I was kibitzing with a friend over coffee about information security last week.
Specifically, I described that I use a cheap, US-based, VPN service (that I know nothing about) to keep my Internet traffic encrypted when I'm working from coffee shops and so on. I don't know the people at this company, nor what they're doing with the traffic once it gets to their hardware. For all I know, they're logging it all and giving it straight to the authorities. It wouldn't make for an exciting read, but that's not the point. So I was looking for some advice.
At this moment in the conversation, the friend recommended Tor, of course. I like Tor. I had used it many years ago. But, in the end, it was painfully slow for day-to-day use.
Part of the answer is more "friendly" organizations running Tor nodes. Why doesn't Mozilla run a Tor node, the friend asked? I have no idea. (I'll have to ask when they're all back from Las Vegas.) But, in light of recent world events, it is clear to me that more Internet privacy is a "good thing."
But it got me thinking: I don't need Tor all the time. In fact, I specifically only need it some of the time.
That thought collided with wanting to find an excuse to dive in to Amazon's Web Services, and specifically their EC2 offering, and I started wondering about setting up an on-demand VPN (maybe Open Swan?) and remote Tor client.
I'd like to be able to log-in to Amazon via SSL and fire up the EC2 instance (I like the idea of not having to pay a monthly fee, but just to be able to start and stop it when I need it). Once it started up, I could VPN to the server and have a Tor client running that I could connect to remotely, which would anonymize the traffic coming out the other end. (Honestly, I change laptops often enough that it would be more sensible to run Tor remotely and just connect to it. Crazy?)
I have no idea how hard this would be to set-up, or if it will event work as described. What better excuse to give it a try.