In this article, you will learn how a VPN can protect you from surveillance by encrypting your internet connection. Never use the internet without a VPN tunnel that shields you from web trackers.
Virtual private networks offer very basic anonymity features, but are valuable tools in many cases. VPN services have become very popular in the last few years and that for good reasons.
Before VPNs became popular for private users, they have been used extensively by companies. An encrypted VPN connection creates a “data tunnel” that transfers data in a way that cannot be intercepted easily. This is done to prevent industry espionage or protect sensitive data of customers.
For example, when employees need to send data from home to their company, they are often asked to send it through such a data tunnel to make sure that nobody can read it underway. Smaller companies often use VPN providers, but enterprises have the knowledge and infrastructure to set up their own VPN.
In such an enterprise VPN, the data is sent to the company and decrypted locally when it arrives. The use in companies is actually where the name VPN comes from. The private network is virtual, because it is not a local network within a building, but can be extended over long distances.
The services that we know as consumer VPNs today work a bit differently from the networks that companies use to protect their data. The way they operate is that you send data in encrypted form to VPN servers. The data has been encrypted on your device, before leaving your computer, which is done with the software or app that your VPN providers offers. This encryption is performed using an encryption key.
A good VPN provider will change those regularly, so that an attacker or law enforcement cannot decrypt data at a later point, even if they get hold of your current key. Some very advanced VPNs offer encryption ciphers with perfect forward secrecy, so that the encryption keys are recalculated continuously. With such an encryption, not even a compromised key can help an attacker decipher your data, just like with OTR Messaging.
The encrypted network packets are safe from interception on their way to the VPN servers. No one can see it! That is why this connection from you to the server is called a “tunnel”. A tunnel end-to-end encrypted from your PC to the VPN provider’s data centres. Therefore, a VPN can protect you from man-in-the-middle attacks.
When your data packet arrives, the VPN server decrypts the information and sends it further to the website you visit. This is necessary, since the website would otherwise not be able to read it. The way out of the VPN network and to the website is the only unencrypted communication that happens when using a VPN. If the website you visit uses HTTPS (HTTP over SSL/TLS), then not even this data traffic is unencrypted.
Another way the VPN anonymises you is that you can often choose the location of the VPN server. Let use say you are in Spain and do not want a website you visit to know. You can simply choose a Dutch VPN server, for example and then send your data over it. The website you visit will only see the (Dutch) IP address of the VPN server and cannot know your location.
Most of the time, VPN providers send your data through a single VPN server, but very privacy-focused providers offer sending it through multiple servers. That is similar to a proxy chain and further obfuscates your location, but also protects you from a compromised server.
VPNs are not the most advanced anonymisation tools, but they are still highly recommended.
For general-purpose privacy, a VPN can be useful. If you want to use your computer normally and just make tracking you through your IP more difficult, a VPN is fine. In fact, we would say they are a good idea, because they atleast prevent your ISP from monitoring you. Without a VPN, your Internet Service Provider sees every website you visit.
ISPs are often the first institution that authorities ask to give them your web activity as evidence. Many ISPs will always do this at request and many of them do not even inform you that the feds searched through your internet logs.
A VPN can protect you from prosecution. With a VPN, law enforcement cannot get information about you from the ISP. Because of the VPN tunnel, the ISP only sees encrypted nonsense data. Please believe us when we say that ISPs are masters at logging all your activity in great detail.
A VPN can give you reasonable privacy while maintaining high bandwidth. Among all the anonymisation techniques, VPNs are probably the one that gives you the fastest connection.
Another use of VPNs is if an ISP blocks websites. Examples of internet censorship are blocking all Western social networks in China or blocking BitTorrent sites in the Netherlands. The ISP does not block VPN servers, in most cases, so you can access the sites you want through your VPN.
As you can see, the privacy enhancements you get from a VPN are convincing. We therefore strongly recommend using such a service. You just have to be aware that they are not the strongest anonymisation tool in comparison to more advanced techniques, but definitely the one with the fastest connection speed.
Before you get a subscription, one thing you should remember with VPNs is that good providers are not free and free VPNs are either slow or insecure or both: Obsolete protocols, only one server, data centres located in anti-privacy countries and other problems plague cheap providers.