Use Hotspot Shield in Vista 64-bit (no software required)

Update 18/03/2009: Sorry everyone, it looks like this is not currently working. The entire Hotspot Shield for iPhone service seems to be down as it's not working on my iPod Touch right now either. Let's hope it's temporary.

Hotspot Shield is software that encrypts your internet traffic between your PC and their servers, purportedly to avoid snooping at open WiFi hotspots (a purpose for which it works great). My main use of it (being outside the US) is to access the multitude of US only sites and services (Hulu, Lala and Pandora to name only a few).

Unfortunately it comes bundled with a TUN/TAP driver that is not 64-bit compatible - it doesn't even fail gracefully during installation, rather you end up with this error:

The application continues to install and even prompts to run at the end, but then immediately dies.

But there's another way. Hotspot Shield offers a service for the iPhone (and iPod Touch) which uses L2TP to create the VPN connection. You can use the same connection within Windows Vista (and any other operating system which supports L2TP) to use the same service. Here's how I did it:

• Create a new VPN connection (Start > Network > Network and Sharing Center > Set up a connection or network > Connect to a workplace > Use my Internet Connection (VPN)).
  

• Now visit http://www.hotspotshield.com/clientless/iphone/get_started.php - this is where you will get the required connection information.
  

• Click the giant Get Account ID button.
  

• The instructions given are obviously for the iPhone, but there's some important information we need:

Server: 64.55.144.10
Account: abc123 (I'm pretending abc123 is mine - yours will be unique)
Password: abc123 (ditto as above)
Secret: password

• Enter 64.55.144.10 for the Internet Address. For Destination Name, put whatever you want. I put HotspotShield. Be sure that Don't connect now; just set it up so I can connect later is ticked, because we need to change some advanced settings later.

• For username and password, enter what you were given by the Hotspot Shield website. Tick Remember this password. You don't need anything for Domain. Close the window when you finish.
  

• Now go to Start > Connect To. Right click on the connection you created and choose Properties.

• On the Networking tab, change Type of VPN to L2TP IPsec VPN and then click IPsec Settings.

• Choose the Use preshared key for authentication option and type in password for the Key (this is what the iPhone calls Secret).

That's it! You can now connect to HotSpot Shield through the Connect To option on the Start menu - that's even easier than using the software from my point of view. I guess it would be possible to install a 64-bit TUN/TAP driver but I haven't investigated whether one exists for Vista because this way just seems so clean.

Just remember to disconnect after you're finished!

Update: Some folks seem to be having trouble connecting, or with keeping their connection to their ISP. As I haven't experienced such issues myself, it's not something I can help you with - but maybe other commenters can! Thanks to an anonymous commenter who pointed out a possible fix for those who find they lose their connection upon connecting to Hotspot Shield - try the instructions at this Yahoo! Answer post. If it works for you, let everyone know here by leaving a comment. 
Some have found their problems resolved by following the instructions carefully or fiddling with their settings.
Thanks also to the anonymous commenter who pointed out that these instructions will help those who run Windows XP 64 bit.

Update 2: Some commenters are worried about a redirect to rss2search.com, some even worried they are infected with malware. First note that there's no way I could infect you with malware - I haven't offered you anything to install and you are only using settings from Hotspot Shied's iPhone page. In case you haven't noticed, Hotspot Shield is funded by advertising and the rss2search.com page is part of this - you would be getting the same thing if you installed the Hotspot Shield software itself on a supported operating system.

Update 3: Bad news right now I'm afraid - Hotspot Shield's site appears to be returning an error when an Account ID is requested. Nothing I can do about that obviously - let's hope that it's temporary and they fix it soon! Ok, it's working again.



P.S. Hi AnchorFree!

Automatically switching on the firewall by location on Mac OS X

There is something that Windows Vista actually does rather well. When you connect to a network to which you have not previously connected, Vista will prompt you to say whether it is Home, Work or Public. Naturally when you connect to some sort of unencrypted network at a Cafe, University or wherever you are going to want to select Public - basically this puts the firewall up to full strength to stop services like file and printer sharing from telling the world what it is you have on your laptop. (I'm simplifying things here - if you unblock services while Public for example you could still be opening yourself to a world of pain because it will be unblocked for all public places).

I assume people are mostly still using XP because it seems no matter where I go in public (well maybe not everywhere) there's someone who has neglected to lock down their system, even to the extent that they have write access open to their OS / data partition.

Mac OS X doesn't seem to have this feature at all. Yes, it has network locations but they don't cover the firewall, nor can they be set to automatically switch. But there is a way.

First, we need to do how to programmatically change the network settings. The answer comes from (the really rather useful) macosxhints.com.

sudo defaults write /Library/Preferences/com.apple.alf globalstate -int 1

The last value represents the state of the firewall, where:

• 0 = off
• 1 = on for specific services
• 2 = on for essential services

Note that actually the 'sudo' isn't required for this if you have an administrator account. So I created two very simple shell scripts based on this command, one which turns on the firewall and one which turns it off.

The second part of this is the great MarcoPolo. In a nutshell, MarcoPolo can automatically do whatever you want whenever you want based on various physical attributes like the Wifi access points it can see, bluetooth devices and even ambient light (among other things). Unfortunately it hasn't been properly updated for Leopard, so it can't switch the firewall itself - but it can be set to run shell scripts.

So this is what I have going. When I'm at home, MarcoPolo automatically sees my home WiFi and switches the firewall into a low paranoia state (so I can access my files etc). When I leave home, MarcoPolo battens down the hatches to prepare me from those people interested in my SSH, my files or my Apache server.

It's a great thing really - but it should be easier. Here's hoping Apple considers some sort of Vista style automatic switching at some stage.