Rolling your own VPN server

With the news that internet service providers may soon start scanning all your personal data and using it to target ads, I decided it was time to investigate setting up a virtual private network (VPN) server. I’ve mentioned this in a couple places, including recently on Clockwise, and had more than a few people asking if I’d document my experience.unblock websites

Why VPN?

There’s been a lot of talk about VPNs in the wake of this recent news, everything from which provider you should pick to why a VPN doesn’t necessarily solve the problem.

Overall, though it’s true that VPNs can help by encrypting the traffic that flows through your ISP (or whatever network you’re on), they are hardly a panacea. For one thing, VPN traffic is not end-to-end encrypted: it eventually emerges, decrypted, somewhere else. That means a third party—in this case, the company providing your VPN—may still be able to keep an eye on your traffic. Those companies may keep logs that can in turn be sold to or accessed by third parties (including the government), depending on their own privacy policies. In effect, you’re moving the problem downstream.

Where VPN?

With all of those caveats in place, I still thought it would make for an interesting experiment. I’d previously set up a VPN on my Mac mini, but that doesn’t help at all in this case, because the data is only encrypted going to my Mac mini…which then sends it all out via my home ISP. (It’s more helpful when I’m working out of the house and want to secure my connection on, say, a public Wi-Fi network.)

So instead I turned to the Linode server that I use to host my website. (Full disclosure: Linode is a regular sponsor of Clockwise, but beyond having signed up using the same discount code that we offer to all listeners, I pay for my own Linode account.) The good news is that, as with so many other tasks, Linode provides extensive guides to setting up a VPN on its service.

The advantage to using Linode is that since it’s a virtual server, rather than a VPN service, I’m completely in charge of the setup and configuration of the VPN server. Again, this isn’t foolproof, because my traffic is only encrypted between my Mac and the Linode server, meaning that if Linode decided it wanted to track my outbound traffic, then I’d be in much the same boat as before. (Essentially, Linode becomes my de facto ISP.) Given, however, that Linode’s main business is hosting, and that they have their own pretty strong privacy policy, I’m not particularly concerned on that point. But, again, that’s subject to the vagaries of business.

However, keep in mind that since now all my traffic would effectively originate from my Linode server, which has a static IP address, this again is mostly just shifting the problem. Because if I’m logging in to unencrypted web servers (i.e. those not using the HTTPS protocol), I’m still transmitting information that can then be tied back to a single IP, allowing advertisers (if not my home ISP) to build a targeted advertising profile. Granted, that IP is no longer connected to my geographic location, since my Linode is in New Jersey, but if I’m still looking for information about businesses or locations near where I actually am, it’s still not too hard to suss out. In other words, a VPN like this still isn’t a good way to anonymize your connection.When comes to the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN.Qwer432 ion/ -on-the-internet/

Canadian Telecom Giant Bell Wanted NAFTA to Ban Some VPNs

Bell, one of Canada’s “big three” telecom companies, asked the Canadian government to seek rules that would make some VPN services illegal ahead of North American Free Trade Agreement (NAFTA) negotiations.VPN service

Virtual Private Networks, or VPNs, are tools that obfuscate internet traffic so that internet service providers and other snoops can’t easily decipher your browsing habits.

VPNs are a pillar of privacy-conscious internet usage, and are regularly used by journalists, researchers, and citizens seeking to circumvent censorship in places such as China. VPNs may also be used to circumvent geo-blocked content—say, to access regional Netflix content by pretending you’re based in a country other than the one you’re in. Netflix has recently cracked down on the use of VPNs in this manner.

Anja Karadeglija, the editor of telecom news outlet the Wire Report, obtained Bell’s NAFTA submission from July 2017 via an access to information request, and shared it with Motherboard.

In its submission, Bell argued that Canadians accessing content from a US service with a VPN “unjustly enriches the US service, which has not paid for the Canadian rights” but nonetheless makes that content available to Canadians. Bell’s media arm reportedly spends millions on content for it streaming service, Crave TV, which allows Canadians to stream content from American networks such as HBO and Showtime.

