Listen to the Podcast
3 July 2020 - Podcast #700 - (23:46)
It's Like NPR on the Web
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
Things that once seemed excessive sometimes become normal. Just about everyone has a home computer with a large monitor (maybe two), and a lot of storage. Home networks and internet connections are common. Not too many years ago, only security freaks used virtual private networks; now they're almost common, more so on mobile devices than home computers.
VPNs usually cost a few dollars per month and can be used on multiple devices simultaneously. I have a VPN installed on the desktop computer, a tablet computer, an Ipad, and an Android phone. Until recently, the VPN was always active on the phone, whenever I took the tablet computer or Ipad out of the house, and only occasionally on the desktop computer.
Click any of the small images for a full-size view. To dismiss the larger image, press ESC or tap outside the image.
For a while, the VPN was active on all devices all the time. The exceptions were for sites that do not accept connections from VPNs. Some streaming services block VPN connections because they can't tell what country the connection is coming from. The media companies have contracts that specify the countries viewers can be in. PayPal once blocked VPN connections, but seems not to now. Using a VPN obscures your computer's IP address, which can be used to identify the computer. Some criminals use VPNs to mask their IP address so they can't be tracked. Still, criminals use a lot of things and nobody has moved to block the general use of those things. But there's another reason why the VPN is back to being active on the main computer only when needed.
VPNs are important because using public Wi-Fi (found at airports, hotels, and cafes) is risky. Public Wi-Fi systems are simply not secure. Even crooks that aren't too bright can intercept your data on a public Wi-Fi system unless you're using a VPN application. This includes usesr IDs, passwords, emails, chats, and anything else you send via the system.
A VPN creates a secure tunnel by encrypting the data. When you use a VPN, your data is hidden from snoopers.
But you may also find that some public Wi-Fi networks block VPNs, too. That's unfortunate because one of the primary reasons for using a VPN is to avoid the dangers posed by public Wi-Fi systems. The good news is that respected VPNs are usually not blocked. These include services such as Private Internet Access, Express VPN, Proton VPN, Nord VPN, and Surfshark. I have used Private Internet Access and currently use Nord VPN, but all of these are reliable.
If your VPN is routinely rejected on a public Wi-Fi network, there are a few responses: First, check with your VPN provider to find out if they are aware that they're being blocked by a public Wi-Fi provider and what their recommendations are for resolving the problem. If they have recommendations, use them. If you're still being blocked, check with the provider of the public Wi-Fi system to see if they can do anything. If not, maybe you shouldn't be patronizing the business.
The primary disadvantage to using a VPN is that it may slow the connection becuase of the process that encrypts and decrypts data, and sending data through a third-party server. Most reputable VPN providers have eliminated, or at least reduced, that problem.
That's why I recently decided to enable the VPN permanently even on the desktop system. The performance reduction was minimal and the VPN made it impossible for my internet service provider to capture information about my use of the internet and sell it. I don't know that my ISP collects and sells data about me, but it's easy enough to eliminate the possiblity. That all sounds good, so I owe you an explanation of why it's no longer active all the time.
NordVPN works on Windows, MacOS, Linux, IOS, IpadOS, Android, and others. The service has more than 5000 servers in 60 countries. If you decide to sign up for NordVPN, don't take the first offer they show you, which is $125 for 3 years. If you wait a few days, you'll receive a message offering the same deal for $99.Some VPN providers have versions that can be used with your router. This may eventually become the preferred method of using a VPN, but currently I prefer to install and activate the VPN application on each device because that provides better control.
Virtual private networks usually offer at least two or three protocols. These include OpenVPN, Internet Key Exchange version 2 (IKEv2), Layer 2 Tunneling Protocol (L2TP), Secure Socket Tunneling Protocol (SSTP), and Point-to-Point Tunneling Protocol (PPTP). So the question is which one to choose.
OpenVPN. Period. If your VPN offers OpenVPN, use it. This is the most recently developed protocol and it's fast. Nord VPN users will find this in the Advanced section of Settings. It's listed as "Obfuscated servers (OpenVPN)".
If that's not an option for you, here's a quick summary of the other options. If you want to read a detailed explanation of the protocols, see VPN Mentor's "VPN Protocol Comparison: PPTP vs SSTP vs OpenVPN vs L2TP vs IKEv2". In brief, IKEv2 is a good choice for mobile devices because it can reconnect on the fly. L2TP is also known as IPSec (Internet Protocol Security), is a good choice if OpenVPN isn't available. SSTP is a Microsoft protocol that dates back to Vista and should be avoided. PPTP is an antique that, although widely supported, should be avoided.
Applications such as Adobe Creative Cloud and Microsoft Office 365 run entirely on the computer. That is, they are not cloud based; but they are software as a service (SaaS) and must occasionally check in to confirm that the license is current.
