Virtual Private Network (VPN)
Imagine you are in a room shouting all your business at the top of your lungs. The entire room would have no issues hearing it all and learning things you don’t want them to know. Using the internet without a VPN is very much the same.
When you connect to a Wi-Fi access point or utilize the cell network without a VPN, your traffic and surfing habits are available to mediocre and savvy hackers alike.
Connecting to a Wi-Fi hotspot (
) is exactly this. Shouting at the top of your lungs for everyone to hear.
We can’t stop people from hearing or capturing our traffic. What we can do is make it something that cant be understood. We do this with encryption in the form of a VPN that protects us from whoever could be listening. It would look something like this:
Now our traffic through the Wi-Fi access point is unable to be read due to the protective tunnel. The traffic can still be collected but the encryption would take years to break.
VPN all the time
Another area to consider is telecommunications companies, and your home or business internet. Your cell phone provider must like wi-fi can observe all the data. If you don’t see that as an issue then read no further. If you don’t like someone or something to casually see your traffic then the solution is easy. Use a VPN all the time.
Buyer Beware – The VPN Downside
Picking a VPN is a very important decision. NOT ALL VPNS ARE EQUAL. The most important thing to note is you are going to push ALL and I repeat ALL your data through this company. Do you trust them with that information? They should hopefully have a business model that does not require them to sell data to stay in business. Picking a VPN provider can be simplified by looking for a few key things
- If the VPN provider gives your “free” access avoid it. If it’s free you are the product.
- Does the VPN provider log connections and user activity?
- Are they open source? (this just means the community can review and look for bugs)
- Where is the VPN company located and who is the parent company?
- Have they been independently audited and have the issues identified been corrected?
- Do they have a transparency report on issues, breaches, and other major events?
- What does their privacy policy cover or protect?
VPN Recommendations
Ok so I will not make any recommendations. What i will say is here are some thoughts on ones from a Consumer Reports product released by the University of Michigan.
Ones we do not like and why.
| Provider | Points of concern |
| Cyberghost ExpressVPN Private Internet Access(PIA) | Owned by Kape Technologies which changed name from Crossrider that started out as an ad-ware/ ad-injection company. Projects now as a “leading privacy-first digital security software provider offering a suite of solutions to protect consumers’ digital lives” |
| NordVPN | Reported Breach 17 months after it occurred when called out for it via Twitter. |
| Kaspersky | Russian Owned – Banned by USG in 2017 |
Ones we do like and why.
| Provider | Points of Interest |
| Mullvad | No Logs (debatable), No Customer Data, Open-source apps and software, Security Audit. |
| ProtonVPN | No Logs (debatable), No Customer Data, Open-source apps and software, Security Audit. |
| IVPN | No Logs (debatable), No Customer Data, Open-source apps and software. |
| Mozilla VPN | Open-source apps and software, Good Security, Privacy Oriented Company from start. |
These are not an all-inclusive list and of course, are prone to issues at ANY moment. This is a recommendation to help you get started with your research.