I’ve read about why I really should use a VPN and I’ve been looking into different providers, but there’s one thing I’m worried about. Can’t a VPN provider just look at my traffic all they want and see what I’m doing? Don’t I just have to trust them not to spy on me? If that’s true, how do I pick one I can trust, when they can all see what I’m doing?
What are VPNs used for?
A VPN is predominantly used by the privacy-minded because it hides your internet activity from your internet service provider, as well as governments or spy agencies. In offices and schools, and even countries, which ban certain websites, VPNs can be used to navigate these restrictions.
A VPN can additionally be used to “trick” a website or service that you’re in a different country, known as “geo-spoofing.” For example, using a VPN to access the BBC iPlayer while abroad can trick the site to believe you’re still in the UK. Geo-spoofing will also let you see Netflix content not currently available in your region.
Elsewhere, a VPN can protect you from hackers when using a public Wi-Fi network and use peer-to-peer sites safely.
What is a proxy?
While a VPN’s primary function is to protect the information being transported by creating a secure tunnel between the end user, or system, and the VPN server, a proxy routes internet traffic through another networked device, typically a remote server.
When people talk about proxies, in most cases they are talking about web proxies allowing access to the internet, where they provide anonymity to the user as all traffic is seen to originate from the proxy,” David Kennerley, director of threat research at security firm Webroot told WIRED.
Both proxies and VPNs are used to conceal the end user’s identity, in simple terms this is concealing the user’s external IP address, which is often used to spoof geo-location information. However, there’s a significant difference between the two. Paul Bischoff, Privacy Advocate at Comparitech.com explains: “A VPN hides what you do online from your internet service provider, and hides who and where you are (your IP address) from the websites you visit and the apps you use. A proxy only does the latter and does not necessarily hide what you do from anyone.”
For example, if you’re in a coffee shop using the public Wi-Fi on a VPN, no-one in the coffee shop, or any other intermediaries, will be able to see the information being sent between your device and the VPN server. Even people with access to the local Wi-Fi hardware will not have visibility. Whereas, this typically isn’t the case when using a proxy.
In most cases, the websites you visit will not know your geo-location as the VPN is keeping your data safe in transport. Proxies are not designed to protect the data being transferred between the end user and the internet, instead anonymity for the user is the main purpose. Web proxies are used frequently to bypass geo-location restrictions on streaming media, for instance.
What’s the catch?
Only because your ISP can’t see the data being sent, doesn’t mean your VPN can’t. You are, effectively, shifting trust away from your ISP, which typically cares less about your privacy, to your VPN provider which has a vested interest to keep you secure. Often, though, a VPN provider will add extra layers of security to prevent them from being able to view the data if asked by governments or law enforcement.
Are they safe to use?
Despite being controversial, VPNs and proxies will protect your identity and improve your security defences when using the internet. If you’re using public Wi-Fi frequently, VPN solutions are becoming a must for consumers. Why? Bischoff lists the reasons: “Censorship under autocratic regimes, particularly in the Middle East and Asia, is growing [and so]country-specific content licensing isn’t expected to go away anytime soon,” he explained. “Government surveillance powers are getting more advanced, and the US Senate just passed a bill that will allow American ISPs to sell customer’s web histories and other collected data without permission.”
The corporate world has been using VPN technologies for decades as the safest way to access the corporate network when working remotely, such as an office intranet with files only available to company employees. They were later commercialised as a means to bypass censorship, improve online privacy, and unblock geographically restricted content.
The short answer is yes, but that doesn’t mean everyone is happy with them. Organisations which rely on spying on users, unsurprisingly, ban them where they can. Netflix disaproves of them, and is clamping down on users who ‘geo-spoof’ to access extra content. VPN providers have also been criticised for enabling paedophiles, terrorists and criminals to hide their crimes.
“Many VPN offerings are reasonably priced and I recommend their use to all – but as with everything, there are good ones out there and bad, so do your research,” concluded Kennerley.
Australia’s Commonwealth Scientific and Industrial Research Organisation (CSIRO) alongside researchers from the University of South Wales and UC Berkley, recently studied 234 free VPN apps on the Google Play Store. Of the apps analysed, more than a third were found to be tracking users through malvertising or malware. In addition, 18 per cent of the apps studied didn’t encrypt internet traffic and eight in 10 requested access to sensitive data, including user accounts and text messages.