VPN QA

08/05/2017 22:00

What is a Virtual Private Network

A Virtual Private Network, or VPN, is a technique for extending or creating a secure private network over a public network (like the internet). I enables computers to send and receive data across a public network as though the computers were actually connected via a private network with all the security and privacy that a private network provides. The fact that a VPN functions like a private network but actually use a public network is why it is called Virtual.

How does VPN work?

A Virtual Private Network works by establishing a connection (called a tunnel) between two or more computers and then encrypting all data that goes through the tunnel. Both side of the connection know the encryption algorithm and encryption keys. But, because the encryption algorithm and encryption keys are kept secret, no one else can interpret the data that passes between the computers.

What types of VPN are there?

There are numerous VPN protocols in use that secure the data being passed over the Virtual Private Network. Here are some of the more popular ones:

Point-to-Point Tunneling Protocol (PPTP)

PPTP is one of the most commonly used protocols for securing data over a Virtual Private Network because it is easy to configure and because it is supported by the most devices and Operating Systems. All releases of Microsoft Windows since Windows 95 OSR2, Mac OSX, Linux, iOS, and Android support PPTP. PPTP uses 128-bit encryption, making it the weakest of the big 3 tunneling protocols. PPTP communicates over the internet using a specific internet protocol and port (HTTP over port 1723), making it easy for censoring agencies to block and impractical for avoiding censorship. PPTP also suffers from some known security vulnerabilities and is not recommended when other, more secure, options are available.

Layer 2 Tunnel Protocol with Internet Protocol Security (L2TP/IPsec)

L2TP/IPSec, like PPTP, is easy to configure and is supported by a large number of devices and Operating Systems. All releases of Microsoft Windows since XP, Mac OSX, Linux, iOS, and Android support L2TP/IPSec. L2TP/IPSec uses 256-bit encryption (AES256 is the first publicly accessible and open cipher approved by the NSA for top secret information) making it much more secure than PPTP. Also, like PPTP, L2TP/IPSec communicates over the internet using a specific internet protocol and port (UDP over port 500), making it easy for censoring agencies to block and impractical for avoiding censorship.

OpenVPN

OpenVPN is an Open Source computer application that creates and uses a VPN to secure point-to-point or site-to-site connections. An OpenVPN Client is not included in any Operating System and must be installed separately (a one-time task typically taking less than 5 minutes), making it slightly less convenient than PPTP or L2TP/IPSec to configure. OpenVPN can be configured to use from 128-bit to 2048-bit encryption, putting it at the front of the pack when it comes to data security. Unlike PPTP and L2TP/IPSec, OpenVPN can be configured to use HTTP or UDP protocols over any port. Using OpenVPN over TCP on port 443 makes it indistinguishable from standard HTTP over SSL making it extremely difficult to block.

Why should I use a Personal VPN?

Personal Virtual Private Networks provide a number of benefits including:

  • Safety. With a Personal VPN, the data you send between your computer and the VPN server is encrypted making it impossible for your internet browsing to be tracked or monitored.
  • Security. Since the data between your computer and the VPN server is encrypted, it is impossible for Wi-Fi hot spot hackers to hijack any of your online accounts or see any of your personal private information.
  • Anonymity. With a Personal VPN, the IP Address seen by websites is the VPN servers IP Address not yours. This makes it impossible to develop an online profile because of the number of people using the same IP Address. It also makes it impossible for websites to know where you actually are.
  • Uncensored. A Personal VPN makes it possible to circumvent government censorship by allowing you to access the internet through a VPN server that is outside of that governments control.
  • Unblocked. Many websites block access to their content for users inside of our outside of certain geographical locations. Your location can be derived from your IP Address. This is called Geolocation. As an example, Netflix and Hulu can only be viewed from within the United States. By accessing these websites through a VPN server that is within the service country, it appears that you are within the country and access is allowed.

Do I Need to Use Personal VPN?

  • Safety: If you are concerned with your internet activity being monitored and tracked by your Internet Service Provider or by Government Agencies, then you need Personal VPN to hide your internet activity.
  • Security: If you use public Wi-Fi (like what’s available at airports, coffee shops, restaurants, hotels, etc.) to access personal information (email, facebook, banking, etc.), then you need Personal VPN to encrypt your information as it travels over the wireless connection.
  • Security: If you travel internationally and your internet activity might be routed through countries that may not keep your internet traffic secure, making it easily available to hackers and thieves, then you need Personal VPN to encrypt your information as it travels between your location and the VPN Server back in your home country.
  • Anonymity: If you are concerned with companies developing an “Online Profile” of you and the websites you visit, then you need Personal VPN to hide your IP Address.
  • Uncensored: If you want to access websites that are blocked by your Government or if you are traveling to a country that censors internet activity, then you need Personal VPN to route your requests from a location outside of the country.
  • Unblocked: If you want to access internet content (like Netflix, Hulu, and BBC) that is blocked based on Geolocation (the location associated with your IP Address), then you need Personal VPN to route your access request from a VPN Server within the country hosting the blocked content.

Which Type of VPN Should I Use?

As with most choices, the answer to which type of VPN you choose is it depends.

  • If you are concerned with government censorship, OpenVPN is the obvious choice. In the right configuration, it is nearly impossible to block.
  • If you are not concerned with security (i.e. your goal is to bypass Geolocation restrictions so you can watch BBC News from outside the UK) and you dont want to bother installing OpenVPN, go with L2TP/IPSec.
  • If you are using a desktop or laptop computer and are not concerned with installing OpenVPN, OpenVPN would be the way to go because it provides the best encryption and performance compared to PPTP and L2TP/IPSec.
  • If, for whatever reason, OpenVPN is not for you, L2TP/IPSec should be used if it is available because it provides better encryption than PPTP and does not suffer from the same security vulnerabilities as PPTP.
  • If all else fails, go with PPTP. Its better than nothing.