When Adobe Creative Cloud is unable to connect, you'll see (1) an offline indicator at the top of the Creative Cloud app and (2) a notice that you have no internet connection. Microsoft's message (3) is a bit more obscure, consisting of just a "we are unable to connect right now" notice without saying who "we" are or what "we" want to connect to.
Both Microsoft and Adobe applications will continue to work for several months without an internet connection, but you won't receive updates. Other features may also be disabled, such as the ability to synchronize typefaces because the connection is broken. You'll see these messages even though (4) the network indicator in the Notification Area clearly shows that the computer has a network connection with internet access.
Fortunately, it's easy to fix; but you do need to dig deep into the Windows Network Settings panels. Here's how:
Open Network Status in the Settings app and (1) click Change adapter options. This will open the Network Connections dialog and you will see several options. Look for the one that includes "TAP-NordVPN" in the description and (2) right click it. Choose (3) Properties from the dialog box.
Ethernet Properties will open. Select (4) Internet Protocol Version 4 from the list, being careful not to clear the checkmark in the box at the left. Click (5) Properties.
The Internet Protocol Version 4 (TCP/IPv4) Properties dialog will open. Confirm that (6) Obtain IP address automatically and (7) Obtain DNS server address automatically are both selected.
Click the (8) Advanced button to open Advanced TCP/IP settings.
Open a Command prompt and type ipconfig | findstr Gateway (using a capital G in the word "Gateway"). This will return the value for your router's default gateway. In most cases, this will be 192.168.0.1, but another common value is 192.168.1.1 and other addresses are possible.
Click the (9) Add button below the Default Gateways section to open the TCP/IP Gateway Address dialog.
Select (10) Automatic Metric and then fill in the default gateway IP address you identified with the ipconfig command. Check to be sure that the IP address is correct and then click Add. Then click OK on each of the dialog boxes until all of them have closed.
Your computer will probably display at least two network adapters and might show more. It's important to update the default gateway for each of them.
Office 365 and Creative Cloud then worked normally.
About the time I thought the problems were solved, I noticed that the online backup service CrashPlan was stuck at 99.9%. It should report 100% most days and anything less only on days when I've added a lot of large files, so this was concerning. When I opened the CrashPlan control panel the display indicated that it was waiting for a connection.
After working with Nord tech support for nearly three hours (90 minutes of that with one extremely helpful and dedicated technician), the problem had been reduced but not eliminated. Crash plan connects and backs up some files, but it reports the most recent completed backup was more than one day ago.
The workaround, while I waited to see if CrashPlan could figure out why their application won't work with NordVPN, was simply to disable the VPN on the desktop computer. The VPN isn't a necessity on the desktop computer the way it is on mobile devices. If I need the VPN to be active, I can have it initate a connection. Although this is not the ideal solution, it's an acceptable workaround and even a marginally acceptable long-term solution.
The moral of the story is that a virtual private network can be a good safety feature, and an essential security feature when you're using any device that connects to a public network or a Wi-Fi hotspot, but it can be a challenge to set up and configure. A desktop or notebook computer that connects to the internet via a router is less at risk than a mobile device. It's also important to understand that some websites will refuse connections that arrive from a VPN because they can't tell where the connection is coming from. When you encounter this response, there are two options: Leave the site or disable the VPN.
After more than two weeks of wrestling with CrashPlan to find a way to make it work through the VPN, and after asking "Do you have any clients who use CrashPlan with Nord VPN?" three times, I finally received a straight answer: "Unfortunately, CrashPlan for Small Business is not supported for running through a VPN so the experience of it working when you disable the VPN is what is expected."
Had someone at CrashPlan simply answered that question when I first asked it, several hours of needless frustration for Nord tech support (and me) would have been eliminated.
The final words on the topic are these: Using a VPN on a desktop computer that's connected to the router or modem with an Ethernet cable isn't essential even though it does offer some additional privacy protections. Where's it's essential is on smartphones, tablets, notebooks, convertibles and all other portable devices. It's OK, then, to turn off the VPN on a desktop system if it gets in the way of more important applications.
A lot of office workers are now working from home and and may be doing so for quite some time. Companies that had at-home workers had a big advantage when the Coronavirus hit the fan because many of them already had a VPN for those who worked at home. Working from home is one case where, despite what I said in this week's main article, a VPN is necessary.
For the last couple of years before I retired, I worked from home. My wife works from home. We weren't allowed to use our own computers. Instead, the company provided notebook computers and, if we wanted them, monitors, mice, keyboards, and other peripherals. I didn't need any of those because I had two monitors, a keyboard, and a mouse that could be shared between my computer and the office computer with the touch of three buttons: One to switch the keyboard and mouse and one each to switch the monitor connections.
When the office computer booted, it established a connection through a VPN to the corporate servers. Then the login process was accomplshed using RSA SecureID software that replaced a physical key fob that we had used previously. The company also has substantial security measures around data to and from clients and while it's on the server.
