Considering the scale of tracking, censoring and profiling, it’s no wonder that the VPN industry has exploded in the past few years. By encrypting your traffic and hiding it from Internet Service Providers, hackers, and snooping governments,
More than 80% of Americans are concerned about how companies use their data while ad blockers, VPNs, and anonymizers are becoming the new norm for average users seeking privacy.
A VPN is a must-have tool if you want to protect your right to privacy, your devices from getting hacked, and stop your ISP from snooping on you. Luckily, VPN providers are many, and with due diligence, you can realistically find a reliable – and affordable – one. Keep in mind, however, that to stay relevant and competitive, many VPN companies make false claims that they provide complete anonymity and zero logs when in reality users are tricked by tech mumbo-jumbo and the providers offer minimal – or no – transparency on the technology they use or how they handle user data.
I compiled the following list of VPN Frequently Asked Questions and common VPN terms with the aim of not only helping beginners sort out the basics of VPN, but to also cast light on the common myths and untruths about VPNs.
Note: Before we get any further, there is one thing you should know – a VPN does not make you anonymous. It will improve your privacy provided you choose the right service. Don’t treat a VPN as a panacea to all online threats and mass surveillance. It’s just a capable technology everyone should be using in these rough dystopian times. A VPN is by no means a tool for illegal activities.
What does “VPN” stand for?
Virtual Private Network. (It’s ok, a lot of people aren’t entirely sure.)
What is a VPN?
A VPN is an online service that encrypts and tunnels your Internet traffic through its server.
- Encrypts Your Data – your browsing is private and hidden from ISPs, hackers, and state surveillance.
- Unblocks Geo-Restricted Websites – makes streaming and gaming sites accessible from any location.
- Bypasses Censorship – access any resource bypassing political, religious, or corporate censorship for unbridled freedom of speech.
A VPN lets you:
- Protect your personal information online with encryption.
- Shop safely with static IP.
- Access geo-restricted media content.
- Bypass censorship.
- Unblock VoIP applications from countries that block VoIP like Belize and Dubai.
- Use public Wi-Fi securely.
- Prevent your ISP from snooping on you.
- Keep hackers, data brokers, and surveillance agencies at bay.
Why use a VPN?
VPNs mainly restore online freedom and privacy lost. One in four people globally use a VPN to access the Internet. (That’s 25% of the world’s population.)
Common reasons why people use VPNs:
- Access geo-blocked streaming services
- Access state-censored networks and sites
- Browse anonymously
- Communicate with relatives abroad
- Access news websites restricted by the government
- Bypass employer-imposed restrictions when at work
- Have privacy when going online
Do I need a VPN?
With a VPN:
- Your Internet Service Provider can’t see what you’re doing online.
- You can spoof your location, i.e., appear as if connecting from another geographical location.
- You can bypass state censorship and access websites and services banned in your country.
- You can access geo-blocked streaming and gaming services.
- You can circumvent employer- or school-imposed restrictions.
- Patent trolls won’t be able to track you.
- You can enjoy P2P.
- Hackers preying on unsecured public Wi-Fi hotspots won’t be able to intercept your traffic.
Without a VPN:
- Your unencrypted traffic goes through your Internet Service Provider
- Your ISP can see your online activity
- Hackers can intercept your data
- Data Brokers can profile you
- State Surveillance knows what you’re up to online
- The internet can be censored and/or restricted.
- Your IP address is exposed.
- Your personal information is not secured.
- You can’t express opinions freely.
- Your ISP logs your activities and throttles your speed.
- Your ISP blocks content based on local censorship laws.
- You can’t access international sites that block access from foreign countries.
- Your devices are vulnerable to malicious attacks.
- Every time you connect to public Wifi, you run the risk of getting hacked.
How does a VPN work?
Besides masking your IP address, a VPN also protects your data by encrypting it. In layman terms, encryption is data conversion from plain text anyone can read to cipher that can only be read by authorized users. Encryption does not prevent hackers from intercepting your data. Instead, it makes your data unreadable. To encrypt your data, a VPN uses protocols – PPTP, L2TP, OpenVPN, SSTP, and IKEv2. While these are quite technical, you should know that:
- OpenVPN is the current golden standard for all privacy wonks out there.
- Avoid PPTP at all costs.
- L2TP IPSec is not recommended for use on mobile devices.
What can’t VPNs do?
While VPNs improve your online privacy and security, they can’t:
- Provide complete anonymity.
