Trust and location.
A VPN, or Virtual Private Network, encrypts the internet activity between your computer and its service.
Normally, a VPN isn’t useful at home, where are you secure behind your router. However, there are a few scenarios where it might make sense.
Become a Patron of Ask Leo! and go ad-free!
VPNs at home
Using a VPN at home may be useful if you don't trust your ISP or if you want to appear as if you're in another location. VPNs encrypt your internet activity, preventing snooping on both encrypted and unencrypted sites. For most home users, a VPN isn't necessary.
Connections, encryption, and "in the clear"
First, a quick review of how we connect to things online.
Let’s say you visit http://somerandomservice.com. Note that this example uses "http" - no "s".
That connection is not encrypted. This means:
- Your request to connect to a specific website is sent in the clear.
- The requests you make -- asking for specific pages, for example -- are sent in the clear.
- The responses and pages downloaded and displayed are downloaded in the clear.
- Any other interactions you have with that site occur in the clear.
"In the clear" means that anyone who can intercept your internet connection can see the information being exchanged. The most common scenario is an open Wi-Fi hotspot where someone sitting in a corner with a laptop can use software to eavesdrop on unencrypted conversations.
Https adds encryption to the process.
- Your request to connect to a specific website is still sent in the clear.
- The requests you make -- asking for specific pages, for example -- are encrypted.
- The responses and pages downloaded and displayed are encrypted.
- Any other interactions you have with that site are encrypted.
Interceptors can’t see the contents of the conversation, but they can see that you’re interacting with, say, your bank or email service. For example, if you visit https://somerandomservice.com, they can see that you're visiting somerandomservice.com, but they cannot see the information being sent back and forth.
Enter the VPN
A VPN gets in the middle of this. You connect to the VPN service first. This connection is encrypted so no one can see what transpires across it. All your internet activity is routed through this connection.
When you then visit an unencrypted site, like http://somerandomservice.com, your computer connects to it through the VPN service’s connection to the VPN's server. The connection is made from the VPN's server to the destination you're accessing. No one connected to the coffee shop’s open Wi-Fi, for example, can see what you’re up to.
Not only can that person in the corner of the coffee shop not see what pages you’re viewing, but they can’t even see what sites you’re visiting, be they http or https. In fact, other connections you make, such as by your email programs, are also protected by this VPN "tunnel", as it's often called.
The connection might be a bit slower since it’s going through an additional server, but it’s completely encrypted as it leaves and enters your computer.
VPN usefulness
A VPN is potentially valuable in situations like open Wi-Fi hotspots, such as at that coffee shop. It’s an effective way to protect yourself from that creepy guy in the corner (or in the parking lot) with his laptop. But what about at home?
Scenario 1: Connectivity trust
A VPN could be useful at home if your internet is provided by someone you don’t trust; for example, when your roommate, landlord, or neighbor provides your internet connection. In cases like this, a VPN can go a long way to ensuring your privacy. That’s true whether the connection is wired or wireless.
Remember, whoever provides your internet is your ISP (Internet Service Provider) and can see what data is transferred between your computer and the internet. Your ISP can see anything it cares to. With sufficient knowledge on their part, anyone providing your internet connection can snoop on the unencrypted contents of your connection.
A VPN protects you from that.
Scenario 2: Location obfuscation
Let's say you’re in country A and you want to access a site in country B, but for whatever reason, you can’t. Most commonly this comes up when videos are blocked based on where you live or when sites provide a completely different experience depending on where they think you're located.1
One solution is to use a VPN service that has servers in country B or some other country that doesn’t have that same restriction. To the website or video, it looks like you’re coming from the VPN server’s location, not your own. (A VPN connection may be slower, so performance can be an issue, particularly with video.)
Some VPN services explicitly show you the different "exit points", as they're called, they have around the globe, and allow you to select the one you want to use. Living in the United States, for example, I've occasionally used ProtonVPN's node in The Netherlands to watch otherwise geo-restricted content.
Do this
Now that https is almost (but not quite) ubiquitous, using a VPN, even when traveling, is questionable depending on your specific activity. At home, it's generally unnecessary unless you don't trust your connection or you want to appear as if you're elsewhere on the planet.
No VPN needed here: Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Podcast audio
Footnotes & References
1: Looking at you, bbc.co.uk.
Gordon – never mind BitTorrent, anything that will frustrate the snooping government’s intent to spy on any and all its residents, has to be a good thing.
By snooping government, I mean your government, my government and again, any and all governments, who, by their actions to date are actively encouraging the “Rule of anarchy”; a lovely oxymoron that may turn out not to be so oxymoronic!
Not that I agree with what your government (and likely mine, too) is doing, but whatever I do on my computer, I’m just not that important. If they start snooping on me, they’re going to get bored awfully quick.
You say that, but consider for a moment that they aren’t looking at you for security reasons. One may thing “I’m not a bad guy, so they’ll just pass over me,” but that’s missing the real terrifying implications of government spying. Employees of the NSA have openly admitted to looking at pictures, reading emails, and other extremely private materials they find on open networks (which is every network you use if you’re not using something like a VPN). They do this because they can! If you truly, truly have nothing to hide from any prying eyes that may want to sneak a peek simply because they have the ability to, then I assume you live in a glass house with no doors or curtains.