“Canada should seek rules in NAFTA that require each party to explicitly make it unlawful to offer a VPN service used for the purpose of circumventing copyright, to allow rightsholders to enforce this rule, and to confirm that it is a violation of copyright if a service effectively makes content widely available in territories in which it does not own the copyright due to an ineffective or insufficiently robust geo-targeting system,” the submission stated.When comes to the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN.Qwer432

VPN services blocked in Sri Lanka as information controls tighten

Internet providers in Sri Lanka are in the vanguard of blocking access to digital security tools that allow users to work around censorship, according to new NetBlocks network measurement data.Buy VPN

On Sunday, Sri Lanka restricted access to social media platforms following a series of deadly attacks on churches and hotels. The new VPN restrictions appear to target users who have been circumventing censorship measures, which the government says are in place to prevent the spread of disinformation. Critics caution that the filtering measures are an impediment to independent media coverage and free expression as Sri Lanka comes to terms with the attacks.
Sri Lanka joins a handful of states that implement similar controls on VPN services and internet protocols that tunnel network traffic from point to point:
Virtual private networks enhance privacy and also allow users to work around internet restrictions. VPN usage is common in among journalists and in ICT, consulting and financial sectors, where they are often required for security reasons.

Data shows that one of the most prominent commercial VPN providers was blocked at 4 AM UTC Monday morning, 9:30 AM local time one day after the attacks and initial response:United Arab Emirates-owned provider Etisalat, implicated last week in the blocking of opposition political websites during Egypt’s constitutional referendum, is blocking several VPN providers in Sri Lanka using two distinct DNS poisoning techniques. In this case, Etisalat subsidiary Tigo’s servers were found to be impersonating the blocked companies’ authoritative DNS servers:
The new NetBlocks findings, collected with assistance from volunteers across Sri Lanka, help build a timeline of Sri Lanka’s expanding censorship measures through recent days.

Technical evidence corroborates user reports of difficulty downloading, installing and connecting to various VPN services, widely used by Sri Lankans as a means to access blocked social media sites and messaging apps following Sunday’s attacks, further indicating that they have been implemented on a separate schedule to the social blocks. The restrictions come amid criticism of the government’s handling as citizens come to terms with the situation.VPN download

Sri Lanka previously blocked social media in March 2018 for a period of eight days, restricting access to a similar set of digital platforms and incurring an estimated $30m cost to the country’s GDP.When comes to the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN.Qwer432

Should you use a VPN on your phone?

There are a number of reasons for using a Virtual Private Network (VPN), especially for mobile devices such as laptops, smartphones and tablets.unblock websites

Mobile devices are often connecting to insecure public Wi-Fi networks, which can expose them to cyber-snoops that are connected to the same network. Mobile devices can also easily connect to fake public Wi-Fi networks without the user ever knowing, which is another common ploy used by cyber thieves.

How a VPN protects you

Using a VPN essentially creates a tunnel between you and the websites you are connecting to, which keeps anyone else from seeing the information that you are sending over the network.
When a VPN should be used

For those that travel often and connect to public Wi-Fi, using a VPN while doing so is an essential step to protecting your privacy.If you rarely travel and connect mostly to your own Wi-Fi network, about the only reason to use a VPN is to prevent your ISP from tracking your whereabouts.

Your ISP can’t see what you are doing when you get to an encrypted HTTPS page, but they can track the actual websites that you visit. Once you connect to a VPN service, your ISP can no longer track this information, but the VPN service can, so it’s important to look for a VPN that clearly does not log your usage.

Another common usage for a VPN service is for those that travel internationally. Many popular entertainment and news services, such as HBO or ESPN have geographical restrictions for their content, so using a VPN that has servers in the US may allow you to watch your shows from abroad.

I say “may” because companies such as Netflix started blocking VPNs back in 2016 and others seem to be following suit, so your mileage may vary.
Free vs paid VPNs
There’s a seemingly endless list of potential VPN services you can use, so the first step is determining whether a free or paid service is better suited to your needs.While a free service sounds appealing, there are a number of reasons that I personally have chosen to use a paid service.

