Why It’s Not Time to Say Goodbye to Your VPN Just Yet
Photo from Unsplash
Originally Posted On: https://www.alwaysvpn.com/insights/why-its-not-time-to-say-goodbye-to-vpns
According to recent reports*, it might be time to bid farewell to VPNs, as they’re apparently going the way of antivirus software. Take this quote from a major media outlet for example:
“But on the modern internet, most people can safely ditch them, thanks to the widespread use of encryption that has made public internet connections far less of a security threat, cybersecurity experts say.”
In truth, any demise is greatly exaggerated, as there are multiple reasons why it still makes sense to use a virtual private network (VPN) while you’re online. We’ve taken a look at some of the key arguments against the use of VPNs, as well as a number of relevant counterpoints to keep in mind.
*This article was written in response to “It’s probably time to say goodbye to your VPN”, published by MSN in December 2021.
Arguments Against VPN Usage
In truth, the arguments against the use of VPNs aren’t the greatest. Most stem from the fact that a number of providers overpromise in terms of what they can deliver or offer solutions to problems that don’t exist. Let’s tackle the two main points the MSN article digs at:
For example, the MSN article points to a Consumer Reports investigation which found that “12 of the 16 biggest VPNs make hyperbolic claims or mislead customers about their security benefits.” It goes on: “And many can make things worse, either by selling customers’ browsing history to data brokers or by having poor cybersecurity.”
This is true to an extent, although the article fails to note that 25% of the “biggest VPNs” tested here (Mullvad, IVPN, Mozilla VPN, and TunnelBear specifically), were found to “do a very good job of describing their products, and giving practical advice on what other services and techniques consumers should use to stay safe.”
I’d be the first to agree that some nefarious VPN services will sell user data, while others are left wanting more in terms of overall cybersecurity. However, that doesn’t mean that every provider is worthless, or should be disregarded. As with most things, some VPNs are better than others depending on what the user is looking for.
Again, VPNs shouldn’t be expected to do everything, despite their best marketing efforts.
Public WiFi & HTTPS
Public WiFi and the dreaded coffee shop. This was also brought up extensively in the MSN article. Essentially, the scenario is that a user who shares public WiFi is also sharing traffic, and potentially sensitive information while they’re out and about. (They would likely be somewhere like a coffee shop, which tends to be the most popular example.)
The article goes into detail about why that isn’t an issue:
“VPNs offered a way to counter that problem. VPNs reroute a user’s internet traffic through their own servers. That can slow browsing speed, but provides the benefit of hiding a user’s Internet Protocol address — which includes their general location — from the websites they visit.”
“But that’s no longer the problem it once was. Most browsers have quietly implemented an added layer of security in recent years that automatically encrypts internet traffic at most sites with a technology called HTTPS. Indicated by a tiny padlock by the URL, the presence of HTTPS means that worrisome scenario, in which a scammer or a hacker squats on a public WiFi connection in order to watch people’s internet habits, isn’t feasible.”
HTTPS has been around for a while, and being hacked while accessing public WiFi isn’t a major problem for most internet users. (If anything, this is more of a niche issue and not the first thing I’d think of when listing reasons to use a VPN service in 2022.)
Instead, I’d factor in aspects such as improved privacy or bypassing censorship, as you’ll be ensuring all traffic is encrypted in the process. For example, is anyone looking at which websites you visit, or does your ISP sell your internet activities? (In the US, ISPs have been allowed to sell customer data to third parties since 2017.)
We’ll get into the ways in which VPNs improve privacy and help to bypass censorship below.
VPNs, Privacy & Censorship
VPNs definitely have a role to play when it comes to improving online privacy. It’s an undeniable fact, supported by some of the more stringent experts in the field.
For example, the CISA (Cybersecurity and Infrastructure Security Agency), part of the Department of Homeland Security, released guidance for the use of VPNs in March 2020. This was in response to increasing numbers of users due to lockdowns and COVID-19.
As the UK’s National Cyber Security Centre notes: “VPNs are encrypted network connections. These allow remote users to securely access an organization’s services. VPNs are one way to guarantee the security of ‘data in transit’ across an untrusted network, but they also provide several other benefits.”
They go on to list six additional advantages of VPN use:
- Enabling legacy systems to work remotely
- Providing a second layer of defence against misconfigured, unpatched, or poorly designed internal services
- Protecting internal network servers from external, unauthenticated attackers
- Protecting user devices from network attacks
- Forcing traffic between a device and external services through internal, protective monitoring tools
- Enabling business monitoring and/or filtering of users’ network traffic
The point is, there are a plethora of reasons why it’s probably a good idea to use a VPN if you value online privacy, and that goes for both individuals and businesses. A point that seems to be lost on some naysayers, VPNs are used extensively by companies as a method to protect sensitive data. There’s a reason why they’d prefer the added security that a VPN provides, and you’ll be hard-pressed to find many ignoring the software given the current online landscape.
