CriticalRabbit 6 Posted ... Hi, I’ve been using AirVPN for nearly a year now and I’m very happy with it; in fact, I’m going to get a year subscription when my three-month renewal is up. I use it on my Windows machine, even when online gaming, and with my Debian machine. I also use it on my IPad. However, I also decided to try a second VPN just for on my IPad because the application came with a web ad anti-tracker. So here are my questions: Does anyone know of a good IPad application for blocking ad tracking, or even a good browser for that? I’d been using AirVPN with Safari in private mode and I’d prefer to keep using AirVPN on my IPad.Secondly, actually how reliable is IPSec SHA1 HMAC? (this is the standard for my second IPad VPN that I’d been trying). Thirdly, does anyone know how to counter browser fingerprinting on iPad? Cheers,Rabbit Quote Share this post Link to post
InactiveUser 188 Posted ... 1. Adblocking:An elegant solution would be to use a DNS server that blacklists ad/tracking networks. Maybe worth asking staff how they feel about providing an alternative configuration option. 2. IPsec:As you mentioned the hash function, I assume you mean how reliable the cryptography/implementation of IPsec is?The current consensus seems to be:- IPsec itself is (probably) not broken yet- NSA and friends attack it by: - stealing the keys off compromised servers / endpoints - breaking/brute-forcing weak key exchangesMitigations:- PFS/Perfect Forward Secrecy (ask your provider)- don't authenticate with Pre-Shared-Keys (passwords)- if you have to use a PSK, at least choose one that's harder to brute-forceDetailed information on this topic:https://nohats.ca/wordpress/blog/2014/12/29/dont-stop-using-ipsec-just-yet/ 3. Fingerprinting on iOS:Actually, fingerprinting on iOS should be a lesser issue when compared with desktop fingerprinting. iOS users using the default browser should all look alike, shouldn't they?Same OS, architecture, browser, version, fonts, ..Unless Apple grants access to unique device identifiers - which I believe they only do for apps, not websites. 4. Using Tor on iOS:You didn't ask about it, but I'll share my thoughts anway.Don't rely on any iOS app for strong privacy/anonymity. Fighting for freedom on a locked-down platform is a lost cause.I'd still suggest taking a look at "Onion Browser" which utilizes Tor, but keep in mind that it's not endorsed by or in any way related to the official Tor Project.Here's the developer's website: https://mike.tig.as/onionbrowser/The last time I used it (years ago), it felt limited, but usable. The developer seems quite humble about what the browser can and cannot do, which is a good sign. They've also had a code audit last year.There's another Tor-powered browser called "Red Onion" that I don't know anything about. However, I do know that the same developer also sells an app called "Fart Call" - ouch. 2 Casper31 and rickjames reacted to this Quote Hide InactiveUser's signature Hide all signatures all of my content is released under CC-BY-SA 2.0 Share this post Link to post
CriticalRabbit 6 Posted ... Hi, Thanks for your detailed response. I will check with the provider. Regarding tor and such, I’ve made the compromise of using a closed OS for convenience (and somewhat necessity) for gaming and work purposes. However, I try to compartmentalise much of my other online behaviour by using Debian, either in a VM or on a separate machine, with AirVPN. I am also considering using tor over Air but I’m still on the fence. I doubt I’d use tor without the use of a VPN first, given that I do not trust my ISP for not logging tor use. And for that reason, I would not use a tor app on my IPad without being able to use a VPN first. Quote Share this post Link to post