Brad

Hey, I’m Brad. In this article, I’ll explain what is VPN and how does it work.

VPNs explainedVPN’s are technically complex.

They’re powered by sophisticated technology that would take an IT expert to fully understand (and explain).

But fortunately, using a VPN doesn’t have to be difficult either difficult or complex.

While the foundational technology can get tricky to fully understand, knowing just the basics can give you enough information to browse the internet more securely and privately (without stressing about identity theft or government restrictions and snooping).

In this article, we’ll explain what a VPN is and how it worksin plain English. Without any technical jargon that says a lot without telling you anything.

Table of contents:

  1. Benefits of using a VPN
  2. What is VPN (de-jargonized)
  3. What can you do with a VPN
  4. How does VPN work
  5. How to select a VPN
  6. Conclusion

But first, let’s examine why you’d even want (or need) a VPN in the first place.

1. Benefits of using a VPN


What is VPN? How does it work?Places with free Wi-Fi sound like a dream come true when you find them on-the-go. Coffee shops, airports, hotels, shopping malls, restaurants and bars, hell – even McDonald’s has free Wi-Fi these days.

But they also pose a huge risk to your online security. All it takes is a single hack of your Facebook account, banking password, or Gmail account (which has access to everything) to wreck havoc on your personal life.

And apparently, it’s not even that difficult to pull off.

Look, even Lifehacker will show you how to crack a Wi-Fi network and sniff out your passwords for different online accounts. In minutes you could learn how to do it yourself (for educational purposes, of course) with just a basic technical understanding.

“32 data records were lost or stolen every second in 2014” in the United States, according to Gemalto. That number jumped up by 46% from the prior year, which meant over one billion data records were compromised. 

In addition, identify theft is now the fastest-growing crime in the U.S. And the average cost to clean up this disaster afterward is at least $500 according to Forbes.

But what’s the biggest cause of data breaches or identity fraud? “Malicious outsiders” by a long shot. It’s not even close.

Stolen information or identify theft isn’t the only problem affecting internet browsers, though.

Government censorship and surveillance of online activities has also never been higher.  Some countries in the world completely ban some of the most popular sites on the internet (like Google or Facebook). Even people in the United States are spied on each and every day by their own intelligence agencies like the FBI and NSA.

Once again, there’s plenty of articles online that will teach almost anyone how to hack into a webcam within minutes. So it should be no surprise that the NSA can also take over your computer camera to take photos of users or record audible conversations — without anyone ever knowing it.

 

2. What exactly is a VPN?


VPN’s have been used for years by businesses to link everyone together, increasing access to those who need it, while also encrypting their activity from the outside world. These virtual intranets are what enable people to work together or share desktops when people are located around the world. That means you’ve most likely already accessed a VPN at some point in your life – without even realizing it.

A VPN technically “extends a private network across a public network”. You can gain complete access to any public network but your activities remain like they were on a private one.

In other words: you get the best of both worlds. You get all of the access that the internet has to offer. Without risking a lot of the downsides like limitations or restricted access, privacy problems, and other security issues.

So you can still access work files even though you might be miles and miles away. Or you can make it look like you’re accessing the public network from Los Angeles, even though you’re sitting in Bangkok.

Your VPN ‘forwards’ your requests and the responses you get from different sites through a secure, encrypted tunnel. All of your activity gets ‘masked’ in a way, shielded by your VPN so that individual actions (like what pages you’re looking at, what login details you use, or what file you just downloaded) are hidden from view.

That’s the gist, anyway. Want to see how they work in detail; keeping your stuff safe and secure?

Buckle up. Because it’s about to get geeky.

 

3. What can you do with a VPN?


Virtual Private Networks (VPNs) provide people with a simple, secure way to access the internet and protect your personal identity or location from both hackers and over-eager governments.

Essentially, a VPN will take all of your data and forward it to the ‘network’, removing your personal activities in the process. That means you can browse, shop, or buy without others snooping on a public Wi-Fi. You can side-step location-based censorship problems. And you can prevent unscrupulous people (or entities) from literally spying on you, watching your every move.