Research by OpenVPN suggests that 68% of companies have either started using VPNs for the first time or increased their use since the onset of the COVID-19 pandemic. Again, it’s a practical response to achieve improved cybersecurity standards.
While the article admits that VPNs are an invaluable tool for getting around certain types of censorship, it notes that other options also exist, “such as the Tor Browser, a free web browser that automatically reroutes users’ traffic and is widely praised by cybersecurity experts.”
Tor is invaluable depending on the task at hand, but it’s not infallible. It’s often much slower than a VPN, and if your connection is used as an exit node, others could take advantage of your IP address information. The differences between VPNs and Tor are actually more subtle than you might have expected. However, we’d almost always opt for the use of a VPN instead of Tor for improved online security.
As our VPN vs Tor article notes: Of course, this depends on the service you’ve selected. I’d rather suffer from slower speeds and a service I can trust with the Tor browser, as opposed to a free VPN which might be leaking or giving away my data in the meantime.
Tor is a browser that can be used to access restricted content, and the service is completely free of charge. This can lead to a notable slowdown, especially when there are lots of users hogging the service.
A VPN uses tunneling to keep the data sent to and from your device encrypted. This includes all traffic, including data transmitted outside of the browser.
We’d advise you to stick with a premium VPN to ensure that you’ll have no issues relating to privacy.
VPNs & Transparency
It’s unsurprising that the likes of Mullvad, IVPN, Mozilla VPN, and TunnelBear were named in the investigation by Consumer Reports.
Take Mullvad, which received top marks. Known for a transparent approach, it’s no surprise that they’re one of the best overall in terms of relaying information to the user. It would be foolish to blindly trust any VPN service, especially when you factor in potential ties to spy networks, or the fact that free VPN providers have willingly sold data to third parties in the past.
That’s why it makes sense to opt for a provider that has been audited by one of the bigger names in the business such as Cure53. Ideally, the results of the audit will have been made public and will verify logging practices and security procedures. That way you won’t have to take any claims solely at face value, and you’ll know that your data is safe and secure.
Meanwhile, additional steps to increase online privacy include switching to a search engine like DuckDuckGo and being mindful of the sites you visit and the links you click.
Why VPNs Still Matter
Are VPNs a modern miracle for solving every problem you’ll face online? Of course not, but they still have a major role to play, especially when personal data is at stake. In truth, anyone who says you should opt for less online security should probably be viewed with some suspicion, even if it’s misguided or focusing solely on negative aspects that don’t tell the whole story.
“What we can do [as a VPN provider] is claim our agency. To equip ourselves with digital tools that allow us to regain a degree of control. To share strategies, spread the word, and take a stand. To let governments and tech companies know that privacy is not an inevitable sacrifice for progress. Not a trade-off for national security. Not a last-century value. And certainly not dead.”
The crux of the MSN article seems to be that you don’t really need a VPN because many websites are now encrypted. It doesn’t really paint the full picture or even consider why the majority of companies and individuals use VPN services for privacy in the first place. It goes on to conclude: “But like with antivirus software, the paid VPN industry is a booming global market despite its core mission no longer being necessary for many people.”
Once again, I doubt the majority of users buy VPNs to use in coffee shops for the purposes of avoiding hackers, and the article arguably misunderstands the “core mission” of many providers. After all, the internet itself is a public network, and you don’t need me to explain why it’s not a great idea to hand over all of your information to the likes of Google or Facebook.
Take IVPN’s Manifesto, which identifies many of the problems found with the internet:
“The 21st century has been profoundly shaped by the silent infrastructure of the surveillance economy, which sweeps up every last crumb of data our daily lives leave behind. These data points are collected and pieced together to create individual profiles of us. Profiles that can be leased to advertisers hungry for our attention, shared with governments for investigative purposes, and sold on to shady data brokers.”
It concludes: “What we can do is claim our agency. To equip ourselves with digital tools that allow us to regain a degree of control. To share strategies, spread the word, and take a stand. To let governments and tech companies know that privacy is not an inevitable sacrifice for progress. Not a trade-off for national security. Not a last-century value. And certainly not dead.”
That’s a core mission that is likely to make sense to the average user, and one of the many reasons why a secure VPN is recommended by the majority of privacy experts.