A short version of this article appears in Vale Life June/July 2017
A VPN is part of the solution to online security and privacy.
VPN stands for Virtual Private Network. Originally this was used by companies to allow the staff to connect into their private corporate network from an external device, i.e., when you are working from home, a co-working hub or from a coffee shop. It is fully encrypted, and in general you have access to all of the resources that you would if you were in the office.
A VPN service is something slightly different. You install some software on your computer or phone and an encrypted link is created between your computer machine and the VPN companies computers. Now when you surf the internet, the traffic is passes through the VPN service appearing on the internet at what is known as an end point
This is useful for 3 reasons:
- Your internet communications are fully encrypted.
- To anyone monitoring your communications, including your ISP, you only appear to be communicating with the VPN service. It is not normally possible to track you to the actual website you visit.
- To the destination website, or anyone monitoring, you appear to be located at the VPN end point rather than your actual location, which could be in a completely different country. This used to be a well known method of getting access to more films and series on Netflix; use a VPN to appear to be watching from America. Netflix now detects if you are using a VPN and prevents you watching at all.
An analogy might help with understanding how a VPN works and why it is important.
Imagine when you connect to a website on the internet, as the two computers connected by a piece of string.
With a Normal HTTP connection, it is like sending beads along that piece of string. Anyone “outside”, such as your ISP, the person running the coffee shop wifi access point, or a hacker with the right hardware/software, can inspect all of the beads and see what you are doing - not good.
Using HTTPS encryption (when you see the green padlock in your browser), it is like putting an opaque hosepipe around the string. Anyone outside can still “see” the connection, but they cannot tell exactly what is being transmitted. They can still gather quite a bit of information e.g., what websites you visit, when and for how long etc.
We are used to expecting to see HTTPS when we are performing financial transactions on the internet, but more and more websites are using HTTPS by default for all communications. There are browser addins, which will use a website’s HTTPS connection if one exists. I use HTTPS everywhere, but others exist as well.
Using a VPN service, regardless of which website you finally intend to connect to, your secure “hosepipe” is only ever connected to the VPN computers. The VPN service handles the ongoing connection. All anyone outside will sees is this connection and has no way of knowing where your traffic goes next.
Is there as But?
This all sounds wonderful, but as you expect there are some downsides to using a VPN. The primary one is performance. All of your data is being encrypted on your computer and then passed through the VPN service. Your computer and the VPN services computers needs to be up to the job and your network connections needs to be fast enough. Personally, when I run a VPN I have found something of approximately a 5-10% performance overhead, which in normal internet surfing is not noticeable. I have used a VPN while online gaming without any serious gameplay impact.
The other one is trust. Even though the VPN service protects you from external snooping, the service itself knows all about your online behaviour. All good VPN services commit to not store any information about your surfing.
Which VPN to choose?
A quick online search (using duckduckgo, of course), for VPN or VPN reviews produces a whole host of results. It is very important to do your own research before choosing a VPN provider. A good starting point is a website called, That One Privacy Guy. It provides a very comprehensive analysis of all of the popular VPN services. Expect to pay a fee for this service. Quite a few services provide either a trial period or an initial short subscription period so that you can try out the service before you commit.
Which VPN service do I use?
I don’t intend to disclose that, but here are some of the things that were important to me and influenced my choice:
- Performance, how much of an overhead does it add to my internet comms.
- Platforms supported, does it work on Windows, Apple, Android, Linux, as I use all of these platforms on a regular basis.
- Reliability, what is the up time for the service
- Logging, does the service log my activity
- Support, how responsive is the company to questions/problems and what sort of community do they have
I consider VPN as an important part of my online security and privacy package. You should too.
Footnote: A few words about Virgin and VPN’s
I currently use Virgin as my ISP and as soon as I turned my VPN service on, the broadband speed fell from 50Mbs to no more than about 8Mbs. Checking online, I discovered that this is a known issue with the SuperHub 3. Earlier versions provided configuration settings in the router software to get around the problem, but the SuperHub 3 does not. The only solution at present is to turn off the router side of the SuperHub 3 and use it as a dumb modem with a different router. This is not very satisfactory but is the only solution which consistently works for the time being.