Every year, our online lives are getting richer: We feel comfortable trusting the provider to pass on not only passport or card information, but also medical information about ourselves. And also our own location, interests and conversations.
Likewise, our personal photos, work correspondence and projects are carried in traffic. All of life is in the packets of an Internet connection. Which means it needs to be protected from outside interference.
At the same time, the Internet itself has become completely different in the last 5 years - numerous regional blockages, semi-closed services and other restrictions on user actions are only gaining strength. And this is the second, no less difficult task facing the user.
Both are solved very simply by using a VPN. Today, everyone who has a smartphone, computer or game console capable of connecting to the Internet needs it. And here's why.
What is a VPN really?
VPN is short for Virtual Private Network, "virtual private network," referring to the generalized technology of creating a network "on top of" an existing one.
Like any other computer network, global access is organized by means of multiple nodes (routers, access points, data centers) connected to each other in one huge graph with a constant or randomly assigned address at the time of connection.
Accordingly, the data from the user's computer to each resource on the Internet, be it another computer, site, streaming service or any other server, pass a certain path.
In the simplest case, its "traces" are divided into parts readable by the naked eye for easy transmission. In more complex cases, they undergo certain processing to exclude simple identification of the traversed path and the information contained in the packets.
Again, in general, a VPN involves 2 or even 3 conditional operations simultaneously.
- Secure (encrypted) authentication forces the user to activate the trusted network building in a certain way.
- Creation of a "tunnel" - a logically constructed sequence of connections within the WAN, excluding untrusted nodes, using VPN protocols. The path can change randomly, making it difficult to trace. Or conversely, maintain a set configuration.
Data encryption, which guarantees with a certain probability the security of transmitted data.
Got it? But what do you need it for in practice? There will be many answers - today everyone really needs a VPN.
1. Access to any site from anywhere in the world
The most obvious benefit of a VPN is that by using a tunnel impersonal connection, you can bypass all sorts of blockages.
Using a direct impersonal tunnel to a server in an arbitrary country allows you to view resources blocked in your current country of residence or specific location.
Is YouTube blocked on your work Wi-Fi? What if they shut down Telegram? By the way, how do you think the Chinese are surfing European sites and using social networks, bypassing the "Great Firewall of China"?
There are more and more examples every day: on vacation in a Muslim country you can easily find yourself without the usual "Western" network entertainment.
But VPN can easily restore justice by getting the traffic past the bans.
2. bypassing regional blocking of cloud and streaming services
Browsing restricted resources is not the only popular use of a VPN. Many content providers offer their services only in certain countries. In some cases, the same companies offer different cost and content subscriptions.
Tunneling of traffic is a good thing here. Almost free Xbox Game Pass with xCloud, Nvidia NOW without queues, a huge catalog of American Netflix - the list could go on and on.
Almost all of them allow require VPN location spoofing only at the time of connection, so access speeds almost do not suffer.
3. The ability to use "non-user" technology
In the comments to one of the previous articles, readers mentioned the possible blocking by ISPs of ports needed for technical needs, such as deploying their own mail server.
As it turns out, the closed interface for "mere mortals" is quite common. But VPN "packs" the entire stream, if you choose the right technology and exit point (including taking into account the requirements for the server in the country of location), including going through the blocked ports.
The only thing that matters is the server's output support (and almost all paid resources do not have such restrictions), and the ISP will not be able to prohibit it.
In this case, if the virtual server will not block such traffic, the user will have access to any possible services. You can set up IP telephony or remotely manageable DoS source.
4. Access to file sharing networks
Similarly, a number of ISPs are blocking file-sharing networks. Clients for them are increasingly rendered inoperable, be it Soulseek or Strong DC.
For this purpose, some ISPs in Russia are closing connection ports. Others are trying to determine the composition of packets by blocking outgoing multiple connections and any peer-to-peer communications.
VPN helps out again by allowing work not only with torrent downloads but also with older methods of file exchange with the help of p2p-clients like Soulseek.
Sometimes tunneling work with file-sharing networks requires additional configuration. But, believe the seeker of rare content - the deposits of music and movies of "unshared" personal collections alone are worth it.
5. Secure use of payment systems and banking
Primitive fraud schemes use direct calls and "live communication" with a person to get addresses, passwords, direct logins, text codes from sms and applications.
New methods involving Trojans and social engineering make it possible to determine availability of funds on accounts, transactions and other system information without transmitting it to the user: today's Trojans are capable of tracking and intercepting traffic and SMS communications related to payments made in Internet stores.
But even the most cunning methods of deception collapse if the smartphone/computer uses a tunneled encrypted connection: Trojans cannot leave the "tunnel", so redirecting traffic with data to attackers simply stops working.
The same happens when fraudsters try to establish a connection to remotely control a smartphone or computer.
6. Blocking phishing attacks
We will not go into technical details of specific VPN implementation methods - it's long and boring. If necessary, those who want to quickly find the right combinations for their tasks, for example, here.
The main point is that tunneling makes it always difficult for attackers to implement a targeted phishing attack: the additional encryption of such resources makes it difficult to track any traffic.
Thus, fraudsters will not be able to link information about purchases or payments for other services to the specific device on which it was made. And they won't be able to conduct a targeted attack, a "hot call" - they just won't have the initial data so often used in such crimes. And "area hitting" is too expensive for them.
Hidden VPN devices and resources are phished least of all. It's too difficult, time-consuming, and the result is unpredictable: who needs your passwords if they're mixed up with data from other applications and encrypted a couple of times?
