Privacy and Safety using a Virtual Private Network. A lot of public VPN services have evolved in the last several years. They are touted to have all kinds of advantages regarding privacy. Virtual Private Networks (VPNs) are simply an encrypted pathway between two points. Think of a VPN as a network inside of a network.
When you are at home, your Internet Service Provider (ISP) can see where you are going on the internet and if you use their default DNS servers they can see even more. Since most web traffic is Secure Socket Layer (SSL) encrypted, they can’t see exactly what you are sending receiving, but they know where you are going.
Public VPN services like NordVPN and others are valuable in that they allow you to connect to a VPN server in another country thereby virtually projecting your location to another part of the world. That’s actually helpful if you want to be able to access content that might not be accessible outside the country.
A key example is that you can watch Netflix in the US. If you connect to a VPN in the UK, you will be seeing Netflix content available to Netflix customers in the UK and yes, the content has differences.
Public VPN Providers make a big deal out of the fact that their VPN assures privacy. Imagine the VPN as driving through a tunnel on a freeway. If a helicopter is overhead, they can see you before you enter the tunnel and after you exit the tunnel, but not while you are in the tunnel. That is exactly how a VPN works.
Assuming your home network is secure, and that’s something I am trying to promote, more advanced routers allow you to create a VPN server. To understand what a VPN server is, if you work with your company via home, they have you sign on to a VPN server which then makes it look like you are on the company network. This gives you the ability to contact any of the servers at your company just as though you were physically at work.
This VPN connection to your company is secure and encrypted just like the Public VPN example to the UK, except that the entrance to the tunnel is your computer and the exit to the tunnel is your company network. This removes the threat from your communication being exposed because the “VPN Tunnel” is encrypted over the public Internet.
If you were outside your network at a coffee shop or maybe a hotel and you needed to access something on your network, most routers allow you to create a port forward or a pinhole. This allows a user from the Internet to access something you define on your router to be remotely accessible.
This is seriously insecure because anyone knowing your router address can gain access. Furthermore there is a protocol called Universal Plug and Play (UPNP) which a lot of devices that you can purchase use. UPNP has the ability to selectively open holes in your Firewall for communication originating from the outside. UPNP exists because it is easier than telling customers how to configure a router pinhole. UPNP should never be enabled on a router. This is a serious security hole.
A much better way to provide outside access to your network is if your router supports the creation of a aVPN server. With a VPN server, you will be able to be at that coffee shop or hotel and securely connect to your home. Even if you do not plan to use any resources on your home network, this is more secure because the link from your PC, laptop, phone or tablet on the VPN to your home is completely encrypted all the way to your home. Your Internet traffic will appear to have originated from your house and will use your ISP connection.
It is unbelievably easy to “spoof” a Wireless wifi connection in a public place thereby tricking you into connecting to a false relay where your traffic can be logged. If you are using a VPN to either your home or your office, this traffic is totally encrypted and safe. Consider an always on VPN connection for your phone which is highly vulnerable in public.
These are a few suggestions and explanations on why a VPN is a great resource. Hope this helps someone.