In this day and age anonymity and privacy on the internet is very important, but do VPNs really offer a solution to this problem?
Ordinary people are convinced that the solution to being private and secure are VPNs; however, they are just paying for slower internet speeds, time spent training machine learning algorithms and being part of all the hackers and spammer who take advantage of these services.
Who to Trust?
A VPN's purpose is to connect two remote sites, or to allow a user to safely access another network. The aim should be to go from a network with low trust, to a network with high trust, but when you are using a VPN for browsing, all you are doing is transferring your trust from an ISP that you do know, to some external place in another country.
Security might also not be as foolproof as it seems. Popular VPN services often fall victim to hacking attacks, because hacking VPN servers can prove to be very advantageous, since these VPN services rent out, or white-label, their infrastructure to multiple other brands.
The Popular NordVPN also fell victim to this in 2018 when a compromised data centre account was used by a hacker to gain access to the traffic of anyone using their Finland server. NordVPN claims not to have been notified about the breach until April 13th, 2019, more than a year after it happened. The company wouldn't go public until evidence of the hack emerged some six months later.
The IP header is just the Tip of the Iceberg
The OSI model contains different network layers such as IP, TCP, TLS and HTTP. When you are using a VPN the company and its Cloud providers are allowed to see your real packet’s metadata, and this includes the IP, TCP, and TLS headers. These headers can then be used to fingerprint your device type. While VPN’s claim to not record these headers, there is nothing stopping the cloud provider from doing so.
Real use cases for a VPN
Even though a VPN does not protect your privacy like you would like them to, there are still used cases in which a VPN can prove to be very useful.
- Bypass Government-mandated Censorships /GEO Blocks
- Hiding your IP from the ISP (could prevent internet throttling)
- Makes Unwanted data collection more difficult for websites
And if you are Chinese, you will also be allowed to use WhatsApp :D
The notion that a VPN is an all-in-one solution for Internet privacy, reminds me of the saying: “an apple a day, keeps the doctor away”. Although studies suggest that eating more apples isn't linked to fewer doctor visits, including apples in your diet can help you improve various elements of your health.