Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,850 --> 00:00:08,440 So far I mentioned the word VPN in a number of lectures but I never really explained what it is. 2 00:00:08,440 --> 00:00:16,330 So in this lecture I'm going to explain what a VPN is how it works and how we can use it to bypass censorship 3 00:00:16,630 --> 00:00:20,080 and protect our privacy anonymity and security. 4 00:00:21,390 --> 00:00:24,880 So VPN stands for virtual private network. 5 00:00:24,990 --> 00:00:31,530 And to understand how it works let's first have a look on a normal scenario where we have a user trying 6 00:00:31,530 --> 00:00:33,450 to access Google dot com. 7 00:00:33,630 --> 00:00:39,180 As we mentioned before usually this traffic is sent unencrypted unless Google or the website they're 8 00:00:39,180 --> 00:00:42,120 trying to access uses encryption. 9 00:00:42,120 --> 00:00:47,220 And like we said this traffic passes through a number of routers it passes through your Internet service 10 00:00:47,220 --> 00:00:48,810 provider and so on. 11 00:00:48,810 --> 00:00:54,900 And all of these stops can see the data that you're sending and manipulated profile you gather information 12 00:00:54,900 --> 00:00:57,090 about you and so on. 13 00:00:57,090 --> 00:01:05,370 Now if you use a VPN you will first connect to the VPN server which you can think of as a computer that 14 00:01:05,370 --> 00:01:09,230 exists on the Internet on the cloud with really good resources. 15 00:01:09,300 --> 00:01:16,380 And what happens is you create an encrypted tunnel an encrypted connection with this computer. 16 00:01:16,380 --> 00:01:23,030 So whenever you want to access anything on the internet you send that first to this computer. 17 00:01:23,190 --> 00:01:30,630 But the request is sent encrypted hence I used a green arrow in here to indicate that the data sent 18 00:01:30,900 --> 00:01:32,400 is encrypted. 19 00:01:32,400 --> 00:01:38,550 So whenever you want to access something both you and the VPN server will be able to read this data 20 00:01:38,580 --> 00:01:39,600 and understand it. 21 00:01:40,020 --> 00:01:46,110 But if anybody intercepts this data whether it's your internet service provider whether it's your network 22 00:01:46,170 --> 00:01:52,770 admin whether it's a hacker they will not be able to read this data or manipulated or profile you because 23 00:01:52,770 --> 00:01:54,420 this data will be encrypted. 24 00:01:54,450 --> 00:01:56,570 It will be gibberish. 25 00:01:56,570 --> 00:02:02,480 Then once the VPN receives the data once it sees for example you want to go to Google dot com. 26 00:02:02,570 --> 00:02:05,130 It will simply forward the request to Google. 27 00:02:05,130 --> 00:02:08,700 And then the response will follow a similar path. 28 00:02:08,700 --> 00:02:13,210 Again keep in mind traffic leaving the VPN will be unencrypted. 29 00:02:13,210 --> 00:02:18,050 It'll only be encrypted if the service that you connect in to uses encryption. 30 00:02:18,190 --> 00:02:21,660 Hence I used a red arrow in this case. 31 00:02:21,660 --> 00:02:26,230 Now you can also use a VPN and connect to the TOR network. 32 00:02:26,460 --> 00:02:32,730 So you'll first connect to your VPN again green arrow means your traffic is encrypted and then it leaves 33 00:02:32,730 --> 00:02:39,030 your VPN connected to the network and then you can either access an on your service or go to Google 34 00:02:39,060 --> 00:02:42,590 or any other Web site on the clear net. 35 00:02:42,600 --> 00:02:50,460 Now this architecture of first creating a secure tunnel and connecting to a server and then go to the 36 00:02:50,460 --> 00:02:55,850 Internet or to the tower network or to whatever service is really really useful. 37 00:02:55,980 --> 00:03:00,580 Because first of all it adds an extra layer of encryption. 38 00:03:00,600 --> 00:03:06,180 This means that it's going to improve our privacy and anonymity because it will prevent anybody that 39 00:03:06,240 --> 00:03:12,900 intercepts this connection that intercepts this flow of data in here from seeing what data you're sending 40 00:03:12,960 --> 00:03:13,780 or receiving. 41 00:03:13,860 --> 00:03:18,360 Again whether it's your network admin whether it's your internet provider whether it's a government 42 00:03:18,600 --> 00:03:19,890 it doesn't really matter. 43 00:03:19,890 --> 00:03:26,160 Your data in here is going to be encrypted therefore it'll be useless to any entity that intercepts 44 00:03:26,160 --> 00:03:27,040 it. 45 00:03:27,060 --> 00:03:29,430 It will also help us bypass censorship. 46 00:03:29,610 --> 00:03:35,550 So we've seen previously that we can use plug mobile transports and bridges in order to bypass censorship 47 00:03:35,640 --> 00:03:40,830 and connect to the TOR network even if it's being blocked by your network admin or by your internet 48 00:03:40,830 --> 00:03:41,990 provider. 