7. Personal location spoofing
When using a VPN with access through foreign servers with geolocation and A-GPS turned off, the device will determine the location of the nearest node to the server or itself.
Of course, you can't call a cab to your house with this approach. To make an order in a foreign store or to keep a certain privacy in the chat room - you're welcome.
Speaking of stores: even the use of forwarding services, such as "Mail" or "Banderolka" does not exclude the need to substitute geodata, which are tracked by all major retailers.
8. Minimizing advertising and targeting
Everyone has probably noticed that there are a lot of offers from local stores or service providers among the ads on websites, messengers and apps.
This is most often how region targeting is set up - a special function for showing ads, which determines by indirect data, to whom and what to show during the use of resources with access to the network.
Using VPN won't turn off ads, but it will definitely make them less obtrusive, eliminating annoying banners from the nearest catering outlets, schools with an annoying offer to learn the language of a just-googled piece of code and other "neighbors".
9. Hiding certain devices from outside eyes
Some tunneling methods allow to "merge" traffic: services that use them allow to connect to one "tunnel" server from several devices at the same time.
If visible to an external observer, such connections act as a single consumer.
This method allows to avoid directed phishing attacks, to substitute own location for convenient one, to bypass some blockings (for example, not to inform the bank about unexpected departure) or to use streaming resources without limitations, taking into account the number of connected devices.
10. Protection against surveillance by global corporations
Apple and Google make no secret of the fact that they collect a lot of data from all devices. Even if you refuse or block it by system means, some of the information will still be transmitted.
Location, hardware settings, software logs, characteristic sets of user actions sooner or later end up on the servers of the major brands.
Officially, this happens in anonymized mode. But even then, the aggressive collection of analytics makes many people suspicious.
A combination of VPN, encryption, and firewall allows almost complete closure of service providers' access to user activities. With the right configuration, even Google will not be able to find out anything from the smartphone - though, a number of services and targeting will be lame.
11. Transmitted data security
The majority of VPN-services are able and actively practice sophisticated methods of data encryption in streaming mode, on the fly. It is possible to organize such a service by oneself, but not every user can cope with it.
For the more paranoid, it is worth choosing even more advanced tunnel access resources that can spoof or mask DNS servers, "mix" the traffic of different users, or use distributed access to external resources.
Among them are the cheap and reliable AzireVPN, the offshore BolehVPN, the technically advanced LiquidVPN, or the TOR-enabled SequreVPN.
After that, no one except the owner and the resource to which they are addressed (from which they are downloaded) will receive passwords, passwords and data.
12. Using secure IP telephony
Among the more trivial methods of using VPNs it is worth mentioning calls using the Internet: with its help it is possible to deploy a server for calls to mobile and landline phones even in another country, even using short or service numbers.
The server itself and its operators can be physically located anywhere, if the subscriber agreement allows it. Why not deploy a Russian call center somewhere in Kazakhstan to pay lower wages?
In addition, using a VPN, you can encrypt the voice IP-calls using the most modern standards, up to AES-256, and pack them into a secure "tunnel", inaccessible to any external observers. Just the thing for the truly paranoid.
Any information about the location of subscribers and the subject of their conversations will be in the jurisdiction of the country where the output server is located, so using BolehVPN or SequreVPN is guaranteed to protect even very important business negotiations.
13. Implementation of direct access to a PC from anywhere in the world
In general, any resource in remote access uses so-called static ("white") IP or other permanent address using http/https or ftp-connection.
Otherwise, communication requires a "layer" in the form of an application that creates a direct connection (such use smart homes) or a page using a specialized protocol (as implemented by Transmission - an application for home servers).
VPN allows to realize a direct connection without any additional means within a single connection: all devices connected to a certain account on the same server can use direct addresses and redirect data between each other if the user wishes.
This feature allows you to implement a tamper-proof smart home and home servers, as well as connect directly to a single VPN account using Radmin or similar applications by local address.
14. Running your own network resources
Creating a single pool of connected to the same account external VPN resource or your own VPN server, you can organize and home server accessible from anywhere in the world.
Of course, only when using the appropriate credentials. Moreover, unlike a variety of ready-made home servers from WD or Synology, the own VPN can include access and disks on demand.
Accordingly, it will "sleep" most of the time, saving energy, money and resource. At the same time protecting yourself in this way from DDoS attacks and other random massive attacks from the outside.
15. Full control of network traffic
It is worth mentioning another, not the most obvious function of VPN-servers: all of them have quite extensive settings, replacing or at least complementing firewalls.
In the case of a server deployed independently on a remote resource, you can use both for all traffic (and, given the points above, all devices).
Once you set it up, you don't have to worry about advertising or children's profiles with content restriction.
Almost all paid VPN resources offer their own DNS-servers and a number of other routing settings, with which you can completely exclude any, even the smartest, applications from accessing the network.
How to properly implement your VPN without hassle?
Everyone needs a VPN server today - if not for access to entertainment content, then at least to protect their own logins and passwords, as well as other confidential information.
There is a serious problem here: not all services offering tunnel access work adequately with user data.
Some do not encrypt traffic. Others do not monitor attacks on user resources at all. Some cost absolutely insane amounts of money to subscribe.
Finally, a number of companies provide any information to law enforcement agencies and are in countries with a huge number of criminal-internet acts (for example watching a movie from torrent can easily lead to a fine in France).