Virtual Private Network (VPN) - Connecting to VPN - Should You Use a VPN

Should You Use a Virtual Private Network (VPN)?

A Virtual Private Network (VPN) is networking technology intended to improve your privacy and security online or between networks. If you’ve spent any time in the privacy community, you’ve realized that there are a lot of heated and binary opinions, particularly around VPNs. The more devout members typically recommend that you only use the Tor network. Although Tor has a lot to offer, and VPNs certainly have their faults, the answer isn’t this black and white. For the purposes of this post, we’ll focus on commercially-available VPNs for personal use, particularly in regard to privacy.

Surveillance - Security Camera - Internet Tracking - Laptop - Spying - Virtual Private Network (VPN) - Tor

IP Address Tracking

Before we begin, we should emphasize that the IP address is a unique identifier that’s commonly used for tracking internet users. Some will tell you that IP address is useless for this purpose, but this isn’t entirely accurate. Unless you’re paying for a dedicated IP address, it’s true that your ISP can change your IP address at any moment. However, you may have the same IP address for months or even years. In the meantime, entities all around the globe are recording and sharing your IP address, as well as using this to keep tabs on virtually everything you do online. This problem is so pervasive that there are people search sites that will show you a history of users’ known IP addresses for free.

Cybersecurity - Data Encryption - Virtual Private Network (VPN) - Tor

What VPNs Do

VPNs create an encrypted connection between your device (PC, phone, etc.) and a VPN server. The VPN server then decrypts your outbound traffic and sends it to the requested destination and encrypts inbound traffic and sends it back to your device. There are three key features here:

  1. Your ISP and others that have access to your traffic only see data between your device and the VPN server, not the VPN server and destination (i.e. the websites you visit)
  2. The traffic is encrypted in transit, so your ISP, employer, and others that have access to your traffic can’t see the data in plain-text
  3. The destination servers you connect to see the VPN server’s IP address, not your real IP address

VPNs also generally encrypt your DNS queries, which is important for privacy, but this is the subject for another post.

Spying Eye - Surveillance - Internet - Virtual Private Network (VPN) - Tor

VPN Limitations & Risks

Anonymity

Despite the wild marketing claims, a VPN does not make you completely anonymous. Obviously, the VPN provider needs to know your real IP address so they can route your traffic. Paying for the service will also typically reveal your identity. Although some providers accept payment via cash, Monero, etc., they still see your real IP address. Even if you trust your VPN provider, note that a temporary connection interruption may reveal your real IP address to the destination server.

Although beyond the scope of this post, VPN users should also be aware that IP address is one of many, many pieces of metadata that can be used to identify you. The process of uniquely identifying a browser, device, or user is called “fingerprinting”. Even if you can spoof your IP address with a VPN, advanced fingerprinters can still identify you by collecting the following:

  1. Cookies and cached data
  2. Operating system
  3. Browser: User agent, settings, version, plugins
  4. Device make and model
  5. Screen size
  6. Your behavior (mouse movements, typing, etc.)
  7. Timezone
  8. Fonts installed on your system
  9. System languages
  10. Unique characteristics of your CPU, GPU, battery, and potentially other hardware
  11. Installed applications (in some cases)
  12. Dozens, if not hundreds of other data points
Although beyond the scope of this post, there are many other ways VPN users can lose their anonymity:
  1. Signing into accounts tied to your identity (e.g. Facebook, bank, etc.)
  2. Malware can reveal your real IP address
  3. Advanced adversaries can use correlation attacks and other techniques to identify you
  4. etc.

