On-tour data security

[macspud]

A few gentle cautions:
1) Never, ever click on the links. I use virtualized computers that "disappear" on restart and occasionally use them to check the links. All the items I have seen for sale so far are counterfeit and/or are designed to take your credit card numbers.

Investigating just one recent post infected my virtual machine with 147 pieces of malware, including ransomware (where the user's data is held hostage under threat of erasure unless money is paid). A majority of the sites employ "drive-by downloads" which can infect your machines simply by visiting, so avoid the hassle and protect yourself by not clicking the links.

Hello Dan,

I meant to ask you this ages ago but forgot, But maybe I could restart this thread to ask you about your virtual machines.

I am interested in learning about safely using the internet whist on tour or just away from home. Would you be able to point me towards good learning material about setting up and using a virtualised computer?

I am finally near fit enough to get back on a bike after going through a long slow couple of years (I suffered the dreaded BONK a couple of rides into the 2015 season. unfortunately I didn't stop because of inclement weather. The up shot was, I became aware that at some point between my last big crash and this one, I'd forgotten how to bounce , instead broke when the inevitable happened.)and am looking towards tours to come and would like to get the security side sussed out.
I would much appreciate a steer in the right direction of good, logical, clear, and precise learning tools, should you know of any.

All the best,
Spud.
 

[JimK]

One simple thing I have been doing more of lately is to close my browser a lot, so I will usually have just one tab open and will close my browser before moving to a new web site. This just makes it a bit harder for one evil website to mess around with important stuff.

The challenge is that we often do want to share data from one place to another. You can open up a brand new clean machine, but it won't have any files. You can park all your files up in cloud land someplace, like dropbox or whatever. But then you need to connect at some point to use that data.

I think it's a lot like locking bicycles. You can reduce the risks dramatically, but never quite to zero. Plus there is always a trade-off vs convenience.

Yeah, Dan, a few pointers to some basic technology, that'd help get some effective options on the table!

[Danneaux]

Hi Mac'!

Big topic and part of my regular consulting!

Basically, following good computer hygiene at home translates to the same while on-tour. Here are some quick tips the average user can use to keep safe; I'll keep this entry short and sweet as a glossy thumbnail sketch...

• Regardless of your device, keep it up-to-date, especially on security updates. This is as important with phones as it is computers like desktops, laptops and tablets, regardless of operating system.

• You can purchase a subscription to a Virtual Private Network (VPN) and use it as often or long as you wish. A VPN adds security and privacy to both private and public networks, like WiFi Hotspots and the Internet you'll be most apt to use while touring. VPNs are most often used by corporations to protect sensitive data. There are a number of VPNs that work well at reasonable monthly rates. They vary in their speed and the locations you can set, so check first and make sure the VM is provided by a reputable firm, since all your traffic will go through it. One I use is TunnelBear, because the same price covers my Windows computers as well as my Android phones. They have a flavor for Apple products also. I pay USD$2.72/month for my subscription. A VPN primarily secures your communications and is a real boon when using public wifi. For more on the topic of VPNs, see this custom Google search:
https://www.google.com/search?q=whag+is+a+vpn%3F&oq=whag+is+a+vpn%3F&aqs=chrome..69i57j0l5.6282j0j9&sourceid=chrome&ie=UTF-8#q=what+is+a+vpn?

Secondarily -- quite apart from security -- a VPN is also useful for planning trips in advance from home, as you can also virtualize your location and so view videos, news, and such that would otherwise be geo-restricted to their home markets. This is especially handy if you like to get a handle on news of events in other locations that may impact your tour when you arrive. I used my VPN for this when I was in Turkey and wanted to view local videos of the massive flooding in Serbia. The level of detail available in local Serbian news allowed me to better plan and time my arrival and via a different route. The route I had planned on was unusable. It also showed me just where the mines had been washed from their marked locations and so it was no surprise when I found them scattered across the road and chose to sleep in a farmer's brick-lined hay crib instead of wild camping in a field or forest.

Once my apparent location has been changed, Google tailors results by location and if the location of your device is determined by network rater than GPS, you'll get localized results. All links are local for the countries where my VM has nodes. Very handy for research and planning. TunnelBear is pretty typical of what's available in a VPN app, with virtual locations in the US, UK, Canada (where TB is located), Germany, Japan, Australia, France, Ital, Netherlands, Sweden, Switzerland, Ireland, Spain, Singapore, Norway, Denmark, Hong Kong, Brazil, Mexico, and India.

