VPN history: how it all began
Virtual Private Networks (VPNs) were initially born to fill a need for cheap, secure, point-to-point enterprise networking over traditional internet. Back in the ’80s and ’90s, if companies wanted their employees to have secure access to a local network from far away, they were forced to lease WAN (Wide Area Network) access from a telephone company’s infrastructure. This was expensive, slow by today’s standards, and in some cases not even possible. Most small- to mid-size businesses couldn’t justify WAN access for secure connections if it was available at all.
VPNs in the 90s: the start of an era
Fortunately, in the late ’90s, the need for an alternative led directly to the creation of the PPTP (Point-to-Point Tunneling Protocol). This gave WAN-like features and security over the internet through the creation of a secure “tunnel” between two endpoints. By using a VPN client that guided packets (data) into a VPN server, and encrypting those packets so they couldn’t be viewed without a key, VPNs gave a secure way to connect to a company’s intranet (local network).
This technology eventually began to reach the consumer market in the mid-2000s, with a rising interest in more privacy and freedom on the internet creating an expansive market and high demand. VPNs give users the security, flexibility, and open-access that’s needed on today’s internet.
How does a VPN work?
When you connect to the internet through your ISP, your data is sent through a network of routers to reach its destination. In many cases, your data may be completely unencrypted (plain text) when sent to the websites or services you are using. Even encrypted data will include certain information, like your IP, with it in order to communicate with the internet properly.
In addition, your activities are easily viewed by your ISP or anyone closely monitoring your connection. Connecting to the internet in this way makes it very easy for your ISP to see what websites you are browsing and what files you are downloading.
VPNs: the nitty-gritty details
When using a VPN, a secure “tunnel” is created between the provider and the end-user. This virtual tunnel is usually created by encapsulating the data in one packet or frame within another packet or frame to mask its contents. This encapsulation method will effectively mask the information contained within the carried data medium. The encapsulation is the “virtual” part of the “virtual tunnel.” VPNs operate on the same lines everyone else uses on the internet – the data is simply scrambled to create a private connection.
By encapsulating data and creating an encrypted “tunnel,” information can be sent back and forth between the user and the VPN provider with complete privacy. The VPN provider then uses their own externally facing connection to exchange data with websites and servers to bring content back to the end-user. Without the access key to decrypt the encapsulated packet, any information – including the encrypted packets destination information – are essentially impossible to uncover.
VPNs work best with common sense
It’s worth noting that while all information sent through the “tunnel” is encrypted, information sent between the VPN server and the destination server are subject to normal internet traffic rules. So a website without SSL encryption, for example, will still have unencrypted information being transferred to and from the VPN server. The traffic that comes back to the end-user will still be protected, however, masking any activity from the ISP or other prying eyes that may be attempting to monitor the connection. Even when browsing the web using a VPN, always follow safe internet browsing practices!
Did you know?
Did you know that Surfshark can prevent your ISP from seeing your browsing history?Get Surfshark
What is the “tunnel” in Virtual Tunneling Protocol?
The virtual tunnel referred to in the acronym VPN isn’t actually a tunnel at all. A physical tunnel between two locations would involve a direct link between the two – this is similar to the way WAN access was used prior to the widespread adoption of VPN technology. Instead, virtual tunneling uses encapsulation to literally wrap your data in a layer of security encryption. This is the “virtual tunnel” we are creating when we use a VPN.
Why would I want to use a VPN?
There are many reasons you would want to use a VPN. In today’s increasingly connected world, there’s a growing number of cyber-threats and unsolicited attention that you could fall victim to. Not all of this is entirely malicious; advertisers may be interested in collecting your private information for marketing reasons, for example. But they do compromise your privacy, and that’s something many people value highly.
If you desire privacy and security on the internet, or would just prefer to browse the internet without worrying about someone spying on your activities, using a VPN is an easy and simple choice to make.
Are VPNs easy to use and configure?
Consumer VPNs are very easy to set up! Most VPN services, including Surfshark, make use of easy-to-use connection applications that handle the majority of the setup for you. If you can open a web browser or log in to your email, you can use a VPN!
All the complex security and privacy features used by the VPN service are taken care of by the application itself. For most users, you’ll just need to enter your login information given to you by the provider, select the server you’d like to connect to, and you’re ready to browse the internet in privacy. The server you select will provide websites and servers you connect to with a proxy IP, so nobody will ever know where you’re truly connecting from.
VPNs used to require some technical know-how to establish and secure, but that’s no longer true. If you’ve been intimidated by the VPN setup process in the past, you shouldn’t hesitate to dive in right now!
VPN Protocols and Security
Your VPN protects your data by using security encryption on all packets being transmitted to and from your computer to the provider. How this encryption works and how effective it is at securing information will vary from protocol to protocol. In a general sense, encryption works by scrambling the information being sent, so that anyone attempting to view it without the decryption key will be looking at gibberish.
