When the internet officially came online (pun desperately intended) on the 1st of January 1983, humankind was launched into a new frontier; one that would only be developed through the same type of cross-border collaboration that birthed it. With cross-border collaboration comes cross-border spying risks. Call it concern, anxiety, or unhealthy obsession over these risks; whatever you want to call it, it has caused a number of countries to completely or nearly completely shut themselves off of the internet of the rest of the world. Enter, VPNs.
What is a VPN? VPN is short for Virtual Private Network. It’s virtual because it's intangible, it’s private because it keeps connections between a user and server confidential and it’s a network because it allows for connectivity amongst an array of nodes and/or servers. Think of a VPN like a Very Powerful Ninja who is so skilled in concealing his true nature that he’s able to alter his footprints. So if one were to analyse his footprints, you wouldn’t be able to tell whom they belong to. That’s what true VPNs do for you on the internet. They secure your connection to the destination website in such a way that an attacker or an observer can’t tell who is sending what to the destination website. In that way, VPNs provide a high degree of anonymity and security, but VPNs cannot give you one hundred percent anonymity and security, matter-of-factly, no one can truly achieve 100% anonymity on the internet. This is because, amongst other things like phishing, man-in-the-middle attacks, etc, VPN users are vulnerable to website traffic fingerprinting.
Website traffic fingerprinting is a method used by some censored governments and basically anyone who enjoys snooping around and has the resources to back them up. It is done by tracking the traffic to and from an exit node to a website or from an IP to an entry node. It allows the snooping agent to know what a user is doing online by targeting and analysing data packets that enter and exit a website. It doesn’t end there, the snooper has to use machine learning algorithms to figure out what website is being visited(that is if the user is using a VPN). This type of spying can’t help the snooper figure out what content the end user is sending or receiving over the VPN, but it can enable them figure out who the end user is. And in censored societies, this is usually how individuals using VPNs are caught. At any rate, the Tor project, in its article “A Critique of website traffic fingerprinting attacks” had the following to say concerning the motivation of the snoopers:
The exact motivation for this effort on behalf of the adversary is typically not specified, but there seem to be three possibilities, in order of increasing difficulty for the adversary:
- The adversary is interested in blocking specific censored webpage traffic patterns, while still leaving the rest of the Tor-like traffic unmolested (perhaps because Tor's packet obfuscation layer looks like something legitimate that the adversary wants to avoid blocking).
- The adversary is interested in identifying all of the users that visit a small, specific set of targeted pages.
- The adversary is interested in recognizing every single web page a user visits.
Use Cases for VPNs
The innate topography of the web creates implicit use cases, dependencies, and dangers. Because, in a truly easy-to-access network of servers, nodes, satellites, and cables that support websites and allow them to communicate through protocols(this is my definition of the internet), there are bound to be endless possibilities. These possibilities are defined by the creative or evil minds that conceive them. Governments of countries realised that they had to work together as the use of the internet space was and still is dependent on collaborative technologies. The thing about international collaborations is the inherent risk of spying that comes with the package.
Perhaps the most important use of VPNs is one that is debatably illegal, which is;
To access websites blocked by regional governments from within those regions Now, take this scenario for an instance; if a regular house owner has reason to believe they could be spied upon by their next door neighbour, the logical thing would be to take security precautions, because one doesn’t have to be a serial killer to desire to keep their private life private. What would be considered outlandish would be a situation where the house owner, in a bid to ensuring their privacy decided to build a 15-foot tall wall around the perimeter of the house, with gun turrets facing inward and outward(but especially inward) to ensure that no member of their household contacts the outside world without due process (a.k.a censorship). This is the situation with governments that censor their citizens by not allowing them access to certain websites on the web. The only way to access those blocked websites by a journalist, a freedom fighter, or a regular citizen is through the use of VPNs - Our very powerful ninjas! VPNs give access to those sites by creating a private network that masks the identity and IP address of the user giving them a secure connection to the outside world.
Another use case is in offices: This is actually how VPNs came to be. Microsoft, in 1996 created a peer-to-peer tunneling protocol that allowed its workers have a secure connection by forming a tunnel over a LAN or WAN connection. Nowadays, in business settings, VPNs are used to provide employees access to the business’ intranet even when working from home. It comes in pretty handy now that a lot of workers, especially in the tech industry have to work from home.
Avoidance of tracking by Internet service providers(ISPs): ISPs legally have the right to know your IP address because they issue it to you. In addition, some countries like the U.S give ISPs the right to sell your browsing history too. So a VPN is a good way of keeping your privates private. Public Wi-Fi security: You wouldn’t want anyone spying on packets of data you send out while using Wi-Fi at a cafe.
As an additional layer of defense against hackers: Hackers gain access to computer systems via IP addresses. Since a VPN assigns a new IP address to its user, hackers can be thrown off course by that. There are a lot of other use cases which can be found in this article by Techradar techradar.com/vpn/vpn-uses-10-things-you-di.. .
The internet is by far the biggest playground in existence. The fact that this playground is not located on the ground but rather on the backs of a wide array of networks and systems means that its users can leverage rapidly growing technology to do whatever they want to do. Having a VPN as a layer of security is something that should become commonplace. And that is why I have made this case for VPNs.