How and why I got a VPN

As part of my ongoing efforts to lock down my cyber-life, I finally decided to investigate VPNs (virtual private networks) and subscribe to one, if it seemed to be a good idea.

Well, it is a good idea. So I got one, and it was pretty cheap.

What is a VPN, anyway?

A virtual private network, briefly, is subscription service (there are free ones, but don’t use a free one) that you can connect to in order to mask your IP address, pretending (unsuccessfully if you’re using a mobile connection) that you’re connecting to the Internet from somewhere else, while encrypting the data that passes between you and your ISP (which can mean your data is encryped as it passes through wifi). It doesn’t replace your ISP; you still need an ISP to connect to the Internet. More specifically, a VPN (typically, a for-profit company):

  1. Is runs a number of servers (computers), which ideally are located all around the world, each of which connects to the Internet on your behalf.
  2. Is a service you connect to, as a data “tunnel” to the Internet. You can set up your computer or phone so that it connects to the VPN whenever you get online (or whenever you like). All your requests to the Internet, and all the responses you receive from the Internet, are routed through one or another of the VPN’s nodes.
  3. Encrypts the data exchanged between its servers and your device.
  4. Typically doesn’t log your traffic (but there’s no way to know this for sure) or intercept your data (unless they receive a specific court order to do so in your case).
  5. Is typically a paid service; there are free ones.

Why would I want a VPN?

So, what does a VPN do? What is it good for? What are the benefits? Why would you get one? Several things (cf. this useful intro):

  1. Foil the NSA, maybe. You connect to the Internet via your ISP at home, right? Well, since data you exchange with the VPN is encrypted, your ISP can’t detect anything about what websites you’re looking at or what information you’re sending. Since mass surveillance (e.g., by the NSA) is typically done at the ISP level, this foils such surveillance. But maybe you trust all the fine, upstanding people who work for the government and don’t care. Well, there are other reasons, as well:
  2. Make it harder for websites, hackers, and advertisers to spot you. When you connect to a website without a VPN, it typically logs the IP address that is accessing it, maybe info about your device, browser, etc. This can be used by the website to track you and for various nefarious purposes. When you connect with a VPN, websites log data from the VPN’s server, which says nothing about you. This protects your information privacy and security (which you should care about!).
  3. Use airport, hotel, and restaurant connections securely. If you connect to the Internet via your airport’s connection, hackers can pretty easily do nasty things with your data stream. But if your data stream is completely encrypted on its way through the airport’s wifi to and from the VPN, those hackers can’t touch you. Take that, hackers! This is a huge advantage to me, considering how much traveling I’m doing these days.
  4. See content as if you were elsewhere. If you want to access information that is accessible only by IP addresses from a given country (such as the U.K. or the U.S.), a VPN lets you do so. You can make it look like you’re from there! E.g., I can watch Brits-only content from the BBC. That’s just kind of cool.
  5. More safely do P2P file sharing. If you must, and are cheap, and refuse to pay the creators of your content, you bastard.

If you don’t care about privacy or security or striking a blow against mass surveillance, then you should pass. If you do care about those things, consider getting a VPN.

WThere’s one significant disadvantage about VPNs, which makes me sad, but I’ll live with it: VPNs do slow down your Internet connection, but not necessarily by much. As you know (if you know how the Internet works at all), Internet traffic bounces from node to node as it makes its way from the website (or whatever) you’re accessing to your device. The VPN adds one node to that trip. As long as you connect to a VPN server located near you, this trip isn’t actually lengthed by much. BestVPN.com says it slows down your connection speed by 10%, but the actual amount at any given time depends on many factors. I rarely notice much of a difference, for what it’s worth.

Update: after using it for a couple days, my VPN (which is reputedly one of the faster ones) doesn’t really noticeably slow down my connection, even at the hotel. Except when I was connected to the U.K., and then the only problem was that I had to buffer a video once or twice.

What VPN did I choose?

I’m not telling. I spent some hours doing research. A name emerged. You should do the same and use your own judgment. Be careful not to subscribe to any shady VPNs; they doubtless do exist and it might be hard to figure out whether yours is one. There can be problems with the software as well. Unfortunately, some amount of trust is involved if you’re not a specialist. I bore these requirements in mind:

  • Don’t just look for claims that they don’t keep logs; check that the claims have been verified (by consultants, courts, or police).
  • Bear in mind that many reviews might be paid for and so can’t be trusted. It might be hard to tell which reviews these are.
  • Speed.
  • Can one determine who owns the company? Do they look legit?
  • Support for Linux.

