https

Why Do Some Sites Block My VPN?

BBC

Episode 1632

Dan from Orange County, CA

Dan signed up for a VPN recently, and he can't use it with his banking, Netflix or other apps. Leo says that the bank is probably blocking it. VPNs can break IP-based authentication. BBC iPlayer, for instance, blocks VPNs, because you're not paying for the TV license fee. Netflix does it because it doesn't want another region to be watching content that isn't available for licensing reasons. Banking activity is encrypted, so you don't really need a VPN for it. Google has also been pushing for HTTPS encryption with every site, so if every site is encrypted, there's no real need for VPNs.

Is it secure to listen to streaming live?

HTTP & HTTPS

Episode 1593

Michelle from Thousand Oaks, California

Michelle wants to know of a secure way to listen to podcasts and live audio streams. Leo says that if you're listening to TWiT, you can go to twit.tv/live. It's secure from every source. Leo says to check to be sure your browser is up to date. That could be the issue. But streaming should be very secure. In fact, Google is pushing for all sites to be https compliant. So if the site isn't https compliant, that could be an issue. Those certificates are based on dates, and if your computer's date is off, that could indicate a certificate is out of date when it really isn't.

How Safe is Public WiFi?

Firewall

Episode 1592

Mark from Los Angeles, CA

Mark hears that Public Wifi may not be safe. Is that true? Leo says yes and no. When we're on a public network, people can see our connection. We can see other people's computers in our browser. We may not be able to see everything, but a hacker can use what's called a "WiFi pineapple." So there is a potential risk. But with a secure connection via HTTPS, they can't really see anything. That's why Google is pushing hard for every website to be https. That's why it's Leo's opinion that we're mostly safe. When in doubt, just use a virtual private network while on a public wifi.

Is a VPN safer than just using a secure website?

Episode 1311

Bruce from Billings, MT

Bruce wants to know if his friend's website should be using a VPN for secure web access. Leo says that he can, but the first thing web sites should be doing is running a secure site with https. Amazon uses an extended SSL certificate which has a green bar so that it's even more secure for eCommerce. Using a VPN like HotSpot VPN or Tunnel Bear can give him a secure and ecrypted tunnel to a server.

How secure is a VPN?

Episode 1289

David from Palm Beach, FL

David wants to know about Tunnel Bear. Leo says that Tunnel Bear is a virtual private network or VPN, which essentially burrows a digital secure tunnel in the internet. Is it secure enough to bank with or should he just trust "https"? Leo says both are very similar. The difference is that https activity cannot be seen by anyone, but they can see that he's been online. It can also be probed, whereas VPNs are tunnels that encrypt all of the traffic. no one could see anything. It's more security, but similar security. It's up to David.

Why can't I view a YouTube video with https?

https

Episode 1146

John from Ottawa, ONT CAN

John has been given some YouTube links that have "https" in their URL, and he can't view them. Leo says that those links are encrypted and Google has been pushing towards https for all video links to prevent hackers from taking advantage of it. Https uses a time-based certificate, and if his computer hasn't been updated or doesn't remember the date, he may not be able to read it because the certificate isn't valid according to the PC. John should check his clock. He should try logging into a different account and see if that changes things.

Is sending your birth certificate online secure?

Episode 1047

Ashley Witt from TWiT

Ashley's having an issue signing up for Obamacare. His daughter signed up for the insurance through Covered California, and they sent her a letter saying they don't believe she really is who she says she is. They want her to scan her birth certificate and email it over the Internet. Leo says that authentication is one of the core problems with a lot of things, and is the target for identity thieves. Leo says that if it's being sent through the Covered California website, chances are it's encrypted and safe.