Virtual Private Networks

Looking for advice or information about VPNs? Look no further!

What is a VPN? VPN stands for Virtual Private Network and as the name suggests, it is essentially your own private network, or tunnel, to your destination. That’s still a little confusing, even to me. How a VPN works is that once connected to your provider’s server, all of the traffic is now encrypted to that server. From the server, traffic becomes regular from the server to the destination site. The destination website replies to the server then the return traffic is again encrypted from the server to your computer. Once the traffic leaves the service provider’s server it is given the same public IP address as everyone else connected to that server. This obscures the traffic and hides your traffic and your true IP address from any website or prying eyes that are attempting to track you.

If the traffic becomes unencrypted, how does this help me stay safe? Great question! To say the traffic becomes unencrypted may be partially true, it depends on the type of connection you have established with the destination website. If the traffic is HTTPS, only the website address will become unencrypted after leaving the VPN’s service. If the traffic is HTTP then all the data will be unencrypted; the ‘S’ == Secure (equals or means). You can tell the state of your traffic by looking at the address bar to see if the ‘S’ is present at the beginning. While browsing the internet, if you notice the connection is HTTP://, note the missing S, then everything typed, clicked, how long you stayed in one spot, what you’ve viewed, the machine you’re using, software versions, AND even if you read something twice, will be visible to EVERYONE. HTTPS at least keeps most of that information between you and the destination site.

If HTTPS traffic is already secure, why is a VPN needed? Only the contents of the website are encrypted during an HTTPS connection. Any would-be attacker could still see the site you’re visiting and, depending on the trackers or other telemetry embeds, your email address. While at home, you are only ‘hiding’ information from your internet service provider (ISP). Public wifi is where a VPN is truly needed. Websites will read, request, and pull information from websites, your browser, and device information. This is a big concern especially if you are attempting to log on to a financial institution’s website. Another note to be aware of with the transmission of an email address in plain text is other sites and services you may also use the same credentials; especially if you use a single sign-on service like sign-in with google or sign-in with Apple. One cracked password and someone now has access to every account.

I use a VPN while at home out of good habits, but it’s not as critical. Some ISPs (Internet Service Providers) will sell data and use customer data for marketing purposes, for these reasons, or if your ISP is one of them I would recommend using a VPN at home. The Government is very interested in user data, who are searching what, why, and where they live, if you don’t appreciate that kind of snooping then I would use a VPN. I 100 percent encourage everyone to use a VPN service while outside of the home.

Not all VPNs are created equal. I would never recommend anyone use a free VPN. There’s an old saying that if something is ‘free’ then you are the product. Free VPNs often keep logs of internet traffic, real IPs, and other aggregated data then sell it. This is how they keep their service ‘free’. Also, free VPNs are of lower quality in general, with fewer servers and slower speeds. There are also paid VPNs that either keep some sort of log or are based in the US. Where a VPN is based on matters because every country has different rules with varying degrees of privacy protections. A US-based company is required to keep connection logs and some traffic logs. Don’t freak out yet, everyone who connects to the same VPN server is assigned the same public IP address, thus it would be extremely difficult, not impossible, to pinpoint which IP address accessed a certain website; so there is strength in numbers. I personally just try to avoid this altogether by using my number 1 pick for a VPN: NordVPN. NordVPN is based in Panama where there are NO data retention laws. You can read my review here: NORDVPN post.

Here is my top 5 VPN list: ProtonVPN, SurfShark, PIA (Private Internet Access), and Mullvad.

Advertising campaigns, political campaigns, influencers, everyone is vying for personal data they can use to get to the consumer in some way shape or form. Everyone wants something and if they have a complete enough profile they’ll know exactly how to get it.