• I use a number of virtual machines in my consulting work. Most of my computers have really fast processors and lots of memory, so they work well running VMs which usually require both.  VMWare and Oracle make good products, and there are others like VirtualBox, Parallels,and  QEMU (if you like Linux as I do).

For Windows machines, there have been a number of "lightweight" virtual machines that stretch the definition of the term by creating "session sandboxes" so your browsing and other activity are wiped clean after each restart. They tend to come and go on the market and their availability and popularity wax and wane as money is available for the developers to update them for new OS versions. I've tried most over the years, but among them ones that worked well for me back in the day were Wondershare TimeFreeze, ToolWiz TimeFreeze, Faronics' Deep Freeze, Shadow Defender, Rollback RX. SandboxIE, Returnil. Most install themselves in Upper Filters and so can conflict with imaging programs (Acronis True Image is one such conflict...and some don't work well with SSD drives) so it can take awhile to get these "lite" VMs to play nicely with each other.

I sometimes use VMWare's Horizon Client on my Android phones to  work on my VMware Horizon virtual desktops and hosted applications from afar, but that is "work" and not "security".

• Besides the usual malware, the biggest computer security problems I've run into while traveling are BlueJacking, AP spoofing, and hardware keyloggers I sometimes see plugged into the back of public-use desktop computers. To deal with these issues, I generally keep my Bluetooth radio turned off unless I need it paired for a specific purpose/client, like my wireless keyboard. For the AP spoofing, I check to make sure I am connected to the wireless network I intend and use my VPN, and for the keyloggers, I use software that basically allows me to cut-and-paste my passwords instead of typing them out. Any financial transactions are done over a(proven trustworthy) VPN.

Besides my smartphone, I also take a small flash drive on my wind jacket's zipper pull and load it with a standalone (portable) Linux OS and applications and if there is a way to physically access a public use computer (many are available in hotel lobbies and conference rooms and front offices and even in some European parks), I will ask if it is alright to boot into my drive. Each time I've asked, my request was approved. The overwhelming number of public machines I've encountered are Windows machines, so plan accordingly. An aside: Not all keyboards you'll find on public machines are the same, so be prepared to spend some time making typos until you adapt. I've encountered QWERTY, AZERTY, DVORAK, QWERTZ, and JCUKEN.

If you're looking for free software with lots of community reviews, I can heartily recommend Gizmo's Freeware, which I've followed since its start: http://www.techsupportalert.com/ Once there, look under the "Security and Privacy" tab for your operating system. Contained in the reviews are good, clear instructions in setup and use. I think you'll like it, Mac'.

Also, you can do a Google search for "How to setup a virtual machine" by Operating System (OS) and go from there. Here's one such result:
https://www.storagecraft.com/blog/the-dead-simple-guide-to-installing-a-linux-virtual-machine-on-windows/

Over time, I've moved solidly to Android smartphones for my on-tour computing, mostly because I could not meet the off-grid power demands of laptop computers; even my little netbook required more power than I could readily supply via dynohub or solar. Smartphones are also physically smaller than any laptop computer. Along these lines, you may wish to read up on US border policies if you are planning to travel here (I live near the upper-left corner of the US, in Oregon). The US border is not the same as the interior, and phones, laptops, and other devices can be seized and cloned by border officials and their contents dissected later. I don't like it, so I have my bookmarks and mail stored on Google with my Google credentials. Before crossing into the US, I erase my phone by resetting it to factory specs and signing out of my Google accounts. Once past security, I sign back in again and all is restored after a few minutes -- apps, browser history, mail, and passwords. My photos, music, and maps are all stored on separate micro-SD cards which I also remove and replace. You can read more here:
https://www.google.com/search?q=us+border+cloning+of+phones&oq=us+border+cloning+of+phones&aqs=chrome..69i57.6743j0j9&sourceid=chrome&ie=UTF-8

Hopefully the above will give you some leads to pursue so you can assemble a security package best suited to your travel needs. I'd go into greater depth, but that would go beyond the scope of a bicycle-related forum.

All the best,

Dan.

[JimK]

Thanks Dan - this was really great!

