If a VPN connection exists, the data is transferred between two or more computers on the Internet via a secure tunnel. The computers can access each other as if they were in a local network.
VPNs for business and consumer
In the past, virtual private networks were primarily used by companies, for example to securely link specialist departments with each other or to provide field staff with access to the corporate network. Today, VPN also represents an important service in the consumer sector, which is used primarily to secure public Wifi networks against attacks.
And because the VPN connection will certainly not lose importance in times of increasing cyber threats, we have summarized the most important facts about the Virtual Private Network.
Virtual Private Networks: Advantages for data protection & IT security
Unsecured Wifi Networks represent a security risk for users. Why? Because attackers sitting in the same network use a variety of techniques to “sniff traffic” or “hijack accounts” that do not use the https protocol. Some WiFi providers also deliberately sneak ads into the traffic, which in turn can lead to unwanted tracking.
Not to mention the governments in many parts of the world that have started to systematically monitor users, block visits to certain websites or detect attempts at “treason”. In other words, practices that threaten freedom of expression and thus human rights.
Once a VPN connection is established, all traffic is routed through a secure server – somewhere in the world. This protects your computer from local tracking attempts as well as hacking attacks and also ensures that your actual IP address is not visible to the websites and services you visit.
VPN connections: Not all are equal
There are different VPN technologies with different encryption types. The Point-to-Point Tunneling Protocol (PPTP), for example, is very fast, but not as secure as IPSec, OpenVPN and other protocols that rely on SSL/TLS. In TLS-based virtual private networks, the type of encryption algorithm and key length also plays a crucial role.
While OpenVPN supports many digit combinations, key exchange protocols and hashing algorithms, the most common implementation among VPN providers when it comes to OpenVPN is AES encryption with RSA Key Exchange and SHA signatures. We can recommend the following settings:
- AES-256 encryption
- RSA key, with a length of at least 2048 bits
- SHA-2 cryptographic hash function (instead of SHA-1)
It is worth knowing that the stronger the encryption, the stronger the effect on the connection speed. Which VPN technology – or encryption strength – is best varies from case to case and depends mainly on the data to be exchanged over the connection.
Of course, the security needs of companies differ significantly from those of private consumers. After all, the latter usually “only” have to ward off advertisement-driven sniffer attacks – unless they fear mass surveillance by secret services. In that case, the strongest possible encryption would be recommended.
Geoblocking and firewalls with VPN
In the consumer sector, VPN tunnels are also regularly set up for the purpose of bypassing geoblocking measures. These are there to restrict online access to certain content to defined regions. VPN service providers usually operate server farms around the world, which in turn allows users to jump back and forth between the “required” IP addresses. For example, if you don’t feel like waiting in a European country for the latest US productions of Netflix, you could use a Virtual Private Network and a US server to gain access.
There are, however, other cases where bypassing geoblocking measures or firewalls is entirely justified. In countries like China or Turkey, governments block access to certain websites and services for political reasons. VPN tunnels are also used here to circumvent the restrictions.
VPN provider: Free of charge or not?
Companies typically use specialized network equipment when setting up virtual private networks, while consumers can choose from many different VPN services, both free and paid. Providers of free VPN solutions usually rely on display ads, offer only a limited selection of servers and the connection speeds often leave much to be desired because of the mass of users. Further disadvantages of free solutions: The probability that the IP addresses of the service are blocked or filtered is high. And: the free VPNs are regularly maltreated by hackers, spammers and other cyber villains. But for casual users, free virtual private networks may still be the right choice.
Chargeable VPN services are usually based on a subscription model and differ in particular with regard to a (non-existent) throttling of the download speed or the existence of a data limit. Some providers also boast that they do not create any log files that could compromise the identity of their users.
There are also some companies in the IT security sector that have VPN solutions in their portfolio. These could be seen as a kind of middle way between the free and the more expensive commercial solutions. For users who are already customers, there are often discounts. Another advantage is that in this case you don’t have to worry about the security settings anymore.
Related Article: Why are Macbooks so expensive
Set up a VPN tunnel: Do-It-Yourself
Some time ago, a dream came true for IT nerds: their own VPN server. Now you can actually set it up at home and then access your home network from anywhere else via a VPN tunnel. This is a much better option than exposing these services directly to the World Wide Web, whose dangers were once again made abundantly clear in October 2016 by a large-scale DDoS attack via IoT devices.
In general, the fewer ports open on your router, the better. You should also deactivate the “UPnP” (Universal Plug and Play) option so that your weakly configured webcam cannot act out a virtual excess of violence at your firewall and suddenly send moving images into the wide world.
Some routers from the consumer sector have integrated VPN server functionalities – then you don’t even have to set up your own server in the network. And if the router doesn’t have such a feature – a cheap mini-computer like the Raspberry Pi does the job with flying colours.
To use a VPN service, you usually need to install its VPN software. This is usually available for the most well-known operating systems like Windows, macOS, Android and iOS. Some companies also support Linux or routers that work with the open source firmware OpenWRT. Relatively new are extensions for the browsers Chrome and Firefox, which restrict VPN use to the browser. Some companies have taught their software this functionality in a different way and call this “split tunneling” or similar. Instructions for the installation and configuration of the software are offered by practically all companies, but some of them only in English. If you experience problems with Chrome or issues with firewalls in Windows 10 you can usually find many guides on the service providers’ websites.