- Prevent websites you visit from tracking you (cookies, browser fingerprinting, beacons).
Are VPNs legal?
In most Western countries – yes. In countries with authoritarian regimes – no. Currently, a host of countries in the Middle East, as well as countries with authoritarian, pro-Muslim regimes, have banned the use of VPNs.
China, North Korea, Saudi Arabia, India, Turkey, Iran, Russia, Thailand, and another couple of dozen of countries have banned VPNs. In these countries, using a VPN is illegal, but selling access to VPN can land you a prison sentence.
Unsurprisingly, Asia and the Middle East are the leading consumers of VPNs, with Vietnam, Thailand, Saudi Arabia, Turkey, India, and UAE topping the charts. The countries with least VPN usage are Canada, Australia, Japan, Poland, France, and Netherlands.
How do I use a VPN?
To use a VPN, you need to subscribe to a VPN service. Prices differ, and many providers offer free trials. On average, expect to pay $4-$12 per month – long-term plans usually offer significant discounts.
Note: You still need your ISP-provided Internet connection to use a VPN.
Are VPNs secure?
It depends on your threat scenario. If you want to access streaming and gaming services like Netflix, Hulu, or Steam US libraries, a VPN alone is enough. Likewise, if you use public Wi-Fi frequently, you’re safe with a reliable provider.
On the other hand, if you need to avoid state surveillance, you shouldn’t rely on a single privacy tool to protect you. A combination of a VPN, Tor browser, The Onion Router, or I2P is necessary to isolate one layer of security from another. With that in mind, you should understand that even advanced setup won’t help if state surveillance targets you.
If you need a VPN for online privacy, you want to investigate a prospective provider’s background, especially their jurisdiction, applicable data retention laws, privacy policies, and customer feedback.
Is torrenting through a VPN safe?
- If a provider explicitly permits P2P, and lists servers that support torrenting – you’re good.
- Do run a few security checks for DNS leaks to make sure your VPN does not leak your real IP address.
- When you are torrenting, everyone downloading the same file can see your IP. With VPN enabled, they will see your fake, VPN-provided, IP.
- VPN providers routinely receive copyright infringement notices. Some providers will hand over the customer details of infringing users. Others may just disconnect repeat offenders. Some companies “silently ignore” DMCA notices. If you want to engage in P2P, look for the latter.
Am I safe when using public Wifi hotspots with a VPN?
In most cases, yes. VPNs encrypt the traffic between your device and VPN servers. So, hackers won’t be able to read your data. If you happen to connect to a fake Wi-Fi hotspot some entrepreneurial hackers set up in public places, and they manage to intercept your traffic, all they will see is encrypted gibberish.
Am I anonymous when browsing through a VPN?
No. Many providers advertise complete anonymity online. What they’re not telling you is:
Hotspot Shield website:
Also, you have no way of knowing how credible a zero-logs claim is, especially since running a massive IT infrastructure with NO logs is impossible.
- A VPN does not make you anonymous but greatly increases your security and privacy online.
- A VPN provider usually knows who you are and what you’re up to online.
- So, if privacy is a concern, you want to choose a transparent vendor.
Additional things to consider:
- Data retention laws – in many countries, law enforcement can compel a company to log user activity and hand it over to authorities. So, you must be aware of where the company is headquartered and what laws govern its customers’ data.
- Switzerland, Romania, Seychelles, Hungary do not require that providers keep user logs.
- VPN companies that focus on privacy will accept gift cards, cash, or Bitcoin, and will not require your real name, phone number, address, or banking details.
Why do connection speeds drop when I connect to a VPN?
First of all, to use a VPN you need to have a stable Internet connection with your ISP. You can’t have a Dial-Up connection. Assuming your base connection speeds are decent, some factors may affect your speeds when you connect to a VPN:
- If you use an encrypted connection, such as OpenVPN 256-bit AES, your speeds will drop because encryption requires processing power and time. The stronger the encryption, the greater is the speed drop.
- If you connect to servers located at a great distance from where you physically are, your speeds will drop even greater. The further the server, the slower your speed.
- If you connect to a nearby server, your speed drop should be minor.
- The server you’re connected to is loaded (too many people using it at the same time).
In some cases, your speeds may improve with a VPN if a provider has a large server coverage with ample bandwidth.
Tip: Connect to a VPN server that’s closest to a) your real location, b) the location of the service you need to access.
Choosing a VPN
How to choose a VPN?
