safer?) to use while traveling.
Linda: Hard to say since they would built the app either way. But I would expect that they are quite secure, use SSL, and were designed with security in mind. I'll bet there is something on the bank's site or app description that mentions security.
I’m wondering what is the role of using the Tor browser in gaining privacy. What can ISP track when using Tor? Are there any points along the chain for spying when using a Tor connection?
If I set up a VPN on my Synology NAS, is Synology hosting a VPN server out there somewhere, so that it’s just the same as signing up with any other VPN?
Is spying on data to a website the same as spying on email? Does all email just ultimately go to an equivalent of a website, making it the same as any other internet connection?
Living in Canada, I have a Canadian Netflix account. Can I access the US Netflix shows (which are different) if I use a US based VPN? Will the streaming speed be affected?
Ron: I don't know much about the Tor browser. I'd imagine a lot of its privacy features are the same that you get with Safari. As for Synology, you'd need to read their documents or contact their support. I know nothing about their product. Email and websites are different things. They work in different ways and have different uses. Don't send secure information over email, but don't worry about general correspondence.
Lance: I doubt that Netflix will be tricked by using a VPN. Streaming would be slowed, too, yes.
You mentioned that if the website has SSL, it’s pretty secure and you may not need a VPN. This is great to know when using a Mac. But like so many of us, I use dedicated Apps for banking, etc. When I log into my bank on my iPhone, I’ll often use my fingerprint and/or two-factor. But I don’t know the security status (https) of the site since it doesn’t display it.
How do I know the security level of dedicated banking Apps, investment Apps etc.? Is it assumed that they have SSL?
Thanks
Lawrence: Dedicated apps almost certainly use SSL. In fact for a while now Apple has insisted on that as an App Store submission rule. But apps like banking apps probably started with SSL from the very start. You'd need to ask them for confirmation, but I'd be shocked it a single one didn't use SSL.
Two questions:
1. If I specify to my VPN that I trust my home Wi-Fi network, is it right to assume I get no added benefit at all from my VPN subscription when I’m at home?
2. If I am at home on my trusted Wi-Fi network, how can I take advantage of my VPN disguising my network address? Do I just tell the VPN that I don’t trust my home Wi-Fi?
Steve: Yes for both.