A free Android app designed to help dissidents to bypass China's Great Firewall is getting a lot of attention as one of the simpler ways to get some privacy on an Android device while using the web.
Getting less attention but offering far simpler access is a system whose base technology started out as a way to save data securely on a USB drive, but evolved into a way to create a VPN connection to data stored at home that is simple enough for consumers to understand and use.
SSH Tunnel is an open-source app that runs on Android and, when invoked, encrypts all the data sent between the device and the Internet, wrapped securely inside whichever cellular-networking protocol your own carrier uses.
You need root access and a bit of expertise, but getting it to work isn't terribly difficult.
By encrypting all the data destined for the Internet – including data showing where the Android device is right now – SSH Tunnel makes it difficult or impossible for eavesdroppers in airports or coffee shops to pick up your texts or emails or see the details proving that your conservative suit and grave expression may hint you're doing important work, while giving no indication to anyone who can't see the screen that you've spent an hour on TheChive.com.
(Incidentally, of course, the same encryption would keep corporate data safe while end users connect via public WiFi or cell nets, but that's much less interesting than being able to get away with sloughing off work without letting anyone know what you're up to -- especially the creepy guy in Starbucks using Kismet to turn his iPhone into a sniffer.)
Need to get to a bunch of files stored on a work or home computer but prefer not to carry your spare drive along or put them on an insecure laptop?
Given the varying security policies, idiosyncratic hardware and network configurations involved, I've only rarely been successful using software-only VPNs to get back into a computer I left back at the office.
VPN into networks and servers, sure – that's rarely a problem. Getting all the way through a company's network to a computer on my desk, or through my ISP's and my own home router to get to my own server, has rarely been easy.
myDitto is designed to make it easy, by giving each user a USB drive containing a unique identifier, VPN encryption code and directions back to the data you want.
It plugs into a personal NAS box (that you can call an external hard drive or something when you talk to users) that, depending on the model, can hold up to two 2TB hard drives.
Plug the myDitto USB key into the NAS box, press a button and the two identify one another, agree on encryption and ID, and off you go.
Theoretically, anywhere you go in the world you could plug that USB key into a borrowed computer and it will get you back to your files on that little NAS box.
In practice I never got it to work from behind the various layers or routers, switches, firewalls, powerline-networking devices and other things that function as NATs, blinding the outside world to the glorious chaos that is my home network.
Putting myDitto right behind the ISP's router, though, worked just fine, once I told the router to let in communications aimed at its MAC address, and give it two-way clearance to do whatever it wanted (which is mainly to have the right to two-way communications via the Samba VPN protocol, a proprietary myDitto protocol, plus UPnP, DLNA and iTunes).
There are software clients that allow access from Windows Mobile 6, iOS and Android devices, and a business version of the box as well.
The business edition – for SoHo mostly, though it promises "enterprise network benefits" – installs the same way as the consumer version. It's plug-and-play, configures itself to your network, and offers peer-to-peer connections across a LAN or through the Internet.
The 1TB version , with one drive bay open, lists for $145.99, but goes for five bucks cheaper on Amazon. The 2TB version can be had for $199.