You are currently viewing VPN considerations Part 1

VPN considerations Part 1

Using a VPN for Privacy

A Virtual Private Network (VPN) is a tool that enhances privacy and security on the internet. It works by creating an encrypted tunnel between a user’s device and a VPN server, from which traffic is then sent to the wider internet. This hides the user’s original IP address and encrypts data, preventing internet service providers (ISPs) and potential attackers from monitoring activity. While data traffic is typically protected by TLS encryption, a VPN primarily prevents ISP logging of internet traffic and DNS requests, as well as offering location masking and protection against unsecured public networks.

However, there have been instances where governments have forced software companies to build in surveillance and reporting functionalities. VPN services are not immune to this pressure—if a VPN provider is located in such a country, users cannot be completely certain that their activity is fully protected. These governments may require VPN providers to maintain logs or even share user data under certain circumstances, undermining the privacy promise of these services.

Encapsulation Layers and IP Address Changes

When a user connects to the internet from a home PC using Wi-Fi and activates a VPN service like Proton VPN, several encapsulation and de-encapsulation processes take place:

Without a VPN: Normally, your device sends data directly through your ISP, which assigns you a public IP address. When you visit a public website, it sees this IP address as your identity.

When the VPN is activated:

  • Your device establishes an encrypted connection to a Proton VPN server.
  • The traffic is encapsulated in a new encryption layer, replacing your original IP address with a temporary one from the VPN server.
  • Data is transmitted through your ISP, but the ISP can only see that you are connected to a VPN server—not your final destinations.

Using Proton DNS:

Instead of using your ISP’s DNS servers, Proton VPN routes queries through its own DNS servers. This prevents DNS leaks, which would otherwise allow your ISP to log your website visits.

Connecting to a Public Website:

When the VPN server forwards your request to the public website, it sees the VPN server’s IP address instead of your original home IP. However, websites can still identify you through cookies or browser fingerprinting, which a VPN does not protect against. Browser fingerprinting collects details like device specifications, installed fonts, and browser settings to track users uniquely. This adds an extra layer of anonymity, preventing websites from identifying your actual location or ISP.

Network Encapsulation Layers

VPN traffic undergoes multiple encapsulation layers to protect data:

  • Application Layer: Encrypted data from, for example, a web browser is packed into an HTTPS request.
  • Transport Layer: Data is packed into TCP/UDP packets and sent to the VPN client.
  • Tunnel Layer: The VPN client encrypts the entire data segment and adds a VPN header.
  • Network Layer: Packets are transmitted via the ISP to the VPN server.
  • Decryption at the VPN Server: The VPN server removes the VPN header and forwards the data to the public website.

TLS Encryption and Protection Against Downgrades

TLS (Transport Layer Security) has evolved through multiple generations:

  • TLS 1.0 and 1.1: Outdated and insecure.
  • TLS 1.2: Still widely used and secure but has some weaknesses.
  • TLS 1.3: The latest version, eliminating old weak algorithms and improving speed and security.

To prevent a web server from forcing a browser to accept an older, less secure TLS version, users can:

  • Ensure their browser supports and prioritizes TLS 1.3.
  • Disable older TLS versions in browser settings.
  • Use HTTPS-only mode or browser extensions like HTTPS Everywhere.
  • Monitor browser security settings to detect potential downgrade attacks, where malicious actors try to force weaker encryption.

Choosing a VPN Provider

There are several great VPN providers, but Proton VPN is considered one of the most secure. The company is based in Switzerland, meaning it is not subject to data retention and surveillance laws from other countries. Proton has a strong track record of rejecting government requests for user identification, making it a preferred choice for privacy-conscious users. However, it’s important to remember that all VPN services require trust, as they handle all user traffic. Some providers may log data despite claiming otherwise, so it’s crucial to research privacy policies before choosing a service. Additionally, in countries with heavy surveillance laws, even VPN providers may be compelled to cooperate with authorities, potentially compromising the privacy of their users.

Conclusion

Using a VPN like Proton VPN ensures that internet activity remains encrypted and anonymized. Through encapsulation and IP address substitution, a user’s original identity is hidden, while Proton DNS prevents DNS request leaks. This is essential for maintaining online privacy and protecting against surveillance and tracking. However, a VPN is not a perfect solution, as tracking through cookies and browser fingerprinting can still reveal a user’s identity and activity. Moreover, the location of the VPN provider and local laws can introduce potential risks. Users should combine VPN usage with additional privacy measures, such as disabling third-party cookies and using privacy-focused browsers, to maximize anonymity.

Tags: ,