Here are some examples of how people use VPN’s on a daily basis:

  • Protect Browsing Activity in Public: Anyone can access a free, public Wi-Fi. Which is exactly the problem. The one aspect that makes it so easy and convenient (being freely available) also opens it up to people who can gain access to everyone else on the network too (and all of their individual browsing activities). The most common ones, like coffee shops and airports, are also the worst.
  • Circumventing Location Restrictions: If you’re traveling to different countries and just want to watch Netflix, a VPN will help you get around local restrictions to access what you’re already paying for back in the States. Your traffic will actually be routed from the U.S. so it looks like that’s where you’re accessing the site from. These also help you get access to sporting events that are commonly tied down to specific networks in specific regions.
  • Bypass Censorship. Similarly, if you’re traveling to China and want to fire up a Google Hangouts to connect with your coworkers or family… you can’t. They proactively censor many popular sites that you commonly use on a daily basis. Journalists in different countries also commonly use VPN’s to protect their activities from censorship.
  • Accessing Business or Home Networks Remotely: VPN’s are commonly used by businesses and even colleges to help you remotely login to access secure, sensitive information. You know how you can remotely print something, even that that printer is in another room? Thank your VPN for that convenience.
  • Safely Download Files: Downloading files – legal or illegal ones – can still put you at risk. Once a file or program is on your device, it can send back data or other information to the source who created it (like ‘keylogging’ the data you enter so others can access passwords and credit cards).

How does VPN secure you on public wifi

Now that you know why a VPN is critical in today’s environment… what are they exactly and how do they work?

Let’s take a look.

 

4. How does a VPN work?


Login to Google, and what do you see?

HTTPS is secure

How about Facebook or Amazon?

HTTPS secure

 

HTTPS (as opposed to just the standard HTTP) is an encrypted protocol for securely connecting to a website (when you need to login, purchase, etc.).

This is done through installing an SSL certificate on a website’s server. These certificates are like encrypted keys that create a secure connection between your web browser and that website’s files. That means the searches you make, the information sent back-and-forth, or the products you purchased, are safe from prying eyes.

Most big sites now use HTTPS by default to protect all of their users, so that no one else outside of you and the website you’re accessing, can see your username, password, or credit card details you just used.

VPNs similarly encrypt internet usage to increase privacy and security, most commonly through a tunneling protocol.

Here’s what tunneling looks like:

When you type in a web address, files are broken down into packets that get sent from the server source to your computer.

Tunneling takes all of these individual ‘packets’ and places them in another single ‘packet’ before sending them out. That way, the outermost layer will protect or camouflage the stuff inside.

It’s kinda like zipping a file of images before you email them over to someone. You ‘encapsulate’ all of the data prior to sending, and then the person on the other end can unzip or reopen those files on their own end.

So VPN’s will essentially add a layer or buffer between your browsing activity and other people or entities surveying it.

These layers of encrypted data are what allow you to access corporate networks despite being physically far away, and in other cases of a free Wi-Fi hotspot, ‘reroute’ your traffic footprint back to the VPN instead of your own devices.

Beyond confidentiality though, they also encrypt this data (through packets) so that other networks or attackers can’t see what’s inside without the proper ‘key’ to unlock its contents.

Tunneling

Make sense so far?

Good. ‘Cause it’s about to get even more confusing.

VPN’s will use different protocols to send your newly encrypted data through tunnels. These protocols are like different frameworks that explain or describe what’s being sent (and how to access it). Basically, they act kinda like a single language for a specific network and all those who are sending or receiving information from it.

For example, beyond the SSL certificates that most of today’s popular websites (and a popular open sourced VPN option, called OpenVPN), there’s also the Internet protocol security protocol (IPSec) that is a another common way to secure and encrypt data being sent between devices.

This IPSec is made up of two ‘sub-protocols’, which according to HowStuffWorks.com:  “provide the instructions a VPN needs to secure its packets”. Here’s a quick rundown of the two:

  • Encapsulated Security Payload (ESP): encrypts the data being sent with a specific key
  • Authentication Header (AH): helps hide specific info, like who’s originally sending the packet, until it gets to the destination.

According to Friedl, “VPNs use IPSec in tunnel mode with IPSec ESP and IPSec AH working together.”

Point-to-point Protocol (PPP) is another common VPN option for remote-access networks. Layer 2 Forwarding (L2F), Point-to-point Tunneling Protocol (PPTP), and Layer 2 Tunneling Protocol (L2TP) are all additional protocols based on PPP.

Awesome. WTF does that all mean? And how do you figure out which one to choose over the others?

I’m so glad you asked.

 

5. How to choose a VPN


You might use a VPN to access your corporate account, bypass government censorships to use Google, or just watch The Office on Netflix while sitting in a foreign airport.

In other words, wildly different goals or objectives with each use case. So it only makes sense that VPNs specialize in different aspects too. The setup you’d want for downloading a ton of files might not be the one you want for maximizing security and privacy.