There are other features you might be interested in, of course.

How hard was it to buy and install?

I can speak only about the one I bought and installed: it was dead simple. It was no harder to buy than any other subscription service. As for installation, I had it downloaded, installed, and working in maybe two minutes. Of course, that’s just the one I bought.

Note, you don’t have to install special software to use a VPN, e.g., if you’re using an OS or browser that has the software built in.

There’s much more to know about VPNs, which you might want to know if you’re going to get into it. You’re just getting a rank beginner’s explanation of why he got one, here.

This is part of the series on how I’m locking down my cyber-life.


by

Posted

in

,

Comments

Please do dive in (politely). I want your reactions!

7 responses to “How and why I got a VPN”

    1. Thanks. TIL “Opera is owned by a consortium of Chinese companies, including Qihoo 360.” So that’s why it exists…it’s the RT of the browser world.

      I’m curious if you think rolling your own is a good idea (if one is up to the task).

  1. Robert Braunschweig

    Hi, I’m seriously confused about VPNs, TOR and the NSA. Some sites say that the NSA can’t crack VPNs, TOR gets you added to the “Persons of Interest” list and so on.

    Does anyone know the truth?

    Let’s assume that I’m a “Person of Interest”, for the sake of argument OK? Maybe I use TOR, maybe I blogged 911 was an inside job, etc. So now the NSA monitors every bit of data going through my ISP, which is a cable modem FWIW. The router is an Asus AC-3200 which connects with OpenVPN to my VPN, which is ExpressVPN. It uses RSA 2048 bit encryption and SHA256 key sizes. BUT the NSA would have been there while I created my account and would have recorded any keys, passwords, etc. Then I connect to the router with a laptop which is booted from a TAILS usb, which has TOR pre-installed as part of TAILS.

    Dnsleaktests show no leaks at all.

    So, can the NSA listen in to everything I’m doing or not? Please, let’s set the record straight.

    Thanks, Rob

    1. I doubt I know more about this than you do. I’d like the scoop about all this as well. Part of the reason I’ve installed a VPN is simply to educate myself more about all these things. But yes—we need to know more about how the NSA and CIA and whatnot might be involved in the VPN companies themselves. There are a lot of questions that really need to be sorted out.

    2. You have to assume that no one knows exactly what the spy agencies are able to crack.

      The use of both Tor and a VPN can be detected by an ISP. What they do about it, we don’t know. There was a case at Harvard (I think) where someone did something bad via Tor and they were able to determine that only one person in the school was using Tor at the time. Encryption did not help that guy.

      Tor on a virgin system (thanks to TAILS) run through a VPN is pretty high end. You can still up your game using a VPN provider that accepts cash, so they have no idea who you are. And, you might try to connect to a different VPN server every day.

      Still, no one really knows how safe this makes you from spying. Safer than everyone not doing this, that’s for sure.

  2. Anon

    1. All of the VPN providers will just give all your data to the NSA, because laws require it to do so. You just can’t hide from the NSA and things like these, if you are targeted by somebody with a lot of money, you just lost the game already.

    Using a VPN for anonymity also doesn’t make sense. It also turned out that a lot of VPN providers sold their users data despite they said that they never will do such thing. How could you really trust anybody based on promises? If you use a VPN, then the provider will know exactly what sites you visited and everything you do. Plus you paid for it. Just use Tor on Qubes-Whonix, they don’t promise anything but at least you won’t waste your money.

    2. Just use TAiLS from a virtual machine instead if the site in question doesn’t block Tor.

    3. Actually, hackers can still hack you. When you connect to a rogue router it can attack your computer even before you have a chance to connect to your VPN. You need to use Qubes OS to defend against this threat.

    4. You can do the same with Tor. You can configure in torrc what exit nodes you allow (which countries).

    5. Tor also helps in this case, just use Whonix.

    1. 1. “All of the VPN providers will just give all your data to the NSA, because laws require it to do so.”

      Well, not if they’re located out of the country, and not if they don’t do logging. There is some evidence (not totally convincing, but some evidence) that some of them do not.

      “Just use Tor on Qubes-Whonix, they don’t promise anything but at least you won’t waste your money.”

      Tor is really slow. VPNs slow you down only by 5-10% in my experience.

Leave a Reply

Your email address will not be published. Required fields are marked *