I don’t like to use untrusted networks. When I have to use such a network, e.g. an open WiFi network, I use a TLS encrypted tunnel connection to encrypt all web traffic that travels through the untrusted network. I’m using a simple stunnel/ Squid setup for this. My setup consists of three components:
- Stunnel (server mode)
- Squid proxy
- Stunnel (client mode)
What is stunnel?
Stunnel is an OSS project that uses OpenSSL to encrypt traffic. The website describes Stunnel as follows:
Stunnel is a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs’ code. Its architecture is optimized for security, portability, and scalability (including load-balancing), making it suitable for large deployments.