What is a Virtual Private Network | How VPN works and why VPN is not all you need for privacy


Most consumer Virtual Private Networks are
terrible. That is at least if privacy is your main concern. There are of course different threat models,
which will vary for each person. But as a general rule, most VPNs are just
scams stealing your browsing data. Sometimes they even make you pay for it. But there is an issue at user side when it
comes to privacy and VPNs, even the trusted ones. When you visit a website over a VPN, the only
thing that changes on your advertising profile they maintain, is your IP address. Websites will still be able to track your
browsing history and identify you through browsing habits. The only people you are protecting your browsing
history from are your Internet service provider. And that’s only assuming you have a proper
VPN that doesn’t leak your private information. To understand why this is a case, you need
to learn three things – what is Virtual Private Network, how VPNS work, and how websites
track you. To answer the first question, we are going
to look at the purpose virtual private networks entered the market. As Internet was becoming predominantly widespread
means of communication, companies started building local networks to speed up their
business. But as businesses grew in size, many of them
started to spread to off-site locations and send their employees to work from home or
while traveling. To connect two company local area networks
at a reasonable distance, business would have to dedicate a real-world connection through
physical infrastructure such as leased lines. This wasn’t a problem, if a company had
two networks to bridge. But the longer the distance and the more networks
a company needed, the cost of leased lines would grow exponentially. Internet is a public network, open and visible
to everyone. No company could afford to risk data breaches
and have their private information stolen by anyone. They needed a secure connection that was fast,
reliable, and cost effective. Thus came Virtual Private Networks. VPN is a private network that makes “virtual”
connections routed through a public network, which could easily be and in most cases even
was the Internet. Connection through a VPN could answer specific
company needs, like speed, data integrity, or confidentiality. Virtual private network is a flexible model
that can adapt to various standards that corporations needed to adopt. This is the first very important point. There is no single standard for building a
VPN. Each provider has its own structure and protocols,
which offer different features, and not all of them are privacy. So how do VPNs work? Basically what a VPN does is that it takes
packets of data that would normally run through an insecure network, like Internet, encapsulates
them in an entirely new packet, and puts its own VPN header on top of it, masking the original
source of information. This process is called tunneling and it is
how VPNs mask your IP address. This is why you can trick websites to having
a different IP and bypass geolocation censorship. But this is not what guarantees the confidentiality
of your data. For that you need encryption. Data confidentiality was the most important
feature companies usually needed. VPNs achieve that by encrypting the traffic
between a client and the VPN server. This means that a company VPN client can encrypt
data coming from their employee’s laptop working out in the field and connected to
a local wifi. For companies, this is near perfect security,
because they can choose to host the VPN server at their own headquarters, where the VPN decrypts
all the traffic. Encryption doesn’t necessarily mean privacy. For companies, encrypting their network gave
them security layer to guard their data from outside adversaries. But it didn’t give their employees within
their network any level of privacy, because the leadership of the company had direct access
to their VPN server, and thus to traffic of everyone connected to that VPN. With your consumer VPN, you don’t own the
VPN server. You have to trust a company maintaining the
VPN server with you data. Encryption still takes place on your device,
where a VPN client configures your computer’s connection to be routed and encrypted through
the VPN. When the VPN server receives your data, it
decrypts it and sends the request to a website you are trying to visit. Purely from analyzing the IP address, the
website will only see connection from a private VPN server, and not yours. Provided it’s a good VPN that doesn’t
leak other data that can identify you. So by design, this is a totally different
model from end-to-end encryption in email communication. And you should adjust your expectations accordingly. The reason why VPNs work to protect corporate
privacy but fail at guarding consumer privacy is the fundamental design of VPN technology. VPN server is always going to know some personally
identifiable information about you. Whether it’s your real IP address, information
you submitted upon account creation, and information taken from your payment method. The process of collecting this information
is called logging, and there is not much you can do to verify what a VPN company really
does with user logs. To help you better understand the issue with
privacy on VPN, we are going to compare end-to-end encrypted email service and a VPN service
provided by the same company. Protonmail’s end-to-end encryption is done
so well, that if you lose your password, they are only able to recover access to your account,
but all your messages will be discarded forever. You’ll lose your decryption key. This may come as inconvenience, but it is
actually an excellent defense mechanism to protect yourself from hackers. No one, not even Protonmail, can get access
to your messages. But the same company that offers Protonmail,
also offers ProtonVPN. And your expectations of privacy for these
two products should differ significantly. With email encryption, Protonmail can block
itself from accessing your messages easily. Users generate decryption keys, and Protonmail
exchanges encryption keys. Protonmail doesn’t decrypt your messages. Your web browser does. But ProtonVPN has to both encrypt and decrypt
your information. Making ProtonVPN server a single point of
failure. A big cyber security no go. Disclaimer – this is not just about ProtonVPN. Every VPN provider has this problem. It’s technologically impossible to create
a consumer VPN with perfect privacy. Are VPNs useless for general Internet consumers? For vast majority of VPNs out there yes. But for a trusted few, and for specific threat