Potential for Snooping

Because the VPN can’t maintain the encrypted connection all the way to the destination, the VPN server must decrypt your traffic to send it to the destination on your behalf. This allows the VPN service to see at least some of your browsing data. Fortunately, most web traffic is encrypted via SSL (HTTPS) after the VPN’s encryption is removed, but:

  1. This still gives the VPN provider the ability to monitor your browsing habits (websites you visit, dates and times, bandwidth, etc.), which may reveal more about you than you realize
  2. Some web traffic isn’t secured by SSL (e.g. many email opt-out requests are HTTP-only for some reason)

A VPN also does not protect you from the law or the provider itself. Virtually all VPN providers can be compelled by court order to either hand over your traffic logs (if they have them) or monitor your browsing in real-time. Most VPN providers also reserve the right to monitor your traffic using real-time analysis at their own discretion. VPN services usually claim to have a “zero-logs” policy, but several VPNs have been caught breaking this promise.

IP-Based Harassment

Many private and government entities still believe that IP address filtering is useful, and may cause real headaches for you if you connect to their resources on a VPN. Some entities do their best to outright block VPN traffic. Others allow you to sign in, but may lock your account if you make certain changes while on a VPN (*cough* eBay, Verizon). This issue is often compounded when you’re singing into a fresh session.

Note that even if the site you’re on doesn’t do this, one of the services that they use in the background may. This can cause unexpected errors when creating accounts, applying for credit, making purchases, etc.

What About Self-Hosting?

Of course, you could cut down on some of the VPN limitations (i.e. trusting the provider) by hosting your own VPN, but there are limitations here as well.

One of the benefits of using a commercial VPN is that it makes it easier to blend in with a crowd; a key element of maintaining anonymity. When using a commercial VPN, you’re one of thousands or potentially millions of users who have recently used that service. If you’re identified as a user of said service, more information would be needed to correlate specific traffic with your identity. If you’re using your own VPN, one mistake or one advanced fingerprinter can reveal you as the source of potentially all of the traffic coming from your VPN server.

Finally, it goes without saying that the VPS you’re using to host your VPN also needs your real IP address, likely knows your real identity, and potentially has worse privacy policies than VPN providers. Therefore, you’re generally better off with a commercial VPN.

When to Use a VPN

The following only applies to the use of a trustworthy* VPN. VPNs are generally useful for the following:

  1. Masking your browsing activity from your ISP. Your ISP is meticulously monitoring everything you do online and in some cases, sharing this data with 3rd parties. They use this data for advertising or other purposes such as limiting your bandwidth while torrenting. Using a VPN (or Tor) will dramatically diminish what they can see. If you use a VPN, it’s critical that you choose one that you trust more than your ISP. In terms of privacy, a VPN shifts risk from your ISP to the VPN
  2. Bypassing IP-based restrictions imposed by governments, employers, streaming services (Netflix, Hulu, et al.).
  3. Limiting fingerprinting by the sites you visit. Many sites use your IP address to identify you and share this information with data brokers, advertisers, social media companies, and other creepy organizations. As an added bonus, using VPN servers in privacy-friendly jurisdictions (France, Iceland, Sweden, Switzerland, et al.) can help cut down on privacy-invasive practices as you browse the internet.
  4. Connecting to a server that blocks Tor traffic (good luck using YouTube over Tor). Tor offers stronger privacy protections than VPNs, as well as being free! If you can’t use Tor, a VPN may be the next best option.

When NOT to Use a VPN

If Tor isn’t an option, it usually makes sense to use a VPN. However, there are some circumstances where using a VPN may do more harm than good:

  1. As mentioned above, some websites will either block VPN traffic or take other action against VPN users (e.g. locking your account). Unfortunately, there is no feasible way to determine which sites take these actions, so this is a trial and error process. If you encounter this, it may be worthwhile to take your business where you aren’t treated like a hacker for trying to maintain your privacy.
  2. When using systems that involve identity verification, particularly if money or credit is involved, using a VPN can trigger denials, errors, and other issues. These systems generally treat VPN traffic with heightened suspicion, so you may want to leave the VPN off for this kind of activity.

