Remember the controversy, a few years ago, over the Firefox extension Firesheep and the huge privacy concerns we all had over connecting to unprotected networks? It feels like the heat has settled down these days, but it's important to not forget how easy it still is for others to crack into your online accounts when you're out there in the open. Now, we've covered before how to use VPN's and proxies to protect yourself online and bypass country-blocks to sites like Hulu or the BBC iPlayer, but now it's time to take it a step further and automate the entire process. Let's take a look at how we can ensure your safety with Sidestep.
How it Works
Every time you connect to an open wireless network—at your local coffee shop or store, for example—you open yourself and your unencrypted data to anybody else on that network. With tools like Firesheep, people around you can easily hijack your data and things like your accounts to websites such as Facebook, Twitter, Amazon, and more could be compromised if you're not careful enough online.
Your accounts to websites such as Facebook, Twitter, Amazon, and more could be compromised if you're not careful enough online.
We've previously talked about how to set up a VPN (Virtual Private Network) or use apps like Tunlr to get a safer connection online, but in this tutorial we will be using Sidestep to make it even easier. This is a free app by Chetan Surpur that detects when you're on an unprotected network and automatically connects to a proxy for you. It then encrypts your data and sends it through that separate network of your choice, keeping all your traffic secret and protected.
What You Need
The most difficult part of setting up Sidestep (the process is quite simple, actually) is finding a suitable proxy server that you can use with it. A proxy server is basically another computer or server somewhere in the world that you can push your traffic through to keep it private. You need to be able to establish an SSH connection (which means having a hostname/IP and a username) with it in order to move on.
Here's a list of possibilities from the Sidestep website. Whichever option you choose, feel free to post in the comments here for help finding a proxy server for you.
- Pay for a VPN or proxy server online—of which the former can be relatively expensive if use them only to privately browse. If you have a Seedbox or anything like that, you're set too. For a cheap option, you can donate $1 to Silence is Defeat for SSH access.
- Use an existing web server—if you already have a website, check if your webhost allows you to use your SSH server as a web/SOCKS proxy. You will likely be able to find information on this in your webhost's support or FAQ sections. If they do support SSH proxies, get your server information and move on to the next step.
- Use a computer in your house (such as a PogoPlug or old desktop tower) that you can always keep online and set it up as an SSH server.
- Set up an Amazon EC2 server—this option can be incredibly long winded for some. However, you can get a free proxy through this method for several months. I went through the tutorial myself and there are some typos which could trip you up, so do ask for help if you need it.
1. Starting Up Sidestep
First download Sidestep, extract it, and place it into your Applications folder.
Open it up and you'll be greeted with instructions. Click Next.
2. Entering in Proxy Information
Here you will want to enter in your SSH information, including your username, hostname, and port number. Test your connection once you've entered in the information by clicking the Test Connection button.
3. Ready to Use
Sidestep will run in the background now as a menubar application and will connect automatically to your proxy server whenever it detects you're on an unsecure network (meaning there is no WPA encryption). I personally keep it running all the time as it also provides an indicator to tell you when you're unprotected as well, just in case. Click Finish and everything is set up and ready to use.
Click on Sidestep's menubar icon and you can find your current connection status, preferences, and the option to update the application. If you click on the About option, you can go through the setup again.
In the app's preferences you have a variety options to toggle to change how Sidestep works. If you want to stop Sidestep's proxy settings from turning on and off automatically, you can enable and disable the first checkbox. You can also change settings for checking for updates, starting automatically on login, and allowing growl notifications (to tell you when Sidestep connects and disconnects).
In the Proxy Server section, you can find options to change your SSH server. Also if you want, you can use a VPN network to reroute your traffic (follow the Mactuts+ guide and restart Sidestep to make it show up in the dropdown menu).
The Advanced section offers more technical users the option to use custom arguments for the SSH connection (for more advanced users).
It's a good question to ask whether or not all this extra security is necessary at all—I mean, do we need to protect ourselves and our data this much every time we go out? Personally, I would say yes. While an HTTPS connection may protect you on a few websites like Google or Facebook, the vast majority of the Internet still uses unencrypted data channels whenever you browse around. This means that you're still vulnerable most of the time you open up your browser, and it doesn't hurt to reduce your risks online.
Do you use Sidestep? What are your opinions on Internet privacy and safety? Head to the comments and tell us your thoughts.