Keep that in mind next time you Google the symptoms of a private medical issue, or send a message to your SO that you don’t want anyone else to read. They can, and they will, if they aren’t already.
I used VPN to open blocked website when I traveled to Dubai
I used Saturnvpn its best vpn service provider , they have online support and they are very helpful . The price is reasonable .
I have recently got onto netflix here in australia and Telstra is actually “pushing” their clients to get a VPN so that their streaming will be unimpeded.
Is this correct? Does a VPN actually help? there is a VDO that telstra provides that shows that using a VPN actually does speed things up even though you have to redirect to another server.
I don’t see how it would speed up streaming, in fact, I’m sure it will slow down streaming because it all has to go through the VPN’s computer. It will, however, make it possible to stream some content which is blocked by the originators from playing in your country.
VPNs can make it appear as if you are in another country so as to circumvent country restrictions. It’s rare that a VPN would speed things up, though.
If i was using schools vpn and someone hacks school internet can they see my browsing history? I am not using it anymore though but is there a way for them to see my browsing history at the time when i was using it?
A VPN would block anyone except the owner of the VPN from seeing your traffic. Since the school is your VPN, they can see your traffic. I wouldn’t be surprised if the school’s VPN is a honeypot to keep an eye on students’ web activity.
Thank You for putting the VPN information out for us, not so technologically inclined.You made it easier to comprehend and understand the pros/cons plus, the in’s and out’s too.Thank You, I Appreciate that.
I am a Mac user and use Norton Wi-Fi Privacy which includes a VPN. I find if I’m online at home the VPN slows down loading pages. Switching it off cures the problem. Available for either Windows or Mac.
One important point to note here is that when using a VPN, although this prevents the people who are providing your internet connection from being able to see your connections and unencrypted traffic, you are instead trusting the company who provide the VPN connection with your privacy, since your traffic will traverse their network instead and so be visible to them.
Some articles like this one say there’s no encryption between the VPN and the destination and others say there is. If there was not, then it would be open to Man In The Middle (MITM) attacks whereby your data could be read. The attacker couldn’t figure out where your data originated because it would look like it came from the VPN, but if your data contained personal information that linked it to you then the VPN would not do you any good. I think the connection between the VPN and destination is encrypted…or at least should be…and it’s done with public and private keys. The VPN and destination have their own set of keys. The VPN knows the destination’s public key since it’s public and uses it to encrypt, but that key cannot decrypt. Only the private key of the destination can decrypt the data, and its private key is mathematically related to its public key. In 2017 a mac app developer was hacked and Proton malware was inserted into its apps. With it an attacker can gather passwords and VPN keys, install keyloggers, get into your iCloud, etc. Most virus apps can detect it, but just goes to show nothing is 100% safe on the internet.
The only encryption between the VPN and the destination occurs if you are accessing a website over a secure socket layer (SSL), that would be an https: website. If the VPN accesses a non https: website, the communication would be unencrypted plain text. If it were possible for the VPN to communicate with a non-https: site via encryption, you’d also be able to do it which would make using a VPN unnecessary.
And if the VPN went rogue, they could be that man in the middle as they decrypt everything you send to non-https: websites. They also decrypt your https: communications but the results of that is the originally encrypted https: data. That’s why the Electronic Frontier Foundation is pushing for all websites to switch to https:. As you can see by looking at the address bar of your browser, Ask Leo! is an https: encrypted website.
Would a VPN allow a user in a certain geographical area in the U.S.A. to have access to
sites that are blacked out? E.g., local football games when they don’t sell enough tickets.
If so how does one access the site? Per normally?
Yes. I live in Germany and use a VPN to get US based Netflix. Unfortunately, when companies like Netflix, Amazon, Hulu etc. get a lot of traffic from a VPN, they often recognize that as traffic from a VPN and block that VPN’s IP address. (Update Netflix and most other big name streaming services block VPNs. Some smaller more expensive VPNs get around this by having much smaller amounts of traffic)
Hey, Mark! You are right. I have been using PIA, but Netflix US was unavailable, because of blocking VPNs IP addresses. Now I use NordVPN and it works well, so I recommend checking it.
Thanks. I’m actually looking for one that works.
I still don’t understand do i needa VPN or not? I live with my ex & use his wifi planner on my ph , (internet) , so what can he see that I look up ?
I can’t say whether or not you need it — it depends entirely on your situation. If your ex is technically astute enough with a VPN he could, for example, see what websites you visit. As for anything more (like what those websites show you) it depends on the security used BY THOSE WEBSITES and other services you use. If he has physical access to your computer, of course, he can do anything.
Use VPN all time & I’m at home till I ear it’s. Not doing what it meant to be doing I’ll keep using it. I’ve checked if my IP address as change & in other countries & it is. If you don’t trust it don’t use it END OF.
My wife and I now are working from home. If I install The norton VPN on my laptop and wife doesn’t on her work desktop computer will this interfere with her connection to the internet? Or will the VPN only hide my connection without affecting her PC connecting to the internet?
The two are independent — using a VPN on one should not affect the other.
The focus on websites is mis-placed. A working vpn connection encrypts ALL data/traffic leaving the device. It should also be noted that a vpn connection changes the dns environment on the client device.
What you’re saying is correct, but most people’s interaction with the Internet is via the Web.