Guide: What can a VPN do?

Guide: What can a VPN do?

Private Your Tech

VPNs have good privacy features, but if and how you need to use them depends on your threat model and understanding its limitations.

TL;DR Summary:

  • Use trusted VPNs only when you need to hide your IP address or avoid your ISP
  • A VPN company can see and log the domains you interact with
  • You can host your own VPN
  • Tor is better for anonymity and high-risk use cases

As a general advice, use Tor for all anonymous browsing needs, as a VPN cannot replace that. Use a VPN you trust for other things. Read more on Tor here.

Introduction

First off: No matter what certain VPN companies claim, you aren't making yourself bulletproof, anonymous or invisible with a VPN. Using a VPN nowadays does not actually add much security, but it can improve privacy.

Since a VPN provider can see the same information your ISP (Internet Service Provider) sees, you are just choosing to trust the VPN provider instead of your ISP.

Since breaking that trust can threaten a VPNs business and since countries don't have jurisdiction or control over all VPN providers as they do with local ISPs, the very few 'good VPNs' that exist are generally more trustworthy than your local ISP.

However, 'bad VPNs' are not trustworthy: some exclusively offer a 'free' service, some are known to do shady business, some do fake advertising, some log their traffic. Most of the VPN providers in the industry are unfortunately 'bad VPNs'. They are primarily pushed via marketing deals with creators and review websites. Review websites earn money for each click they generate for these nefarious VPN providers, which makes them list the ones that pay the most highly, rather than actually good providers.


A trustworthy VPN, if implemented well, can:

  1. Prevent your ISP from being able to analyze your traffic. For example, the domain names you visit are still not encrypted. However, your VPN provider will 'see' this information instead of your ISP.
  2. Prevent websites from knowing уоᴜг ІΡ аԁԁгеѕѕ, which links to your location (country, city, and sometimes the area) and provider (whether you're in a specific hotel chain, for example).
  3. Stops servers from knowing who else you're in the physical network with (e.g. a train that has a Wi-Fi hotspot or a hotel).
  4. Prevent your internet service provider from seeing what sites you visit.
    (Note: even without a VPN, an ISP can only see what domains you visit when, not the full URL or content)
  5. Handle domain look-ups in a more private way. Many browsers already implement DoH, but a lot of system DNS queries are still unencryted.
  6. Gain you access to content censored, blocked, or unavailable in your country.
  7. Protect you from attackers or hosts on public Wi-Fi hotspots. They won't see or be able to manipulate your unencrypted traffic. However, most traffic is encrypted already nowadays and security is not a major concern when choosing to use a VPN.

What VPN companies can see

If they wanted, the VPN company can see the domains and server IP addresses you visit and there is no way to know for sure that they don't keep a log of the domains you visit among other metadata, like the devices or addresses you connected from and when.

A reputable VPN with a proven track-record is probably a good privacy measure and has its use cases, see Techlore's VPN charts. (The primary recommended VPNs are Mullvad, IVPN, ProtonVPN, and Windscribe.)
However, keep in mind, Tor is much more effective for privacy. See our Tor usage guide.

You could also rent a server and host your own VPN with Wireguard or OpenVPN. This way you don't have to trust a VPN provider (rather the hosting provider), but instead, you don't blend in with all the other users, as you're the only person using this IP address, thus potentially making it easier for websites to link the IP address to your identity.

When browsing low-risk sites, HTTPS keeps you safe from people seeing the content of your browsing, so you don't explicitly require a VPN.


Further information

Below are some useful links if you want to learn more:

A more in-depth explanation over VPNs:
https://computer.howstuffworks.com/vpn.htm

A video from Techlore on VPNs:
https://www.youtube.com/watch?v=PHqAL6zvoFE

We have a couple notes about the above linked video:

  1. In the above video Techlore still rated NordVPN as the best VPN provider. This fact has changed now and NordVPN is no longer recommended see updated charts here.
  2. Techlore also stated that using a VPN encrypts your traffic. While this is generally true, one should note that nowadays most internet traffic is already encrypted, when it leaves your computer.
  3. Changing your IP address does not magically change your online identity nor make you anonymous. Websites generally embed trackers which can identify you using sources other than your IP address, such as Cookies, Local Storage, logged in accounts, browser fingerprints, etc.
Report content on this page

Report Page

Please submit your DMCA takedown request to dmca@telegram.org