A Beginner's Guide to VPNs | Binance Academy

Introduction

In the digital era, your Internet service provider (or ISP) is your gateway to the online world. These businesses are the ones that sell you your Internet subscription and connect you to other machines worldwide. Without ISPs, you can't easily get online to indulge in social media or stream your favorite shows on Netflix.

Unfortunately, this puts you in a somewhat vulnerable position. ISPs insert themselves as middlemen, becoming parties to any communication between you and websites. In addition, the Internet structure is such that you might end up revealing your personal information whenever you visit a website. Fortunately, VPNs can help prevent those kinds of issues.

What is a VPN?

A VPN (or Virtual Private Network) is a secure tunnel that connects your device to another network over the Internet. It can be used to connect to corporate networks, for instance, or simply to browse the web without revealing your details to websites.

How does a VPN work?

To understand what a VPN does, it's important to grasp how regular communications work between you and a website.

A simplified route from your devices at home to a website.

Suppose that you want to access the I Love Honey Badgers website (e) from your laptop or smartphone (a). You type a human-readable name into the address bar (i.e., ilovehoneybadgers.com), but your machine translates it into a number. That number is the site's IP address, which is a bit like a physical address. When you send a letter, you need to let the postal office know what address it's going to. In essence, you do the same for data transmitted online.

Your device isn't connected directly to the Internet (d). It needs to link up with something that can pass the message along. In your house, you probably have a router (b) to which you connect multiple devices. The router then communicates with your ISP (c), which connects to the Internet. From there, your request can be routed along to the website you're visiting (e).

Of course, the website needs to know where to return the requested information, so it must know your IP address. Therefore, anytime you communicate with services in this manner, they have an idea of where you are.

To many, the degree to which information is public at this level is alarming. You can encrypt the data that you send, but IP addresses reveal a lot about your intent. For instance, your ISP might not know that you're reading about honey badgers on I Love Honey Badgers, but it'll see that you're trying to access that domain.

If you want to be private about the websites you visit, you should use a VPN.

For commercial VPNs that you're using to browse, that typically works as follows:

You purchase a subscription from a VPN service.
You receive credentials to authenticate yourself.
You install a VPN client to communicate with the VPN server.
A tunneling protocol establishes a secure connection between your device and the server. Examples of possible protocols include OpenVPN, L2TP/IPSec, and PPTP.
When you want to access a webpage, you pass the data through the tunnel to reach the server.
The server requests the information from the webpage and returns the response through the VPN tunnel to you.

The tunneling protocol creates a sort of private channel between your device and the VPN server. The information inside is then encrypted so that outsiders can't read or access it. Because your Internet traffic is now routed through another server, the website won't be able to see your real IP, but only the ones provided by the VPN.

An encrypted tunnel is established between your device and your VPN server.

In that sense, you could think of the server a bit like an exit node on the Tor network. The source of the request is obfuscated and piped through the Internet to make it look like it's coming from a different device.

Why should you use a VPN?

There are numerous VPN use cases. You might already use one in your business, as it allows employees remote access to the company's intranet in a secure manner. Another extremely compelling reason to use a VPN is for your online privacy and security. The very architecture of the Internet requires that its users must be proactive to ensure they're staying safe. If they are too passive or not careful enough, they risk being exposed or hacked.

Every time we go online, we leak information that could fall into the wrong hands. Personal data is increasingly viewed as a valuable resource, both by malicious actors and legitimate businesses. Ultimately, VPNs make it harder for others to find out who you are.

If you're using public WiFi networks, it's essential that you understand the dangers. Though you could expect a degree of privacy from your home WiFi, your local coffee shop's router offers no such guarantee. In fact, public WiFi hotspots are a playground for malicious actors. If you absolutely must use them, VPN protection is highly recommended. At the bare minimum, opt for websites that rely on the HTTPS protocol instead of HTTP, as the former encrypts the connection with SSL/TLS.

Read more about the risks associated with public WiFi in Why Public WiFi is Insecure.

Pros and cons of using a VPN

Pros of VPNs

Stronger security and privacy

Because your communications pass through an encrypted tunnel, no one but the endpoint (i.e., the VPN provider) can make sense of them. This encrypted connection prevents ISPs, hackers, and other spies from harvesting your data. If the site you're accessing is using HTTPS, then the VPN server cannot see the contents of your request. They'll only know what site you're accessing.

Greater privacy

On top of preventing your ISP from learning what you're doing online, VPNs can also protect your personal information.

Cost and variety

With a little effort, you can set up a VPN by yourself. Alternatively, there are many providers offering access to servers in hundreds of countries. Some come with proprietary applications for both mobile and desktop operating systems, while others simply require that you connect through open-source software.

