The rest of the trip was uneventful, at least as far as bits were concerned. (Do not get me started on transportation. Or pest infestations either.)

My new SIMs worked as expected, with a recent legal change I can use the ones I bought in Italy to roam at no extra charge in other EU countries. This was super handy for the five hour layover in Germany. It also means (I think) I can keep them active. I go to Europe from time to time, but not Italy every year as would be needed to refresh my phone service and keep the number. (Important note: Italy requires a national tax ID number to buy a SIM. I have one, but most tourists don’t.)

The downloadable encrypted disk worked, and once I got it I was able to access the keys for my server. I was still cut off from everything tied to my US phone, but it was tolerable. Web email only, and I had to send messages from the mail application because of my setup. So that data was still local. But there were only a few things I really had to reply to. Besides, I was supposed to be speaking Italian, not websurfing.

I have a separate laptop login, with restricted permissions, that I intended to use for general web browsing. I mostly used the phone, however. The one helpful thing was my mifi had more bandwidth than my phone, so I could connect to it by wifi and VoIP calls over the VPN were less terrible.

On the flight back home, I deleted the disk image, cleared data in all the browsers I had been using, and shut down. That logged me out of websites, with no way to get access without my US phone. Nothing actually happened at customs, but the point of practicing one’s security plans is so you are more confident they would work (and you can execute them) if actually needed. And, in my case, to write up what I thought about it.

The most unexpected surprise was the reminder that average people have no idea what two factor auth is. They were confused why I could not login to Facebook, when I had a perfectly good phone and laptop right there. I mean, everyone is on Facebook right? It was challenging to explain that I required a message that was sent to a device I didn’t have. (I think I was then deemed one of those “computer people.” Fair enough.)

The VPN set up for always-on worked about as well as it does in the US, so I’m happy with that. (Some websites still reject you tho, boo.) I tried to use public wifi in various locations (the mall, inside train stations, etc) but mostly they did not work correctly and I was stuck with whatever signal I could find on my own. (They were either over-used and not responsive, or blocked my VPN connection.)

Next time I’m going to get a plan for my phone that includes voice service. I couldn’t call taxis, and that was a pain. I was not in a big city where it’s easy to find a taxi.

While I was writing the previous post, I came across this:

I got hacked mid-air while writing an Apple-FBI story

A journalist, working on a story, was shocked to have a fellow passenger quote back to him emails he had written while using the onboard network. It changed his mind about the “nothing to hide” argument that argues privacy and encryption aren’t a big deal so why make such a fuss about it. (You can likely guess my opinion on that.)

A couple of weeks ago I finally paid for wifi on a flight, mostly to check it out. And the very first thing I did was make sure I could turn on my VPN. Just as on any public network.

Now I’m not always the most diligent about ensuring no unencrypted communications leak out, but I try. Sometimes I forget to shut down apps, and they send and receive data before the VPN finishes comes up. That’s where I need to try harder. Turning off wifi before closing the laptop is also part of it. (I could configure my machine to block anything not using the VPN, but that is annoying when I’m home.)

Now what I don’t know is what is visible when I’m connected to the aircraft’s access point but don’t have a real Internet connection. I do that a lot to check the flight status, but without actual Internet there’s no way to enable my VPN. Other applications may be trying to send data anyway.

There’s a smaller group of possible snoopers on an airplane, but aside from that it’s no different from any other public network. That’s an important point to remember.