Tighten Up Your Security with a VPN: LuxSci’s Guide to Choosing One that Works for You
As online crime figures continue to grow and government spying moves forward unabated, many people are becoming worried about their privacy and security. With the US Government striking down a set of privacy laws that were set to boost individual rights on the internet, things are getting pretty grim.
In recent years, VPNs have become more popular for personal use as individuals attempt to reclaim some sense of anonymity online. Given how many entities could be looking at your activity – governments, advertisers, your ISP and criminals – a VPN is one of many tools you can use to help protect yourself. VPNs can also be useful for circumventing censorship or accessing geo-restricted content.
A VPN can be excellent for helping you stay safe online, but you also need to be aware of the limitations. Unfortunately, VPNs aren’t some magic technology that immediately makes you impenetrable – they are merely something that enhances your security.
You also need to be aware that not all VPNs are created equal. In fact, the VPN industry is incredibly messy and the dodgy operators far outnumber the good. There is a huge disparity in the services and protection level that are on offer. This ranges from the free VPNs, which are poorly regarded, to the scammy companies that are just in it to make a buck, to the more trusted options that generally have good reputations. Finding a reliable VPN isn’t the end of the battle. You also have to set it up and use it properly.
Does Using a VPN Make You a Target?
VPNs help to obscure your identity online, so it is only natural to assume that they attract a fair amount of illegal activity. Of course, there are many legitimate reasons to use a VPN as well, but that doesn’t stop the authorities from paying extra attention to VPN servers.
When the details of the NSA tool, Xkeyscore, were made public in 2014, it confirmed the long held suspicion that governments would target users of privacy-enhancing technology such as TOR and VPNs.
Just because these technologies are being monitored, doesn’t mean that you should avoid using them. It means that you should look for high quality vendors that you can trust, preferably those based outside the jurisdictions of hardcore surveillance states.
Can You Trust a VPN? How Do You Know If They Are Telling the Truth?
VPNs encrypt your traffic only between the VPN client on your device and the VPN server. This means that your ISP and others cannot see the details of what is traveling through them. This is great if you don’t trust your ISP or the government. The problem is that you have to place your trust in your VPN provider instead.
Given how many dodgy operators there are on the market, finding a VPN you can trust isn’t all that easy. In your search for a reliable provider, you will encounter many VPNs that promise anonymity, say that they don’t keep any logs, or assure you that they would never hand over your data to the authorities. How do you know if this is true?
If any of this is hidden or they rebuff basic questions about their jurisdiction or their logging policy, run for the hills. If they can’t be clear and honest with you upfront, they probably aren’t a service that you can rely on.
Another good way to judge the reliability of a VPN is by looking at its past performance. Give the provider a quick Google to see if it has received any news coverage. If you check out the provider HideMyAss, for example, you will see that they have previously given the authorities data on a LulzSec hacker, while PIA’s log policy has been tested in court, confirming that they do not keep activity logs.
What Payment Methods Do They Accept? What Details Do They Need?
If you are engaging a service in an attempt to stay anonymous, you don’t want to give them any details that could be linked back to you. If your VPN provider only accepts credit cards and asks for a stack of personal details, these are huge red flags that they do not respect privacy.
An ideal VPN provider should accept payment in Bitcoin or other cryptocurrencies, but you still need to be cautious with your payment. If you don’t clean your Bitcoin through tumblers, the money can still be traced back to you. A good VPN provider shouldn’t need any more of your information than a burner email address.
Does the VPN Provider Take Logs?
Many VPNs will log your connection times or even your activity. There can be legitimate reasons for doing this, such as to assist in managing their servers. Despite this, any logging adds an extra element of danger to users.
If the authorities subpoena a VPN company for the records of a user, few executives will risk going to jail over noncompliance. In all likelihood, they will give up all of the information that they have on the suspect. If they don’t keep logs, then there isn’t much that they can give to the authorities.
If a VPN provider keeps activity logs or even connection logs, agencies can use this data to piece a case together against a suspect. This is why it is important to choose a provider that doesn’t take any logs, particularly if you are engaged in any high stakes activities.
Where Is the VPN Provider Based?
The location of the servers and where an operator is legally incorporated will also impact how much you can rely on a VPN. If it is based in the US or any of the 14 Eyes (Australia, Canada, New Zealand, the US, the UK, Denmark, France, the Netherlands, Norway, Germany, Belgium, Italy, Spain and Sweden), it may be best to stay away from their service.
