Private Internet Access for Mac

Private Internet Access for Mac Private Internet Access for Windows Private Internet Access for iOS Private Internet Access for Android Private Internet Access for Linux

In the posts regarding smartphone interfaces (Wi-Fi, Cellular) I have recommended that you use a virtual private network (VPN). Immediately following the post on Wi-Fi security and privacy a comment was posted with questions about settings in Private Internet Access (PIA). Because I have not covered this topic in detail, and because many of your have chose PIA based on my recommendation, I will cover PIA for various operating systems intermittently over the next couple of weeks. Today we will go over Private Internet Access for Mac.

Private Internet Access for Mac – Basics

Setting up Private Internet Access for Mac is a fairly painless process. First, purchase a PIA subscription. Next, download and install the PIA application. Once the PIA application is installed and running, you will see a PIA logo in your toolbar. The logo is your indicator that you are connected to the VPN. If it is black with a small check-mark beside it, you are connected. If it is greyed out, you are unconnected. Clicking this logo will allow you to select a VPN server, connect, disconnect, and exit the application. It will also allow you to access the settings.

Private Internet Access for Mac 1Clicking “Settings” will open a new window. This contains only basic settings including username, password, and auto-start/auto-connect.  For maximum protection, I recommend checking both the “Start application at login” and “Auto-connect on launch” boxes. The “Region” drop down allows you to select the server set to which your VPN automatically connects. To access additional settings, click the “Advanced” button.

Private Internet Access for Mac – Connection Settings

The settings menu will expand to include connection settings. I will only address the settings that are pertinent to security and privacy.

Connection type: The first setting is Connection type and the options are UDP and TCP. The UDP connection is generally preferred for VPNs for performance reasons. Some public networks attempt to limit VPN traffic by blocking UPD packets. If you run into this, switching to TCP may help resolve the situation.

PIA MACE™: This setting purports to be a built-in ad blocker. I am still unsure of how this technology works, and have not played with it enough to be comfortable recommending it.

VPN Kill Switch: The next setting you should look at is the “VPN Kill Switch”. This “kills” your internet connection should the VPN connection drop unexpectedly (hey, it happens).  This setting can be a bit tricky, however.The problems people are likely to run into are situations like logging into hotel or coffee shop internet. Packets from the computer are blocked until you sign in on the host’s website. Because the VPN can’t connect, it won’t let you onto the internet to sign in – your standard Catch-22. In situations like this you can either a. open PIA’s settings, disable the kill switch, or b. exit the VPN program (my preferred technique). You can then sign into the hotel’s Wi-Fi, re-open PIA/re-enable the kill switch and you should be good to go.

IPV6 leak protection: Even though your VPN will always protect your IPV4 IP address, your IPV6 address can still leak. I’ll spare you the technical details, but you should leave this box checked.

Private Internet Access for Mac 2

Private Internet Access for Mac – Crypto Settings

Clicking the “Encryption” button displays more options. You can manipulate the data encryption, data authentication algorithm, and handshake protocol strength. These options are defaulted to a compromise between performance and security (AES-128, SHA-256, RSA-2048). I prefer to go as secure as possible, and accept the possible loss in performance. My recommended settings are, as shown below, AES-256, SHA-256, and RSA-4096.

Private Internet Access for Mac 2Of course these are just recommendations. Even in its default state Private Internet Access provides excellent protection, especially when compared with browsing unprotected. As always, I will point out that there are plenty of other good VPN services out there. Do your homework and choose what your are comfortable with.

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

Leave a Reply