What is a VPN and how to choose a good one

What Is a VPN?

When you switch on a VPN, it sends your web traffic through an encrypted tunnel to a server controlled by the VPN company. From there, it exits onto the web as normal. If you make sure to only connect to websites secured with HTTPS, your data will continue to be encrypted even after it leaves the VPN. This sounds simple, and maybe superfluous, but it can have profound effects on your privacy.      

Think about it this way: If your car pulls out of your driveway, someone can follow you and see where you are going, how long you are at your destination, and when you are coming back. They might even be able to peek inside your car and learn more about you. With a VPN, it’s as if you drive from your house into an underground tunnel, into a closed parking garage, switch to a different car, and drive out. No one who was originally following you knows where you went.https://mashable.com/videos/blueprint:1On8Y6WYlB/embed/?player=pcmag

When your VPN is on, anyone snooping on the same network as you won’t be able to see what you’re up to. This is true even if the snooper controls the network. Public Wi-Fi networks, which are ubiquitous and convenient, are unfortunately also extremely convenient for attackers who are looking to compromise your personal information. How do you know, for example, that “starbucks_wifi-real” is actually the Wi-Fi network for the coffee shop? Anyone could have created that network to lure victims into disclosing personal information. In fact, a popular security researcher prank is to create a network with the same name as a free, popular service and see how many devices will automatically connect. 

Even if you’re inclined to trust your fellow humans (which we do not recommend), you still shouldn’t trust your internet service provider (ISP). In the US, your ISP has enormous insight into your online activities. To make matters worse, Congress has decided that your ISP is allowed to sell your anonymized browsing history. Considering that you are already (over)paying for the privilege of using their (iffy) services, selling your data is just egregious. A VPN prevents even your ISP from keeping tabs on your movements.

Another benefit of a VPN is that your true IP address is hidden behind the IP address of the VPN server. This makes it harder for advertisers and others to track your movements across the web. Even a dedicated observer would have a hard time telling whose traffic is whose, because your data is mixed in with everyone else using the same VPN server.

What Are the Limitations of a VPN?

VPN services, while tremendously helpful, don’t protect against every threat. Using a VPN can’t help if you unwisely download ransomware or if you are tricked into giving up your data to a phishing attack. We strongly recommend that readers use local antivirus software, enable two-factor authentication wherever available, and use a password manager to create and store unique, complex passwords for each site and service you use.

There are also limitations to how anonymous you can be with a VPN. Advertisers have many tactics at their disposal to gather data on you and track your movements. This ranges from online trackers to browser fingerprinting. We recommend taking advantage of anti-tracking features in your browser, and installing dedicated tracker blockers like the EFF’s Privacy Badger.

Many VPN services also provide their own DNS resolution system. Think of DNS as a phone book that turns a text-based URL like “pcmag.com” into a numeric IP address that computers can understand. Savvy snoops can monitor DNS requests and track your movements online. Greedy attackers can also use DNS poisoning to direct you to bogus phishing pages designed to steal your data. When you use a VPN’s DNS system, it’s another layer of protection. Secure DNS is improving privacy already, but a VPN goes a step beyond.

There’s some debate among security experts about the efficacy of VPNs. Since most sites now support secure HTTPS connections, much of your online experience is already encrypted. Secure DNS products like Cloudflare 1.1.1.1 and Bitdefender’s Yonly exist precisely because some feel VPNs are overkill. Still, a VPN covers the information not already protected by HTTPS, places an important buffer between you and the people controlling internet infrastructure, and makes online tracking more difficult. 

VPNs are useful for improving individual privacy, but there are also people for whom a VPN is essential for personal and professional safety. Some journalists and political activists rely on VPN services to circumvent government censorship and safely communicate with the outside world. Check the local laws before using a VPN in China, Russia, Turkey, or any country with repressive internet policies.

For comprehensive anonymization of your traffic, you’ll want to access the free Tor network. While a VPN tunnels your web traffic to a VPN server, Tor bounces around your traffic through several volunteer nodes which makes it much, much harder to track. Using Tor also grants access to hidden Dark Web sites, which a VPN simply cannot do. That said, some services, such as NordVPN and ProtonVPN, offer Tor access on specific servers. Note that Tor will slow down your connection even more than a VPN.

Remember that a determined adversary will almost always breach your defenses in one way or another. What a VPN does is protect you against mass data collection and the casual criminal vacuuming up user data for later use.

How to Choose a VPN Service

The VPN market has exploded in the past few years, growing from a niche industry to an all-out melee. Many providers are capitalizing on the general population’s growing concerns about surveillance and cybercrime, which means it’s getting hard to tell when a company is actually providing a useful service and when it’s selling snake oil. In fact, there have even been fake VPNs popping up, so be careful. 

When looking for a VPN, don’t just focus on speed, since that’s the factor you and the VPN company have the least control over. Since nearly all VPN companies offer some mixture of the same technologies, consider value instead. How can you get the most for the least? Look for extra features like split-tunneling, multihop connections, and so on. You may not need these all the time but they’re useful when you do.

Nearly every VPN service provides its own app with a full graphical user interface for managing their VPN connection and settings, and we recommend that you use it. You might dismiss such things as mere chrome, and instead prefer to manually manage your VPN connections. This works, but doing so is tedious, requires manual updating, and won’t give you access to the additional privacy tools that many VPNs provide. When looking at a VPN, decide whether or not you can stand looking at it.

Evaluating a VPNs trustworthiness is a tricky thing. It’s not made any easier by the VPN industry itself being a cesspool of backstabbing and phony claims. We’ve found that, despite some missteps, most of the major VPN players aren’t bad actors, but there’s always room for improvement. The best VPN services will be up front and honest about their strengths and weaknesses, have a readable privacy policy, and either release third-party audits, a transparency report, or both. 

The best way to know if a VPN will work for you is to try it out in your own home. See if you can access all the sites and services that you need. Find out if the interface is usable, and if the speeds in your area are acceptable. Some VPN services provide a free trial, so take advantage of it. Make sure you are happy with what you signed up for, and take advantage of money-back guarantees if you’re not. 

This is why we also recommend starting with a short-term subscription—a week or a month—to really make sure you are happy. Yes, you may get a discount by signing up for a year, but that’s more money at stake should you realize the service doesn’t meet your performance needs.

Read the full article from PC Mag.

Back To Top