This is because the spy network between these countries shares information. Given what we’ve seen since the NSA releases, it is not unreasonable to suspect that VPNs in these locations could be compromised.
If you are engaging in a high risk activity, choosing a VPN from outside of these countries probably won’t be enough to keep you safe. In this case, it is probably best to combine a VPN with other privacy technologies such as TOR.
Ideally, you should look for a VPN that is based in a country with a high degree of internet freedom. It is also best to stay away from areas that are renowned for online crime, such as Eastern Europe.
What Type of Encryption Does the Provider Use?
VPNs mainly use the L2TP/IPSec, PPTP or Open VPN protocols. The first two are considered insecure. If you are serious about your security, you will want to choose a provider that offers AES-256 encryption with the OpenVPN protocol.
The Danger of DNS Leaks
You’re safe if you use a VPN, right? Not necessarily. If your VPN isn’t configured properly, you could have a DNS leak that exposes your activity to your ISP and other parties. To keep your activity private, you need to make sure that your DNS requests are routed through your VPN provider’s DNS servers. When choosing a VPN, make sure that it has DNS leak protection to help keep you safe.
You can check whether the DNS request is going through your VPN provider’s servers by visiting DNS leak test.com. If your real IP address shows up, you have a DNS leak. If the request is being routed through your VPN’s DNS servers, it should show the IP address of the server instead.
The Problem with Free VPNs
A VPN service costs money to run. If you aren’t paying the service provider, then who is? The answer is usually advertisers. Many free VPNs make their money by selling your data to marketers, while others plaster their service with ads or give you limited bandwidth.
If you are using a VPN to increase your privacy and security, it is generally recommended that you stay away from free services. If you aren’t paying them, then they don’t have much motivation to keep you safe. Given how many paid VPNs are dodgy, the free market is even more of a minefield.
The Market Is Manipulated by Affiliate Schemes
Have you ever Googled VPN reviews? Did you find any of the links helpful? You may want to consider throwing all of that research out the window, because the vast majority of VPN review sites are fraudulent.
Many VPN providers have a number of affiliates who they pay to write positive reviews on their products. We won’t link you to any of these dishonest sites to avoid giving them any extra traffic, but there are many fake reviews out there. You need to be especially cautious whenever you are researching.
How can you tell if a review site is fake? One hint is if the site has high levels of praise for any of the dodgy operators, such as HideMyAss. Another clue is if they keep mentioning the same company’s name all over the site. A good review should also discuss the shortcomings of a VPN. If they don’t say anything bad about a VPN –and all VPNs have their issues– then it’s pretty safe to bet that you can dismiss the opinion altogether.
There is at least one source out there that can give you relatively unbiased reviews. That One Privacy Site features a helpful comparison chart as well as more in-depth reviews on a range of VPNs. The site doesn’t categorically tell you which is best, instead it gives you all of the information you need to make the decision for yourself.
Which VPN Is Right for You?
Everyone will have different needs and abilities when it comes to using a VPN, so it is impossible to name a single option that fits all use cases. The right one will depend on what you want to do with it.
If you just want a VPN for accessing geo-restricted content such as foreign Netflix or Hulu, then the best option might be to take advantage of some of the free trials and see which ones work for you. Because this is a relatively low risk activity, you don’t need to be too concerned about the log policy or the jurisdiction of your VPN.
If you are looking for a VPN that offers you a higher degree of protection, you will need to think about exactly how you want to use it and what features you will need. It is best to do your own research to get an idea of which VPN will fulfill your needs.
Make sure that you avoid affiliate sites – one of the better places to look for relatively impartial reviews and comparisons is on That One Privacy Site. The site owner seems relatively committed to staying objective – they even give away any donations that come fromV PN providers to charity, so that they don’t sway the site’s opinions. Another very good review of VPN services for 2017 is from The Torrent Freak.
The world of VPNs can be confusing and it is hard to find the good options among the crowd of frauds. Some VPNs that offer a reasonable service include AirVPN, BlackVPN, BolehVPN, iVPN, Mullvad, NorpVPN, oVPN, SecureVPN and VikingVPN. Do your own research to find one that suits your needs best.