Choosing a reliable provider with good work ethic is hard work in and of itself. Due diligence is inevitable. So, consider:
- Privacy and Logging – All VPNs promise privacy and anonymity. However, there are ways to tell the truth from lies. See below for more information on privacy and zero logs.
- Security – The provider must explain the technology used to ensure your secure browsing. Is OpenVPN supported? How good is encryption?
- Cross-platform – If you plan to use VPN on various devices, desktop, and mobile, inquire into the availability of native apps. If there is no native app, will you be able to set up the open-source OpenVPN client?
- Simultaneous Connections – How many devices do you plan to connect to VPN simultaneously? Does the provider allow multiple simultaneous connections, and if yes, how many?
- Speed – Test, test, and test. Speeds, when using a VPN, differ greatly and depend on a variety of factors – your ISP speed, the location of remote servers, server load, and more.
- Server Coverage – Check if the provider offers ample server coverage in the country into which you need to spoof.
- Tech Support – Is live chat available 24/7? This is vital if you lack technical skills.
- Free Trial – Sometimes, a brief trial is enough to see that a VPN doesn’t meet your requirements. Many providers offer free trials (several hours to several weeks).|
- Money-back guarantee – Many providers have no-questions-asked money-back guarantee; others apply draconian restrictions on their refund policies. Always read customer feedback – some providers ignore such requests even though their ToS promise a rock-solid refund.
The criteria for choosing a decent VPN are many. Some users want access to Netflix US, and that requisite will govern their choice. The above are just a few factors you want to consider before you subscribe to anything.
What makes a good VPN provider?
- Has a reputation of excellence
- Offers broad network of servers
- Does not log your activity
- Does not censor the Internet
- Provides prompt and professional support
- Supports OpenVPN, PPTP, L2TP, and SSTP
- Does not leak your real IP address
- Does not throttle your speed
- Does not limit data transfer amount
- Delivers reliable speeds
- Supports many platforms
- Does not make false promises
- Is transparent about its technology, privacy policies, and jurisdiction
- Allows to subscribe and pay anonymously
What makes a bad VPN provider?
A research paper by Commonwealth Scientific and Industrial Research Organization (CSIRO) all but destroys the niche of free VPN apps for mobile devices. Having studied 283 free Android VPN apps on Google Play, Australian researchers found that:
- 75% use third-party tracking libraries
- 82% access sensitive data such as text messages and user accounts
- 38% are malware (spyware, trojan, adware)
- 84% expose users’ real IP via IPv6 DNS leaks
- Four apps intercept user traffic sent to secure HTTPS connections
Governments step up blanket surveillance; copyright trolls hunt down torrenters; corporations track and profile users worldwide. So, users turn to VPNs en masse. A sharp spike of interest in VPNs has given rise to a horde of opportunistic and malicious companies exploiting the trend.
To filter out such ill-intentioned providers, consider the following:
- Steer clear of free VPNs – if the VPN is free, the provider profits from selling your data.
- Reputable VPNs do offer free services – but they are extremely limited because they aim to entice users into subscribing to the paid plans. If an offer sounds too good to be true, it most likely is.
You want to ask providers a series of critical questions to see if they are transparent, or pinpoint if something seems off. So, yes, you need to read the document.
In other words, it’s your job to read the fine print. Also, if security is a priority for you, make sure to read in-depth reviews before committing.
- A decent VPN company is transparent about its logging practices and wipes the logs regularly.
- Consider that in some countries, law enforcement can compel a zero-logs provider to record data on a particular user.
- Avoid providers based in the Fourteen Eyes countries.
Other questions you should consider:
- For how long does the company retain logs?
- What personally identifiable data does the company retain?
Commercial VPNs vs free VPNs
You’re better off with a paid subscription because if a provider’s customer base is 90%+ free users, their monetization model is based on tracking you and selling your data. Many reputable VPNs offer free limited accounts to entice users into subscribing to their paid plans. For instance, if you need a VPN once in a blue moon, you might as well make do with such a limited account. If you intend to use VPN on a daily basis, consider paid subscriptions.
VPNs on mobile devices
A VPN makes use of the Internet but protects your privacy by implementing tunneling protocols, encryption, authentication, and other security procedures. VPNs secure your data to and from your devices. Traditional VPNs for desktop platforms are based on OpenVPN, SSL, IPSec and other protocols, and can provide a high level of security if configured properly.
