Last updated by The POOG on September 30, 2020.
In this section we present a technology that can enhance your security as well as your anonymity when using the internet. If you first read the article on this site The Internet, some terminology used in this article may be more understandable.
Every device that connects to the internet has a unique IP address that among other things, identifies its physical location. When Netflix and other streaming media services block transmission of content to your country for whatever reason such as copyright, your IP address identifies your country and you are then blocked.
You don’t give out personal information such as telephone number, street address, email address, etc. to everyone without your consent. Yet every time you go online you give certain information to the party at the other end about your location; you’re giving away a degree of privacy.
There is, however, a solution to this. It’s called a virtual private network or VPN. There are many companies that provide VPN service on a subscription basis. Bellow is how the VPN works.
How a VPN Works
The VPN service provider has servers in multiple counties – over 90 different countries in a few cases. When you subscribe, you load VPN software onto your computer. When you turn your computer on, the VPN software starts automatically and will rout your internet traffic through a remote VPN server that your VPN vendor has in a country that you have chosen from their availability list.
Every action that you take on the internet whether communicating with someone or ordering online, is transmitted as a series of data packets. Your VPN software intercepts the data packets before they leave your computer, strips out your own IP address and encrypts the data. It attaches the IP address of the remote VPN server that you chose, to the packets as what is called metadata. It then transmits the packets across the internet. In essence, the software creates an encrypted ‘tunnel’ from your computer to the remote VPN server.
At the remote server, the packets are decrypted and sent to the party that you are transacting with. Your data, however, now bears the IP address of the remote VPN server.
When the party that you are transacting with gets your data and decodes the location from where it was sent, it thinks that you are in the country where the remote VPN server is located.
When your party responds, the response goes back the same route that your data travelled (well not quite but don’t worry about that). This response is encrypted by the remote VPN server and sent to your computer where your VPN software decrypts it and presents it to you.
This process has two security features. One is that your remote party has not seen your real IP address and thinks that you are where you are not. The other is that the encrypted ‘tunnel’ between your computer and the VPN allows no one, including your ISP, to see your real data.
This location ‘spoofing’ makes it much harder for companies such as advertisers to locate you. It also helps protect against ISPs selling anonymized metadata about your web habits. To defeat GPS location tracking, look for a product that installed on smart phones, can also do GPS ‘spoofing’.
On this last point, metadata is like the envelope that you send a letter in. It has name and address information of both sender and receiver, information that a company harvesting web data might want to buy or sell.
What to Look for When Shopping for a VPN
The following are factors to take into consideration and are presented in no particular order. An internet query will find several comparison reviews of the leading products. Different reviewers make different choices on which are best.
Location and Number of Servers
The service should offer servers in at least 40 countries distributed globally. The leaders in the field will provide at least this much coverage and sometimes much more.
Often, VPN vendors will have multiple servers in multiple lcations within a country. Servers can usually be found in the major European countries, in Asia, the Pacific countries, and in North, Central and South America.
The vendor should include software updates at least once a year and preferably more frequently. This tells you that they have staff actively monitoring developments in the field and improving the product.
A support line would be a bonus but the product is quite simple and if well written and documented, should not require more. Telephone support is unlikely with the economy products but look for 24/7 email and live chat support.
The list price can appear steep, but the VPN vendors offer steep discounts for longer time periods. I chose Surfshark’s 2-year package for $1.99 / mo. USD, that works out to an 83% discount off the full price, paid up front.
This is a difficult one to estimate. It is best done by reviewers who can set a standard test protocol and use it to create a comparison among the products that they evaluate. Faster is better.
For example, PC Magazine, a top product reviewer, compared 9 leading VPNs:
As you can see, there is a fair range of differences.
A protocol is a specification that defines the communications parameters and procedures used in writing the VPN client (user end) and server software.
Look for a product that uses open source protocols like OpenVPN and IKEv2. Such protocols are supported by large developer communities that are constantly fixing bugs and adding features.
The VPN should use one of the strong 256-bit encryption algorithms available such as AES-256-GCM. If a product only offers 128-bit algorithms, pass it by.
Application Platform Software
The VPN vendor should offer versions of its software (apps) for all the major operating system including Windows, Mac, iOS, Android and Linux. Look for extensions for popular browsers such as Chrome and Firefox.
Certainly your system and browser need to be supported. You may also look for website-unblocking and Netflix unblocking features.
You may have your VPN software installed on multiple devices such as a laptop, a desktop, a tablet and a smart phone. You may have multiple users in your home so that several devices may be using the VPN service simultaneously.
You should pick a vendor that provides a large enough simultaneous connections to meet the most extreme case of usage that you anticipate. Remember, we are adding new ‘smart’ devices to our environment all the time.
There are other high-end or rarely seen features that some vendors offer.
This is a split-tunneling feature that allows the user to create a list of websites whose traffic should not be routed through the VPN tunnel but sent in the regular manner.
Some sites that you regularly access such as banks or paid streaming media services need to be able to verify your real IP address. For example, your bank or brokerage firm may ask for additional security verification if it doesn’t recognize the IP address. This can be annoying.
Multihop is an uncommon feature that will route your VPN trafic through two or more VPN servers in different countries. This adds a level of security but decreases the speed of transactions.
This is a desirable feature that informs you immediately if the tunnel goes down for some reason. It may terminate what you are doing. Should this happen, you would lose the benefits of encryption and location spoofing.
This is the terminology for address spoofing described above.
A VPN offers several benefits:
- Your location is hidden from the party at the other end.
- This in turn allows you to bypass restrictions on content that may be blocked to you because of your country of residence.
- Web browsing habits are not revealed at your end.
- Your data as well as your metadata are hidden from your ISP by encryption, preventing it from being collected and sold, a process that is legal in the US.