Final Thoughts

As you can see, despite the limitations, VPNs still have a lot to offer. We‘re of the opinion that, when Tor isn’t an option, browsing with a trustworthy VPN is almost always better than nothing. For everyday browsing, the question really boils down to:

  1. Whether you trust your VPN provider more than your ISP. Considering ISPs are generally in the targeted advertising business and have very, very cozy relationships with law enforcement and intelligence agencies*, your browsing data is likely better off in the hands of a solid VPN provider than your ISP.
  2. How comfortable you are with your activities being indefinitely tied to your identity. If you’re not, and you shouldn’t be, masking your IP address is one step in the right direction; albeit of many.

However, if you’re going to use a VPN, always bear in mind that:

  1. VPNs are not a panacea in terms of online anonymity. There are many other precautions one must take to maintain privacy online. This is why the privacy community throws so much shade on VPNs – they give many novice users a false sense of security.
  2. Using a VPN can be inconvenient and frustrating as websites and services fight to block and harass privacy-conscious users

*See Room 641A (Wikipedia) and NSA Spying (EFF)

Support Us

We’re an ethical company that puts our community first. You won’t find us injecting targeted ads or trackers into our website, peddling sketchy products/services, or selling our visitors’ data to 3rd-parties. As a result, our visibility and resources are rather limited.

Please consider supporting us to help keep our mission going. There are several ways to make a difference – from cryptocurrency contributions to simply sharing our content. Every bit of support is greatly appreciated and helps us make the world a more private, secure, and prosperous place.

More Great Content

  • All
  • Finance
  • Privacy & Security
  • Technology
Finance - Budgeting - Financial Planning - Accounting - Asset Allocation - Taxable and Tax-favored Accounts - Cash Finance

Asset Location: Taxable vs. Tax-favored Accounts (401k, IRA, HSA)

Asset Location (AKA Asset Placement) is a strategy for organizing your assets in an optimal way that helps you meet your financial goals. In the previous episode, we focused on asset location strategies for reducing taxes and simplifying your tax return. In this episode, we focus on asset location considerations ...
Continue →
Security - Software - Email - Computer Screen Privacy & Security

Email is Insecure – Here’s How to Improve Email Security

Email was never designed to be private or secure, so not surprisingly, it is neither private, nor secure. In the previous episode, we explained the reasons why as well as the risks inherent to email. However, email is so prevalent that it is unfortunately a necessary evil. In this episode, ...
Continue →
Planning - Concepting - Whiteboard - Tax Planning Tips - Asset Location - Asset Placement Finance

Asset Location: Reducing Taxes & Simplifying Your Tax Return

Asset Location (AKA Asset Placement) is a strategy for organizing your assets in such a way as to reduce tax burden, simplify your tax return, and manage risk. We discuss our Asset Location strategies, which includes specifics about tax treatment for growth stocks, dividend stocks, taxable bonds, real estate investment ...
Continue →
Drake - Bad Choice-Good Choice - Linux vs Windows macOS ChromeOS Technology

Linux Doesn’t Suck – Here’s Why Even Normies Should Use It

Linux has long been viewed as a science fair project for nerds. We explain why Linux doesn’t suck and why it's now usable even for normies. Some of the items discussed: Issues with Windows, ease of use, performance (efficient use of resources), hardware support, application support, OS licensing, concerns about ...
Continue →
Email - Mobile Phone - Privacy and Security - Technology - Hands Privacy & Security

Email is Insecure – Stop Using it for Sensitive Communications

Email is the primary means of sending messages and documents for many people. Unfortunately, email was never designed to be private or secure. Over time, we’ve developed several tools and techniques to help make it more secure. But at the end of the day, no matter how uncomfortable it makes ...
Continue →
Woman Shopping - Holding Shopping Bags - Retail - Spending Money Finance

What Does it Mean to be Able to Afford Something?

Most everyone will agree that you shouldn’t buy things that you can’t afford, yet so many do. Why is that? It seems to us that one of the reasons for this is because many don’t know what it means to be able to afford something. Spoiler alert – it doesn’t ...
Continue →
Scroll to Top