Nowadays, it's becoming a rather well known fact that using public networks (or even private networks if there are untrustworthy people using them!) can lead to a number of security implications.
You may not consider this to be a problem, after all - it is just your phone, right? But consider the amount of services your phone utilises - it automatically checks your e-mails for you, it checks your PayPal account, your social networks; the list goes on and all this data is potentially at risk of being stolen by an untrusted third party on the network.
The question that comes soon after the realisation of this is - how does one secure themselves? The answer is simple - tunnel your traffic!
What is a VPN tunnel and how does it help me?
A tunnel is the name we give to a VPN connection which we use to access the Internet. The way in which this secures you is that all the data we send through it is encrypted, as opposed to if we accessed the Internet without the VPN tunnel.
To try and better understand this, let's take a look at the diagram below.
As you can see, rather than us making requests directly to the Internet, we use the Internet to send the requests to our VPN provider, who then makes our requests for us and sends back the information down the tunnel (illustrated in the red boundaries).
Any untrustworthy sources (labelled in this diagram as "Eavesdroppers & Hackers") are unable to see the data we are sending, but instead can only see the tunnel itself as it is encapsulating our information. If we were to remove the tunnel, the information we send would be directly exposed to them.
You may also notice the entity labelled "Government & Corporate Blocks", which represents the filters we see implemented in countries with more oppressive Governments and in places of work or education which don't want you to visit websites X, Y and Z. By tunnelling our traffic, these filters get rendered void as they are unable to see what you are requesting or where you are requesting it from - all they can see is that you are trying to contact the VPN provider.
Sounds awesome, how do I find a VPN provider?
There are a lot of VPN providers out there, offering various levels of service at varying prices. However, the provider I am going to be recommending and talking you through setting up with is FrootVPN.
FrootVPN are a relatively new provider (at the time of writing this) and are currently offering their service for free; and in my experience with premium VPN providers, I've actually had comparable if not better performance from FrootVPN. They may well start to charge for this in the future (after all, it does cost money to run services like this), but for now, you can make use of a good quality service for free.
Disclaimer: I am not affiliated with FrootVPN in any way
So, how do I set this up?
First of all, go sign up for an account at FrootVPN.
Once you have an account set up, you will need to download the OpenVPN app for Android by clicking this link or scanning the QR code below.
The reason we are using OpenVPN as opposed to the other types of VPN is due to the level of security offered by OpenVPN in comparison to the others. If you want to read a bit more about the technical details that make PPTP a less secure option, see Cracking PPTP / MS-CHAPV2 with ChapCrack & CloudCracker.
Now that you have the OpenVPN app installed, navigate to the FrootVPN website on your device and login to your control panel. Once logged in you will see a button labelled "Download OpenVPN file"; click this to download the required configuration file.
Once the download completes, open the OpenVPN app and in the menu click
Preferences and enable the
Seamless Tunnel option to ensure none of your data can be leaked if the VPN loses connection for any reason.
Now back in the main menu, click
Import and then
Import Profile from SD Card and navigate to and select the file we just downloaded (it will most likely be in the Download folder).
You will now have a new profile created for you and you will be prompted to enter your username and password (as seen in the below screenshot) - this is the username and password you specified when signing up to FrootVPN; simply enter the credentials and hit the button labelled
Upon clicking the connect button, you will be made aware that you will be allowing OpenVPN to intercept your traffic, permit this as in the screenshot below by ticking the check box and clicking the OK button.
OpenVPN will now be trying to connect to the VPN, after a few moments your screen should now look like this:
And that's it - you are now secured! You'll be able to identify that you are connected to the VPN and that OpenVPN is indeed active via the indicators that will be placed in your notification area as can be seen in the top left hand corner of the screenshot below.
Other things to consider
It should be noted, a VPN tunnel isn't going to protect you from every attack vector on the planet but it will certainly help aid in preventing people eavesdropping on what you are doing whilst using your Android device on a public network (or at home if you're using this to avoid Government level restrictions).