Receive new posts as email.
RSS 0.91 | RSS 2.0
RDF | Atom
Podcast only feed (RSS 2.0 format)
Get an RSS reader
Get a Podcast receiver
| Sun | Mon | Tues | Wed | Thurs | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 |
This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator or JiWire, Inc.
Entire site and all contents except otherwise noted © Copyright 2001-2006 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.
Powered by
Movable Type
« Portland Cloud Competition | Main | Free Akron Airport-Fi »
If you’re using a Google Wi-Fi hotspot in SF, you can download Google Secure Access: It’s a free VPN with no details about method (probably SSL) or encryption method (one hopes at least 128-bit Blowfish, but maybe more). Probably not. It looks like Google, for now, is offering this service for download only over its own free Wi-Fi networks, but it might work elsewhere, they suggest. This download-at-hotspot requirement limits distribution because one assumes you have to set up a VPN account or use your Google login. (You can try to download it from this location, too.)
This fuels interest that they’ll sponsor or build much more free Wi-Fi—tied in with their fiber optic last-mile postulated plans. I still don’t see how free Wi-Fi helps their business model. A tiny bit more Internet access would only provide a tiny bit more ad revenue.
I’ve exchanged email all morning with a colleague that thinks this spells death to HotSpotVPN, Public VPN, JiWire’s SpotLock, and WiTopia’s personalVPN. My reaction? This could create a lot more awareness about VPNs, a good thing, and not everyone will want to use Google’s service. They’re unlikely to provide phone support or fast tech support response, a must when someone’s on the road and can’t gain access via the VPN. They don’t (yet) offer a variety of encryption types or tell us what they’re using. Their choice of VPN transport might not appeal to all users.
A call into Google PR to obtain my own personal “no comment” hasn’t been returned yet.
Update: Several folks have mailed to point out that this isn’t SSL VPN, but it’s PPTP, which is the weakest of the three widely used tunneling encryption methods. Further, it allows CHAP, MS-CHAP, and MS-CHAPv2. Both CHAP and MS-CHAP have well-known cracks that can be accomplished through readily available free software. MS-CHAPv2 is better, but the software isn’t set up to require it.
A poorly chosen PPTP password can be cracked, too, even with MS-CHAPv2, which is a reason that SSL and IPsec-over-L2TP have been emphasized lately. Even HotSpotVPN.com, which originally offered just PPTP tunnels, enforced strong password selection by assigning a strong password. (HotSpotVPN now offers a variety of strong encryption with an SSL VPN as their main “rental” service.)
Posted by Glennf at September 20, 2005 7:47 AM
Categories: Security
TrackBack URL for this entry:
I"m using Google VPN anywhere. Not just in SF. I've used it all over Northern Calif at various hotspots. Not sure why its working but it is.
Posted by: MP at October 8, 2005 10:51 AM
This is God!! Ok, I'm not crazy. Listen to this. My University has a filter on their internet service here. We have several OC3's on campus, but due to file sharing and bit torrent, it has been slowed down. I am not very familiar with vpn, but I downloaded this, and low and behold, I can access any site, and download anything I want to with bt or any p2p, and it all works!!
Posted by: Ben at October 5, 2005 8:33 AM
"I still don't see how free Wi-Fi helps their business model."
The future is all about mobile phones. Mobiles to pc's is already 3:1 and by 2010 it'll be 7:1. PC is out, mobile is in. Location based advertisement is the extra business model; Google offers free calls and webservices in exchange for personal data to be used for advertising and marketing. Where customers go, the money follows.
This is DISRUPTIVE as can be...
Capastorm
Posted by: Capastorm at September 26, 2005 2:08 AM
As a freeware alternative I use iPig with good success. The software (http://www.iopus.com/ipig) includes the option to set up your *own* VPN server extremly easy. Thus all traffic goes to your
computer and not via the Google machines!
Posted by: Dan Peters at September 23, 2005 4:49 PM
Who needs a Mac client when you can simply log in with an Applescript? http://www.kevinstock.com/osx/googlevpn/
Posted by: Chris at September 23, 2005 7:48 AM
Actually, it is PPTP, using the standard Windows PPTP client. The only thing special about it is the username and password, which are kept in Google's own client and passed into the Windows client automatically.
Posted by: Dana Spiegel at September 21, 2005 4:47 AM
It is pptp not ssl, 128bits only. Speed is capped at about 500 bps.
Posted by: WiFiLifeLine at September 20, 2005 9:31 PM
No Mac client yet, according to the site. Don't know if I'd want a vpn that I can only use on their network... Lots of questions, no answers. Any idea on the timing? Lets here from someone using it!
Posted by: WiFiLifeLine at September 20, 2005 9:21 AM
I'm pretty sure its SSL
Posted by: government wireless solutions at September 20, 2005 8:39 AM