For a variety of reasons, VPNs, or Virtual Private Networks, have suddenly become quite popular. It seems like you can’t open a tech web site or news source without hearing that VPNs are the solution to all your security and privacy issues.
Sadly, that’s not the case.
VPNs can be useful to solve a handful of specific problems:
- Sniffing: protecting your communications from being intercepted when using open WiFi hotspots.
- Relocation: making it appear as if you are located somewhere other than your actual location.
- Surveillance: protecting your communications from being monitored by certain third parties, such as your ISP.
Exactly what to look for in a VPN provider varies depending on exactly which of these problems you’re attempting to solve.
Become a Patron of Ask Leo! and go ad-free!
When you use an open WiFi hotspot, you’re broadcasting your information in such a way that anyone within range of the wireless signal can listen in, or “sniff.” Encryption is the solution. Even if someone does manage to see your communications, all they’ll see is unintelligible encrypted data.
When using a browser, ensuring that you’re connecting via an https connection achieves this quite nicely; by definition, https encrypts your data as it travels the entire path between your computer and the site or service with which you’re communicating.
The issue remains, what about everything else? How do we ensure the privacy of not only non-https connections made by your browser, but all the other communications between software on your computer and the internet?
A VPN solves this by creating an encrypted “tunnel” through which all internet-communications are routed. This tunnel is set up between your computer and the VPN provider, thus protecting all of your communications crossing the sniffable WiFi connection.
The good news here is that most reputable VPN services accomplish this quite nicely. The things to look for will be how easy the software is to set up and configure, and the overall performance impact when the VPN is in use. A good VPN will be both easy to set up and have minimal impact on your online experience.
A VPN creates an encrypted tunnel between your computer and the VPN service’s servers, which has the side effect of making it “look like” you are wherever those servers are located. When I use my VPN here in Woodinville, for example, it appears as if I’m located in New York. Several VPN providers allow you to choose the location from which you want to appear. I could easily change my VPN settings to make it appear as if I were in The Netherlands, Australia, or any number of other countries in which my VPN has servers.
This “virtual relocation” can be used to bypass country or location-specific blocks. Most commonly, a VPN might be used to view video content that is made available to residents of one country but not another, or to access content otherwise blocked or restricted to residents of a specific locale. Unfortunately, those putting the blocks in place realize this, and often specifically block known VPNs.
Some VPN providers are better at providing this virtual relocation service than others. Some don’t focus on it at all. When selecting a VPN with this end in mind, it’s important to determine whether this is a priority, and whether they’re willing to take steps to overcome periodic blocks. Particularly when streaming video, the performance impact of the VPN service should be as minimal as possible — something that can be difficult to accomplish when traversing long distances.
Recent news encourages people to look to VPNs to protect themselves from surveillance by their local government or their internet service providers (ISPs).
The good news is that almost any VPN that can perform the first two tasks (protection from sniffing and virtual relocation) is a candidate for solving this problem too. The same encryption that prevents a WiFi connection from being sniffed also hides the information from your ISP. The same relocation that makes it appear as if you’re in a different country also removes your traffic from monitoring by the country in which you are located.
Unfortunately, there are several potentially serious problems that may arise:
- Your ISP will still be able to see that you’re using a VPN service, and which VPN service you’re using.
- Your local government will be able to see that you’re using a VPN, and which one. This may raise suspicion.
- Your VPN service takes the place of your ISP; now they can monitor your connection.
- Your VPN service may be subject to a completely different set of laws and regulations based on where their offices and servers happen to be located.
- You may not be as protected as you think, since a VPN encrypts only your connection, and does nothing to protect you from the many other ways your activity can be tracked by the websites you visit and the services you use.
Choosing a VPN provider to protect you from surveillance is perhaps the most difficult of all. Not only do you need speed, encryption, and relocation features at the technical level, you also need a complete assurance of privacy. Even when stated publicly as policy, you’ll need assurance that the policy will be followed.
In the worst case scenario, a malicious VPN service could collect all the information your ISP might have, and more, and share that with government agencies or even post it publicly.
Specific VPN providers
I have no specific VPN recommendation. The field is too complex, and as you’ve seen, the characteristics of what you need from a VPN service varies depending on your reasons for electing to use one.
Instead, I’ll offer a handful of the VPN providers that appear to have good reputations within the industry, and/or rank relatively highly in the VPN Section of That One Privacy Site.
Consider this list a starting point for your own more in-depth investigations according to your own requirements.
- Bolehvpn – Malaysia
- Mullvad – Sweden
- Nordvpn – Panama (mailing address)
- Private Internet Access – United States
In addition, I happen to use TunnelBear, out of Canada. (I use a VPN primarily to encrypt my open WiFi connections.)
You’ll note that I’ve listed the country in which the company appears to be located. That can be significant in the case of any attempted legal action.
I believe each of the providers above also provide what are called “affiliate links”. (The TunnelBear link, for example, is an affiliate link. I may or may not update the others on the list to be affiliate links at some point.) While I firmly believe all of the providers listed above are legitimate, beware of sites promoting VPNs in general, as they sometimes exist not to provide objective information, but rather to steer you towards services that have higher-paying affiliate programs.
VPN providers to avoid
Speaking of avoiding, there is one class of VPN that I would avoid completely: free ones.
VPNs are not inexpensive to setup and run. Providers of free VPNs usually make their money in some other way, putting your privacy — the very reason you might be looking to use a VPN — at risk. At a practical level, free VPN services are usually more restrictive and perform less well than the alternatives.
If you believe you really need a VPN, I strongly recommend you spring for a reputable, paid service.
Do you really need a VPN?
The ultimate question, of course, is: are you sure you need the expense, complexity, and added risk of using a VPN at all?
My position remains that unless you travel frequently, or are regularly involved in highly sensitive communications, you may not need one. It’s very likely that simply remaining aware of the steps to use a WiFi hotspot safely, and applying those to any potentially suspect internet connection, could well be enough.
On the other hand, if you do travel regularly, if you do need your connection to “appear” to be located in another country, or if you really have reason to distrust your ISP or local government, then carefully selecting a VPN service may be an appropriate step.