We have not listed some special solutions, as they only cover a part of the functionality. For example, the Tor network is a good privacy tool, but it is not suitable for data-intensive applications such as video streaming. The VPN service built into Opera is naturally limited to this browser. Both solutions are free after all. Keep in mind that VPNs can slow down your internet connection. So if you are playing games on your laptop or computer performance can be hampered, this is especially the case for multiplayer online games like First-Person-Shooter.
Related Article: Experiencing lag in PUBG?
VPN services: Our favorites
According to the companies, NordVPN and Cyberghost currently have the most servers, HideMyAss and PureVPN offer the largest country selection. Pure VPN , Bullguard VPN , Kaspersky and Private Tunnel/OpenVPN are the cheapest providers in this overview. Please also note exclusive price offers, which are always available depending on the service provider.
Anonymity: Unfounded advertising promises of VPN providers?
The revelations of Edward Snowden, regular data scandals and the ever new surveillance plans (expansion of video surveillance, expansion of the VDS) of federal governments: there are good reasons to be concerned about your privacy. After a short research on the Internet, the solution seems to be obvious: Virtual Private Network, VPN for short.
But is a VPN really the hoped-for solution for the data protection-conscious user? What is behind the advertising promises of VPN service providers? Is it really possible to surf the Internet “anonymously” and with minimal traces via a VPN?
We researched and confronted 20 VPN service providers with their advertising promise of “100% anonymity”. The answers of the providers show: For some providers it’s mostly all about business.
Especially the advertising promise of “anonymity” is widespread. This is hardly surprising, since the desire for anonymity and thus privacy on the Internet is a legitimate wish of many users, but it is hardly possible or only possible with a great deal of effort. Contrary to advertising promises, however, a VPN is not suitable for surfing the net anonymously and with few traces. There are several reasons for this:
- Technology: The IP address is indisputably a feature with which a user can be clearly identified. However, it is only one of many and is becoming increasingly less important. Tracking methods are now so advanced that they can identify the user by means of cookies, installed browser add-ons, screen resolution or the language set in the browser, for example. With the “masking” of the IP address by a VPN provider, only one of these features is thus effectively protected from being tracked by trackers and other “data sniffers”. This is too little – anonymity is not achieved by the mere use of a VPN.
- Human: We are creatures of habit and each and every one of us probably has more than 15 online accounts for various purposes: online banking, social networks, shopping, forums, e-mails and much more. Because of our convenience, the same browser, with identical browser features, is always used for all these purposes. Without appropriate browser add-ons, such as uBlock Origin, the user is virtually helpless against the trackers. The answer: surfing via VPN. But what exactly changes then? Basically only the IP address is “exchanged” and all traffic between the device and the VPN service provider is encrypted. The user now feels “protected” or “secure” and continues to log into his existing online accounts, which are often linked to his real name. Here again, anonymity cannot be guaranteed in this way – on the contrary, it will be revoked by the user himself. This means: Without an adjustment of surfing habits, local security measures against fingerprinting and DNS leaks, a VPN offers about as much anonymity as when Mr. Trump walks across Times Square in New York in public and hopes not to be recognized.
- Rights: A glance at the data protection regulations of a VPN provider is often extremely revealing. Contrary to their own promises, the following statements can often be found there:
In addition to the information you provide via our order form, we store the following data: IP address, the times when you use our services and the total volume of data transferred per day.
… we will never disclose information about you or your account to anyone except to employees of a law enforcement agency with the necessary documents and papers.
It should be clear to everyone: This goes against the very idea of anonymity. In this context, the location of the VPN provider plays a major role in data protection, from which in turn the legal obligations can be derived. Many providers are simply forced to keep server logs for a certain period of time or, for example, to forward information to investigating authorities. Thus you have a direct relationship of trust with your VPN service provider: Does he or she store your suffiency, or does he or she not? Nobody can really understand this, except the provider himself.
Most VPN service providers are only too happy to conceal these restrictions. The reason for this is understandable: It would be bad for business.
Related Article: Can you take laptops on planes?
3. Sensible application scenarios for VPNs
But wait – we don’t want to question the principle of a VPN per se. Because there are definitely useful applications of VPNs. Think of connecting external employees to a company network or bypassing geo-blocks that allow access to blocked content. But a VPN is also perfectly suited for another purpose: If you are in a public WLAN and want to protect yourself against “fellow readers”. Quickly, the VPN connection is established – and curious hoteliers and others are left out. These are application scenarios for which VPNs were originally designed – and not to surf the Internet “anonymously” or without a trace. VPNs can therefore help to cloack some of your data.
In our view, the vast majority of VPN providers can be accused of a lack of transparency and honesty. Here, the fears of the users are deliberately played with in order to sell them a service that, on closer inspection, cannot deliver what it promises. Basically, this is a deception, since VPN providers do not or only insufficiently inform their customers about the limits of the promised anonymity.