DPI   Design and Order your Cards
Internet Security
FAQs
 
 

Do I need secure online communications?

Why do we need Virtual Private Networks (VPN's)?

Why is DPI's VPN Service Different (what is IPSec)?

Does using VPN encryption technology make me a target of suspicion?

How safe is IPSEC VPN technology?

Banks and most secure email systems trust HTTPS and SSL VPN's. Why shouldn't I?

How much does it cost?

 
 
     

Why is DPI's VPN Service Different (what is IPSec)?


DPI’s VPN service protects you from man-in-the-middle attacks, while other types of VPN's do not.

There are four different types of VPN technology (PPTP, L2TP, SSL or HTTPS VPN, and IPSEC). Only one, the type that DPI and its partners use (IPSEC), is not susceptible to what are called man-in-the-middle (MITM) attacks.

To date, every "Free" or lower costing personal VPN service that has come to the attention of DPI and its partners, all use PPTP, L2TP, or SSL VPN technology because they are easier to implement as a service. If its free, there's a reason. While DPI and its partners strategically chose the VPN infrastructure we implemented, it still cost's thousands of dollar's each month to run and maintain the infrastructure.

A MITM attack requires a physical listening device to be installed on the network path between your computer and the web site you’re visiting. It’s easy for authorized agencies to install these listening devices at Internet service providers (ISP's), since the state usually either own or heavily regulate the ISP's in their country.

All VPN's exchanges public encryption/decryption keys (like a decoding password) between your computer and the VPN company before creating an encrypted tunnel. In the case of the first three kinds of VPN's, this code is not encrypted. So a MITM can intercept the encryption keys used to encrypt your data, which then gives it access to all the information you’re sending and receiving. Your emails and web sites become like a postcard for them to read.

For example, this ethical hacker link shows one how to perform a MITM attack.

DPI’s VPN's (IPSEC), on the other hand, use a pre-shared key to encrypt the public keys that are transferred each time you get on the Internet. These public keys are first encrypted and decrypted by a pre-shared key on each side of the tunnel, and the pre-shared key is never sent over the Internet. Because MITM computers don’t have the pre-shared key, they can never intercept the public key and compromise the encrypted tunnel.

When a MITM attempts an attack on one of DPI’s VPN's, the VPN will simply disconnect and place a pop-up window on your screen letting you know that it is disconnected. You can then choose to reconnect the VPN. With the other three types of VPN's, you may not even know that you’ve been attacked. Though a certificate error may pop up, most people click right through it.