No, this is not a VPN provider ad disguised as an article. In fact, I won’t even hint at using a specific provider.
This is just an article that aims to bust some myths about what a VPN will do for you. I will do my best to describe why and when you should use a VPN. Simple as that. No hidden ad. I promise.
ALSO READ HOW TO: Spoof Your MAC Address
I guess you expect me to start start by answering the question “What is a VPN?”. But you can search wikipedia for a more comprehensive answer than the one I could formulate in just a few words in this article.
Instead I will start by saying that a VPN is NOT a privacy tool. In fact, a VPN is totally useless when it comes to privacy.
A VPN (or a Virtual Private Network) is a tool that is mainly used to secure an internet connection from attackers on its network. The rest is just horrendous marketing.
When you connect to the internet, the ISP (Internet Service Provider) can and will:
1. See everything you do online
2. Block access to some websites
3. Insert ads into your traffic
4. Sell your browsing history which, by the way, is legal in the US since early 2017.
5. Do whatever they want. They own your internet connection, you’re just renting it and they have complete control over it.
Before we go any further, let’s clarify the first point in the list above. Yes, the ISP can see everything you do online. However a lot of websites today use HTTPS. Just like FSM.
That means that your ISP can see that you’re visiting FSM, but once you’re here, they can’t see what exactly you’re doing on FSM.
The same goes for any website that uses HTTPS. They can see you’re visiting the website but they can’t see what pages you’re reading, what forms you’re filling in, usernames and passwords and so on.
Now let’s get back to the list. The list is universally true. It’s the same if you’re using your home network, cellular network, the Wi-Fi at work, hotels, airports, shopping malls or cafes.
No matter where you are in the world, when you connect to the internet, behind that connection is an ISP that will be able to read your data.
How can you mitigate this? Use a VPN.
A VPN can hide all this information from your ISP, because when you use a VPN, the ISP can only read and log the encrypted packets sent between your terminal (computer, phone etc) and the VPN.
Also, when you’re on a public network like the Wi-Fi network at your favorite cafe, or the hotel you’re staying in or the airport etc, anyone connected to the same network can see just the same as the ISP.
Obviously this requires a minimum skill and since most people today know more about hashtags than the basics of how a computer works, 99% of the time this won’t be an issue. But it’s a threat that you shouldn’t overlook.
No to mention that someone can masquerade as the Wi-Fi hotspot that you’re trying to connect to, and if you “byte“, it’s game over.
In this case, I would personally suggest you don’t use ANY free Wi-Fi hotspots, instead just use your cellular network plan. But if you absolutely need to use such a hotspot, always use a VPN.
Another benefit of using a VPN, is the one everybody is talking about. No, definitely not “enhanced privacy”. Changing your IP address to one assigned to a different geographical location, in order to access restricted content.
For example, you want to access a service that’s only available in the US or UK, or a video is not available in your region. A good VPN will bypass that geo-restriction.
Now here comes the ugly….
Using a VPN only shifts the power from your ISP to the VPN provider. Everything that your ISP used to be able to see, now your VPN provider is able to see.
But VPN providers always claim they have a “no logging” policy. Yeah the do, but they also say their VPN will make you anonymous on the internet.
There’s no way to verify that claim, and at the end of the day it all comes down to trust. This is simply how the internet works. You always have to trust someone.
Also let’s get back to the “anonymous” claim. In this case, a VPN is just as effective as the “private browser tab” you open when you want to bash your bishop (or flick the bean). If you’re looking for anonymity, there’s better options out there. Like the Tor Browser.
You see, when you use a VPN your IP changes. This can be an IP from a server in the same city or country that you’re living in right now or an IP from any other city or country in the world.
And here’s where most people are confused when it comes to VPN and privacy.
While it’s true that every website you visit logs your IP address, which is a near-unique identifier, when it comes to privacy your IP address is just one tiny and mostly insignificant part of the puzzle. And it’s fairly easy to trace a trail back to you.
It doesen’t make any difference if you change your IP as long as you use Google Chrome (please stop using Chrome), other Google Services (like Gmail or YouTube), Facebook, Instagram, Whatsapp and so on.
And even if you don’t use any of these services, every day you visit tens of websites that use analytics, Google and Facebook tracking pixels and so on. And it’s not only Google and Facebook.
All these services will be able identify you in a relatively short time from the data you generate. This can include but it’s not limited to:
- Browser history
- Browser cookies and cache
- Browser configuration
- Browser habits
- Type pattern (Always use a simple notepad app, preferably open-source and restricted internet connection, to type your message – being it an email or a post on reddit, youtube etc. Once you’re happy with your “masterpiece”, just copy-paste the text wherever you want to post it )
- Speech pattern (text)
- Device configuration (hardware)
- What operating system are you using
- Software installed on your terminal (computer, phone, tablet etc)
- What’s the battery life of your terminal (computer, phone, tablet etc)
- Your screen resolution
- Unique device or advertising IDs that are automaticaly asigned to you when you sign up for services from Apple, Google, Microsoft or Facebook. This can track all of your online activities across the web and across devices. In some cases can also be used to track your offline physical purchases.
