To say that finding a VPN can be a challenging task is putting rather lightly. Finding a VPN service is easy due to the many that are out there. Among these are apps that “guarantee encryption” by parsing it through a third-party server to make it seem like your connection requests are coming from said server. These third-party servers may very well be on the other side of the world.
So how do you choose the best VPN? This question relies solely on personal needs, and the level of technical knowledge you have or are willing to acquire- no single VPN is perfect, they all will demonstrate some flaws and others will just meet the required expectations for some people.
Trust in a VPN as the Foundation
Regardless of the reason you might be considering the use of a VPN, there needs to be assurance that the one you choose is trustworthy- they are not compromising your data. The Federal Trade Commission suggests that you are trusting a VPN with potentially all of your traffic.
When selecting a VPN, you need to do your due diligence to learn as much about the app as you can. Check outside reviews from sources you respect. User reviews, content rating, and online research of the developer are all things that can be accomplished to not only achieve peace of mind, but to ensure you are not “risking your privacy to protect your privacy”.
Selecting a VPN for Circumventing Restrictions
GeoBlocking
Technology that restricts access to Internet content based upon the user’s geographical location is what is referred to as Geoblock. It is typically used by telecommunications companies, websites and other content providers for the sake of copyright restrictions. An example is you sitting down to catch the latest episode of Doctor Who directly from BBC’s iPlayer. You receive an error that states the program will only play in the UK. You are blocked by region.
If circumventing geoblocks is one of your only goals, you really do not need as much as if security and privacy were your goals. The simple use of a VPN to connect to an exit node in another country of your choice accomplishes this. One of the only considerations you need to ensure is availability of servers in whatever country geoblocking content.
Restrictive Networks
The ability to share information freely and openly over the web is perhaps one of humanity’s greatest achievements. Despite this, around the world organizations and governments are stifling the ability for people to participate. One example is China, who through the “Great Firewall of China” have many layers of VPN detection and blocking integrated into it.Your ISP may even restrict or deny usage of certain ports such as ones for torrenting.
Depending on what restriction is being imposed, SSL and SSH tunnels, multihop, TCP port 443, obfsproxy, and other proprietary solutions can be used. A VPN can even circumvent throttling that your ISP is doing for specific types of traffic. Look at the benefits your VPN provides to see what solutions exist to reduce network restriction
Selecting a VPN for Privacy
If you are considering a VPN for the purposes of privacy, it can be assumed you are in a position where certain entities cannot be trusted. They can be company websites you visit or a government, who in a severely oppressive style, are encroaching on your rights with things like surveillance. The bottom line is, you are now thinking about relying on a third party to protect you in the form of a VPN.
Location
Especially in the last few years, different countries from around the globe have begun to adopt aggressive surveillance programs. Known as “Five Eyes”, “Nine Eyes”, and “Fourteen Eyes”, international surveillance alliances representing different countries work together to collect and share surveillance data in mass. Their goal is to act as a single world-surveillance entity to spy and record your internet traffic and activities.
If a service such as a VPN, or the people who developed and run the service is based in one of these countries that have adopted surveillance programs, it is not out of the question to say they are extremely susceptible to unlawful searches or compromise under the name of the law or national security.
The most important takeaway here is that it is not necessarily where the company is incorporated that is important, but where the servers you are connecting to and the people who manage and have control over them. Avoid server locations where government overreach might be a problem, and avoid countries that limit internet freedom.
DNS Leaks
When you browse the internet, there is a lot of information that is not seen. You type in a web address, and your requested page shows up. In the background, your ISP is managing the request you typed in to allow you to view the web page.
When you use a VPN, responsibility is now shifted. If certain security considerations are not taken, the request which contains information for the site you want to visit is sent to the VPN service’s ISP instead. This is what is known as DNS leak. This in conjunction with logging means the site you tried to visit can be correlated with a timestamp of when a request is sent.
A VPN service that maintains their own DNS server is the best way to avoid potential DNS leaks. When a VPN service is in control of it, they can configure it appropriately. You can then use a tool like DNSLeakTest to ensure it is up to par.
Connections
Different protocols have been created over the years that allow you to create a secure tunnel over a VPN. Some are most definitely more secure than others, and certain protocols have even been deprecated, or documented compromised. Some of the stronger protocols are free and “open source”, meaning the original source code is made freely available and may be redistributed and modified.
The fact that the source code is freely available means vulnerabilities that are discovered are quickly patched. TechRadar states the whole point of a VPN security protocol is to provide a high level of security, and that is something OpenVPN does extremely well. It features up to 256-bit encryption via OpenSSL, a widely deployed software library to secure communications across networks. Others, such as PPTP, are not the best for privacy.
Payments
How your VPN service takes payment is another important consideration if privacy is your priority. The more anonymous the payment, the better. If you are able to pay with CryptoCurrency, gift cards, or even cash, you are reducing the likelihood that critical private information such checking or credit card information are leaked.
If a VPN service requires personal information other than an e-mail, avoid it at all costs- this is information that they may be recording, later selling it to a third party or trying to ID you. An email, and payment from a secure third party such as paypal is all they should ever need.
Logging
When using a VPN, you are connecting to a system that is another hop on the route you take over the open web. Acting as a middleman, you are trusting that traffic/connection data you generate connecting to the VPN is as secure as your activities. This information is just as sensitive as it can be linked back to your ISP, location to include city and street address, and sometimes even your name.
Why would a service provider log this data? There are legitimate reasons such as the ability to protect themselves in case of legal action by authorities. Logs are even kept that contain minimal connection information in order to help maintain servers. More nefariously, some will sell data to third parties.
Logs
If selecting a VPN for privacy, you do not want your internet traffic, connection data, or browsing habits being recorded. Look for VPN services that state that logs are not kept. Beyond this, if logs are kept, make sure they list what kind.
VPNs that log for activity or connection information should be avoided at all costs. VPN sites, even if they claim log information is not kept, tend to be vague and do not disclose what type of logging activity is occuring. Confirm any promises in privacy policies or terms/agreements.
Encryption
Encryption is the process of encoding data so that only a computer or server with the right decoder is able to read and utilize it. Encryption protects files on your computer, or even emails. Encryption strength is essentially how powerful and how long a system must attempt to crack a specific encryption type. Some can be in the tune of a thousand years.
In a VPN, computers at each end of the tunnel encrypt data entering it and decrypt it once it leaves. This is all accomplished through a VPN protocol.
A VPN service should have strong data and handshake encryption. When you select a protocol, ensure that the level of encryption that is advertised really exists. Services tend to provide multiple protocols with different levels of encryption strength.
A VPN is Not a One-Size-Fits All Profile
You need to determine what your end-goals are. If you are just trying to circumvent restrictions there are less things you need to consider. If you are worried about privacy and security, do not feel overwhelmed by comparing and contrasting what each service is providing. Think about the topics mentioned above such as location, encryption standards, logging, etc. and you are on your way to enjoying the internet the way it was meant to be- free and open for all.
