A VPN is the veritable jack of all trades when it comes to ensuring your privacy on the big bad internet. With the ability to not only safeguard your privacy and provide you with a level of security, VPNs are also useful in many other ways. Such as allowing you access to geo-restricted content and sometimes even routing your internet connection through a faster set of hubs getting you better connectivity to certain portions of the internet. With the recent FCC rulings in the US, a lot of our private information is about to be accessible to ISPs so that they can sell it off to advertisers. And just because the ruling happened in the US, doesn’t mean that we’re safe here in India. The internet operates in mysterious ways and US laws are very ambiguous, to begin with. If at all, at any point during the transmission of data packets from your browser enters the geographical boundary of the USA, it falls under US laws and you can bet your ass that whatever ISP is carrying that data within the US will take a peek. And if the website you’re visiting happens to serve ads using a platform that’s also US based, then there’s a good possibility that your browsing habits will be sold by said US ISP to the ad platform.
So what should you do? Well, the first step would be to contemplate if you even care about your privacy. If at the end of your contemplation, your answer to the question happens to be ‘f##k it’. Then, by all means, go about your life and don’t even bother. However, VPNs are still important for other reasons, if not for your privacy. So should you change your mind sometime in the future, here’s what you should know about them.
Do they keep logs?
If at any point, data regarding which websites you’re visiting or which IP you were assigned and which IP you used to connect to an endpoint are stored, then you’re in trouble. It’s as good as not using a VPN since whatever privacy you stood to gain from a VPN was rendered useless because of these logs. Extremely popular VPNs like Hola! VPN, Unlocator and even the built in VPN in Opera browser keep traffic logs. In fact, the VPN service used within Opera logs everything, from your traffic, bandwidth, DNS requests, timestamps and even IP addresses. There’s zero privacy should any governmental entity ask Opera to reveal your data. On the other hand, IVPN, NordVPN and BolehVPN keep no logs at all (at the time of writing this). I doubt if you’ve ever heard of any of these services.
Not keeping logs is a great facet of a VPN only if coupled with good encryption. Poor encryption would ensure that anyone can use a simple man in the middle attack and then listen in on your traffic. So what should you be looking for? When you connect to a VPN, there first occurs a handshake wherein information about you is passed onto the VPN’s server and authentication details from the VPN are passed onto you. This handshake must be secure. The highest level of encryption any VPN offers for this is RSA-4096. Then comes your traffic as it travels through the VPN, this again should be encrypted by a form of encryption. The highest encryption that you get for your data is AES-265 which is what we’d consider to be the bare minimum for data encryption.
We’ve spoken about how location matters. There are a few nations that have pooled together to share intelligence data and some of these nations have international programs which require data logs from one nation to be shared with the others in the program. So should your browsing data enter the geographical boundaries of any of these nations then it’s up for grabs for any of the other nations in the program. We know that the US and the UK are really bad with data privacy. Then there are well-known programs such as the Five Eyes, Nine Eyes and Fourteen Eyes, all of which involve sharing data between them. So figure out where the VPN’s servers or HQ is located and make sure that it’s not situated in the following countries: US, UK, Canada, New Zealand, Australia, Denmark, France, Holland, Norway, Germany, Belgium, Italy, Sweden and Spain.
Speed and protocols
One of the issues that plague VPNs is speed. Since a slow network will bottleneck your traffic, it’s imperative that your VPN have high bandwidth within their network. You can easily test this out by subscribing to a trial program that most VPNs offer, then running speed tests while also testing out your experience with your most frequently used websites. The second thing you should worry about are the different protocols such as P2P protocols, Torrents(also P2P), Multihop, SSH Tunneling, etc., which all of us tend to use some time or the other. It’s not just the protocols, but even select ports are blocked by certain VPNs, sometimes for the sake of security, and sometimes to prevent malicious DDOS attacks. The VPN service’s website will usually have an FAQ section outlining all the different measures they undertake to safeguard user privacy, you’ll find these details over there.
Any product or service with a lot of features tends to be expensive so if you’ve shortlisted the very best VPNs that suit your needs, then price is what you need to check next. And this is kind of obvious, so I’m not going to dwell upon this any longer. In case you feel like all of this is a really daunting task, then fret not, one dude took it upon himself to test out multiple VPN services and he’s still testing them. You can check out his findings on That One Privacy Site
This article was first published in May 2017 issue of Digit magazine. To read Digit’s articles first, subscribe here or download the Digit app for Android and iOS. You could also buy Digit’s previous issues here.