49 00:03:42,270 --> 00:03:49,620 A better solution in my opinion is to simply use a VPN because let's assume we have an Internet service 50 00:03:49,620 --> 00:03:56,200 provider in here that doesn't allow the users to access tor when you use a VPN. 51 00:03:56,220 --> 00:04:02,270 Again you're creating a secure encrypted tunnel between you and the VPN provider. 52 00:04:02,340 --> 00:04:09,930 So the Internet service provider cannot see that you're trying to connect to Tor all it can see is encrypted 53 00:04:09,930 --> 00:04:13,360 data go into some server on the Internet. 54 00:04:13,650 --> 00:04:20,400 Therefore in the case of the plug all transports and bridges in worst case scenario the Internet service 55 00:04:20,400 --> 00:04:26,850 provider or the admin or the government will be able to see that you are trying to connect to tour which 56 00:04:26,850 --> 00:04:29,670 could cause problems in some countries. 57 00:04:29,670 --> 00:04:36,570 In the case of using a VPN the worst case scenario is your Internet service provider will be able to 58 00:04:36,570 --> 00:04:39,390 know that you're trying to connect to a VPN. 59 00:04:39,410 --> 00:04:44,760 That said they want to know that you're trying to use Tor and they want to be able to see any data you 60 00:04:44,760 --> 00:04:52,910 send because like I said the connection is encrypted and hence the use of the green arrows in here on 61 00:04:52,910 --> 00:05:00,140 top of all of these features using a VPN protect us from hackers because it is very easy for anyone 62 00:05:00,140 --> 00:05:06,920 connected to the same network as you to intercept your data to redirect the flow of data so that it 63 00:05:06,920 --> 00:05:08,870 flows through their computer. 64 00:05:08,900 --> 00:05:13,210 I actually cover this in my network hacking and in my ethical hacking courses. 65 00:05:13,970 --> 00:05:19,760 So whether you're connected to a public network such as an airport network or a hotel or a college network 66 00:05:20,060 --> 00:05:27,290 or even at your own home network anybody connected to that network can redirect the flow of data so 67 00:05:27,290 --> 00:05:29,510 that it flows through their computer. 68 00:05:29,510 --> 00:05:34,670 And once they do this they'll be able to see all the websites you visit all the usernames and passwords 69 00:05:34,670 --> 00:05:35,660 you send. 70 00:05:35,660 --> 00:05:41,380 They'll even be able to modify data on the fly and backdoor files you download. 71 00:05:41,390 --> 00:05:49,880 And in many cases even gain full control over your computer now if a VPN is used the hacker will still 72 00:05:49,880 --> 00:05:55,520 be able to redirect the flow of data and they will still be able to intercept your data. 73 00:05:55,520 --> 00:05:58,210 But this data again will be encrypted. 74 00:05:58,250 --> 00:06:04,180 Hence the use of the green arrows so they won't be able to see the usernames or the passwords or anything. 75 00:06:04,250 --> 00:06:10,580 And even if they try to modify this data they wouldn't be able to do it because it will be simply gibberish 76 00:06:10,790 --> 00:06:15,300 and they wouldn't be able to analyze it or do anything with it. 77 00:06:15,350 --> 00:06:23,240 That's why using a VPN is a really good solution to prevent man in the middle attacks with that being 78 00:06:23,240 --> 00:06:29,160 said there is a number of things that you need to keep in mind when using a VPN. 79 00:06:29,300 --> 00:06:33,860 First of all we are introducing a man in the middle and here. 80 00:06:33,860 --> 00:06:40,470 So if we go back to the previous diagram you can see that our connection was going directly to the Internet. 81 00:06:40,580 --> 00:06:46,570 But when we're using a VPN we're literally adding an extra node to our connection. 82 00:06:46,730 --> 00:06:53,690 So the data is encrypted between the user and the VPN provider with the VPN provider is able to see 83 00:06:53,690 --> 00:06:54,810 this data. 84 00:06:54,920 --> 00:07:01,700 Therefore you have to make sure that you pick a reputable VPN Provider and avoid free providers because 85 00:07:01,760 --> 00:07:05,090 a lot of them keep logs and analyze you. 86 00:07:05,090 --> 00:07:09,050 You also want to make sure that you use a provider that keeps no logs. 87 00:07:09,200 --> 00:07:14,930 And with keeping all of these things in mind with picking a reputable provider avoid free ones and make 88 00:07:14,930 --> 00:07:16,700 sure that they keep no logs. 89 00:07:16,700 --> 00:07:19,790 Also use hasty tepees everywhere. 90 00:07:19,790 --> 00:07:23,290 This really solves the problem of having a VPN here. 91 00:07:23,300 --> 00:07:28,850 Even if you trust them even if you think this company will never do anything bad will never keep logs 92 00:07:28,850 --> 00:07:33,040 and analyze your traffic when you use hasty tepees everywhere. 93 00:07:33,170 --> 00:07:40,130 You're adding another layer of encryption so your connection between you and the VPN provider will be 94 00:07:40,130 --> 00:07:42,470 secured by two layers of encryption. 