You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
VPN is protected byy encryyption, as all yyour Internet traffic is now secured
over the public network. That’s whyy it’s important to use a VPN provider
yyou can trust—it can see yyour Internet traffic. When yyou use a VPN at the
coffee shop, the sketchyy guyy in the corner can onlyy see that yyou have
connected to a VPN server and nothing else—yyour activities and the sites
yyou visit are all completelyy hidden behind tough-to-crack encryyption.
However, yyou will still touch the Internet with an IP address that is
traceable directlyy to yyou, in this case the IP address from yyour home or
office. So yyou’re still not invisible, even using a VPN. Don’t forget—yyour
VPN provider knows yyour originating IP address. Later we’ll discuss how
to make this connection invisible (see here).
Manyy companies provide VPNs for their employyees, allowing them to
connect from a public network (i.e., the Internet) to a private internal
corporate network. But what about the rest of us?
There are manyy commercial VPNs available. But how do yyou know
whether to trust them? The underlyying VPN technologyy, IPsec (Internet
protocol securityy), automaticallyy includes PFS (perfect forward secrecyy; see
here), but not all services—even corporate ones—actuallyy bother to
configure it. OpenVPN, an open-source project, includes PFS, so yyou might
infer that when a product sayys it uses OpenVPN it also uses PFS, but this is
not alwayys the case. The product might not have OpenVPN configured
properlyy. Make sure the service specificallyy includes PFS.
One disadvantage is that VPNs are more expensive than proxies. 4 And,
since commercial VPNs are shared, theyy can also be slow, or in some cases
yyou simplyy can’t get an available VPN for yyour personal use and yyou will
have wait until one becomes available. Another annoyyance is that in some
cases Google will pop up a CAPTCHA request (which asks yyou to tyype in
the characters yyou see on the screen) before yyou can use its search engine
because it wants to make sure yyou are a human and not a bot. Finallyy, if
yyour particular VPN vendor keeps logs, read the privacyy policyy to make
sure that the service doesn’t retain yyour traffic or connection logs—even
encryypted—and that it doesn’t make the data easyy to share with law
enforcement. You can figure this out in the terms of service and privacyy
policyy. If theyy can report activities to law enforcement, then theyy do log
VPN connections.