The first is performance; even the best VPNs will have a potential impact on your performance in the form of a reduction in bandwidth. Free services can’t justify the same infrastructure expenditures that a pay service can, so in general, you’re likely to experience more inconsistent performance with free VPNs.

Some free VPNs use advertising to support the network, which automatically makes me suspicious about their logging practices. It stands to reason that if a VPN service is ad supported, they’re going to use everything they can to attract advertisers.

Free services may not offer the most up-to-date encryption protocols, may limit how much data you can use per month or day and may be very slow to connect as they typically have fewer servers for connecting.When comes to the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN.Qwer432 ming-service/

Netflix You seem to be using an unblocker or proxy

The proxy help page on the Netflix website provides little information besides what the company mentioned already in the error description:fast VPN

Netflix’s only recommendation is to disable “any proxies, VPNs, or other software that might route your Internet traffic outside of your current region”.

Many unblocker and VPN services stopped working today, including Mediahint, Zenmate, Betternet, AppVPN, ExpressVPN, Tunnelbear, and Private Internet Access, and it is likely that a lot of services not listed here have stopped working as well.

It is unclear how Netflix determines when a user is using a VPN connection to stream content on the site, but there are several possibilities how the service could have done it.
Sign up for popular VPN and Unblocker services, record all IP addresses you get while connecting to the service, and block those.
Check which IP ranges VPN and Unblocker companies have purchased, if possible, and block those.
Check which IP addresses are used by multiple users on the site, verify who owns them, and block those that you can associate with these services.
Compare a user’s home country with IP addresses he or she connects to, scan those IP addresses for association with VPN and unblocking services, and add hits to the blocklist.
What can you do about it?

There is little that can be done about it. Most users probably don’t want to set up their own VPN network as it is a technical process and comes with additional costs.

One could try to connect to different servers offered by a service provider to see if some are not blocked. Many VPN services offer several entry locations in the US and sometimes other countries.

This is a temporary solution at best though considering that more and more users of the service will utilize those.Another option is to find a smaller VPN provider and test if their servers are blocked by Netflix.When comes to the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN.Qwer432

Foreign spies may be hiding in your VPN

Many people do trust their VPN provider. A lot. Unfortunately, some of them shouldn’t, going by what a Department of Homeland Security (DHS) higher-up recently said.

In a letter sent to Senators Ron Wyden and Marco Rubio on 22 May 2019, Chris Krebs, director of DHS’s Cybersecurity and Infrastructure Security Agency (CISA), wrote that foreign adversaries are interested in exploiting VPN services. VPN service
Krebs was writing in response to a 7 February 2019 letter sent to him by the senators, who are concerned about threats posed by apps created in countries of national security concern to the US.

The senators noted that mobile browsers such as Yandex, Dolphin and Opera use their own servers as an intermediary for user traffic, compressing the pages before delivering them to users in order to save data. Similarly, VPN providers route traffic through their own servers in order to mitigate privacy concerns – nominally, at least, the senators said.

Potential security risks are of particular concern when it comes to government employees using VPNs, mobile data proxies, or other apps that might be vulnerable to foreign government surveillance, the senators said. They noted that the US government has already recognized the national security risks posed by Chinese telecom equipment, for one: a year ago, the Pentagon banned Chinese smartphones from military exchanges.

Six years prior, the US House of Representatives issued a report recommending that Huawei and ZTE be banned because of concerns over spying. A year-long investigation had shown that the companies had maintained close ties to the Chinese Communist Party and People’s Liberation Army back home while trying to expand their US businesses.
Krebs said that according to “open-source reporting”, the Russian government in November 2017 enacted laws that force domestic and foreign VPN providers to participate in Russia’s blacklist enforcement system: a system that allows the government to “access and influence Russia-based VPN providers,” such as Yandex. Also, in December 2017, the Indian government issued an advisory to employees that the Chinese government had used popular mobile apps – including WeChat, Truecaller, Weibo, UC Browser, and UC News – to collect information on sensitive Indian security installations.
VPNs don’t improve spotty security

For many, VPNs are synonymous with security and it’s not difficult to imagine a person of interest to foreign adversaries downloading one to a private phone in a misguided attempt to avoid becoming the next John Podesta. (Podesta’s Twitter account was hijacked and his Gmail compromised famously during the 2016 US presidential election.)