VPNs and challenges of mobile connectivity
VPNs on desktop platforms work well when connected to a fixed remote access point, such as your LAN or WiFi characterized by low delay and jitter and high bandwidth. But they don’t handle some of the challenges your mobile devices face on a regular basis:
- Coverage gaps
- Inter-network roaming
- Bandwidth limitations
- Battery drain
- Limited memory of mobile devices
- Limited processing power of mobile devices
- Lack of support for tunneling protocols in some mobile platforms
Although smartphones and tablets are becoming more powerful with each new generation, the above problems persist. As a result, not all VPNs will work on your smartphone or tablet.
A mobile device often roams, loses coverage or hibernates to save power, so these connectivity problems are common. When wired VPN technology is applied to mobile devices, you experience data loss, slow speeds, multiple login attempts to re-establish the connection.
For instance, when you are on the move, your phone bounces from WiFi to 3G or 4G and back again, or from one 4G network to another. It’s not uncommon for VPNs to lose connection each time a phone switches networks. Some VPNs get disconnected never to reconnect until you do it manually. Others get caught in endless loops of reconnecting and failing to secure your connection. And the only way to troubleshoot this is to reboot your VPN app manually.
Also, a VPN that provides the ultimate protection in its desktop version may actually use weak encryption and vulnerable tunneling protocol in its mobile version due to mobile OS limitations. In which case, your data is not nearly as protected as with a desktop VPN. As a result, your mobile VPN may be leaking your IP, location, and identity.
Some VPN providers provide OpenVPN and strong encryption for mobile platforms, but their solutions aren’t always user-friendly and apt for average users. Installing a third-party OpenVPN app and adding configuration files may be easy if you’ve done it a hundred times. But for a first-time user, it’s a tedious, mind-numbing process.
Apple’s iPhone users are especially affected since Apple makes it harder for VPNs to support OpenVPN. It’s no wonder few VPNs offer OpenVPN for iOS and those that do come with a complicated setup.
VPNs optimized for mobile
A VPN for your phone must be optimized to handle the problems of mobile communication and mitigate for, minimize, or bypass them:
- Mobile VPNs typically deploy advanced data compression to increase the throughput and improve performance in wireless networks with limited bandwidth.
- A well-optimized VPN for mobile has a much smaller memory footprint and consumes less processing power than its desktop VPN version.
- An optimized mobile VPN app doesn’t clog your device’s resources, enabling other apps to run faster, while the battery lasts longer.
A mobile VPN should provide the session persistence and seamless roaming to achieve reliable connectivity and smooth user experience when your phone switches networks. It should keep you connected while maintaining the same session, and without interrupting your apps. You should be able to switch from WiFi to mobile data or from one 4G network to another without having to reboot your network or VPN manually.
Many mobile VPNs are actually harmful
The booming popularity of VPNs gave life to an avalanche of VPN services that do a sub-par job of protecting your data. It is especially true when it comes to VPNs on mobile devices.
Australia’s Commonwealth Scientific and Industrial Research Organization (CSIRO) recently tested 283 most popular Android VPN apps on Google Play:
- 18% don’t encrypt traffic in their tunnels, leaving users exposed to MITM attacks and eavesdropping
- 75% use third-party tracking libraries
- 82% access sensitive data, including user accounts and text messages
- 84% don’t encrypt traffic properly
- 66% marketed themselves as improving user privacy
- Tens of millions of users run these VPNs
In layman terms, the majority of mobile VPNs don’t offer the privacy and security that are the entire point of VPNs in the first place. In fact, there are more dubious – and harmful – VPNs for mobile platforms than reliable ones. Many mobile VPNs, in essence, abuse users’ trust and lack of technical skills to analyze their specs for potential flaws.
The biggest privacy offenders are, of course, free VPNs. In most cases, a free VPN’s business model involves logging and selling user data, as was the case with Hotspot Shield, Hola, and many others. You might want to give my roundup of the worst VPNs and scams a quick read.
But using a paid VPN doesn’t always guarantee reliability. Although paid VPNs are financially motivated to protect your privacy, they do not necessarily deploy strong security and privacy protections on mobile.
That’s why you shouldn’t choose a VPN based on its price tag alone but account for its technical specs, logging policies, as well as its jurisdiction, and transparency.
When to use a mobile VPN
You are well-advised to use a VPN on mobile:
- When you travel or commute to address inconsistent network performance
- When you work remotely to protect your sensitive data
- Always with public WiFi
- When streaming music and videos online to bypass your ISP data throttling and buffering
- Always when streaming with Kodi while circumventing geo-restrictions
If you rely on your mobile devices to stay productive, consider installing a reliable VPN vetted by security experts rather than a popular free app.
