Yeah, I probably wasn't clear as I could be.

There's other free VPN servers, but Hotspot Shield is the simplest. I forget the other I used before, but had to add a new config for each new router for the device/computer-to-router-tunnel ( as well as it didn't have a GUI, either ), so that could be a hassle if you roam a lot, as well CLIing interfacing.

But with Hotspot Shield, it's all automagic. You just launch it once, thereafter its icon always shows up ( deactivated ) in the menubar whenever you launch any http client ( this means mail, too, and of course you'd be tunnelled for straight FTP, too, if your're already initialized, although I haven't noticed if uninitialized, if launching an FTP client will initialize it ). Then you just click it to select initializing/connect to make the tunnel. When you do that, a Hotspot Shield status/initializing/whatever page shows up briefly in the browser as a new tab/page/however_you're_config'd, then redirects to their revenue landing page which is some news stuff and a bunch of ads.

However, the revenue page only shows up once per tunnelling session, so it's not a thing really. Thereafter you just browse, mail, whatever, tunneled with no more intrusion. If you want it off your menubar, you have to click it to select quitting. It's persistent settings, so it stays off until you relaunch the app again, and that setting is persistent, with it showing up in the menubar when you launch an http client. At mostly 0% overhead with an occasional 0.5% spike, it's no big deal to just leave it there.

Now that I think about it further, from the router hardwire/cabling to the global TCP/IP network to the destination remote production server is less critical, since hardwiring is unsniffable. There you're subject to whether or not the server's been cracked, hijacked, whatever, and that's not something a secure router-to-destination connection is going to be able to fix ( especially if it gets NAT'd off to some internal untunneled wifi virtual addresses { which I wouldn't put past some of these cheezy corporate setups, despite the braindeadness of the major cost and performance deficits due to administration hassles, poor throughput, gazillion access points due to channel saturation, etc } ).

Hmm, perhaps that explains why my noscript extension throws an adclick XSS exploit prompt ( I should just permanently ban these dorks instead of the per session deny, since these schmucks don't break anything ) - smile Probably just an erroneous interpretation of erroneous code on crack, but I don't trust the opportunistic leeches that infest these corporate advertising garbage scows smile .

Oh yeah, rbytes tested Hotspot Shield for spyware and adware, and it's clean.

Fine! Ethel/Kate/Starmillway