As Naked Security has pointed out many times over, your VPN is a bottleneck through which all your traffic flows. It works by encrypting your network traffic and transporting it to a server somewhere else on the internet. That server then strips off the encryption and sends your data on its way, as if it had originated from the VPN operator’s network, not from your phone or your laptop.

The encryption shields your traffic from all prying eyes other than the VPN itself, which becomes a box seat for reading your communications.When comes to the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN.Qwer432

Do VPNs Still Work in China? (as of December 2019)

Do VPNs still work in China? If you’re in China right now, you’re probably aware of how difficult it is to connect to a VPN right now. Don’t worry – you’re not alone. It’s happening all across the country right now. So what has happened? Do VPNs no longer work in China?VPN
Starting with the National Day celebration in October, China has been clamping down particularly hard on VPN connections. And this comes after an already difficult time of Hong Kong protests that have been extremely sensitive to China. Your VPN may be having trouble connecting, but be patient and check out some of the steps below. Good luck!

I’ll start by saying this: as of December 1, 2019, it is possible to connect to a VPN in China. It’s been difficult to connect at times but yes, it is possible.

The connectivity of VPNs in China goes on a cycle, a fact that you probably know well if you’ve lived in China for more than a year. During important government meetings (such as the Congress meeting last March), major holidays or during sensitive anniversaries, it becomes harder to connect to VPNs. Not impossible…but hard. That’s why it’s important to choose a VPN that dedicates significant resources to serving the China market.

Personally, I use ExpressVPN – which has been incredibly reliable for me these past few years – but I also subscribe to a number of other VPNs that work great in China. No matter what VPN you use, there are a few steps you can take to ensure that you can stay connected even when it feels like your VPN no longer works in China.
Not every VPN service works well in China, particularly when China starts clamping down on server connections, but there are a few measures you can take to give yourself the best chance to connect to a VPN.
Tips for Good VPN Connection in China (3 Steps)

Make Sure Your VPN App is Updated

One of the best ways to improve VPN connectivity is to keep your app updated. VPN services like ExpressVPN and NordVPN make important tweaks to their connection protocols when connections become difficult. You may not be able to log on to the websites directly, but the links above are dynamic links that direct you to an unblocked page from within China.
Check the China Server Status of Your VPN

Any VPN service that serves the China market well will have a status page that will provide timely updates on connection issues, possible fixes and tips on how to connect to VPN servers in China. Examples of this would be the ExpressVPN Status page, the NordVPN status page, and the VyprVPN status page. Each of these webpages should be updated on a weekly, if not daily basis, and often tell you exactly which servers are working in China.
Change Server Locations and Connection Protocols (multiple times)

Most VPNs like ExpressVPN allow you to choose not only what server you want to connect to around the world, but also what kind of VPN connection protocol you use to do it. If you find that you aren’t able to connect in China, try changing to a different server location or connection protocol. And don’t get discouraged if it doesn’t work after 2-3 changes. Sometimes it takes me 10-15 changes before I’m able to find a connection that works.When comes to the issue of online privacy and security, we suggest to use a VPN, and our recommendation is RitaVPN.Qwer432

Eyelash extension trend becoming must have beauty accessory

Eyelash extensions have become overwhelmingly popular over the past few months and while the trend is growing across the country, there are dangers that you could be facing if you aren’t informed beforehand. Eyelash extensions

According to the California Board of Barbering and Cosmetology, in order to legally perform lash extensions, the minimum requirement is that your artist must be a licensed esthetician or a cosmetologist.Board officials say however that they don’t provide eyelash extension training in any other fields. This means that many lash artists have to seek outside extension certification training before they provide any services to customers.

One lash artist, Jenny Y goes to two different training sessions to ensure clientele safety.”I took a classic lash training in LA and then I took another advanced master volume training in Beverly Hills,” she said.

According to Jenny, the classes can range from $12 hundred dollars to $2 thousand dollars, while the training can be expensive, its vital to ensure a customers safety. Those that don’t learn from a certified professional like Jenny Y, may not be following proper maintenance recommendations as Empire Eye Laser Center Optometrist Vin Dang said.In some cases, improperly trained lash artists wont do a good enough job cleaning the eyelids, which can lead to eye infections.