How credible are VPN reviews?
You need to understand that VPNs are businesses that navigate in an unregulated online realm. Some engage in quite shady marketing strategies, where cash flowing through sponsored reviews and affiliate programs to bloggers and major websites inflates their ratings. Competition in this business is anything but healthy. So you want to be critical of reviews and charts on the mainstream news outlets.
How to tell if a review is not trustworthy:
- It praises a provider with a known track record of selling out its users.
- A review gives a high score to a company that is criticized by security experts or is under investigation.
- A review is too positive and lacks reasonable criticism, or sounds like an ad.
- If a major website keeps rotating the same big-name providers in every single roundup.
Tip: One reasonable and trustworthy review is never enough, though. Browse for user feedback on Reddit or GitHub; ask a tech-savvy local community.
VPNs, Censorship, and Privacy Rights
Which countries have banned VPNs?
Traditionally authoritarian regimes such as China, Russia, North Korea, and Iran have banned or are in the process of enforcing new laws that ban the use of VPNs and other anonymizers.
Why countries ban VPNs:
- To monitor citizens’ online activities
- To censor the free speech
- Silence the dissidents
- Manipulate information
- Cap protests
- Out of religious considerations
For instance, Oman, Sudan, Singapore, Yemen, South Korea, Eritrea, Ethiopia, Saudi Arabia, Vietnam, Myanmar, Thailand, UAE, and Pakistan censor the free speech to preserve traditional social values. While Jordan, Lybia, Myanmar, Uzbekistan, and China – to maintain political stability. Cuba, Russia, Morocco, Turkey, North Korea, and India ban VPNs out of considerations of national security.
- North Korea is, unsurprisingly, one of the world’s leaders in Internet censorship, with only about 4% of the population enjoying access to the Internet, whereas the rest can only access the tightly controlled intranet.
- Saudi Arabia censors the Internet out of religious considerations, blocking nearly 500,000 websites containing anti-Islamic content. The Royal Decree on Press and Publications, the Basic Law of Governance are boosted by the Ministry of the Interior Affairs that routes the Internet traffic of an entire nation through a central point, where it gets analyzed. To be a blogger in Saudi Arabia, you need a special license from the Ministry of Culture and Information.
- Iran cracks down on journalists and bloggers. If you want to blog in Iran, you also need a license from the Ministry of Art and Culture. Posting content that’s anti-government and anti-Islam is a criminal offense that leads to a prison sentence.
- Vietnam allows its citizens to access the Internet, but tech companies like Yahoo, Google, and Microsoft have to hand over the names of bloggers to the Vietnamese authorities.
Why avoid VPNs based in the 14 eyes countries?
Sitting on top of the hackers → tech giants → mass surveillance pyramid is an octopus representing a splice of corporations and states. These countries legitimized mass surveillance by signing an agreement to collect, analyze, and share intelligence cooperatively. VPNs headquartered in the Fourteen Eyes countries are not recommended due to extensive data retention laws, and gag orders that forbid the VPNs to talk about the state requests for user data.
The pro-privacy groups dubbed the members of the treaty The Fourteen Eyes. The alliance currently consists of:
- New Zealand
- United Kingdom
- United States of America
Note: these states not only spy on their citizens but also spy on each others’ citizens and exchange that intelligence to avoid breaking domestic privacy laws. The bottom line? Always research a VPN provider’s HQ location and the data retention laws that govern the company’s activities.
Common VPN Terms
What does “zero logs” mean?
You need to understand the difference between usage logs and connection logs. Usage logs are the most compromising. Some providers keep connection logs for a limited time (a few hours to three days), which is a reasonable practice for troubleshooting. If a provider does not even mention deleting connection logs – steer clear.
- Metadata about your connection, such as
- The time you connect to a VPN
- For how long you are connected
- How often you connect to a VPN
- Amount of data consumed
- Your online activity while connected to a VPN
- Websites you visit
- Identities you use
What is a VPN kill switch?
A VPN connection might occasionally fail even with a reliable provider. When the VPN connection drops, your real IP address is revealed. To prevent the occasional connection drops from exposing your data, many VPN providers embed a kill switch into their software.
A VPN kill switch shuts down all your Internet connection whenever your VPN drops out and until the VPN connection is re-established. Alternatively, some VPNs come with a firewall solution that can be configured to act as a kill switch for particular programs instead of shutting down all Internet connection.
What are patent trolls?