- Back to Chrome. You sign in to Chrome with a Gmail account and then you browse the web. Congrats, you’ve just handed over everything you do in that browser to Google. Small trade-off for that amazing syncing capability right?
Do you see where I’m going with this. And I’m barely scratching the surface. So how can an IP swap help me become “anonymous”?
Do you need a VPN?
Figure out your threat model. Who is your adversary? Is it your ISP, software and services connected to the internet, online communication tools, advertisers, governments, hackers etc.
- If it’s your ISP, you should definitely use a VPN. Also, do you remember the free Wi-Fi hotspot discussion we had earlier? Yeah, definitely use a VPN.
- Software and services connected to the internet? Use a firewall to restrict them. If you know for sure (let’s say it’s open source and you’ve inspected the code) a particular piece of software only “phones home” to check for updates don’t even sweat it. If you know exactly what connection if makes, you can also block them system-wide using the host file. And so on. A VPN is not really needed in this case. Unless you’re trying to access restricted content or you’re a filthy pirate. Wink Wink.
- Online communication tools? Instead of a VPN, how about you stop using services like WhatsApp, FB Messenger and Insta DMs etc? Don’t even use email, unless it’s end-to-end encrypted (either use a 3rd party provider or use PGP). iMessage? Unless you absolutely need to, avoid that one too. I told you I’m not going to recommend a VPN provider, but I don’t want you to think that you can’t use any online communication tool, so I’m going to recommend Signal. You can still use a VPN, but it isn’t absolutely necessary in this case.
- Advertisers? Block them. You can do this with host files, browser plugins like uMatrix or a Pi-Hole.
- Governments? A VPN is useless. Tor Browser is much more suited in this case. Besides, the regular guy (or girl) out there shouldn’t waste time figuring out how to stop govs from tracking them. You should try to figure out how to stop Google and Facebook, for example, in the first place (which funnels everything to the govs anyway). When it comes to govs, you should be concerned with freedoms like encryption and freedom to repair. But stopping them from getting in your personal space? Yeah, good luck with that. Like I said, a VPN is worthless here. This is way more complicated. And it goes from burner phones, SIM cards and even burner computers, to encryption to operating systems like Tails, Whonix and Qubes, to being in a constant state of paranoia. And at the end of the day, you’ll realize that the weakest link in your defense is the human at the other end of the line. So again, it all comes down to trust.
- Hackers? Sure a VPN can be useful in this case, but also practicing caution. Don’t click on just any link that’s being sent to you, don’t open documents from untrusted unconfirmed sources, phising attacks are still alive and well and so on.
Choosing a VPN provider
NO. I’m still not making any recommandation. I’ll just give you a few pointers to steer you in the right direction.
1. First of all NEVER use a Free VPN app. They will 100% without a doubt sell your data. How else do you think they’re making money to provide that free service to you?
This doesen’t mean that if you pay a provider for its VPN service, that provider is trustworthy. Again it comes to trust, but that trust comes only after you’ve done your homework.
2. Before you buy a VPN just because you want to use Netflix, make sure that VPN works with Netflix. They constantly ban VPNs.
3. The provider should support OpenVPN and/or WireGuard.
4. Provider should make it clear: what kind of data, if any, does it collect? How long does it keep this data? What are its restriction, if any? Where are its servers? (for both OpenVPN and WireGuard technologies)
5. Does it provide a client (app you install on your computer or phone)? Is the client open-source? Does the client have a killswitch? Does it also offer OpenVPN and WireGuard config files?
6. Does it provide strong security like RSA-2048 or RSA-4096 encryption and Perfect Forward Secrecy (PFS)?
7. Did the provider had its service(s) audited by an independed third-party?
8. Do they accept pseudo-anonymous and anonymous payments like cryptocurrency, giftcards and cash?
9. Where is the company located? You might not want to use an US or UK based service. Might not want to use one thats inside the 5 eyes, 9 eyes or 14 eyes.
10. Do your homework and see what other privacy and security-minded people are saying about the service? And no, I’m not talking here about huge tech websites that are reviewing these services. Obviously articles like “Best VPN services of *choose-year* ” are out of the question. Go to reddit, forums etc.
Bottom line: a VPN is a useful tool depending on your threat model, but should never be used as a privacy protecting tool and always do your homework before buying and using such a service. A VPN won’t make you anonymous on the internet, that’s just marketing bullshit. Don’t believe the hype!