[macspud]

Thank you Dan,
I have much reading and study to to do to improve my comprehension of the subject. To put the task into focus, I am only now just learning the intricisies of my first smart phone, which I finally moved to, from a bog standard brick dumb phone. I'm only starting to get the knack of using that, it's a Microsoft 640 (I think), as far as I know. It was literally thrown in my direction by an exasperated relative, who had been pushed to near apoplexy by it's idiosyncrasies. I am starting to get my head around how it works, but as my cousin, and now almost everybody else who has noticed which phone I'm using says, "the operating system works in a way that doesn't gell with the way our brains work." I concur.
Anyway, that should give you some idea where I am in my climb up the ladder of mobile connectivity and just how much needs to be learnt. That is why I was asking for pointers, I think it will be best for me to learn my way by using a mapped and sign posted route, rather than just heading off out into the the blue to just see what's there. I'm not sure on that one though, I usually do best by not reading the instructions at all until there is nothing else left to do, comprehension usually comes better that way, just a bit wary with doing that on the security side of things as by the time I learn to be secure I may well have become totally compromised whilst learning by trial and error. I want to be on top of all this before I move onto an upgraded phone, tablet etc.
Funnily enough I was just going over the spec of a new computer build last night, that will be run off linux, which I have seen run on friends PCs but which I am wholey new to. I'm having to do a sneak build as my usual PC man hates all but PC and windows etc, he'll not have one under his roof, (my mother is also in his bad books at the moment as she has just moved over to Apple, lol.). My old PC will be cleaned and move to mostly storage.
I am trying to have some organisation and order as I move forward, as up until now I have just picked up and also used computer and computing in a totally ramdom fashion. That has meant that data retreaval can become somewhat tortuous, not to say there are not far easier ways of doing things, but that I do it that way. I can manage to have it work in a way that there is some semblance of a chance that, what I want to happen will actually transpire in the order I'm expecting. Hopefully that makes sense to others, it did when I went through it in my head.
Things are very much swinging in the wind at the moment, everything in a state of flux as I finally recover from spinal, neck and brain injuries and start to regain my facilties.
The future looks very bright, but I have so much to learn. In some ways I've had to go all the way back to infantcy and start again, relearning everything from movement patterns (crawling on upwards). It is exciting as my brain and body forge new and strengthening connections, at the same time, it can be somewhat overwhelming as everything I know has to be examined and then relearned. All will be completely worth it in the end, just need to keep on pushing through, and remember to smell the roses along the way.
Physically the fitness progression is just starting to ramp up and I'm nearly over a big hump.
Please, excuse any spelling or grammer fluctuations, I'm a work in progress. 
All the best,
Thanks all for your help, this site has been one of my strongest and most used lifelines this past ten years.
Peace.
Spud.
 
Hopefully,this thread can continue with more suggestions for a ludite like me, as i come back into the light, lol.
Anyway, I must stop typing and get on with my exercises then that hot bath is calling me, very stiff and sore at this point, so the relaxation is bought and paid for in advance. ;-)

[Pavel]

I'd like to disagree with Dan on a small part.  I would never add updates the way the manufacturer wants it done, right away - if you value your data.  One of the advantages of Virtual Machines (which I would NOT recommend neither, as the panacea for what ails the OP - long story) is that you can have an identical instance on which to test.  Updates break apps frequently and so I would advise to hold off a few weeks before updating to be able to read about bumps in the road first.  If you do run VM's then by all means do have an instance which you use to test, and then go and update your other version.  But it's not really the best idea, unless you like to tinker for the sake of the fun of it and enjoy the whole game of it.  A nice thing about VM's is that you can create snapshots, and these will get you out of most jams just fine and of course an off line backed up instance.

The reason for the paradox of not recommending using VM's is that in actual use I've seen regular users make disasters of things.  There isa lot of knowledge to do this right, and especially a LOT of hardware to use ... or not to use.  Done with internet wisdoms ... it's normally something that backfires. 

There are a lot of things that internet-wisdom does not seem to mention much.  One is that by the time Microsoft patches ... it has normally been a LONG time since the exploit has been out and known. Of course it's good to do these but I've found that users tend to think of update tuesdays as a good enough strategy, that like a placebo has the downside that they don't implement more comprehensive defenses.  Linux is though to be very secure.  It is NOT!.  What it does fabulously well is get the updates out so fast that Microsoft should be blushing - if it were capable of it.    Unix's on the other hand don't have the terrible lack of testing before release that Linux has but of course they, in the form of FreeBsd or especially Open BSD are less fun, versatile and able to serve the general user.  It takes a lot of learning to leverage the benefits and most people just want to use the computer. Open BSD is probably the most secure OS in existence, but who cares, really. It's like using a password with 214 characters. A bit much. 