Another reason why you don’t want to leak your real IP while torrenting is patent trolls. These are law firms that monitor popular torrenting websites and track down copyright offenders to charge them monumental fines. You don’t want to engage in file-sharing without a VPN in countries with strict anti-piracy laws – Germany, Japan, USA, UK, France, and others.
What is smart DNS?
If the only reason you need a VPN is to bypass geo-blocks from the likes of Netflix, and you couldn’t care less about privacy or security, you’re good with Smart DNS:
- It’s cheap.
- The speeds are fast.
- There is nearly no learning curve with Smart DNS.
The technology behind Smart DNS is much simpler than in the VPN:
- No encryption.
- Supports most Internet-enabled devices, even those that can’t run a VPN client (Smart TVs, gaming consoles).
Advanced Encryption Standard, the current golden standard for encryption being the 256-bit AES cipher used by the surveillance agencies. If privacy and security are your priority, always look for VPN providers that rely on AES-256 encryption.
A deliberate weakness in a code that can be used by the developer, law enforcement or hackers to snoop on user activities. The authorities of the Five Eyes countries insist that the tech companies embed backdoors in their products for the sake of national security. This is bad for privacy since backdoors inevitably get exploited by hackers. It’s also bad for business as privacy-minded users turn their backs on the US/Canadian/Australian/British VPNs because tech companies based in these countries can be compelled to cooperate with the three-letter agencies.
Virtual cryptocurrency that lets you pay for goods and services online and remain anonymous. It’s open-source and peer-to-peer (think BitTorrent). A pro-privacy VPN provider will support Bitcoin payments. If you pay with Bitcoin, the VPN provider will know your IP, but not your real name. Do note, however, that payments made with Bitcoin don’t qualify for a refund with many VPN providers.
BitTorrent, also P2P or File-Sharing
A peer-to-peer (P2P) file-sharing protocol that lets you share files efficiently. The technology itself is legit, and there are many good uses for it, but BitTorrent is also widely used to share copyrighted content illegally. The catch with torrenting is that it’s easy to trace the IPs of all connected seeders and leechers (those downloading and sharing files). That’s where a VPN comes handy to hide your real location. So, if torrenting is on your mind, look for a VPN that allows P2P and has a clear stance on torrenting. The rule of thumb when torrenting is to choose the servers located outside the countries with strict copyright laws like Germany, France, Japan, USA, or the UK.
Browser Extension or VPN Add-On
Some VPNs offer a browser extension (i.e., for Chrome, Firefox, Opera). Whereas a desktop VPN program tunnels all your traffic through the VPN, a browser extension only tunnels your browser traffic, letting your other applications connect to the Internet the usual way.
Cipher or Protocol
A math algorithm VPNs use to encrypt your data like the OpenVPN, PPTP and L2TP/IPSec. The golden standard for the VPNs is the OpenVPN protocol.
Connection Logs or Metadata
Legal firms that hunt down users sharing copyrighted content via P2P torrenting. They monetize on legal prosecution and cash settlements. Copyright trolls monitor websites like The Pirate Bay to track users’ IPs and then identify the offender. In some countries like Germany and France, copyright trolls are a tangible threat, so VPNs have become indispensable protection tools for those looking to torrent.
A cryptographic hash used to verify encrypted VPN connections. OpenVPN uses SHA-1, while the providers that are at the top of their game offer more secure SHA256, SHA512, or SHA3 data authentication.
Domain Name System that translates the websites’ web addresses (URLs) into their numerical IP addresses used by computers. Every device and connection have their unique IP address. Traditionally, DNS translation is handled by your internet service provider (ISP).
Since the IP address of the server that translates your computer’s numeric address into web address is easy to detect; a VPN should route all your DNS requests through the VPN tunnel. When you’re using a VPN, the VPN provider must resolve these DNS requests, not your ISP. You can check if your VPN is leaking your DNS by running this quick online test. If the test detects a DNS leak, your DNS requests are processed by your ISP, and not your VPN provider. Look for a provider offering a DNS leak protection.
Many countries have data retention regulations that compel the internet service providers to keep users’ data and share it with law enforcement or surveillance agencies. In some countries, the data retention period is 12 months, in others as long as 2-5 years. In Germany, for instance, ISPs are authorized to install keyloggers on citizens’ devices. It’s important to know the jurisdiction of your VPN provider because in some countries VPNs can be compelled to cooperate with law enforcement, keep logs, and share them with the surveillance agencies without prior notice to the user. Privacy advocates recommend steering clear of the VPN providers based in the Five Eyes countries, and be cautious with providers headquartered in the 14 Eyes countries due to their intrusive data retention laws.
