How Secure Is a VPN?

A VPN or Virtual Private Network encrypts all the data that’s sent and received by your device, making your online activities truly private and anonymous. 

But how much security does a VPN actually provide? Does it actually protect you from hackers and malware, or does it just hide your IP address? Keep reading to find out.

VPN Security

It’s important to understand that a VPN is not an Antivirus. It won’t protect you from any malware, virus, trojan, bots, or spyware. If your computer becomes infected, your data might be compromised and a VPN can’t do much about it. 

However, a VPN reduces the risk of attracting hackers or allowing easy access for cyber attacks. When your IP is hidden, hackers won’t have front door access to your device. Most cyber attacks are conducted through network connections, where the hackers can intercept data between a device and the server to disrupt communication or gain access to the user’s system.

It’s especially helpful when you’re connected to a public network, like in a restaurant or a local library. These networks have low-level security, where random hackers and stalkers roam around to find an opportunity to hack into systems and stream information. So, if you’re using a VPN to connect to a public network, most hackers won’t be able to target you as your IP is hidden. 

As a VPN encrypts every data sent from and received by your device, hackers might not be able to easily discover or access your network. Paid VPN services also don’t spam you with third-party ads or pop-ups, so you’ll be less exposed to malware and virus-prone sites. 

However, if you were to visit a dodgy website at your own discretion, then a VPN won’t be able to help you.

Your Data is not Logged

VPNs security methods are more inclined towards increasing your online privacy. By hiding your IP address and encrypting data, a VPN protects you from being monitored by your ISP or regulators. 

One of the biggest concerns of internet privacy is being constantly monitored. Even though you’re using a private network, your ISP can view your internet traffic. That includes everything you do online. Also if regulators or any third party wants this information, they can easily obtain it from your ISP. 

However, a VPN lets you experience true ‘internet freedom’. Not only does it hide your traffic, but also allows you to browse and stream almost any content available on the web. You don’t have any geo-restrictions or bandwidth throttling. Using a VPN will give you an uninterrupted and unrestricted browsing experience. 

Some VPN clients also have a ‘kill switch’ option. The encryption offered by a VPN ends as soon as your VPN connection drops. The kill switch option instantly disconnects you from a network when the VPN connection stops. So it always ensures that you’re browsing through an encrypted connection. 

Is a Free VPN Safe? 

Most free VPN providers earn their revenue by tracking, collecting, and selling your personal information to third-party marketers. So, while they’re hiding your traffic from regulators and ISPs, they might track your browsing activity and allowing marketers to send you targeted ads. 

That’s why you’ll see that most of the free VPNs may have a lot of ads and popups. Most of the ads are also not monitored or refined and might contain malware. Also, free VPNs rarely encrypt your data. Some of the free VPN providers that do provide encryption, use such old security protocols that are easy to break for any hackers. 

All of these ads, outdated protocols, and data monitoring take a toll on your connection speed as well. When using a free VPN, you’ll often notice that your internet speed has significantly reduced, often not being able to load simple youtube videos in real-time. 

Free VPNs might not cost you a monthly subscription fee, but they’re a great threat to your privacy and data security. 

Is Paid VPN Worth It? 

Most paid VPN services offer you a free trial period. So, you can always try it out for free before making any long-term financial commitment. Also, if you subscribe for 12 or 24 months, the monthly fees become very low. You basically get a premium VPN service for a couple of bucks per month. 

In addition to the privacy benefits we discussed, you also get a lot more features on paid VPNs. For instance, you can choose between hundreds of locations to browse from. So, no content is restricted for you. 

Paid VPNs barely impact your connection speed. In some cases, you’ll also get a faster connection, because it helps you avoid bandwidth throttling. Premium VPNs also constantly update their security protocol to ensure that you’re always protected with the latest encryption standards. 

Overall, paid VPNs offer you great value for money, sure they cost a little but it’s a superior service to what you’ll get from a free VPN. 

A VPN won’t give you the ultimate security, but it will definitely help you to increase your internet privacy, save you from the eyes of the regulators, and often help you avoid hackers and potential stalkers.

VPN Security Overall

Data espionage, and alleged surveillance used against citizens and organizations are hitting the headlines more than ever before. The General Data Protection Regulation (GDPR) has also provided a great deal of discussion in recent months worldwide.

VPN has become a generally discussed topic amongst the media and the average consumer. At one point we all know that the use of VPNs can protect you from being tracked when you browse the internet. Recently, however, there are articles around claiming exactly the opposite — that VPN is just a myth.