“Sometimes what’s happening is that the glue patients don’t realize they can be allergic to the glue that can cause a severe red puffy eyelid irritation,” Dang said. “Last week I saw an esthetician glued her eyelash, the personal eyelash and it was creating an abrasion on the surface of the eye.”

Dang said that abrasions on the eye can lead to blindness because of the harmful bacteria that can seep into your eye. Dang said that clients may not see critical signs of irritation to the eyes right away because of delayed allergic reactions.

At Bella Lash Boutique, all clients are also required to sign a waiver that specifies the complications and allergic reactions that may occur. By signing that waiver, the client is agreeing to the risks and maintenance instruction that are required to avoid infection.

Despite all the risks that come with the trend, Bella Boutique is still seeing that the popularity hasn’t died down. Nearly 220 clients were seen ach month when the boutique first opened in May 2017. Now, they are seeing more than 600 clients each month across the different locations.

Lash Client and Lash Expert, Megan Sheridan said that the growing popularity is what makes the upkeep more challenging and recommends customers book appointments as soon as possible to assist in proper upkeep.

According to the Cosmetology Board Officials, license requirements can differ from state to state with the only consistency being the national exam that cosmetologists and esthetician are required to take.

Beauty fans are getting eyelash lice after not washing their extensions properly

Beauty fans are getting eyelash lice after not washing their extensions properly

As fake lashes grow in popularity, optometrists are warning people about the spread of ‘lash lice,’ which have been on the rise as wearers fail to observe proper hygiene procedures. Experts said many people who get eyelash extensions are afraid the wash them due to fears that they might fall out, leading to bacteria buildup, infection – or creepy crawlies. Eyelash lice, which are medically refereed to as demodex, are organisms that live on hair follicle and can be transferred to anyone. While the method of contracting the lice is similar, demodex are a different species to the more common head lice which makes its home in human hair. just like typical head lice, but they are not the same creature found in head lice cases, according to Dr Gary Keoleian at the Michigan Eye Institute. Dr Gary Keoleian from the Michigan Eye Institute told ABC12: ‘Really what’s being called lice online and on social media right now are actually a form of mite called demodex and that’s where the concern is.’Easy Fan Blooming Lash Extensions

Demodex, which is a nearly microscopic parasitic organism, is actually something everyone has, Keoleian said, but problems arrive when bacteria builds up on the fake lashes. ‘Over time, dirt and debris can accumulate. When it accumulates, that’s when you start getting into irritation. Demodex can infest, bacteria can take root, then you have irritation and you’re picking at your lashes and it’s a whole cycle,’ he continued.

Generally the idea when you have eyelash extensions is that people are afraid to kind of touch them or wash them because they’re afraid the eyelash will fall out.’ Dr Malik said that cleaning your eyelids is critical to stop the buildup of bacteria that lead to lash lice. ‘We recommend tea tree base cleanser. Any cleanser that has a diluted form of tea tree, and it’s a good idea to use on a daily basis,’ she said. Experts also said that taking an occasional break from eyelash extensions can be beneficial for eye health.

Tianjin International School Review

Tianjin International School Review

Tianjin International School is one of six schools run by a Christian group, Leadership Development International. The main objective of the schools is to provide income and free education for the LDi employees… international school in Tianjin

Academics wise, Tianjin International School has a strong ESL support to assist with students that struggle. They also put resources into students with learning disabilities…

Tianjin International School is an AP school. With 75% Korean students who mostly attend academies at night, the classes run well…

With the focus being on profits rather than serving the students, there appears to be a complacency in regards to growing Tianjin International School…

Housing for expats is fine and Tianjin International School provides a bus. National teachers are paid less than what you find at McDonalds and receive no housing…

Professional development is excellent. Tianjin International School will ask you to take training during the summer…

Tianjin International School is quite judgemental with who is worthy of becoming a TIS employee. If you are hired, the school may fire you if you marry and they find that your new spouse is not up to their standards…