Scrambles or encodes your traffic to protect it from unauthorized access using a sophisticated cipher. It may take years for a computer to break strong encryption. Without encryption, just about anyone can snoop on your online activities. Currently, encryption is the only accessible tool for the common folks who seek to protect their privacy and security online. Still, not all encryption is made equal. Many providers advertise end-to-end encryption since it’s a buzz word that sells, but embed a backdoor that enables covert snooping (think WhatsApp encryption). Overall, if a provider holds the encryption keys, you must have valid reasons to trust they’re not using them to snoop on you.
Your data is encrypted while in transit (as it travels the Internet) and at rest (as it resides in your cloud storage or email server). When you and only you, or you and your trusted recipient, have the encryption key, end-to-end encryption works. When the provider (cloud storage, email provider, or the VPN provider) holds the keys, the security is controversial. For one, a provider can be hacked – think Yahoo hack that exposed the passwords of a billion of Yahoo users. Also, when a provider keeps your keys, they can be compelled to hand them over to law enforcement. Therefore, only zero-knowledge providers (that don’t have access to your keys) offer truly-secure service. But you won’t be able to request a password recovery with a zero-knowledge provider. In the world of the VPNs, end-to-end encryption is considered reasonably secure, but some other factors need to be considered like data retention laws, jurisdiction, and logging and privacy policies.
Australia, Canada, New Zealand, United Kingdom and the United States of America cooperatively collect and share intelligence not only on their adversaries but also on each other’s citizens and share that data to avoid breaking domestic surveillance restrictions. If you seek privacy, avoid VPN providers based in these countries.
the countries of the Five Eyes cooperate with and share intelligence on foreigners and their own citizens with other countries (Denmark, Netherlands, France, Norway, Belgium, Germany, Italy, Spain, and Sweden), and spy on each other.
An outdated, medieval and barbarian if you ask me, but still relevant monetization model used by some streaming services like Netflix, Hulu or BBC iPlayer. Geo-restriction blocks access to the service, or parts of it, to users located outside of a certain white list of locations. For instance, you can’t access BBC iPlayer from outside the UK. Netflix US is inaccessible from anywhere but the US. Worse yet, Netflix uses region-based fees that force non-US users to pay up to 20% more than what the US users pay (I feel your pain, Aussies). Some VPNs unblock these geo-restrictions, others only claim they do, while some providers explicitly say they don’t. Netflix invests heavily into its anti-VPN force, so the list of providers that unblock Netflix is always changing, as the streaming service keeps blacklisting more and more VPNs.
Geo-Spoofing or Spoofing
Pretending you’re accessing the Internet from a location other than your actual location by using a VPN, proxy or SmartDNS. Spoofing lets you bypass geo-restrictions and censorship.
IP Address (or just IP)
Internet Protocol Address is a unique numerical identifier assigned to every device accessing the Internet. IP addresses can change each time you connect to the Internet, but the very gist of using a VPN is to hide your true IP. The VPN provider, however, still can see it.
What happens when a VPN fails to hide your actual IP. This can happen for a variety of reasons, but generally, you need to test a VPN for IP leaks before committing to a long-term subscription.
IPv4 and IPv6
as of now, IPv4 is the default DNS system that defines the numerical IP address values. IPv4 supports 32-bit internet addresses that amount to ~4.29 billion addresses, and right now we’re running out of those. IPv6 came about as a solution to that problem, as it uses 128-bit addresses which amount to a 39-digit total (2^128) of web addresses. You should check for the IPv4 and IPv6 leaks when choosing a VPN provider.
Internet Service Provider is the telecoms company that provides you with the Internet connection. The ISPs traditionally monitor users’ traffic and often throttle, or limit, your bandwidth if you’re torrenting large files. Besides throttling, ISPs in some countries have extensive surveillance authority. For instance, German ISPs can install keyloggers, steal passwords, log and store your activity data for years and hand it over to law enforcement or get you nailed if they receive a copyright infringement notice. The VPNs are so high in demand because they encrypt and hide your data and traffic from the ISPs. The ISPs have powerful political lobbies, so I don’t expect these to become pro-privacy, transparent or accountable in the foreseeable future.