The subject of anonymous browsing and VPN proxy has gone through several stages as far as the interest of the population is concerned. A few years ago, only hackers and computer enthusiasts used VPNs and knew how to hide their IP addresses. Through numerous cases of copyright infringement notices from firms — mostly caused by music and movie downloads using torrent software — even ordinary computer users have shown an increasing interest in anonymous web surfing with VPNs. Shortly thereafter, the issue of protection flared up. An endless amount of new VPN providers entered the market.

On one hand, to simply claim that VPNs are not secure and would not provide adequate protection is not correct. It’s also wrong to suggest that VPNs offer 100% protection against all kinds of activities on the internet.

The question is, what kind of security can we really expect from the VPN providers?

A preliminary survey showed that most of the articles talking in absolutes and claiming that VPNs are not secure have been written by journalists and writers who are actually not VPN experts, let alone have computer science backgrounds. Most of the writers I could see so far are columnists with different areas of expertise, none of them around computer science. These articles should be read with a grain of salt.

More recommended and reliable sources include magazines such as WIRED, Linux Journal, MIT Technology Review, Popular Mechanics, and Popular Science (also known as PopSci). These sources so far responded favorably regarding VPNs.

Be very skeptical about the contributions of websites such as GoldenFrog, RestorePrivacy, and MakeUseOf.com. The message there is that VPN services are mostly a lie and everything around VPN is nothing but a myth. However, these articles do not put any weight on the different technical aspects of the topic, and also do not provide any proof whatsoever.

Dubious VPN Providers Are All Around

First of all, it should be noted that there are a lot of VPN providers. Among them are dubious providers which tend to ride the trend and offer inadequately developed VPN software. There are also VPN providers who pretend to be VPN tools, but in fact are viruses and trojans — be very cautious: you should stay away from free VPN tools. Incidentally.

What Data Do VPN Providers Collect?

Since VPN providers demand money for their VPN service, they store the payment data of the user, such as their PayPal email, credit card numbers, and/or bank account details. The VPN servers however are anonymous — that is, in the case of a trace back, an agency or organization would only know that somebody used a VPN service. Non-traceable, however, is the traffic, i.e. the transmitted data. In this respect, your anonymity is secured in the data flow if you use legitimate VPN tools. That’s a fact.

We can’t confirm that the VPN providers allegedly create log files and also monitor the traffic — at least none of the reviewed VPN tools do. The rumors circulating so far could not go beyond mere speculation and assertion. So far, no case has become known in the public in which a user received a legal letter or notice despite the use of VPNs. Thus, it is clear that even when using torrent software and downloading copyrighted material data without the consent of the copyright holder (movies, music etc.), the authorities are unable to trace the data and IP of those users.

It turns out that the VPN connection failed or was configured incorrectly in all cases where users reported warnings in internet forums. And even then, all providers we listed below already responded to this issue and have so-called kill switches built in — this means if the VPN connection fails while using a VPN, the whole internet connection will be interrupted automatically. VPN tools such as NordVPN have shown the successful integration of such kill switches.

Vulnerabilities of Anonymous Surfing with VPNs

The weak spot is the computer, not the software. Even though organizations and authorities cannot track your data due to a VPN usage, the data would still be stored on your PC. Therefore, the evidence is right there on your PC; it’s just not traceable through your internet connection.

However, a search warrant can’t be issued just because of the fact that someone was using VPN software if there is no other incriminating evidence.

Fact is, during a VPN connection, not only is the IP disguised, but also the entire traffic is encrypted and therefore unreadable for anyone tapping into it. That is, only a presumption of an illegal act is not enough for a house warrant, at least not in countries such as the USA, Canada, Australia, New Zealand, and all of Europe.

Inevitably, that brings us to the debate of illegal actions. Of course, VPN was originally not intended to disguise illegal acts, even if it is very well suited exactly for this purpose. It is true that many users use VPNs for dubious actions. But since there are no empirical studies about the reasons why people are using VPN, it’s not possible to assume what it is being used for overall. All we know so far is that it has become extremely popular.

Nowadays, there are thousands of government reports available on the internet. In all cases, prosecutors as well as district attorneys failed to use the traffic in VPN’s as evidence as it was not readable due its encryption.

Interestingly, users have been involved in very different offenses, so the prosecution could ultimately find evidence by other means. There were cases in which the investigators were able to access unencrypted data on USB sticks, DVDs and hard disks. However, these cases were not built upon any evidence that was retrieved from internet traffic. Many people just can’t imagine tapping into internet traffic as the only way for investigators and authorities to gather evidence.  Even so the internet traffic was secured via VPN, many legal cases were able to gather evidence from other vulnerable sources other than internet traffic. The internet traffic of users is not the only way for investigators and authorities to prove their point. Long story short, if you use VPN tools, authorities will have to up with other methods to collect the necessary evidence — and it won’t be your internet traffic as the VPN would have covered that at least.