Decryption keys are shared in different ways depending on the encryption protocol itself and how its configured. The easiest way to think of keys is to picture an impenetrable locked file cabinet you’d like one of your coworkers to have access to. You’ve given them a key and now they can open the cabinet and access the files when needed. Actual key sharing is more complicated than this, with some key sharing methods being more “secure” than others, but it’s a realistic way to picture how key encryption works.
There are a few common VPN protocols currently in use. Here’s a quick glimpse at two popular secure protocols and how they work:
OpenVPN is an open source tunneling protocol. As an open source project, its code is freely available on the internet and it consistently receives updates and maintenance from security and networking experts from across the globe.
OpenVPN uses the OpenSSL library for security encryption. OpenSSL allows for a variety of encryption methods and security levels, with up to 256-bit encryption being possible. Exactly how much encryption is set will vary from provider to provider, with higher encryption rates having more security overhead. The more overhead a security implementation has, the slower the connection will be, so it’s not uncommon for providers to find a balance between security and speed.
The OpenSSL library itself sees frequent and consistent updates – a critical part of strong security. For all intents and purposes, the OpenVPN protocol can be viewed as nearly impenetrable.
OpenVPN offers other enhanced security features that will usually only be seen at the enterprise level, or for users who require absolutely uncompromising security for their data, like smart card support.
Internet Key Exchange is an authentication method and a secure tunneling protocol developed by Microsoft and Cisco. Designed to be a secure method of tunneling for both consumer and enterprise use, IKEv2 offers low-security overhead and strong encryption, with a variety of options for security and connection customization. Version 2 fixed a number of issues present in IKEv1, including traversal through firewalls running Network Address Translation (NAT) and specifications that allow for easier standardization across IKEv2 implementations.
Like OpenVPN, IKEv2 enjoys many of the benefits of an open-source library. While vendor-specific IKE implementations need to be licensed, anyone can attain and contribute to the IKEv2 protocol. This gives IKEv2 a high degree of security through consistent maintenance and patching of found vulnerabilities. IKE relies upon the IPSec suite for network stack functions.
Relying upon IPSec means that the IKE protocol utilizes both a user-space application as well as kernel-level processing. While this is still a safe way to process encryption, it’s worth noting that placing security exchanges so close to the machine level does potentially provide more routes for attackers to find vulnerabilities in. From a consumer standpoint, this is unlikely to ever be a major concern.
As a Microsoft developed protocol, IKE implementations tend to play nicely with various versions of Windows and can be easier for end-users to setup than OpenVPN. IKEv2 is quickly being adopted by many VPN platforms thanks to its ease-of-use features, strong security, and wireless performance.
Encryption itself is done by AES-256, a secure encryption method currently used as a standard across the globe.
How do VPNs protect my data?
In addition to the encryption protections listed above, most VPN providers use additional policies to ensure their customer’s data stays anonymous and safe.
As stated above, even though all the information going to and from the customer to the VPN is encrypted, all the information being sent through the outgoing VPN server is subject to the regular rules of the wild internet. Despite being a secure method of data transmission, even VPN servers need to know where data is going and who to send it to, so some information must be collected on packet destination, customer location, and packet size.
Good VPN providers who are interested in their customer’s privacy will take steps to ensure this information is not written to a long-term log or is only logged for a very limited period of time and then deleted. Some countries have policies on how long this information must be stored before it is deleted.
Make sure to carefully read through your VPN service provider’s policies on logging to ensure your information is handled correctly. Generally speaking, logging policies where information is kept for less than 30-days can be considered safe.
Did you know?
Did you know that Surfshark makes sure that your P2P data doesn't leak?Get Surfshark
Do VPNs keep me totally safe on the internet?
Put simply, no they don’t. You should still follow safe browsing practices and be cautious of how you use the internet. While the amount of anonymity and protection provided by a VPN is extensive, they still have limits.
Using a VPN won’t protect you if you fall victim to a phishing scam, for example, or freely give out your information to an insecure website.
That’s why it’s crucial to do what you can to keep yourself safe. If you’re being careful on the internet, the VPN will take care of keeping your connection anonymous.
Is it legal for me to use a VPN?
This will vary depending on your country or region.
Many countries have no laws banning or restricting the use of VPNs. The United States, Canada, The United Kingdom, and countries within the European Union are examples of countries or regions that don’t restrict the use of VPNs.
North Korea, China, Russia, and Iraq are examples of countries that restrict or outright ban the use of VPNs.
You’ll want to check with your local laws for an up-to-date answer to this question.
Can I watch Netflix or Youtube while using a VPN?
Yes, absolutely! Using a VPN to watch streaming services like Netflix, Hulu, and Youtube is one of the most popular reasons for using a VPN.