Kill Switch (or kill-switch)
An important VPN feature that shuts down your access to the Internet in case a VPN connection fails for some reason. Thus, it protects you from exposing your real location and traffic. Even the most reliable VPN connections occasionally drop out, so a kill switch is vital. The term used by a VPN provider may be different, though. I’ve seen the kill switch dubbed as a network lock, secure IP, and whatnot. When in doubt, always inquire with the provider’s support if their software offers a kill switch feature.
Encryption and VPN tunneling protocol built into most Internet-enabled platforms. It’s pretty secure if done right but unfortunately it’s hacked by the NSA.
Information about who accesses the Internet (or makes a phone call, sends a text message, email – you get the idea), when, from where, for how long, and to whom they send it. It’s not the contents of your communications, but it’s enough for in-depth profiling, identification of your social circles, locations, and lifestyle. The three-letter agencies all over the world love metadata as it tells them pretty much everything about you.
A VPN feature that blocks third parties from connecting to your VPN-protected system. Nat Firewall blocks unrequested incoming connections while the VPN is running.
The time it takes for a data packet to travel from one point to another, or rather the delay in data transfer. Small delays = low latency; long delays = high latency.
The golden standard protocol for a VPN to use in combination with a strong AES-256 encryption. It’s open-source, so frequently reviewed by independent experts for vulnerabilities. OpenVPN is considered to be safe against state surveillance so far. You can download OpenVPN client and set up your own VPN if you don’t mind some mingling and reading, or you can rely on a commercial provider offering OpenVPN protocol. If privacy and security are on the table, go for a VPN that supports OpenVPN.
Perfect Forward Secrecy
Generates a unique private encryption key designed to make HTTPS connections more secure. It’s new for every session, so every session with a HTTPS service has a unique set of keys. VPNs deploying PFS are considered pro—privacy.
A VPN protocol that’s quite old, so most VPNs support it. The advantage of PPTP is it’s easy to set up on just about any VPN-capable device or platform. It’s also highly insecure, so use it only when nothing else is available and only for non-confidential data.
Proxy Server or Proxies
An intermediary computer between your PC and the Internet. When you’re browsing – or routing your traffic – through a proxy, you appear with the proxy’s IP address. Although public proxies are not safe and don’t encrypt your traffic, you can still use them for basic, non-confidential browsing that requires an IP other than your true one.
A method used by most VPNs when they assign multiple users the same IP address (shared IP) to increase users’ privacy. That way, it’s more difficult for the VPN provider itself and any outside party to identify users.
The number of devices you can connect to the Internet simultaneously using one VPN subscription. That number differs by the vendor.
DNS servers located in various countries that enable VPN providers to bypass geo-blocks from the likes of Netflix efficiently. SmartDNS is much faster than VPN since no encryption is at play, but it’s also not secure or private for the same reason. So, if all you need is to bypass Hulu or BBC iPlayer geo-blocks, SmartDNS is a good option.
Tor (the Onion Browser)
A browser and a network for anonymous browsing. Unlike VPNs that can see your real IP, Tor routes your traffic through multiple nodes. Each node only knows the IP of its preceding node, so in the end, your IP is hidden beneath layers and layers of IPs. Hence, the onion name. It’s considered safer to connect to Tor with a VPN on instead of using a Tor feature embedded in a VPN.
Virtual Private Network, a technology that allows you to access the Internet and appear as if you are connecting from a location of your choice instead of your real location. It allows you to bypass geo-blocks and censorship, but also encrypts your traffic and hides it from your ISP, advertisers, marketers, and other snooping parties. A VPN provider runs a network of servers located across the globe and routes your traffic through them so that you appear as if connected from a different location. Do inquire if the provider manages its servers, or leases them because it affects the quality of service and the privacy of your traffic. VPNs are must-have tools if you frequently use public Wi-Fi hotspots that are plagued by hackers.
Some VPN providers set up a Warrant Canary page to warn users in case the company receives a gag order. The gag order doesn’t allow the provider to alert anyone about the request for data disclosure. That’s why some countries have made Warrant Canaries illegal. The Warrant Canary has to be regularly updated. Otherwise, the provider might have been compromised. Running a Warrant Canary page is good practice for a VPN, but in the end, it doesn’t guarantee anything.
Web Real-Time Communication, tools that enable P2P connections between browsers for video chats, file-sharing, browser games, or VoIP calls. Most browsers support WebRTC, except for Safari and IE. Even though it uses encryption, WebRTC may leak your real IP address, so you can either disable it, or use browsers that don’t support it. Always test your VPN against a WebRTC leak.