models, VPNs can offer some protection from your ISP, advertisers, and non-state hackers. For example, the United States Federal Communications
Commission recently repealed a rule barring ISPs from selling your browsing history for
advertising purposes. This is incredible invasion of privacy, because
they basically record what you do in your living room to manipulate your economic activity. So if you are in the Unites States, ISPs are
selling your browsing history to whomever they want. This is not just a privacy violation, but
also a security risk. Because once they sell your browsing habits,
hackers and foreign governments can and certainly do intercept those exchanges to steal a copy
of your private life. There are databases of private information
of millions of people available for sale or for free and you’ll never notice until you
become a victim of a cyber crime. Provided you can find a trusted VPN server,
but be aware we are talking about a great deal of trust here, it’s sensible to hide
your browsing habits from your ISP. But the way the Internet works, you always
have to trust someone. And you need to decide for yourself whether
it’s going to be your monopolistic Internet Service Provider giving you data caps, Internet
censorship, and overpriced slow broadband , or a Virtual Private Network made by privacy
activists. So how do you choose a VPN provider? Well you need to do two things – you need
to evaluate your threat model. We will go over that on my channel in the
future. And you need to do a lot of research and educate
yourself about the topic. Never trust a single source. Don’t even look at torrentfreak or Pcmag
reviews. Look at what the community is saying about
VPN providers. One good source of reviews of a lot of features
from a lot of VPN providers is at thatoneprivacysite.net. Reddit is an excellent source of customer
reviews and you can browse those without having a Reddit account. You need to ask yourself some questions to
see what you care about the most. Where is the jurisdiction of the VPN provider? Is it in any of the 14 eyes countries that
collaborate with the NSA on mass surveillance and their government could force to log users? What steps are you willing take against government
surveillance? Do you want to keep your private information
away from manipulative advertisers? Are you looking for protection of your sensitive
information from hackers and cyber criminals (on public wifi)? Is your goal bypassing government censorship
end geo-location blockade of Internet content? What countries do you want to connect to websites
from? How much are you willing to pay for a VPN? All of these questions are part of analyzing
your threat model. If privacy is your biggest concern, then VPN
is not the solution. Tor is. If you want a better security when you connect
to a Starbucks wifi, VPN is a great remedy. Never EVER trust a free VPN. Those are the most scammy out of all. Although VPNs came as a cheaper solution for
business networking compared to leased lines, it’s still pretty expensive to offer it
as a free service. But now we are getting to answer our third
and most problematic question – How can websites track you even if you use
a VPN? Let’s say you find and buy your monthly
subscription at a renowned VPN provider. And then you do something like this. You successfully configure your VPN connection,
then you open your favorite web browser, which should NEVER be Chrome, but statistically
it most likely will be. You login to your Gmail, which Chrome takes
as if you are logging in to the browser itself for syncing, and then you browse the web for
all kinds of purposes – education, work, entertainment, shopping, travel… You just handed over ALL of your private information
to the most privacy-violent corporation in the world. China doesn’t have the surveillance capabilities
of Google. And Google will sell your privacy to every
website and retailer you visit. If you want to know more about how websites
and advertisers track you everywhere on the Internet, I recommend that you watch my video
about Facebook surveillance and another video on How to use Facebook anonymously. If you don’t block trackers properly, you
are just wasting your money. You need to re-assess your threat model. You need to ask yourself: from whom are you
trying to protect your private information? Your Internet Service Provider, vendors of
software and applications connecting to the Internet, website operators, advertisers,
governments, and hackers. All of your adversaries use common points
of access for data collection of your browsing history – either through your ISP, trackers
on websites, identification codes on software and applications, and online communication
tools, like emails and instant messengers. For websites using trackers, everything about
your identity remains unchanged except for your IP address. What stays visible is your device, which probably
has a unique ID, your hardware, software, configuration, operating system, software
versions, web browser, browser plug-ins, extensions, screen resolution, battery life… combination
of all of these information and your browsing habits make a unique personal identification. You are giving many websites your real name
to confirm your identity anyway, like your Facebook and email accounts, and every online
retailer that has your payment info. If you are serious about privacy you need
block access to all of these access points. VPNs block ISPs. Tor blocks governments. How do you block websites from tracking you? By using privacy configured web browsers,
and by compartmentalizing your browsing habits over separate browsers. There are several extensions that block trackers,
ads, cookies, and traffic analytics scripts. Among the best are uMatrix, NoScript, uBlock
Origin, Privacy Badger, Cookie Autodelete, and Decentraleyes. You don’t need to use all of these. Properly configured uMatrix will make all
the others redundant. Take uBlock Origin and Privacy Badger, and
set your browser to block 3rd party cookies and delete them regularly. But even if you go all these lengths, you’d
still fail if you do the same mistake as I described earlier. You have to block access to websites with
your online accounts, even pseudonymous ones, to your browsing habits. Have a separate browser for your social media,
email, and banking, and a separate browser for general surfing. Only if you block all trackers, only if you
put a wall between your online identities and browsing habits, only then using a trusted
privacy focused VPN has some sense.

