Showing posts with label VPN. Show all posts
Showing posts with label VPN. Show all posts

Sunday, June 30, 2024

VPN Myth vs. Reality

A VPN (Virtual Private Network) is one of the most misunderstood technologies among non-technical people. In fact, I have encountered many technical people who completely misunderstand what a VPN is and is not. These days, the term VPN is often touted as a solution for all security issues and is advertised by vendors as a one-size-fits-all security solution. This is a misconception and creates a false sense of security. A VPN is not a magic shield for online safety; it is primarily a privacy tool, not a security tool. While privacy and security do overlap, they are distinct concepts. Privacy is about protecting your personal information and activities from being observed, whereas security involves protecting your data and devices from unauthorized access and threats. Let’s take a closer look at what a VPN is and is not.

What VPN is?
Simply put, VPN creates an encrypted network tunnel between your device (laptop, phone etc.) and a VPN server. All your data pass through the tunnel in an encrypted form to the VPN server to make it harder for anyone to track your online activity and most importantly where you are located. The websites you visit will only see the VPN server’s IP address not your device’s IP address. It is this aspect that allows journalists, activists and the like to hide from governments that watch everything they do. Similarly, cyber criminals can leverage this to mask their identity. It also allows people who want to get access to services (for example: video streaming) that are "geo-fenced" i.e. not allowed from certain countries due to regulation etc. Finally, corporations use VPN to prevent sensitive corporate data travelling from employee laptop via public network and to provide access to company resources. That is pretty much VPN is in a nutshell.

What VPN is not?
VPN does not protect you from cybercriminals or viruses or trojan or spam or adware or identity theft etc. Remember I mentioned above that VPN would prevent anyone from tracking your online activity? Well, it is not entirely true. Logged-in accounts and browsing habits can still be tracked (see my earlier blog on 3rd party cookie) by websites you visit. In addition, your VPN provider knows which sites you visit and has logs, even though many claim they don't log. As mentioned earlier VPN isn't antivirus! So even with VPN running, you still need separate protection from malware, virus, trojan etc. Also, there is no guarantee on complete safety, as leaks can happen at the VPN server and some VPN providers log your activity and hand over to authorities when requested depending on local and international laws.

Do you need VPN?
The short answer is no, unless you have a specific reason to hide your online activity. For most everyday users, this isn't necessary. With the widespread adoption of https protocol, which encrypts data between your browser and the websites you visit, VPN adds little value for general online safety. In fact, using a VPN can significantly reduce your bandwidth despite the vendor’s claims of a "fast" solution. About 15 years ago, when the https protocol was not widely implemented, using a VPN was the only way to encrypt data from prying eyes -- up to the point where the VPN tunnel ended. However, this is no longer the case today, as all websites are protected by end-to-end secure connectivity.

Ultimately, whether you use a VPN or not, inherent risks are associated with using public Wi-Fi, which is beyond the scope of this blog. Unless your device runs on a secure operating system, such as Linux or Apple’s macOS, there is always a risk of compromise on public networks — even with an active VPN. It’s possible for someone sitting nearby in a coffee shop to hack into your device.


Tuesday, May 23, 2023

ProtonVPN - fast & free

ProtonVPN

Not sure any of you are aware of Proton Mail which is a fully secure email service and has been around for a while. I signed up for their free tier email service a while back but never used it since I don’t want to pay for yet another cloud space and the free tier space of 500 MB is not much for daily use.

Anyway, I know they had VPN for free as well but never tried it until recently and I am blown away by the speed --- very low overhead compared to different VPN service I have used. Granted it is wireguard, a modern successor of VPN but still, literally I get same speed as provided by my ISP. First, I could not believe and started measuring speed with every speed test tool that is out there and they all came back with more or less same and speed which is roughly same as what I get with my ISP  (see screenshot) without VPN layer. At this point, there is absolutely no reason to not use them permanently… and it's Free!



How to get ProtonVPN

Head out to https://proton.me and sign-up for free account and you get encrypted mail service and 1 VPN connection free. Wireguard is pretty simple to use, all you have to do is install wireguard (https://www.wireguard.com/install/ ) and get the credentials/keys from ProtonVPN and off you go. 


How to run wireguard (MacOS or Linux)

After wireguard is installed, follow the simple steps shown in screenshot below to start/stop wireguard. The screenshot is on macOS but it should be same in Linux possibly on windows under powershell as well. The third argument is the name of your wireguard configuration file without the '.conf' extension. In my case it is lion.conf. This is the configuration file you downloaded from the ProtonVPN and it should be copied to /usr/local/etc/wireguard/ on MacOS, or /etc/wiregaurd on Linux.