95 00:07:42,470 --> 00:07:49,900 First the encryption used by the VPN and the encryption enforced by TTP as everywhere which is tier 96 00:07:49,900 --> 00:07:50,800 less. 97 00:07:51,260 --> 00:07:58,760 And then when traffic leaves the VPN provider you will have less encryption up to whatever destination 98 00:07:58,760 --> 00:08:00,020 you're going to. 99 00:08:00,020 --> 00:08:07,400 Therefore even the VPN provider in this case will not be able to see your data because it will be encrypted 100 00:08:07,430 --> 00:08:12,110 with Telus which is a very very secure encryption. 101 00:08:12,170 --> 00:08:18,320 Last but not least when signing up with a VPN you want to make sure you use a VPN that does not require 102 00:08:18,350 --> 00:08:19,430 a lot of information. 103 00:08:19,430 --> 00:08:24,140 Again at the end of the day we're trying to improve our privacy and it doesn't really make sense to 104 00:08:24,140 --> 00:08:27,530 give them my address and all this information. 105 00:08:27,560 --> 00:08:31,070 You can also take this one step further and pay with crypto. 106 00:08:31,220 --> 00:08:32,260 But this is optional. 107 00:08:32,270 --> 00:08:39,670 It really depends on you and your threat model now there are a lot of VPN providers out there. 108 00:08:39,700 --> 00:08:42,910 I highly recommend you go and do your own research. 109 00:08:42,910 --> 00:08:51,040 Me personally I use our own VPN that we provide adds security which you can get at Z as VPN dot com. 110 00:08:51,130 --> 00:08:55,160 So I have the website already here and I'm already at the download section. 111 00:08:55,360 --> 00:09:00,420 It supports all platforms so you can use it on Windows OS X Linux ISIS and Android. 112 00:09:00,430 --> 00:09:02,260 Doesn't really matter. 113 00:09:02,260 --> 00:09:06,220 And using these VPN providers is actually very very simple. 114 00:09:06,340 --> 00:09:11,620 All you'll have to do is first of all obviously sign up with the ones that you want download their client. 115 00:09:11,710 --> 00:09:17,350 And once you have the client downloaded you simply want to select a server and connect to it. 116 00:09:17,350 --> 00:09:22,780 So I already have the client downloaded and installed and I'm simply going to connect to the Australia 117 00:09:22,780 --> 00:09:28,260 server and right now as you can see my location change to Australia. 118 00:09:28,290 --> 00:09:34,290 So the websites that I visit will think that I am visiting them from Australia because going back to 119 00:09:34,290 --> 00:09:39,550 this diagram I connected to a VPN server that is in Australia. 120 00:09:39,810 --> 00:09:46,530 So anything I send will be leaving this server and therefore I'll appear like I'm coming from this country. 121 00:09:46,530 --> 00:09:49,800 So that's another benefit of using a VPN. 122 00:09:49,800 --> 00:09:56,130 You can change your location and access websites or content that is only available for a certain country 123 00:09:56,310 --> 00:10:00,630 by simply connecting to a VPN that is in that country. 124 00:10:00,630 --> 00:10:05,350 So now that I am connected we can see that as seen here Australia we can double check on the website 125 00:10:05,400 --> 00:10:11,970 itself or fire refresh it here you'll see this bar will tell me that I am protected by that as VPN my 126 00:10:11,970 --> 00:10:17,890 IP appears to be this one which is not my real IP and I seem like I'm coming from Australia. 127 00:10:17,910 --> 00:10:19,440 So that's perfect. 128 00:10:19,440 --> 00:10:26,190 And now that we are connected to the VPN we can go ahead and use the Internet normally and will appear 129 00:10:26,190 --> 00:10:32,630 like we're visiting these websites from Australia or you can use your tor browser. 130 00:10:32,850 --> 00:10:39,240 And this way will connect to the TOR network from the VPN server that is in Australia and then bounce 131 00:10:39,300 --> 00:10:46,110 through another three nodes and then access the Web site that we want or access Tor hidden services 132 00:10:46,620 --> 00:10:52,650 so we can just go to check the Tor Project dot org to confirm that we're connected to the terror network 133 00:10:52,650 --> 00:10:53,640 properly. 134 00:10:53,640 --> 00:10:56,610 And as you can see that's perfect we're connected to it. 135 00:10:56,700 --> 00:10:59,000 This is the IP this is the end IP. 136 00:10:59,000 --> 00:11:05,320 The IP of the exit node and we can even click on the eye here to see the nodes where bumps and through. 137 00:11:05,340 --> 00:11:12,120 So what's happening right now is we have an encrypted connection from my computer to a VPN server in 138 00:11:12,120 --> 00:11:19,980 Australia and then from there reconnect in to Netherlands to Germany to the United States and then we 139 00:11:19,980 --> 00:11:23,670 access the third project Web site or whatever Web site we want. 15530