VPNs: An Overview
What is a VPN?
A Virtual Private Network, or VPN, is a technology that protects your privacy when you use the Internet by routing your connection through a server that hides your IP address and encrypts your online communication.
How do VPNs Work?
A VPN consists of a network of servers, typically located in multiple countries around the world. When you use a VPN, information sent from your computer passes through one of the VPN provider’s servers before going to its online destination, such as your online banking account. Similarly, information sent to your computer from outside your network passes through the VPN server before reaching your device.
As a result, you’re able to send and receive data without giving up your online location. The online destination will only see traffic coming from the VPN server, not your device or true location. Additionally, messages sent from the server are encrypted, blocking unwanted access from third parties.
Using a VPN to protect your privacy has some big advantages over using an unprotected connection.
Full message encryption
VPNs encrypt all messages passing between their servers and your computer. This prevents anyone (such as your ISP) from spying on your connection and intercepting your data. This is especially important in countries with high levels of censorship, or when you’re sending particularly sensitive data.
Although your Internet traffic passes through the VPN’s encryption software and servers can slightly slow down your internet connection, it’s only by a small amount. For everyday use, you probably won’t notice the difference.
Easy to install and use
While the technology that makes a VPN work is complicated, most of them are easy to install and use. With just a few clicks, an installation wizard will install and configure the software. The wizard can set the VPN to start automatically when you start your computer so you are always protected.
Compatible with most devices
The top VPN services provide software that works on most popular devices. Computers with Windows or Mac or Linux operating systems? Check. Smartphones running Android or iOS? Check. Some services even provide software that can run on your home router or set-top box.
Using a VPN can provide good security against most kinds of surveillance. However, there are ways that your privacy can be compromised when you use a VPN.
VPN software failures
For VPN service to protect you, the VPN software on your computer must be working properly. If the software crashes for some reason, messages to and from your computer could travel unencrypted and outside of the VPN network. This would leave them vulnerable to your ISP or anyone else who wanted to spy on them.
To protect against this problem, many VPNs include a kill switch in their software. A kill switch is set up so that if the VPN software fails for any reason your computer is disconnected from the Internet. While losing Internet access isn’t great, it is better than using the security the VPN gives you.
Varied logging policies
While using a VPN provides security against outsiders, you have to trust the VPN provider. As you’re using their software and their servers, the provider knows a lot about what you do online and where you go.
Most VPN services keep various types of logs of the activity of their users. Sometimes the services keep these logs for their own use, and sometimes they are forced to keep these logs by their government. These logs include:
- Usage logs: Records of where you go and what you do online when you use the VPN. Some VPNs keep detailed logs of each user’s activities, while others aggregate the usage information in a way that makes it difficult or impossible to identify individual users.
- Connection logs: Records of information such as when you log onto the VPN, the IP address of your computer, your username, and similar data. Not as bad as usage logs, but still a lot of information that could be used against you.
Which logs a service keeps and how long they keep them determines how much of a risk this is to you. One VPN provider might delete this information immediately. Another might log this information for maintenance and support purposes, then delete it once you disconnect. Still other VPNs are required by law to keep this information for days, weeks or even months.
Some VPN services advertise that they keep no logs, which provides the maximum level of security for you. However, you have to be cautious with the provider you choose; some VPNs claim to be “no log,” but actually keep detailed connection logs.
If a log exists, there’s the potential that an agency could use that information against you, and there there are limits to what a VPN can do to protect you. No matter how pro-privacy a VPN service might be, if a government agent with a subpoena demand their logs, they are under obligation to surrender them.
Potential for weak encryption
For the communication between your computer and the VPN server to be safe, the encryption used by the VPN service must be unbreakable. This is true of the best VPNs, which use the military grade encryption 256BIT Advanced Encryption Standard (AES). However, some lower tier VPNs use weaker encryption algorithms like PPTP and Blowfish, so you’ll want to look carefully at the encryption each VPN uses when choosing a provider.
For the ultimate in protection, you need some way to make yourself anonymous. That’s why they created Tor.