A VPN is a wonderful tool and complete privacy. That’s what they say in the commercials. Is it true? We explain

Probably everyone who visits the YouTube platform from time to time has come across ads for VPNs. Recently, it is one of the most intensively promoted by online creators of virtual services. The greatest advantage of VPNs is to be, above all, the complete privacy provided by this network and the ability to change the location to almost any country in the world, and thus access to content (e.g. movie libraries on streaming services) that are not available in Poland. Is a VPN really a miracle tool without flaws?

What is a VPN and how does it work?

VPN is short for virtual private network. As part of the VPN, a virtual tunnel is created that directly connects the recipient’s computer (internet users) with the sender’s network (the company responsible for the given VPN solution). This tunnel – although in fact located in the public network (Internet) – is a private connection between the recipient and the sender, therefore theoretically no one from the outside is able to see what data is transmitted through it. Provided, of course, that the connection is properly secured (encrypted).

Only the VPN provider’s servers connect to the servers of a given website on the network that the user wants to visit on the Internet. It is analogous the other way around. The data goes first to the provider of a given VPN solution, and then to the end user. So if he wants to use, for example, Google search engine, the VPN provider’s server sends a request to the Mountain View giant’s servers, and the latter sends the answer back to the same place. Only later the information reaches the user through the aforementioned virtual tunnel. Depending on where the VPN service provider’s server is located, this location should be seen by the website that the Internet user enters.

To illustrate this, imagine that person A wants to give something to person B without them knowing the identity of the sender. Normally you could send the item by post or courier, but to reduce the risk of disclosure, person A wraps it in an envelope and asks a trusted intermediary to drop it off in a parcel locker. The parcel is then transported by the courier company to the recipient (person B), passing through the hands of various couriers and transshipment points. The recipient receives the item, but only knows the identity of the intermediary and can only send something in response to him. Of course, the contents of this package can be easily revealed, but only on the way from the intermediary to the recipient. The real sender remains hidden because he contacts the intermediary in a secure way. In this example, packages are requests and responses that are sent and received by the Internet user’s computer. The intermediary is the server of the VPN provider, and the recipient is the server of the website that the network user wants to visit. Couriers and reloading points are, in turn, intermediary servers in data exchange, and the entire network of roads, buildings and cities together creates the Internet.

Is a VPN safe? It’s not an invisibility cloak

So it’s easy to get the impression that a VPN is the perfect way to hide your online presence, which is not true. Firstly, because a VPN is as secure as the connection between the user of the network and the provider’s server. The data travels through a virtual tunnel, but it is still transferred over a public network, so it depends on the encryption whether it will remain hidden from third parties. A VPN can therefore “hide” the user’s identity from the company whose servers he wants to connect to, or from a random hacker who tries to track data transmitted while using the free Wi-Fi network in a coffee shop. A person or group with the right skills and resources may be able to break any security, as long as the target is worth it. Such people, however, are unlikely to have an interest in spending time and resources to discover what a typical Kowalski was looking for on the Internet.

Secondly, although a VPN allows the user to take on a “new identity” on the Internet, it also acts as an intermediary in the exchange of all information between the user and the network. And this means that the VPN provider can actually collect, save and store huge amounts of data about each user. If he does, it’s up to his honesty what happens to that information. In extreme cases, using unproven solutions can be even worse than not using them at all. Suspicious providers of such services may sell (or even lose as a result of hacking) such a log of user activity, which for some will turn out to be a tasty morsel. And the Internet user himself will not even know that his data has been leaked.

Thirdly, the fact that a VPN hides the user’s IP does not mean that it allows you to feel completely anonymous online. Simply redirecting traffic is not enough to hide. When surfing the web, most of us usually leave a lot of traces about ourselves. Moreover, there is a lot of information about the computer itself that is passed on and can be linked to the device by advertisers. In addition, browsers can save and transfer cookies – i.e. cookies. cookies, containing activity data that can be easily traced back to a given person – and even the true location of the device. In this way, you can transfer not only data on current activity, but almost the entire history of using the network. There is also something called the fingerprint of the browser, i.e. scraps of information thanks to which, in most cases, a given user of the network can be tracked. Even when using a VPN.

It is also worth remembering that a VPN will be of no use if the user provides information about himself while browsing the web. For example, by logging into your account in a browser, store or social network. In this way, activity data ends up on the servers of these companies, regardless of whether the VPN has been enabled or not. Therefore, a virtual private network is not a way to completely hide on the Internet, and it can only provide some protection, e.g. when using open Wi-Fi points or