In my last blog, I mentioned VPNs and how the innumerable YouTube ads trying to sell you a VPN service often aren’t completely truthful about the security they offer. There are primarily two use cases to a VPN, and I’ll discuss both today!
What is a VPN?
A VPN, or Virtual Private Network, is an extra layer added onto a network connection to provide a way to route your traffic to a specific place. Often this lets you bypass a firewall and access resources that are relegated to users who are onsite. When your computer sends a network packet (the fancy word for any data that is being sent over a network), it is built into layers that tell any other computers what kind of traffic it is and where it’s going.
When you visit a site using SSL, all of the actual important data (the exact URL you’re going to, any cookies, and your credit card number) are encrypted, while the IP of the server and your machine are not (so that the networks between you and the server can pass the traffic without having to decrypt it).
A VPN adds ANOTHER layer around all of that, so all of the information is encrypted, and a new set of IPs is on it (still you, and the VPN server). But this also encrypts the type of traffic, so anyone snooping can’t reliably determine if you’re accessing a website, files, videos, or VoIP phone calls.
Go Somewhere Specific
If you work for a company and you need to access a VPN to access certain files, service, or sites, you’re essentially making a secure, encrypted bridge between your computer and the remote office network, as if you were physically plugged into it. This means the remote site doesn’t have to make those resources public to the internet, and can be reasonably assured that any data won’t be stolen (unless something malicious is on your machine).
Anywhere But Here
When you use a VPN like they suggest in those ubiquitous VPN ads you see on YouTube or websites, you’re connecting to a remote VPN server, just as above, but rather than being connected to a closed network, you’re dumped back onto the Internet. This can let you appear like you’re in another city/state/country, and can also prevent a local ISP or Government from snooping on traffic. Oh what’s that, you’re downloading some Linux ISOs and don’t want Comcast sending you a letter about it? VPN! You’re in another country and aren’t certain if it’s legal to watch Winnie the Pooh? VPN to Canada!
I’ve seen a lot of scaremongering from VPN commercials saying that you NEED a VPN to protect your data from hackers. If you’re at a Starbucks, yeah sure, use a VPN, or just wait until you’re home. If you’re at home or work and are using a normal computer and a normal browser that’s reasonably up to date, you should be fine. If you’re on your phone anywhere, you’re also fine. If you want to view Netflix’s Canadian/UK/whatever offerings, then you can get a benefit from using a VPN, but in general you’re not in a ton of danger otherwise. Oh, and a quick tip: use a VPN when scheduling flights, because many airlines price based on where you are as much as where you’re going, meaning that if you’re in or near a large city, you might be paying more for the same flight than if you were located elsewhere.