My advice is to forget all the complicated stuff. Buy a Mac.  Done.  It really is that and clear cut.  You get reasonable security and a Machine that is fun to use, for those people not fluent in Vulcan.

FYI ... I've been using Linux (mostly Slack and Deb) since I started with Caldera back in 95 - when we had to put in mode lines for monitors to work.  But while I love it, I won't repeat the Kool-Aid that the new acolytes like to repeat. It's fun, it's pretty secure and logical - but I've found that of every single "normal" user, that I've talked into giving it a try (about 20 people over about the same number of years) that ALL without exception wanted me to put that malware called windows back on, pretty quick.  My neighbor is the exception.  She has been a good sport for six months now with Linux Lite on an old box I gave her. But she only surfs the web and plays online crossword games on it. This is a nine year old cpu, running with 1 gig of memory, much faster than most new machines out of the box. Highly recommended for rejuvenating old gear, if that is what you have. 

FYI 2: I'd completed about two thirds of a NetApp sponsored Virtual technology Two year program, and was just about to take my RHCSA(not RHCE)- before Chemo ate my brain.  So I don't at all dislike virtualization, very much the opposite. But done wrong - well it really is best for a proper server environment or hard core geeks. Don't run it if you aren't using a box with registered memory .. for example. And for heavens sake never take the advice to run it with raid.  Bad things will happen.

FYI 3: I was a computer consultant for a government agency for 11 years. I used to adore fencing with Microsoft products.  I loved them because they was so much to fix and tune. Then their stuff got much better and boredom set in at the same time that  I realized that there was more to life than knowing all the 32versions of an ATI rage chipset (etc) and which would cause page faults with the latest updates and which would not.  So despite how it sounds up above, I really did love Microsoft, Linux and especially FreeBSD. But like skinny carbon fibre wheels - I would not want to inflict them on any fine people who gather here or any very good friends.  Some people deserve better.

Now lastly, if anyone is still reading and since I'm in a generous mood, I will give you answers to the two most important questions in existence.  Steel and VIM.   

Just get a Mac and get on with life. 

[macspud]

Ummm......     mmmmmm..........      .....  uhhhnnnnn.    ...... OK, that definitely sounds less confusing, I've never tried anything Mac, before. Is it really the Grail? Will it's operating system work in a way that is synergistically similar with how my minds work? Windows always feels like I have to try too hard some how, if you know what I mean. Yes, taking a Mac for a trial run, could be quite painless to accomplish. I like your thinking, go around the problem. I think I'll give that a try.
Thanks Pavel.
 

[John Saxby]

Mac, I'd second Pavel's recommendation for a Mac. But, I have a tiny fraction of Dan's IT knowledge -- I'm simply a reasonably well-informed user.  I have been using Mac's since the early 1980s...Had to give them up for a few years when I started consulting in the early-mid '90's, and all my clients were using IBM products.  What. A. Headache., and for quite a few years, too.  When Apple righted its ship in the early 2000s, I returned to the fold like a lost lamb/prodigal son/whatever. The only/only problem I have these days with my Macbook Pro laptop is with M/S Word for Mac -- it freezes, and Mac even has a bailout key for just such occasions.  Oh yes, and Skype has been acting up since being taken over by Microsoft. (Bailout key works for that, too

So, from my point of view, Pavel's recommendation for a Mac is spot-on for simplicity of use -- and, I've found, for security as well.  One caution, however, about iPhones: users I know (incl my Mac specialist support guy -- we go back a generation now) complain about the battery being crap, and non-replaceable.  I've found Motorola phones to have excellent batteries, lasting up to two days and more for each charge.

Cheers, and enjoy your adventure!

[macspud]

Thanks John,
Yes, trying a Mac out for size would/will be the easiest and most painless for me to accomplish. If it is as all Mac devotees claim, then there would/will be many un thought of positives to add to the ease of being secure.
To be honest I'd completely failed to even consider that it would be an option, never mind the answer. The reason for that being that for some reason I've automatically gone in an alternative direction to the masses. I abhor hype and over the top mind games of all kinds. I had pigeon holed Mac as part of that over hyped and therefore dishonest and problematic creeping darkness that oozes all over everything these days. I should remember to keep an open mind on things that I have yet to have an knowledge on. I will do my proper due diligence and not just paint Mac with the same corrosive brush that abounds in so much of today's world.
Thanks again, for your input. Basically I have never had a problem putting in the effort to learn something inside and out, it's just that I'm like most and a bit lazy, I can't really be bothered learning all there is to about something unless it is sound all the way up from it's smallest roots. If something is usable, but really just badly thought out tat, on it's way to wasting more precious energy, when it's short life is done, then I'd rather not waste my energy getting to know how I can work around it. I'd prefer to just give it a body swerve completely. I may have given Mac a Swerve way back when, when in reality I should have given it my full attention.
I shall endeavour to correct that and put the effort in, to come up with my  own thoughts on it after actually using and thinking about it. Mac may be just what I've been yearning for all along, Fingers crossed, it is so.
Please do keep your thoughts coming.
All the best,
Mac.
 