100 thoughts on “What is a Virtual Private Network | How VPN works and why VPN is not all you need for privacy”

  1. Made a new tutorial on how you become truly anonymous on the web, use Tor, access dark net, and leave no trace: https://www.youtube.com/watch?v=_393maHbHWc

  2. I use Express VPN. The reason I started to use VPN was to avoid electronic tapping by my constants, in the beginning I was so excite to find a way combined whit Telegram that I could go back to a security line of communication, but in the end I unfortunately discovery that is only the first step.

  3. Substratum.net – Decentralizing the internet. VPN's are easy to take down, they also stand out like a sore thumb to ISP's. VPN's are also blockable and your data is at the fingertips on the VPN company and a simple government request for data OR a forceful tap on that data.

  4. Never allow yourself to be sold something by the same person, people, or anyone affiliated with those who educate you on something; it's a quintessential conflict of interest. Learn from detailed sources that have no other purpose other than providing knowledge for your benefit. Buy from sellers who are transparent about what they are / do and make your own buying decision based on the data you analyze and rate yourself.

  5. HERE IS WHAT I HEARD ON A CHRISTIAN RADIO BROADCAST;

    1 TOR is owned and operated by the CIA.
    … they say, this is common know,edge.

    2 Proton is located in Switzerland.

    The Swiss have allowed re-entry of The Jesuit Military Order in 2000 after being abolished
    previously for a long time.

    The Swiss are the Jesuit Royal Guards.
    … those are the guys in the colorful clown regalia.
    … they are just a distraction to give the Jesuit time to exit if required
    they are not really guards at all

    It is implied that Proton is Jesuit owned controlled and influenced and the
    Jesuit Military Order gathers your information for their own use and shares it among themselves
    and no one else to use against you for any purpose at any time to suit their own agenda.
    … is there any truth to this, possibly.

    3 Express Vu supports and works best with Android and use the Google operating platform
    where they pay Google to rent their platform.

    This VPN service gives you browser privacy on the internet but not on your email
    and not on your router.

    You can purchase a router from them pre loaded with their VPN for router protection.

    You will require an encrypted email provider separate to protect your email.

    YOU say you like to research, go ahead, research!

    side note;

    ROGER RAMJET a United States cartoon war hero of the early 1960’s
    used to take a PROTON ENERGY PILL before going into battle to protect
    his country and fight against evil world wide.
    … of course he would win each and every time against all and any enemy.

    Lord Jesus the Christ my saviour

  6. I think a VPN is just a general security tool against some online threats. The saying is "security is a process, not a purchase".

    People can use PETs for some degree of security, but if you're targeted for surveillance by a big league player I'm sure they would have no problem tracking or identifying you.

    I'm of the position everyone should protect their right to privacy and not just online.

  7. Goddamn don't use Reddit. The shills are unbelievable there. After many hours research I trust the website you linked in the description.

  8. There was a video on this channel that taught you to use an addon to send useless data to trackers. For the life of me I can't find it, help please.

    Or maybe I'm confused because there is a video that mentions confusing trackers but doesn't say anything about it.

  9. I was planning on using a free VPN service for accessing my email from my hotel wifi on my next vacation but you're making me have second thoughts.

  10. VPN is really good if you use torrent and who do I trust more my VPN provider who im paying to keep my information private or my internet provider.

  11. overpriced slow internet services" HEY countries have been invaded and families and hospitals have been bombed down for your freedoms RESPECT the empire THIS is what wining looks like

  12. What good is a vpn if every time I try and log into my bank etc I can’t get in unless I shut down the vpn? In my opinion a big waste of money

  13. Nord VPN Get 75% off a 3 year plan. Only $2.99 per month!
    Go to https://go.nordvpn.net/aff_c?offer_id=288&aff_id=19161&url_id=1034

  14. I'm trying Avast VPN, it doesn't cost much and has a No Logs policy. I'm still skeptical about it. What do you think?

  15. The title of this video is : Why VPN is not all you need for privacy. The title should have been : Why VPN are NOT a tool to use for privacy. First, the VPN company that you use DOES HAVE your personal IP address. Second, if they get a warrant by a judge, they WILL HAVE TO comply and give your personal IP, and if they were not keeping logs (as they often say), they can be forced to do so afterwards by a warrant asking them to keep the logs and give them to authorities.