Can I use two VPNs at once?
While it is technically possible to run two VPNs at once, there’s no practical advantage to doing so, and you may run into some big technical snags if they aren’t configured properly.
Using one secure VPN is more than enough protection for your day-to-day internet use. There’s no reason to double up.
Are VPNs and proxies the same thing?
No, they are not, but the line has blurred in the last few years. All VPNs are technically proxies, but not all proxies are VPNs.
The main difference between the two comes in the virtual tunnel present in a VPN connection. Communication over a VPN is encrypted; communication over a simple proxy is not. Both will attempt to mask your IP by making it appear your outgoing communication is coming from another server, but only VPNs will truly protect the anonymity of your data on the web.
How is a VPN different from the Tor browser? Can they be used together?
While the function of Tor and VPNs are similar, under-the-hood they are very different.
Both services work to encrypt information sent to and from your web browser, but that’s where the similarities end. Tor is a browser and can’t encrypt traffic sent outside the browser application itself without additional setup and configuration. So data being sent to and from a Torrent application, for example, would not be encrypted. VPNs usually run as a client on your PC or mobile device and will encrypt all incoming and outgoing traffic, regardless of what program is being used to communicate it.
Tor uses a Peer-to-Peer (P2P) encryption method, called onion routing, that sends encrypted traffic through a designated series of routing points. Each point “peels” a layer of encryption off the transmitted packet, like an onion.
In this way, Tor offers a similar level of security to that of a VPN, but can be slower and has limited compatibility with some devices. The designated routing points in the Tor network are all operated by volunteers, and while the network is secure, this reliance on volunteer time and assets can result in slowdowns.
VPN and Tor can be used together for additional protection. Simply connect to your VPN service, then use the Tor browser for your internet activities.
Can I use a free VPN?
There are free VPN services available, and they can be used to encrypt traffic, but the old “you get what you pay for” adage applies here.
Free VPNs are usually going to have less bandwidth and higher latency than a paid VPN. In other words, your connection will be noticeably slower than if you were using a paid VPN service. Many free VPN services also use older or less secure tunneling protocols, potentially leaving you open to attacks.
They may also have limited server options or include built-in ads to help generate revenue.
While this may not be true in all cases, it’s advised to look for a good paid VPN service instead of going for a free option. VPN servers cost money to operate and maintain, and paying the VPN provider is a necessary part of being able to provide you with a good, secure VPN service.
Can I use a VPN on my mobile device?
You can absolutely use a VPN on your mobile phone! It’s highly recommended that you do so, particularly if you use public WiFi. Phones and tablets that frequently connect to public WiFi hotspots are at high risk of being spied on. Making use of a VPN in these situations goes a long way towards protecting your anonymity and the safety of your data.
Most paid VPN providers offer a mobile app that will enable VPN use on your smartphone or tablet. Using a mobile app to connect your mobile device to the VPN server is usually as easy as logging in, selecting a server, and connecting.
Even if you don’t frequently use WiFi hotspots, using a VPN to protect your data and internet usage is recommended for the same reasons you’d do so on a home network: To keep prying eyes away from your activities on the internet.
Can I run any internet application through a VPN?
The overwhelming majority of applications and software will run just fine while you are connected to a VPN. Because of the way a VPN connects you to the internet, there is functionally very little difference to the end-server when it comes to communication. As far as the server can tell, it’s communicating with a regular client application in the location you selected when you logged into the service.
That being said, there may be a handful of cases where connecting through a VPN could be problematic. If you’re running your own server for a video game, for example, this could potentially cause issues.
For most daily applications, VPNs shouldn’t interfere with your ability to enjoy your programs, applications, and services.
What is a “kill switch” and how does it help protect me?
Some VPN clients feature a built-in “kill switch” that will automatically close any open connections you have to the internet if your VPN server goes down or loses connection. This is to prevent unencrypted data from being sent in the event of a failure somewhere between you and the VPN service.
It’s an effective way to keep your information protected in case something goes wrong. Not all VPNs feature kill switches, and in many cases, they may be unnecessary.
Will using a VPN interfere with my local network?
Using a VPN won’t interfere with other devices and computers on your local network, but it may interfere with your ability to interact with those devices. This will vary from provider to provider, and depends on what protocol is in use, the way the client uses this protocol, and how it keeps your information secure.
As an example, you may not be able to use your printer when connected to a VPN. This would be a “worst-case scenario,” and can easily be remedied; simply disconnect from the VPN and you’ll have access to your printer again.
If you’re unable to use your network devices while connected to your VPN, don’t worry. This is just the VPN doing its job to keep you secure on the internet.
Secure your digital life
Access the open internet.Get Surfshark
Velte, V. J. and Velte, A. T. (2007) Cisco: A Beginner’s Guide, Fourth Edition. New York, NY: McGraw Hill.