For a company like that, adding at-home workers is trivial because most of the work had already been done. Companies that had no telecommuters have had to rush to implement security measures, and some of the implementations are far less than adequate.
Companies that had already assigned notebook computers to office workers could just send those computers home with employees. Others had a choice: They could buy and set up a bunch of new computers or they could have employees use their own computers. That decision is the worst possible choice for security, but it might have been the only feasible option.
If that describes your situation and the corporate IT department hasn't yet audited your computer, there are several actions you should perform as soon as possible. Most of them aren't difficult. I'll assume a Windows computer because that's what most offices use.
Maybe you have some extra time around the house these days. If you're working from home, your commute time has dropped to zero. Some of us, particularly those in at-risk groups, are still unwilling to do a lot of activities that take us outside, so boredom sets in.
What used to be Lynda.com is now LinkedIn Learning and it probably the biggest general information learning site on the web. It's a great way to learn something while you're at home, but it can be expensive for the casual learner -- someone who may want to pick up a new skill every few months. Expensive is relative, of course; you'll need to be a LinkedIn Premium subscriber and that costs $30 per month, or $240 if you pay for a year's subscription.
Maybe you want to learn about email marketing, the Python programming language, microphones and sound editing, search engine optimization, accounting, word processing, creative writing, or time management. These are all covered.
But if you don't need a LinkedIn Premium membership, there may be a free option. Check with your local library because it may offer access to LinkedIn Learning and other educational resources. All you need is a library account and you can log on to LinkedIn Learning from home.
If your local library doesn't offer this service, check nearby libraries and large libraries in your state. Large libraries sometimes offer accounts to anyone in the state.
If you your computer has a slow disk drive, or several disk drives, you may be bothered by the delay between the time the Windows file explorer opens and when you can safely click a drive or directory link.
Here's what happens: I have more than a dozen pinned locations in Quick Access, which is at the top of Explorer's left panel. When I open Explorer, it polls all the installed drives. For me that's seven logical drives on four physical drives, plus a network drive. The polling process takes several seconds and it scrolls the Quick Access section out of view. All too often, I would drag the scroll bar back to the top and double-click one of my favorites, only to find that the polling process had caused the Quick Access section to scroll away again.
So usually Explorer opened a directory I didn't want and I had to scroll Quick Access back into view and try again. There must be a better way! And there is.
Explorer (explorer.exe) is in C:\Windows\, so I went there to take a look. I tried creating a shortcut. Shortcuts can't be saved in the Windows directory, so I was asked if I wanted to store it on the Desktop. That's as good a location as any. Then I went to the Desktop, right-clicked my new shortcut, and selected Properties. The default (A) Start In location is C:\Windows. I didn't see a way to specify the Quick Access location, so I tried blanking the Start In location.
When I used that shortcut, Explorer displayed Quick Access, but called it Frequent Folders. The polling continued in the background, but I had (B) the view I wanted. After moving the shortcut off the Desktop, I used it again and then pinned the Explorer instance to the Task Bar.
Problem solved.
Maybe you're a member of the Windows Insider program. I have one computer installed in the program that provides even buggier versions of Windows than Microsoft releases with its twice-annual feature updates. Why? I have two reasons. First, it lets me see what Microsoft is working on, and second, Feedback Microsoft receives from participants helps eliminate bugs.
Currently there are three options: Fast Ring, Slow Ring, and Release Preview. The Fast Ring provides faster and buggier updates. The Slow Ring provides more stable updates, but at a slower rate. Release Preview is intended for those who want to see upcoming feature releases before they're released to the public. The Fast and Slow rings have existed since the program began more than five years ago, and the Release Preview was added later. Now Microsoft's developers say they wan to put more emphasis on quality.
There are still three rings, but now they'll be called "channels": Dev Channel, Beta Channel, and Release Preview Channel. The Dev Channel is for highly technical users and Microsoft warns that this version will not be stable. The Beta Channel is recommended for early adopters and IT professionals. The Release Preview Channel will continue to give access to new releases before they're deployed. Image provided by Microsoft.
If you're currently participating in the Insider progam, your computers will be updated to the new channel system: Fast Ring > Dev Channel, Slow Ring > Beta Channel, and Release Preview Ring > Release Preview Channel.
Time Warner Columbus (remember when they were called that?) and SOHOware announced Roadrunner customers in Columbus would be allowed to purchase "SOHOware’s cable or wireless Internet distribution box." Today we'd call that a router. This was a big change because previously Time Warner said that customers who connected more than one computer to the cable modem would have to pay extra. This was the beginning of flat-rate pricing per home.
I said "Besides giving every computer in the home internet access, the device also acts as a firewall." That made it a worthwhile purcahse even for those with just a single computer because the box receives an IP address and all the equipment that’s behind the firewall is on a private network.