The easiest way to evaluate a VPN is to analyze a mix of criteria that each share in common. This best VPN guide does a good job breaking down a VPN’s value, with three of the biggest considerations jumping out:

  1. Protocols
  2. Location
  3. Price

While the best VPN options will deliver some balance across each, some might specialize a little more and be perfect if you plan on using it heavily for downloading vs. avoiding censorship.

Here’s a quick rundown of those three main categories.

1. Protocols

Different VPN protocols — like SSL, IPSec, PPP, or PPTP that we discussed in the last section (you know – that boring part that you probably skipped over) — include their own encryption and tunneling options.

And each one will have it’s own benefits or drawbacks. This in-depth article from PC World does a good job helping you figure out which is your best bet. However here’s the Cliff Notes version to get a basic understanding:

Option #1. Secure Sockets Layer (SSL): Today’s biggest websites, like the Google and Amazon examples we reviewed earlier, use SSL certificates for encryption. These are by far the easiest to use because you don’t need a VPN client; establishing a secure connection almost immediately through your web browser.

Option #2. OpenVPN: Like the name, this open sourced version is built using SSL technology. However you will have to download and install a VPN client on your own desktop (or other devices including mobile) in order to connect and use. OpenVPN options are also among the most reliable and easiest protocols to use.

These first two are your best bets in most cases if you’re just looking to use a VPN service. Especially if you’re just trying to access a VPN as simply and quickly as possible as an individual (and not set up a complicated corporate or other large-scale networks.).

On the other hand, the Internet Protocol Security (IPsec) and Layer 2 Tunneling Protocol (L2TP) options, while popular, tend to be more complicated to setup. And Point-to-Point Tunneling Protocol (PPTP) tends to be among the least secure options with multiples security vulnerabilities reported.

VPN Protocols

Don’t know, and don’t necessarily care which protocol to use?

Some VPN services will automatically choose for you, removing the guesswork and hassle by dynamically selecting the most efficient, effective option available at that moment in time.

2. Location

A second criteria when choosing a VPN is their location.

This has a few impacts.

The ‘exit location’, refers to where a VPN might have server locations. If one of your primary objectives is to get around different geo-restrictions for accessing content for example, you better make sure the VPN has servers in the ‘exit location’ of your choice. 

For example, if you want to watch Netflix while overseas make sure your VPN has US-access or ‘exit locations’.

If you’re worried about the NSA accessing your laptop’s camera, you might want to consider choosing a VPN service based in a different country, however.

Please keep in mind though that most VPN companies will turn over data if requested by lawmakers. Some countries require these companies to hold onto more information than others.

Your VPN can also see your ‘exit location’ traffic as well as your IP address. So your actions aren’t always completely anonymous. They can easily protect you from other people, but they can’t cover up or mask illegal activities completely.

3. Price

There are many freely available VPN services. That doesn’t mean you should use them however.

Free VPN’s will more likely send you ads. They’ll more likely monitor your usage data (including any of those questionable sites you visited) and use that data for said ads.

Their privacy features might not be as secure. And they may sometimes log your data.

Logging refers to the VPN-itself monitoring and keeping track of your personal activities. (In other words, the exact thing you were trying to avoid by using a VPN in the first place.) So double check a VPN’s logging policies – especially when it seems like a ‘too good to be true’ free option.

‘Cause it just might be.

Paid VPN services, on the other hand, might only set you back a few bucks a month. And in addition to avoiding many of the aforementioned problems, you’ll also get additional features like additional privacy and a seamless browsing experience on mobile devices.

For example, some of the better paid VPN services, like ExpressVPN, work across multiple devices. A single subscription allows you to run on any three devices, and their software or applications are built for Windows, Mac, Linux, Android, iOS, iPhones, iPads, Routers, and even Blackberry (do people still have these?!).

VPN for different devices

 

Conclusion

The technology underlying how a VPN works can get difficult or complex to understand.

However their primary goals and objectives are actually pretty easy to understand… to help users browse the internet in a safer, more private environment.

They help bring coworkers together in corporate environments by providing a single, secure platform that anyone, anywhere can access.

They help journalists (and others) bypass state-sponsored censorship practices so that free speech can exist.

And they help protect your login details, passwords and credit card information when trying to make simple purchases while sitting on free, unsecured Wi-Fi networks in coffee shops, airports, and hotels all over the world.

That means you can browse securely. Purchase safely.

And use the internet as freely as if you were on a completely private network.