Demystifying the VPN

There is no doubt that VPNs can be a great tool for privacy and security. However, there is a lot of patently wrong information that is circulating the internet. Here is a prime example of an article that is just misinformation. Picture a VPN as basically your very own private connection between you and a server as this is what it simulates. A private connection between you and a server would essentially mean that no other network traffic would be able to interfere; it is just a dedicated, point-to-point connection. VPNs simulate this by creating something called a tunnel between your computer and the VPN server. This tunnel simulates that dedicated private connection and adds encryption to keep your data relatively safe from prying eyes.

Now that you have some basic understanding of what a VPN is and what it does, it is important to know what it will not do. The advertisements that you see on TV for NordVPN lull you into a false sense of security by telling you that your data and life will be secure if you use their product. On the “truthiness” scale of 1-10, I would give this about a 7. A VPN will give you security if you’re using your computer at a public WiFi hotspot or over some other untrusted network. However, you will really only have your data truly secured for that local network. For example, say you’re enjoying a cup of coffee at the local coffee shop and you suddenly decide that you want to check your bank balance so you browse to your bank’s website. Your data must exit the VPN (an endpoint) in order to reach your bank’s web servers. Once it leaves the VPN, it is out in the wild so to speak. Once there, it can be intercepted by nefarious individuals.

Also, the VPN companies keep logs of your data, mine it, and might even remotely activate a camera or other device. When you use their VPN, you get an IP address on their network. Therefore, unless you have a strong firewall in place to block them and some understanding of security, the VPN provider can be every bit the bad guy that you are hoping to fend off by using their service in the first place. I have heard through the grapevine that some providers that claim no data is logged or harvested, do so anyway.

The only way to guarantee that your data will not be logged, mined, and sold is to have your own VPN server and this can be a significant undertaking for somebody non-technical. If you are non-technical, look for VPNs that are powered by WireGuard because it does not log. It has no logging facility built in and that is by design. WireGuard has applications for Android and iOS as well as Windows, Mac, and Linux. For you BSD people like me, there is even a WireGuard client for us.

VPNs were always meant to be used as business tools for remote workers to be able to access a corporate network. This means that the company has a VPN system that it, or somebody it contracts out to, provides to allow telecommuting. VPNs can be used by ordinary people but please do not think that they are providing you with absolute security. The marketing stretches what a VPN can do and what its purpose is by quite a large bit.

See also