[Pavel]

I'd like to mention that there are things about the Mac that drive me crazy too.  They tend to make things too simple and some of the higher end tools that exist in the OS are not kept up to the latest versions.  To do that you have to install updates via the command line (for example - to get the latest version of the Bash shell and for some of the network monitoring tools also) but ... does the average user care?  Not one bit.

The most valuable thing to me, and why I recommend a Mac is that the built in security is very good while not requiring a lot of technical knowledge at the same time.  Second to that is that the OS can be learned and used without a lot of tech knowledge, but if you want to grow your knowledge there is a nice logical ramp-up to it which tends to be an easier learning curve.  ( the registry on the other hand is the work of the devil)

For example, most mac users plod along with the mouse. It's all made very easy, but if you want to "up your game" you will find it rewarding and fairly easy to start to use keyboard shortcuts.  The beauty is that application shortcuts tend to be identical from app to app (unlike windows) and the OS handles the communication between apps ( you don't have to care what a B-Tree message is ... it's just there working for you and the app developer doesn't have to care nor implement some similar work around neither). It just works and it is slick, easy and most of all - logical.  The keyboard shortcuts are also handled at the OS level, the apps just use hooks (Not so in Windows(well the last few version have really improved on that)) so you learn a few and they work in every app.  That makes even my wife (I hope she does not read this ) fairly adept with a computer.

I'm not a big admirer of the file system ( but NTFS is worse, and it is about to get fragmented with the replacement of it working only on servers) but Apple is now replacing it with a much more robust system, doe in such a way that the end user does not have to concern themselves with it (classic Apple style) and within a year or so the Mac will have a file system that is as good as it gets - similar advantages to BRRFA and the indestructible FFS, but without the headaches. Why do I mention the file system?  Because that is like the radial spoked wheel for touring ... with todays hard drives and data integrity.  In short, you don't have to care much about all this stuff ... it's all part of the deal. ( you can google "write holes" to get an idea of what a lot of people don't know about large drives and the problem with data integrity. It is significant in raid arrays but also simply in regards to large hard drives )

To sum up, the important advantage imho is that the Mac is user friendly, very secure, as virus proof as it gets, handles memory very well, has a journaled file system that is decent (and about to get fantastic) has Unix permissions file level security, has the best IP stack there is (along with FreeBSD), has a bunch of very powerful (hidden) utilities, has an extraordinarily powerful shell that if used to custom configure every aspect of operation (and I mean EVERY aspect) - and hides the complexity, unless you want to tap into the power of it. I missed about twenty points ... but hey, I don't want to sound like a Fan-boy!

But of course I've gotten carried away. To the main part of your post, regarding Virtual Machines, I would say that on a laptop, if that is your main machine, it is hardly worth the effort as far a data security and integrity is concerned. VM's are fantastic, but with normal to low end hardware (and any machine with one drive is low end in this case) they have downsides in that they take good planning to set up with future needs in mind and they do run apps slower, especially those tasks that require 3D accelerations. Forget playing games or doing photoshop inside a VM.  Other practices are better used to keep ones-self from grief. Simple but often neglected backup strategies are imho the place to put one's efforts into.  But if you do want to try playing around with VM's, you could always download the free Virtual Box ( https://www.virtualbox.org) . It is not quite as full featured as the industry leading stuff from VMWare but then neither VMWare's Workstation in the same league as their high end V-Sphere stuff. It does run on regular intel hardware however, and is pretty simple to set up and manage.

One possible solution for you could be to run a small instance for just your web-browsing.  That way, should anything go seriously wrong and you get ransom-wear or locked out, it takes about three minutes to destroy the VM and replace it.  That contrasts with several hours to re-format, re-image windows and re-install drivers and apps. And your data will not be gone. It however will not protect you from many other security exploits, so it is not a full proof way to keep yourself and your data safe. 