Cons of VPNs

Slower speeds

It stands to reason that VPN connections are often slower than regular ones. After all, you're introducing at least one additional step between your device and the websites you visit. For instance, if you're in the UK and use a server in Australia, you not only need to consider the latency, but also the server's upload/download speeds.

Providers know who you are

Your IP address is masked to the outside world, but not to the VPN provider. There's a possibility that they keep logs of your activity and, in some cases, turn it over to government agencies. They could also sell it to other parties. That's why it's important to research and compare the VPN providers before picking one.

Possibly illegal

Some nations outlaw the use of VPNs, employing techniques like deep packet inspection to identify users. In these jurisdictions, attempting to mask your network traffic may cause you legal trouble and can make you stand out to authorities.

Not enough

VPNs are by no means a one-click solution for online anonymity. They can provide a false sense of security, when, in reality, there are many other methods for surveilling Internet users.

➠ Looking to get started with cryptocurrency? Buy Bitcoin on Binance!

Best VPN practices

Whether you've just decided to take the plunge or already have a VPN, there are some things you need to know about how your chosen VPN operates.

You could decide to set up a VPN because you don't trust your Internet service provider. It's a valid reason for doing so, but you should be aware that you're not abolishing trust altogether. Instead, you're taking it out of the hands of your ISP and placing it in those of the VPN provider.

It's, therefore, important that you pick a provider that you trust. If you're unfamiliar with the VPN industry in general, you might be wondering where to start. We'll now outline some things to look out for when shopping for a subscription.

Good reputation

When it comes to your online privacy, you don't want to go for the cheapest VPN option. At best, free VPN providers will profit from your data in some way. At worst, you could be installing malware that does a lot more harm than good.

Reputable services can be found for the cost of coffee monthly. Read impartial reviews on the various offerings, compare costs, speeds and server locations. If you are serious about it, you might want to check their Terms of Services as well. There are numerous unbiased sites that present side-by-side comparisons to help you decide. As with cryptocurrency – do your own research!

Desirable attributes

Everyone's threat model will be different. For the more privacy-conscious, you might want to consider VPN providers that offer the following attributes.

Surveillance-free jurisdictions

The Five Eyes is an alliance of countries that share intelligence with each other. Originally an agreement between the UK and the USA, it has since expanded to include Canada, Australia, and New Zealand. These nations controversially share information about their citizens with each other.

Though (allegedly) not as rigorous in their information-sharing, the Nine Eyes (which also include France, Holland, Denmark, and Norway) and the Fourteen Eyes (+ Sweden, Spain, Germany, Italy, and Belgium) are extensions of this alliance.

Privacy activists warn against using VPNs domiciled in these jurisdictions. If you're in a Five Eyes nation and access the Internet through Five-Eyes-based VPN servers, your government would still be able to request your activity. Again, whether you feel this is necessary depends on your risk profile. Some perceive the avoidance of these jurisdictions to be overkill.

Internet kill switches

Many VPNs incorporate a feature known as a "kill switch," which is a security measure that cuts your network connection if the VPN protocol isn't working properly. It's a handy mechanism that can prevent you from accidentally leaking your IP address should your VPN malfunction.

Logging policy

VPN providers committed to protecting the privacy of their users typically adopt a "no logs" policy. This simply means that they won't keep a log of your activity. It should be noted that there's no way for you to verify this. The business could be lying. There are examples in recent history of "no log" providers that have been compelled to share data about users with authorities.

Some suggest that any provider boasting a "zero log" approach is disingenuous, as some data has to be collected. As a result, users should seek out companies that provide clear breakdowns of any data they retain.

Cryptocurrency-friendly

If you want a VPN for online privacy purposes, chances are that you dislike sharing your personal information. Your debit and credit card details are perhaps some of the most sensitive information you own, so it's understandable that good providers offer alternative payment solutions. Many enable you to pay via a range of cryptocurrencies instead for a more private experience.

Multi-device support

Some subscriptions allow you to protect not only your PC (whether Windows, Mac or Linux), but smartphones and IoT devices. If you want to ensure coverage across your entire home network, a subscription that can be used on multiple devices may be desirable.

Closing thoughts

Virtual private networks are fast becoming an integral tool for Internet access, whether you're at home or on public networks. Cheap but efficient, VPNs allow you to protect valuable personal information from both your ISP and the websites that you access.

Nonetheless, it's important to understand that VPNs aren't silver bullets. Total anonymity online is something of a myth, as there are innumerable ways for adversaries to gain access to your data. Things like cookies and device fingerprinting can leak a lot of information, too. To avoid common security pitfalls, VPNs should be used in combination with other security and privacy technologies.

➠ Questions about VPNs? Head over to Ask Academy!