  16. 11:29 since you mentioned privacy badger…may I suggest a similar add-on? It's called privacy possum and is also available for the same browser you used in that portion of the video Aka Waterfox. It's basically privacy badger on steroids X'P
    Edit: Congrats on 60k 🙂

  17. Its gold when you select a video showing the flaws behind VPN "saftey" and you get a 2min advertisement boasting the best VPN for speed security and anonymity bahaha.

  18. "All VPNs do is hide your IP address"??? Really? They don't establish an encrypted IPSec connection for the transmitted data? And your browsing history is available where exactly? Logs of the VPN provider, IF they maintain logs, as your browser is not available assuming one does not use a search engine like Google, but rather DuckDuckGo, etc. And they first appeared in OSes like ONIX9AIX)and Windows precisely to establish IPSec connectivity with target firewalls – with SSL connectivity being the only alternative to provide authenticated access to specific resources within the firewall, eliminating the need for Kerberized secure connectivity that had been the norm previously.

  19. tried to register on protonmail recently. .. its impossible to register without your phone number and sms verification . I hope they go bankrupt soon.

  20. to put this into effect, you'd need a different IP for your separate browsers
    may as well just use Opera and use separate proxy services when browsing anonymously in incognito mode
    I wish Opera went an extra step and integrated onion routing for better anonymity, as that'd be more secure than Tor Browser
    with Tor, you trade security for anonymity, since Firefox doesn't block as much as Opera (which blocks more than chromium can be made to)
    if you really want a level up though, I'm not sure how well Comodo's DNS blocks DDoS attacks if you're willing to give up CloudFlare's speedy protection, despite blocking trackers and malicious content before it even gets to your browser.

  21. i do use cyberghost,i look about haching vids and torrents downloads,so?also i do use avast browser with gogoduck.Tor is super slow.I tryed open vpn and is slow too

  22. I have a home network with about 25 devices, security system, cameras, monitors, printer, cell phone, laptops etc. I used facebook, buy on Ebay and Amazon, watch porn, what VPN do you suggest?

  23. I use proton vpn and email but face book still showed my location and isp. So I deleted all info and accounts with facebook . Im in the process of deleting my gmails but im unsure if using proton vpn is the right way to go

  24. Iv been using ExpressVPN it cost a bit more than others i have found but i found it super easy to setup, reviews looked good, what they offered looked good and i have to say since i have been using it, i have no received any lawyer letters that wanted money for DL illegal Movies. so it worked perfectly for me

  25. Add duckduckgo as your browser which will delete all your online activity after each use. Change your VPN access server regularly. NEVER use voice activated equipment, it is always listening to you even when "switched off". Only switch your Smart Phone on when absolutely needed. Switch off your broadband router when not required, for health reasons also.
    Pay with CASH whenever possible, this leaves no electronic trace of your transactions or whereabouts.

  26. I work from home and my company's site block access from the Philippines and (where I now reside), so, I have to use a VPN to work.

  27. Please take a look at Horizen. I think they will make a huge step towards decentralized internet privacy. Love your videos.

  28. My name is angel I'm interested in a vpn with reliable speeds that doesn't fall under the jurisdiction of the five eyes to truly feel free when browsing general content and I have another question for you what happens if my browsing history comes out and falls into the wrong hands does the information received become unuesable

  29. This info is now well out of date 07/19.
    Avast or ExpressVPN plus duckduckgo browser or Tor. Regularly change your VPN location.

  30. I am a bit curios, about the usage of VPN´s by companies and governmental agencies. Are they really as secure as actual private networks? How do they protect themselves if an outside computer simply lies about its IP adress, and pretend to be one of the computers in the VPN?

  31. i know you said not to trust free vpns, but would you trust protonvpn free version? that's what i'm currently using and honestly it's the only free vpn i really trust… also, what about surfshark? i know it's super cheap at $1.99/mo. for 2 years but it's based in the british virgin islands, has a built in ad/tracker/malware blocker, has a very minimal logging policy, is available for windows/mac/linux/android/ios/chrome/firefox/firetv/appletv/othertvs/xbox/playstation (WOW that's a lot of devices), has 5 stars on trustpilot, and passed independent security audit from cure53. like… woah that's a lot of features and privacy and the price it's just like how could it be true, it seems to good to be true! anyways… i guess look into it for yourself but if you could please tell me if you find out something bad about it that'd be great, thanks!

  32. Pls make a video with:
    1. comparison of some tools like AdGuard vs uBlock Origin
    2. Data security & privacy on smartphones
    3. Maybe some tests of potential data leaks from sb’s computer or smartphone when sb uses extensions cos this also interesting what could happen
    4. Some video on tracking methods used by Google and Facebook to make everybody aware of those issues.

Leave a Reply

Your email address will not be published. Required fields are marked *