Good luck.  May things work well for you.  Of course, all factors considered... your name IS "Mac Spud" not "Virt-Spud". How much more of a sign does one need? 

[John Saxby]

The most valuable thing to me, and why I recommend a Mac is that the built in security is very good while not requiring a lot of technical knowledge at the same time.  Second to that is that the OS can be learned and used without a lot of tech knowledge...

Yep.

I also find the array of quick & customizable key-strokes to be very handy. Not everyone needs these, I guess, but I find them to be a great help.

Apple, like just about every other corporate voice these days, uses hype as Standard Operating Procedure. As a lifetime member of The Awkward Tendency, I was drawn to Mac both by its simplicity and by its minority status vis-à-vis Microsoft.

[Pavel]

Apple, like just about every other corporate voice these days, uses hype as Standard Operating Procedure. As a lifetime member of The Awkward Tendency, I was drawn to Mac both by its simplicity and by its minority status vis-à-vis Microsoft.

I find that a odd thing John, that I too have always had this "pull" towards the "under-dog" and the "alternative" way of doing things.  I started with Mac back in 86 and have to confess that I was impressed with several concepts, I did not take to the OS compared to DOS or to the CP/M OS I was using most at the time.  It was actually the fanatical hatred shown to the Mac, that made me interested in it more and dig deeper into it - though back then there was basically nothing to "dig" into, it was so easy.  But the constant repetition of how it's no good - with later example statements (when the hated mouse was finally accepted, adopted and deemed essential) like "Mac's only have one mouse button - which of course was always false (you just had to know to push one of two modifier keys) but was repeated ad nauseum, that made me stand up for the platfrom.

I find that kind of interesting in two ways.  One is that it makes me wonder if I didn't continue that tendency ... in my bicycling. I mean how much more odd here in the USA to ride a Moulton or a Thorn. And when people mock the long stem of thorns, which they can't seem to not keep themselves from doing, it makes me embrace Thorns more, not less. Just as now I'm completely bored with any OS save FreeBSD and Linux (because I feel like a greenhorn on many days ) I wonder if they even make the super strong Thorn which only weighs eight pounds, and uses solar energy to self propel - If I won't pack it up and move onto something with a better hair shirt? I see a pattern here.

Long ago I chanced on three old magazines, two from the late thirties and one from 42. There was an article about hot-rodders which gave me a feel of what it must have been like in those early heady car days.  These young men would take half wrecked cars and chop them, splice dissimilar parts together, put a Ford engine inside a Dodge and all sorts of amazing things that you could never do nowadays, in part because of all the regulations.  What passion they had. It was like the wild west of cars.  Now - cars are like refrigerators. They are in every way better, but I think something has been lost from the charm and crazy passion that once existed.  Computers were like that once, but no longer.  We are at the tail end of the computer wild-west-funhouse. Now they are like cars and the microwave, sadly and happily, both.

It makes me think of the word adventure, which has danger as part of it's definition.  Who now travels like we did thirty years ago?  Back then when I went on a five day ride, I was completely disconnected.  Now I'm plugged in just about as well as when sitting here at home.  It sure is nice. But something is lost at the same time. I've often felt like going across country just for the cycling of it.  Eight to ten weeks fully away from my normal, with phone AND camera left at home.  Would it be a bike trip if the ride in the woods was not blogged about?  Would the wife even let me? NO ... not a chance.  Cycling, she knows can be dangerous, with all those SUV zooming past while texting, but she has never objected.  Cycling without a phone though - that's insane and NO WAY, and NEVER am I allowed. 

Ooops.  I think I hijacked this thread.  Hope nobody notices.

[RST Scout]

I have to agree with consensus. I am totally Mac'd out. Have been for a number of years. I dont have to think about how things work or go tinker with the workings. It just all performs (invisably). It just does what I want; sometimes without asking. I like the fact that most of my stuff is stored on iCloud (which I didnt trust at first) so that if someone nicks my phone I can close it down and make it useless to the thief and download "my stuff" from the cloud with virtually no loss. SAves space on my old iPhone 4S altho I'll agree with John, the Apple phone battery life is rubbish. The other thing is that all my Apple gizmos (Macbook, iPad/pod phone etc) talk to each other. Its great!
I like the idea of a VPN but with Macs I'm not sure its worth the bother.

Janet

[George Hetrick]

Dan,

thanks for your detailed notes here. I'm not going to go as far as using VMs for everything, but will make sure to add VPN capabilities to all my devices I use on tour. I'm going to try TunnelBear as a start.